From 583d4c94dc69f624a44a8dfa5c82165f3ca27271 Mon Sep 17 00:00:00 2001 From: Gabriel Oginski Date: Thu, 6 Oct 2022 06:58:45 +0000 Subject: wireguard: add atomic mutex The initiate handshake process can be called a numbers times for each peers, then the main VPP thread called by Wireguard starting to allocate memory. This behaviour can lead to out of memory when VPP has a lot of Wireguard tunnels concurrently. This fix add mutex to send only once handshake initiate at time for each peers. Type: fix Signed-off-by: Gabriel Oginski Change-Id: I13b4b2d47021753926d42a38ccadb36a411c5b79 --- src/plugins/wireguard/wireguard_peer.c | 1 + 1 file changed, 1 insertion(+) (limited to 'src/plugins/wireguard/wireguard_peer.c') diff --git a/src/plugins/wireguard/wireguard_peer.c b/src/plugins/wireguard/wireguard_peer.c index ef791c669dd..a8f1ab91644 100644 --- a/src/plugins/wireguard/wireguard_peer.c +++ b/src/plugins/wireguard/wireguard_peer.c @@ -83,6 +83,7 @@ wg_peer_clear (vlib_main_t * vm, wg_peer_t * peer) peer->new_handshake_interval_tick = 0; peer->rehandshake_interval_tick = 0; peer->timer_need_another_keepalive = false; + peer->handshake_is_sent = false; vec_free (peer->rewrite); vec_free (peer->allowed_ips); vec_free (peer->adj_indices); -- cgit 1.2.3-korg