From a474bc8a3b4307869e97e6d76a8b06cfcebea49a Mon Sep 17 00:00:00 2001
From: Florin Coras <fcoras@cisco.com>
Date: Mon, 4 Dec 2023 20:29:52 -0800
Subject: tls: postpone ho cleanup if not fully established

If ho cleans up on first worker before owner of established session
receives connected notification, the ho session is prematurely cleaned
up.

Wait for established ctx to be allocated before freeing ho.

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Icf707e5d8c62a288a49d078460d2ada3b5c41b0e
---
 src/vnet/tls/tls.h | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

(limited to 'src/vnet/tls/tls.h')

diff --git a/src/vnet/tls/tls.h b/src/vnet/tls/tls.h
index 2938cdb4a17..0ae8123aed0 100644
--- a/src/vnet/tls/tls.h
+++ b/src/vnet/tls/tls.h
@@ -56,6 +56,22 @@ typedef struct tls_cxt_id_
 STATIC_ASSERT (sizeof (tls_ctx_id_t) <= TRANSPORT_CONN_ID_LEN,
 	       "ctx id must be less than TRANSPORT_CONN_ID_LEN");
 
+#define foreach_tls_conn_flags _ (HO_DONE, "ho done")
+
+typedef enum tls_conn_flags_bit_
+{
+#define _(sym, str) TLS_CONN_F_BIT_##sym,
+  foreach_tls_conn_flags
+#undef _
+} tls_conn_flags_bit_t;
+
+typedef enum tls_conn_flags_
+{
+#define _(sym, str) TLS_CONN_F_##sym = 1 << TLS_CONN_F_BIT_##sym,
+  foreach_tls_conn_flags
+#undef _
+} __clib_packed tls_conn_flags_t;
+
 typedef struct tls_ctx_
 {
   union
@@ -81,6 +97,7 @@ typedef struct tls_ctx_
   u8 app_closed;
   u8 no_app_session;
   u8 is_migrated;
+  tls_conn_flags_t flags;
   u8 *srv_hostname;
   u32 evt_index;
   u32 ckpair_index;
@@ -92,6 +109,8 @@ typedef struct tls_main_
   u32 app_index;
   tls_ctx_t *listener_ctx_pool;
   tls_ctx_t *half_open_ctx_pool;
+  u32 *postponed_ho_free;
+  u32 *ho_free_list;
   u8 **rx_bufs;
   u8 **tx_bufs;
 
@@ -140,6 +159,10 @@ void tls_notify_app_enqueue (tls_ctx_t * ctx, session_t * app_session);
 void tls_notify_app_io_error (tls_ctx_t *ctx);
 void tls_disconnect_transport (tls_ctx_t * ctx);
 int tls_reinit_ca_chain (crypto_engine_type_t tls_engine_id);
+
+void tls_add_postponed_ho_cleanups (u32 ho_index);
+void tls_flush_postponed_ho_cleanups ();
+
 #endif /* SRC_VNET_TLS_TLS_H_ */
 
 /*
-- 
cgit 1.2.3-korg