wireguard: add barrier to sync data

The current implmentation of the hash table is not thread-safe.
This design leads to a segfault when VPP is handling a lot of tunnels
for Wireguard, where one thread modifies the hash table and other
threads start the lookup at the same time.

This fix adds a barrier sync to the hash table access when Wireguard
adds or deletes an element.

Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Id460dfcd46ace17c7bdcd23bd9687d26cecf0a39

1 files changed, 2 insertions, 2 deletions

diff --git a/src/plugins/wireguard/wireguard_peer.c b/src/plugins/wireguard/wireguard_peer.c
index f7bf2352db4..32a92da102b 100644
--- a/src/plugins/wireguard/wireguard_peer.c
+++ b/src/plugins/wireguard/wireguard_peer.c
@@ -242,7 +242,7 @@ wg_peer_enable (vlib_main_t *vm, wg_peer_t *peer)
   wg_if = wg_if_get (wg_if_find_by_sw_if_index (peer->wg_sw_if_index));
   clib_memcpy (public_key, peer->remote.r_public, NOISE_PUBLIC_KEY_LEN);
 
-  noise_remote_init (&peer->remote, peeri, public_key, wg_if->local_idx);
+  noise_remote_init (vm, &peer->remote, peeri, public_key, wg_if->local_idx);
 
   wg_timers_send_first_handshake (peer);
 }
@@ -484,7 +484,7 @@ wg_peer_add (u32 tun_sw_if_index, const u8 public_key[NOISE_PUBLIC_KEY_LEN],
       return (rv);
     }
 
-  noise_remote_init (&peer->remote, peer - wg_peer_pool, public_key,
+  noise_remote_init (vm, &peer->remote, peer - wg_peer_pool, public_key,
 		     wg_if->local_idx);
   cookie_maker_init (&peer->cookie_maker, public_key);