From c0737e962ca913763e4cc3aa516a2dfffe46659e Mon Sep 17 00:00:00 2001 From: Florin Coras Date: Mon, 4 Mar 2019 14:19:39 -0800 Subject: session: use session index instead of fifo for evt Avoids derefrencing fifo pointers whose segments could have been unmapped. Change-Id: Ifb0b7399e424f145f3f94b769391a6f4e31bb4e6 Signed-off-by: Florin Coras --- src/vnet/session/application_interface.h | 12 +++++++----- src/vnet/session/application_worker.c | 4 ++-- src/vnet/session/session.c | 7 ++++--- src/vnet/session/session_node.c | 6 +++--- src/vnet/session/session_types.h | 2 +- 5 files changed, 17 insertions(+), 14 deletions(-) (limited to 'src/vnet/session') diff --git a/src/vnet/session/application_interface.h b/src/vnet/session/application_interface.h index d4dfeec54dc..56d034e18ed 100644 --- a/src/vnet/session/application_interface.h +++ b/src/vnet/session/application_interface.h @@ -407,7 +407,7 @@ app_send_ctrl_evt_to_vpp (svm_msg_q_t * mq, app_session_evt_t * app_evt) * @return 0 if success, negative integer otherwise */ static inline int -app_send_io_evt_to_vpp (svm_msg_q_t * mq, svm_fifo_t * f, u8 evt_type, +app_send_io_evt_to_vpp (svm_msg_q_t * mq, u32 session_index, u8 evt_type, u8 noblock) { session_event_t *evt; @@ -429,7 +429,7 @@ app_send_io_evt_to_vpp (svm_msg_q_t * mq, svm_fifo_t * f, u8 evt_type, return -2; } evt = (session_event_t *) svm_msg_q_msg_data (mq, &msg); - evt->fifo = f; + evt->session_index = session_index; evt->event_type = evt_type; svm_msg_q_add_and_unlock (mq, &msg); return 0; @@ -441,7 +441,7 @@ app_send_io_evt_to_vpp (svm_msg_q_t * mq, svm_fifo_t * f, u8 evt_type, svm_msg_q_wait (mq); msg = svm_msg_q_alloc_msg_w_ring (mq, SESSION_MQ_IO_EVT_RING); evt = (session_event_t *) svm_msg_q_msg_data (mq, &msg); - evt->fifo = f; + evt->session_index = session_index; evt->event_type = evt_type; if (svm_msg_q_is_full (mq)) svm_msg_q_wait (mq); @@ -478,7 +478,8 @@ app_send_dgram_raw (svm_fifo_t * f, app_session_transport_t * at, if ((rv = svm_fifo_enqueue_nowait (f, actual_write, data)) > 0) { if (do_evt && svm_fifo_set_event (f)) - app_send_io_evt_to_vpp (vpp_evt_q, f, evt_type, noblock); + app_send_io_evt_to_vpp (vpp_evt_q, f->master_session_index, evt_type, + noblock); } ASSERT (rv); return rv; @@ -501,7 +502,8 @@ app_send_stream_raw (svm_fifo_t * f, svm_msg_q_t * vpp_evt_q, u8 * data, if ((rv = svm_fifo_enqueue_nowait (f, len, data)) > 0) { if (do_evt && svm_fifo_set_event (f)) - app_send_io_evt_to_vpp (vpp_evt_q, f, evt_type, noblock); + app_send_io_evt_to_vpp (vpp_evt_q, f->master_session_index, evt_type, + noblock); } return rv; } diff --git a/src/vnet/session/application_worker.c b/src/vnet/session/application_worker.c index 7c888882093..85a6fede429 100644 --- a/src/vnet/session/application_worker.c +++ b/src/vnet/session/application_worker.c @@ -562,7 +562,7 @@ app_send_io_evt_rx (app_worker_t * app_wrk, session_t * s, u8 lock) ASSERT (!svm_msg_q_msg_is_invalid (&msg)); evt = (session_event_t *) svm_msg_q_msg_data (mq, &msg); - evt->fifo = s->rx_fifo; + evt->session_index = s->rx_fifo->client_session_index; evt->event_type = SESSION_IO_EVT_RX; (void) svm_fifo_set_event (s->rx_fifo); @@ -599,7 +599,7 @@ app_send_io_evt_tx (app_worker_t * app_wrk, session_t * s, u8 lock) evt = (session_event_t *) svm_msg_q_msg_data (mq, &msg); evt->event_type = SESSION_IO_EVT_TX; - evt->fifo = s->tx_fifo; + evt->session_index = s->tx_fifo->client_session_index; return app_enqueue_evt (mq, &msg, lock); } diff --git a/src/vnet/session/session.c b/src/vnet/session/session.c index 6e24d562f98..0a294dc6be1 100644 --- a/src/vnet/session/session.c +++ b/src/vnet/session/session.c @@ -66,7 +66,7 @@ session_send_evt_to_thread (void *data, void *args, u32 thread_index, case SESSION_IO_EVT_TX: case SESSION_IO_EVT_TX_FLUSH: case SESSION_IO_EVT_BUILTIN_RX: - evt->fifo = data; + evt->session_index = *(u32 *) data; break; case SESSION_IO_EVT_BUILTIN_TX: case SESSION_CTRL_EVT_CLOSE: @@ -85,7 +85,8 @@ session_send_evt_to_thread (void *data, void *args, u32 thread_index, int session_send_io_evt_to_thread (svm_fifo_t * f, session_evt_type_t evt_type) { - return session_send_evt_to_thread (f, 0, f->master_thread_index, evt_type); + return session_send_evt_to_thread (&f->master_session_index, 0, + f->master_thread_index, evt_type); } int @@ -560,7 +561,7 @@ session_main_flush_enqueue_events (u8 transport_proto, u32 thread_index) continue; } - if (svm_fifo_is_empty (s->rx_fifo)) + if (svm_fifo_has_event (s->rx_fifo) || svm_fifo_is_empty (s->rx_fifo)) continue; if (PREDICT_FALSE (session_enqueue_notify_inline (s))) diff --git a/src/vnet/session/session_node.c b/src/vnet/session/session_node.c index db5123b8b2d..7cbd0d9ab04 100644 --- a/src/vnet/session/session_node.c +++ b/src/vnet/session/session_node.c @@ -821,7 +821,7 @@ session_tx_fifo_dequeue_internal (vlib_main_t * vm, session_t *s = wrk->ctx.s; application_t *app; - if (PREDICT_FALSE (s->session_state == SESSION_STATE_CLOSED)) + if (PREDICT_FALSE (s->session_state >= SESSION_STATE_TRANSPORT_CLOSED)) return 0; app = application_get (s->t_app_index); svm_fifo_unset_event (s->tx_fifo); @@ -831,7 +831,7 @@ session_tx_fifo_dequeue_internal (vlib_main_t * vm, always_inline session_t * session_event_get_session (session_event_t * e, u8 thread_index) { - return session_get_if_valid (e->fifo->master_session_index, thread_index); + return session_get_if_valid (e->session_index, thread_index); } static void @@ -1103,7 +1103,7 @@ session_node_cmp_event (session_event_t * e, svm_fifo_t * f) case SESSION_IO_EVT_RX: case SESSION_IO_EVT_TX: case SESSION_IO_EVT_BUILTIN_RX: - if (e->fifo == f) + if (e->session_index == f->master_session_index) return 1; break; case SESSION_CTRL_EVT_CLOSE: diff --git a/src/vnet/session/session_types.h b/src/vnet/session/session_types.h index 9e51d69db42..3b6ab3dce88 100644 --- a/src/vnet/session/session_types.h +++ b/src/vnet/session/session_types.h @@ -326,7 +326,7 @@ typedef struct u8 postponed; union { - svm_fifo_t *fifo; + u32 session_index; session_handle_t session_handle; session_rpc_args_t rpc_args; struct -- cgit 1.2.3-korg