From 4b50a8f025053732bc6ad44394f3b83bc854e304 Mon Sep 17 00:00:00 2001 From: Srikanth Akula Date: Mon, 18 Nov 2019 11:49:58 -0800 Subject: [PATCH] session: extra checks in session validation Type: fix Adding few extra checks while doign session validationwq! Signed-off-by: Srikanth Akula Signed-off-by: Florin Coras Change-Id: I4d18b5ad97d1802ce38a07aeb56b5f35939c1187 (cherry picked from commit e140d5d0255b80f8dda945daf7202b5698d81d9b) --- src/vnet/session/session.c | 26 ++++++++++++++++++++++++++ src/vnet/session/session.h | 14 +------------- src/vnet/tls/tls.c | 4 ++-- 3 files changed, 29 insertions(+), 15 deletions(-) diff --git a/src/vnet/session/session.c b/src/vnet/session/session.c index 47a9ed6480c..16863f03dc4 100644 --- a/src/vnet/session/session.c +++ b/src/vnet/session/session.c @@ -205,6 +205,32 @@ session_free (session_t * s) pool_put (session_main.wrk[s->thread_index].sessions, s); } +u8 +session_is_valid (u32 si, u8 thread_index) +{ + session_t *s; + transport_connection_t *tc; + + s = pool_elt_at_index (session_main.wrk[thread_index].sessions, si); + + if (!s) + return 1; + + if (s->thread_index != thread_index || s->session_index != si) + return 0; + + if (s->session_state == SESSION_STATE_TRANSPORT_DELETED + || s->session_state <= SESSION_STATE_LISTENING) + return 1; + + tc = session_get_transport (s); + if (s->connection_index != tc->c_index + || s->thread_index != tc->thread_index || tc->s_index != si) + return 0; + + return 1; +} + static void session_cleanup_notify (session_t * s, session_cleanup_ntf_t ntf) { diff --git a/src/vnet/session/session.h b/src/vnet/session/session.h index 830a34b72e8..34dab61631b 100644 --- a/src/vnet/session/session.h +++ b/src/vnet/session/session.h @@ -284,22 +284,10 @@ session_evt_alloc_old (session_worker_t * wrk) return elt; } -always_inline u8 -session_is_valid (u32 si, u8 thread_index) -{ - session_t *s; - s = pool_elt_at_index (session_main.wrk[thread_index].sessions, si); - if (s->session_state == SESSION_STATE_CLOSED) - return 1; - - if (s->thread_index != thread_index || s->session_index != si) - return 0; - return 1; -} - session_t *session_alloc (u32 thread_index); void session_free (session_t * s); void session_free_w_fifos (session_t * s); +u8 session_is_valid (u32 si, u8 thread_index); always_inline session_t * session_get (u32 si, u32 thread_index) diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c index 9f997f18c95..b42f331691e 100644 --- a/src/vnet/tls/tls.c +++ b/src/vnet/tls/tls.c @@ -427,7 +427,7 @@ tls_session_accept_callback (session_t * tls_session) /* Preallocate app session. Avoids allocating a session post handshake * on tls_session rx and potentially invalidating the session pool */ app_session = session_alloc (ctx->c_thread_index); - app_session->session_state = SESSION_STATE_CLOSED; + app_session->session_state = SESSION_STATE_CREATED; ctx->c_s_index = app_session->session_index; TLS_DBG (1, "Accept on listener %u new connection [%u]%x", @@ -494,7 +494,7 @@ tls_session_connected_callback (u32 tls_app_index, u32 ho_ctx_index, /* Preallocate app session. Avoids allocating a session post handshake * on tls_session rx and potentially invalidating the session pool */ app_session = session_alloc (ctx->c_thread_index); - app_session->session_state = SESSION_STATE_CLOSED; + app_session->session_state = SESSION_STATE_CREATED; ctx->c_s_index = app_session->session_index; return tls_ctx_init_client (ctx);