From a4d80bc7c4910170aba950db0a497124712b330a Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Tue, 8 Aug 2023 15:50:53 +0200 Subject: [PATCH] detect: free all tenant detect engines Free all tenants registered in the master. --- src/detect-engine.c | 35 ++++++++++++++++++++++++++++------- src/detect-engine.h | 1 + src/suricata.c | 2 +- 3 files changed, 30 insertions(+), 8 deletions(-) diff --git a/src/detect-engine.c b/src/detect-engine.c index 012753c9a8a5..4e75fa13a8d7 100644 --- a/src/detect-engine.c +++ b/src/detect-engine.c @@ -4492,14 +4492,10 @@ int DetectEngineAddToMaster(DetectEngineCtx *de_ctx) return r; } -int DetectEngineMoveToFreeList(DetectEngineCtx *de_ctx) +static int DetectEngineMoveToFreeListNoLock(DetectEngineMasterCtx *master, DetectEngineCtx *de_ctx) { - DetectEngineMasterCtx *master = &g_master_de_ctx; - - SCMutexLock(&master->lock); DetectEngineCtx *instance = master->list; if (instance == NULL) { - SCMutexUnlock(&master->lock); return -1; } @@ -4522,7 +4518,6 @@ int DetectEngineMoveToFreeList(DetectEngineCtx *de_ctx) instance = next; } if (instance == NULL) { - SCMutexUnlock(&master->lock); return -1; } } @@ -4538,9 +4533,17 @@ int DetectEngineMoveToFreeList(DetectEngineCtx *de_ctx) master->free_list = instance; } SCLogDebug("detect engine %p moved to free list (%u refs)", de_ctx, de_ctx->ref_cnt); + return 0; +} +int DetectEngineMoveToFreeList(DetectEngineCtx *de_ctx) +{ + int ret = 0; + DetectEngineMasterCtx *master = &g_master_de_ctx; + SCMutexLock(&master->lock); + ret = DetectEngineMoveToFreeListNoLock(master, de_ctx); SCMutexUnlock(&master->lock); - return 0; + return ret; } void DetectEnginePruneFreeList(void) @@ -4573,6 +4576,24 @@ void DetectEnginePruneFreeList(void) SCMutexUnlock(&master->lock); } +void DetectEngineClearMaster(void) +{ + DetectEngineMasterCtx *master = &g_master_de_ctx; + SCMutexLock(&master->lock); + + DetectEngineCtx *instance = master->list; + while (instance) { + DetectEngineCtx *next = instance->next; + DEBUG_VALIDATE_BUG_ON(instance->ref_cnt); + SCLogDebug("detect engine %p has %u ref(s)", instance, instance->ref_cnt); + instance->ref_cnt = 0; + DetectEngineMoveToFreeListNoLock(master, instance); + instance = next; + } + SCMutexUnlock(&master->lock); + DetectEnginePruneFreeList(); +} + static int reloads = 0; /** \brief Reload the detection engine diff --git a/src/detect-engine.h b/src/detect-engine.h index 7617e66a466d..f6b4ba154e10 100644 --- a/src/detect-engine.h +++ b/src/detect-engine.h @@ -114,6 +114,7 @@ DetectEngineCtx *DetectEngineGetCurrent(void); DetectEngineCtx *DetectEngineGetByTenantId(uint32_t tenant_id); void DetectEnginePruneFreeList(void); int DetectEngineMoveToFreeList(DetectEngineCtx *de_ctx); +void DetectEngineClearMaster(void); DetectEngineCtx *DetectEngineReference(DetectEngineCtx *); void DetectEngineDeReference(DetectEngineCtx **de_ctx); int DetectEngineReload(const SCInstance *suri); diff --git a/src/suricata.c b/src/suricata.c index 1b504e23a3a1..1fdc041e9a71 100644 --- a/src/suricata.c +++ b/src/suricata.c @@ -373,7 +373,7 @@ static void GlobalsDestroy(SCInstance *suri) DetectEngineMoveToFreeList(de_ctx); DetectEngineDeReference(&de_ctx); } - DetectEnginePruneFreeList(); + DetectEngineClearMaster(); AppLayerDeSetup(); DatasetsSave();