mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-22 14:21:25 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: quic: Add a lock for RX packets

Browse Source 
We must protect from concurrent the tree which stores the QUIC packets received
by the dgram I/O handler, these packets being also parsed by the xprt task.
This commit is contained in:
Frédéric Lécaille 2021-06-04 10:33:32 +02:00 committed by Amaury Denoyelle
parent 654c691731
commit 9fccace8b0
3 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/haproxy/thread.h
View File

@ -413,6 +413,7 @@ enum lock_label {
SSL_SERVER_LOCK, SSL_SERVER_LOCK,
SFT_LOCK, /* sink forward target */ SFT_LOCK, /* sink forward target */
IDLE_CONNS_LOCK, IDLE_CONNS_LOCK,
QUIC_LOCK,
OTHER_LOCK, OTHER_LOCK,
/* WT: make sure never to use these ones outside of development, /* WT: make sure never to use these ones outside of development,
* we need them for lock profiling! * we need them for lock profiling!
@ -466,6 +467,7 @@ static inline const char *lock_label(enum lock_label label)
case SSL_SERVER_LOCK: return "SSL_SERVER"; case SSL_SERVER_LOCK: return "SSL_SERVER";
case SFT_LOCK: return "SFT"; case SFT_LOCK: return "SFT";
case IDLE_CONNS_LOCK: return "IDLE_CONNS"; case IDLE_CONNS_LOCK: return "IDLE_CONNS";
case QUIC_LOCK: return "QUIC";
case OTHER_LOCK: return "OTHER"; case OTHER_LOCK: return "OTHER";
case DEBUG1_LOCK: return "DEBUG1"; case DEBUG1_LOCK: return "DEBUG1";
case DEBUG2_LOCK: return "DEBUG2"; case DEBUG2_LOCK: return "DEBUG2";

2
include/haproxy/xprt_quic-t.h
View File

@ -530,6 +530,8 @@ struct quic_enc_level {
/* The packets received by the listener I/O handler /* The packets received by the listener I/O handler
with header protection removed. */ with header protection removed. */
struct eb_root pkts; struct eb_root pkts;
/* <pkts> must be protected from concurrent accesses */
__decl_thread(HA_RWLOCK_T rwlock);
/* Liste of QUIC packets with protected header. */ /* Liste of QUIC packets with protected header. */
struct list pqpkts; struct list pqpkts;
/* Crypto frames */ /* Crypto frames */

7
src/xprt_quic.c
View File

@ -2403,7 +2403,9 @@ static inline void qc_rm_hp_pkts(struct quic_enc_level *el, struct quic_conn_ctx
pqpkt->aad_len = pqpkt->pn_offset + pqpkt->pnl; pqpkt->aad_len = pqpkt->pn_offset + pqpkt->pnl;
/* Store the packet into the tree of packets to decrypt. */ /* Store the packet into the tree of packets to decrypt. */
pqpkt->pn_node.key = pqpkt->pn; pqpkt->pn_node.key = pqpkt->pn;
HA_RWLOCK_WRLOCK(QUIC_LOCK, &el->rx.rwlock);
quic_rx_packet_eb64_insert(&el->rx.pkts, &pqpkt->pn_node); quic_rx_packet_eb64_insert(&el->rx.pkts, &pqpkt->pn_node);
HA_RWLOCK_WRUNLOCK(QUIC_LOCK, &el->rx.rwlock);
TRACE_PROTO("hp removed", QUIC_EV_CONN_ELRMHP, ctx->conn, pqpkt); TRACE_PROTO("hp removed", QUIC_EV_CONN_ELRMHP, ctx->conn, pqpkt);
} }
quic_rx_packet_list_del(pqpkt); quic_rx_packet_list_del(pqpkt);
@ -2457,6 +2459,7 @@ int qc_treat_rx_pkts(struct quic_enc_level *el, struct quic_conn_ctx *ctx)
TRACE_ENTER(QUIC_EV_CONN_ELRXPKTS, ctx->conn); TRACE_ENTER(QUIC_EV_CONN_ELRXPKTS, ctx->conn);
tls_ctx = &el->tls_ctx; tls_ctx = &el->tls_ctx;
HA_RWLOCK_WRLOCK(QUIC_LOCK, &el->rx.rwlock);
node = eb64_first(&el->rx.pkts); node = eb64_first(&el->rx.pkts);
while (node) { while (node) {
struct quic_rx_packet *pkt; struct quic_rx_packet *pkt;
@ -2495,6 +2498,7 @@ int qc_treat_rx_pkts(struct quic_enc_level *el, struct quic_conn_ctx *ctx)
node = eb64_next(node); node = eb64_next(node);
quic_rx_packet_eb64_delete(&pkt->pn_node); quic_rx_packet_eb64_delete(&pkt->pn_node);
} }
HA_RWLOCK_WRUNLOCK(QUIC_LOCK, &el->rx.rwlock);
if (!qc_treat_rx_crypto_frms(el, ctx)) if (!qc_treat_rx_crypto_frms(el, ctx))
goto err; goto err;
@ -2624,6 +2628,7 @@ static int quic_conn_enc_level_init(struct quic_conn *qc,
qel->tls_ctx.tx.flags = 0; qel->tls_ctx.tx.flags = 0;
qel->rx.pkts = EB_ROOT; qel->rx.pkts = EB_ROOT;
HA_RWLOCK_INIT(&qel->rx.rwlock);
LIST_INIT(&qel->rx.pqpkts); LIST_INIT(&qel->rx.pqpkts);
/* Allocate only one buffer. */ /* Allocate only one buffer. */
@ -3002,7 +3007,9 @@ static inline int qc_try_rm_hp(struct quic_rx_packet *pkt,
qpkt_trace = pkt; qpkt_trace = pkt;
/* Store the packet */ /* Store the packet */
pkt->pn_node.key = pkt->pn; pkt->pn_node.key = pkt->pn;
HA_RWLOCK_WRLOCK(QUIC_LOCK, &qel->rx.rwlock);
quic_rx_packet_eb64_insert(&qel->rx.pkts, &pkt->pn_node); quic_rx_packet_eb64_insert(&qel->rx.pkts, &pkt->pn_node);
HA_RWLOCK_WRUNLOCK(QUIC_LOCK, &qel->rx.rwlock);
} }
else if (qel) { else if (qel) {
TRACE_PROTO("hp not removed", QUIC_EV_CONN_TRMHP, ctx ? ctx->conn : NULL, pkt); TRACE_PROTO("hp not removed", QUIC_EV_CONN_TRMHP, ctx ? ctx->conn : NULL, pkt);