aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

datasets: reload static sets

Browse Source
pull/5260/head
Shivani Bhardwaj 5 years ago committed by Victor Julien
parent c31360070b
commit e9fe5ada7f
3 changed files with 73 additions and 2 deletions
Show Stats Download Patch File Download Diff File

66
src/datasets.c
Unescape Escape View File

@ -47,6 +47,7 @@ static inline void DatasetUnlockData(THashData *d)
(void) THashDecrUsecnt(d); (void) THashDecrUsecnt(d);
THashDataUnlock(d); THashDataUnlock(d);
} }
static bool DatasetIsStatic(const char *save, const char *load);
enum DatasetTypes DatasetGetTypeFromString(const char *s) enum DatasetTypes DatasetGetTypeFromString(const char *s)
{ {
@ -72,7 +73,7 @@ static Dataset *DatasetSearchByName(const char *name)
{ {
Dataset *set = sets; Dataset *set = sets;
while (set) { while (set) {
if (strcasecmp(name, set->name) == 0) { if (strcasecmp(name, set->name) == 0 && set->hidden == false) {
return set; return set;
} }
set = set->next; set = set->next;
@ -532,6 +533,66 @@ out_err:
return NULL; return NULL;
} }
static bool DatasetIsStatic(const char *save, const char *load)
{
/* A set is static if it does not have any dynamic properties like
* save and/or state defined but has load defined.
* */
if ((load != NULL || strlen(load) > 0) &&
(save == NULL || strlen(save) == 0)) {
return true;
}
return false;
}
void DatasetReload(void)
{
/* In order to reload the datasets, just mark the current sets as hidden
* and clean them up later.
* New datasets shall be created with the rule reload and do not require
* any intervention.
* */
SCMutexLock(&sets_lock);
Dataset *set = sets;
while (set) {
if (!DatasetIsStatic(set->save, set->load) || set->from_yaml == true) {
SCLogDebug("Not a static set, skipping %s", set->name);
set = set->next;
continue;
}
set->hidden = true;
SCLogDebug("Set %s at %p hidden successfully", set->name, set);
set = set->next;
}
SCMutexUnlock(&sets_lock);
}
void DatasetPostReloadCleanup(void)
{
SCLogDebug("Post Reload Cleanup starting.. Hidden sets will be removed");
SCMutexLock(&sets_lock);
Dataset *cur = sets;
Dataset *prev = NULL;
while (cur) {
Dataset *next = cur->next;
if (cur->hidden == false) {
prev = cur;
cur = next;
continue;
}
// Delete the set in case it was hidden
if (prev != NULL) {
prev->next = next;
} else {
sets = next;
}
THashShutdown(cur->hash);
SCFree(cur);
cur = next;
}
SCMutexUnlock(&sets_lock);
}
int DatasetsInit(void) int DatasetsInit(void)
{ {
SCLogDebug("datasets start"); SCLogDebug("datasets start");
@ -585,6 +646,7 @@ int DatasetsInit(void)
if (dset == NULL) if (dset == NULL)
FatalError(SC_ERR_FATAL, "failed to setup dataset for %s", set_name); FatalError(SC_ERR_FATAL, "failed to setup dataset for %s", set_name);
SCLogDebug("dataset %s: id %d type %s", set_name, n, set_type->val); SCLogDebug("dataset %s: id %d type %s", set_name, n, set_type->val);
dset->from_yaml = true;
n++; n++;
} else if (strcmp(set_type->val, "sha256") == 0) { } else if (strcmp(set_type->val, "sha256") == 0) {
@ -592,6 +654,7 @@ int DatasetsInit(void)
if (dset == NULL) if (dset == NULL)
FatalError(SC_ERR_FATAL, "failed to setup dataset for %s", set_name); FatalError(SC_ERR_FATAL, "failed to setup dataset for %s", set_name);
SCLogDebug("dataset %s: id %d type %s", set_name, n, set_type->val); SCLogDebug("dataset %s: id %d type %s", set_name, n, set_type->val);
dset->from_yaml = true;
n++; n++;
} else if (strcmp(set_type->val, "string") == 0) { } else if (strcmp(set_type->val, "string") == 0) {
@ -599,6 +662,7 @@ int DatasetsInit(void)
if (dset == NULL) if (dset == NULL)
FatalError(SC_ERR_FATAL, "failed to setup dataset for %s", set_name); FatalError(SC_ERR_FATAL, "failed to setup dataset for %s", set_name);
SCLogDebug("dataset %s: id %d type %s", set_name, n, set_type->val); SCLogDebug("dataset %s: id %d type %s", set_name, n, set_type->val);
dset->from_yaml = true;
n++; n++;
} }

5
src/datasets.h
Unescape Escape View File

@ -24,6 +24,8 @@
int DatasetsInit(void); int DatasetsInit(void);
void DatasetsDestroy(void); void DatasetsDestroy(void);
void DatasetsSave(void); void DatasetsSave(void);
void DatasetReload(void);
void DatasetPostReloadCleanup(void);
enum DatasetTypes { enum DatasetTypes {
#define DATASET_TYPE_NOTSET 0 #define DATASET_TYPE_NOTSET 0
@ -37,7 +39,8 @@ typedef struct Dataset {
char name[DATASET_NAME_MAX_LEN + 1]; char name[DATASET_NAME_MAX_LEN + 1];
enum DatasetTypes type; enum DatasetTypes type;
uint32_t id; uint32_t id;
bool from_yaml; /* Mark whether the set was retrieved from YAML */
bool hidden; /* Mark the old sets hidden in case of reload */
THashTableContext *hash; THashTableContext *hash;
char load[PATH_MAX]; char load[PATH_MAX];

4
src/detect-engine.c
Unescape Escape View File

@ -31,6 +31,7 @@
#include "flow-worker.h" #include "flow-worker.h"
#include "conf.h" #include "conf.h"
#include "conf-yaml-loader.h" #include "conf-yaml-loader.h"
#include "datasets.h"
#include "app-layer-parser.h" #include "app-layer-parser.h"
#include "app-layer-htp.h" #include "app-layer-htp.h"
@ -4093,6 +4094,7 @@ int DetectEngineReload(const SCInstance *suri)
if (old_de_ctx == NULL) if (old_de_ctx == NULL)
return -1; return -1;
SCLogDebug("get ref to old_de_ctx %p", old_de_ctx); SCLogDebug("get ref to old_de_ctx %p", old_de_ctx);
DatasetReload();
/* only reload a regular 'normal' and 'delayed detect stub' detect engines */ /* only reload a regular 'normal' and 'delayed detect stub' detect engines */
if (!(old_de_ctx->type == DETECT_ENGINE_TYPE_NORMAL || if (!(old_de_ctx->type == DETECT_ENGINE_TYPE_NORMAL ||
@ -4134,6 +4136,8 @@ int DetectEngineReload(const SCInstance *suri)
/* walk free list, freeing the old_de_ctx */ /* walk free list, freeing the old_de_ctx */
DetectEnginePruneFreeList(); DetectEnginePruneFreeList();
DatasetPostReloadCleanup();
DetectEngineBumpVersion(); DetectEngineBumpVersion();
SCLogDebug("old_de_ctx should have been freed"); SCLogDebug("old_de_ctx should have been freed");

Write Preview
Loading…
Cancel
Save