diff --git a/src/flow-bypass.c b/src/flow-bypass.c index 1564e13982..ae7b2f621f 100644 --- a/src/flow-bypass.c +++ b/src/flow-bypass.c @@ -70,7 +70,7 @@ static TmEcode BypassedFlowManager(ThreadVars *th_v, void *thread_data) } for (i = 0; i < g_bypassed_func_max_index; i++) { if (bypassedfunclist[i].FuncInit) { - bypassedfunclist[i].FuncInit(&curtime, bypassedfunclist[i].data); + bypassedfunclist[i].FuncInit(th_v, &curtime, bypassedfunclist[i].data); } } @@ -82,7 +82,7 @@ static TmEcode BypassedFlowManager(ThreadVars *th_v, void *thread_data) } for (i = 0; i < g_bypassed_func_max_index; i++) { struct flows_stats bypassstats = { 0, 0, 0}; - tcount = bypassedfunclist[i].Func(&bypassstats, &curtime, bypassedfunclist[i].data); + tcount = bypassedfunclist[i].Func(th_v, &bypassstats, &curtime, bypassedfunclist[i].data); if (tcount) { StatsAddUI64(th_v, ftd->flow_bypassed_cnt_clo, (uint64_t)bypassstats.count); StatsAddUI64(th_v, ftd->flow_bypassed_pkts, (uint64_t)bypassstats.packets); diff --git a/src/flow-bypass.h b/src/flow-bypass.h index c41a95edb7..50acc0ddce 100644 --- a/src/flow-bypass.h +++ b/src/flow-bypass.h @@ -30,9 +30,11 @@ struct flows_stats { uint64_t bytes; }; -typedef int (*BypassedCheckFunc)(struct flows_stats *bypassstats, +typedef int (*BypassedCheckFunc)(ThreadVars *th_v, + struct flows_stats *bypassstats, struct timespec *curtime, void *data); -typedef int (*BypassedCheckFuncInit)(struct timespec *curtime, void *data); +typedef int (*BypassedCheckFuncInit)(ThreadVars *th_v, + struct timespec *curtime, void *data); typedef int (*BypassedUpdateFunc)(Flow *f, Packet *p, void *data); void FlowAddToBypassed(Flow *f); diff --git a/src/util-ebpf.c b/src/util-ebpf.c index 10a07b7c74..f4a3b32082 100644 --- a/src/util-ebpf.c +++ b/src/util-ebpf.c @@ -49,6 +49,7 @@ #include "flow-storage.h" #include "flow.h" #include "flow-hash.h" +#include "tm-threads.h" #include #include @@ -583,7 +584,7 @@ typedef int (*OpFlowForKey)(struct flows_stats *flowstats, FlowKey *flow_key, * This function iterates on all the flows of the IPv4 table * looking for timeouted flow to delete from the flow table. */ -static int EBPFForEachFlowV4Table(LiveDevice *dev, const char *name, +static int EBPFForEachFlowV4Table(ThreadVars *th_v, LiveDevice *dev, const char *name, struct flows_stats *flowstats, struct timespec *ctime, struct ebpf_timeout_config *tcfg, @@ -658,6 +659,11 @@ static int EBPFForEachFlowV4Table(LiveDevice *dev, const char *name, if (pkts_cnt > 0) { found = 1; } + + if (TmThreadsCheckFlag(th_v, THV_KILL)) { + return 0; + } + key = next_key; } if (pkts_cnt > 0) { @@ -677,7 +683,8 @@ static int EBPFForEachFlowV4Table(LiveDevice *dev, const char *name, * This function iterates on all the flows of the IPv4 table * looking for timeouted flow to delete from the flow table. */ -static int EBPFForEachFlowV6Table(LiveDevice *dev, const char *name, +static int EBPFForEachFlowV6Table(ThreadVars *th_v, + LiveDevice *dev, const char *name, struct flows_stats *flowstats, struct timespec *ctime, struct ebpf_timeout_config *tcfg, @@ -750,6 +757,11 @@ static int EBPFForEachFlowV6Table(LiveDevice *dev, const char *name, if (pkts_cnt > 0) { found = 1; } + + if (TmThreadsCheckFlag(th_v, THV_KILL)) { + return 0; + } + key = next_key; } if (pkts_cnt > 0) { @@ -763,16 +775,16 @@ static int EBPFForEachFlowV6Table(LiveDevice *dev, const char *name, } -int EBPFCheckBypassedFlowCreate(struct timespec *curtime, void *data) +int EBPFCheckBypassedFlowCreate(ThreadVars *th_v, struct timespec *curtime, void *data) { struct flows_stats local_bypassstats = { 0, 0, 0}; LiveDevice *ldev = NULL, *ndev; struct ebpf_timeout_config *cfg = (struct ebpf_timeout_config *)data; while(LiveDeviceForEach(&ldev, &ndev)) { - EBPFForEachFlowV4Table(ldev, "flow_table_v4", + EBPFForEachFlowV4Table(th_v, ldev, "flow_table_v4", &local_bypassstats, curtime, cfg, EBPFCreateFlowForKey); - EBPFForEachFlowV6Table(ldev, "flow_table_v6", + EBPFForEachFlowV6Table(th_v, ldev, "flow_table_v6", &local_bypassstats, curtime, cfg, EBPFCreateFlowForKey); } @@ -787,7 +799,7 @@ int EBPFCheckBypassedFlowCreate(struct timespec *curtime, void *data) * of entries in the kernel/userspace flow table if needed. * */ -int EBPFCheckBypassedFlowTimeout(struct flows_stats *bypassstats, +int EBPFCheckBypassedFlowTimeout(ThreadVars *th_v, struct flows_stats *bypassstats, struct timespec *curtime, void *data) { @@ -801,7 +813,7 @@ int EBPFCheckBypassedFlowTimeout(struct flows_stats *bypassstats, while(LiveDeviceForEach(&ldev, &ndev)) { memset(&local_bypassstats, 0, sizeof(local_bypassstats)); - tcount = EBPFForEachFlowV4Table(ldev, "flow_table_v4", + tcount = EBPFForEachFlowV4Table(th_v, ldev, "flow_table_v4", &local_bypassstats, curtime, cfg, EBPFUpdateFlowForKey); bypassstats->count = local_bypassstats.count; @@ -811,7 +823,7 @@ int EBPFCheckBypassedFlowTimeout(struct flows_stats *bypassstats, ret = 1; } memset(&local_bypassstats, 0, sizeof(local_bypassstats)); - tcount = EBPFForEachFlowV6Table(ldev, "flow_table_v6", + tcount = EBPFForEachFlowV6Table(th_v, ldev, "flow_table_v6", &local_bypassstats, curtime, cfg, EBPFUpdateFlowForKey); bypassstats->count += local_bypassstats.count; diff --git a/src/util-ebpf.h b/src/util-ebpf.h index 078870aa4b..757b864d42 100644 --- a/src/util-ebpf.h +++ b/src/util-ebpf.h @@ -71,10 +71,10 @@ int EBPFLoadFile(const char *iface, const char *path, const char * section, int *val, struct ebpf_timeout_config *config); int EBPFSetupXDP(const char *iface, int fd, uint8_t flags); -int EBPFCheckBypassedFlowTimeout(struct flows_stats *bypassstats, +int EBPFCheckBypassedFlowTimeout(ThreadVars *th_v, struct flows_stats *bypassstats, struct timespec *curtime, void *data); -int EBPFCheckBypassedFlowCreate(struct timespec *curtime, void *data); +int EBPFCheckBypassedFlowCreate(ThreadVars *th_v, struct timespec *curtime, void *data); void EBPFRegisterExtension(void);