From dd9f6378cb01af8a9c34f5faf4cec4c96cf35d52 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Wed, 13 Nov 2024 17:40:29 -0600 Subject: [PATCH 1/3] rename WOLFSSL_GLOBAL to WC_THREADSHARED, and refactor mutex handling in src/sniffer.c for consistency and correctness, also adding gating on !SINGLE_THREADED for efficiency; add wc_static_assert in wolfcrypt/test/test.h to assure that WC_TEST_RET_ENC() can correctly handle all error codes. --- src/sniffer.c | 143 ++++++++++-------- src/ssl.c | 6 +- src/ssl_sess.c | 14 +- wolfcrypt/src/cryptocb.c | 2 +- .../src/port/Renesas/renesas_fspsm_util.c | 2 +- wolfcrypt/test/test.h | 4 + wolfssl/wolfcrypt/wc_port.h | 4 +- 7 files changed, 97 insertions(+), 78 deletions(-) diff --git a/src/sniffer.c b/src/sniffer.c index eed321680..186b810b9 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -36,7 +36,6 @@ * WOLFSSL_SNIFFER_NO_RECOVERY: Do not track missed data count. */ - /* xctime */ #ifndef XCTIME #define XCTIME ctime @@ -227,8 +226,8 @@ BOOL APIENTRY DllMain( HMODULE hModule, #endif /* _WIN32 */ -static WOLFSSL_GLOBAL int TraceOn = 0; /* Trace is off by default */ -static WOLFSSL_GLOBAL XFILE TraceFile = 0; +static WC_THREADSHARED int TraceOn = 0; /* Trace is off by default */ +static WC_THREADSHARED XFILE TraceFile = 0; /* windows uses .rc table for this */ @@ -437,8 +436,10 @@ typedef struct SnifferServer { int port; /* server port */ #ifdef HAVE_SNI NamedKey* namedKeys; /* mapping of names and keys */ +#ifndef SINGLE_THREADED wolfSSL_Mutex namedKeysMutex; /* mutex for namedKey list */ #endif +#endif #if defined(WOLFSSL_SNIFFER_KEYLOGFILE) byte useKeyLogFile; /* True if session secrets are coming from a keylog file */ @@ -566,83 +567,95 @@ typedef struct SnifferSession { /* Sniffer Server List and mutex */ -static THREAD_LS_T WOLFSSL_GLOBAL SnifferServer* ServerList = NULL; -#ifndef HAVE_C___ATOMIC -static WOLFSSL_GLOBAL wolfSSL_Mutex ServerListMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(ServerListMutex); +static WC_THREADSHARED SnifferServer* ServerList = NULL; +#ifndef SINGLE_THREADED +static WC_THREADSHARED wolfSSL_Mutex ServerListMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(ServerListMutex); #endif /* Session Hash Table, mutex, and count */ -static THREAD_LS_T WOLFSSL_GLOBAL SnifferSession* SessionTable[HASH_SIZE]; -#ifndef HAVE_C___ATOMIC -static WOLFSSL_GLOBAL wolfSSL_Mutex SessionMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(SessionMutex); +static WC_THREADSHARED SnifferSession* SessionTable[HASH_SIZE]; +#ifndef SINGLE_THREADED +static WC_THREADSHARED wolfSSL_Mutex SessionMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(SessionMutex); #endif -static THREAD_LS_T WOLFSSL_GLOBAL int SessionCount = 0; +static WC_THREADSHARED int SessionCount = 0; -static WOLFSSL_GLOBAL int RecoveryEnabled = 0; /* global switch */ -static WOLFSSL_GLOBAL int MaxRecoveryMemory = -1; +static WC_THREADSHARED int RecoveryEnabled = 0; /* global switch */ +static WC_THREADSHARED int MaxRecoveryMemory = -1; /* per session max recovery memory */ #ifndef WOLFSSL_SNIFFER_NO_RECOVERY /* Recovery of missed data switches and stats */ -static WOLFSSL_GLOBAL wolfSSL_Mutex RecoveryMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(RecoveryMutex); /* for stats */ +#ifndef SINGLE_THREADED +static WC_THREADSHARED wolfSSL_Mutex RecoveryMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(RecoveryMutex); /* for stats */ +#endif /* # of sessions with missed data */ -static WOLFSSL_GLOBAL word32 MissedDataSessions = 0; +static WC_THREADSHARED word32 MissedDataSessions = 0; #endif /* Connection Info Callback */ -static WOLFSSL_GLOBAL SSLConnCb ConnectionCb; -static WOLFSSL_GLOBAL void* ConnectionCbCtx = NULL; +static WC_THREADSHARED SSLConnCb ConnectionCb; +static WC_THREADSHARED void* ConnectionCbCtx = NULL; #ifdef WOLFSSL_SNIFFER_STATS /* Sessions Statistics */ -static WOLFSSL_GLOBAL SSLStats SnifferStats; -static WOLFSSL_GLOBAL wolfSSL_Mutex StatsMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(StatsMutex); +static WC_THREADSHARED SSLStats SnifferStats; +#ifndef SINGLE_THREADED +static WC_THREADSHARED wolfSSL_Mutex StatsMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(StatsMutex); +#endif #endif #ifdef WOLFSSL_SNIFFER_KEY_CALLBACK -static WOLFSSL_GLOBAL SSLKeyCb KeyCb; -static WOLFSSL_GLOBAL void* KeyCbCtx = NULL; +static WC_THREADSHARED SSLKeyCb KeyCb; +static WC_THREADSHARED void* KeyCbCtx = NULL; #endif #ifdef WOLFSSL_SNIFFER_WATCH /* Watch Key Callback */ -static WOLFSSL_GLOBAL SSLWatchCb WatchCb; -static WOLFSSL_GLOBAL void* WatchCbCtx = NULL; +static WC_THREADSHARED SSLWatchCb WatchCb; +static WC_THREADSHARED void* WatchCbCtx = NULL; #endif #ifdef WOLFSSL_SNIFFER_STORE_DATA_CB /* Store Data Callback */ -static WOLFSSL_GLOBAL SSLStoreDataCb StoreDataCb; +static WC_THREADSHARED SSLStoreDataCb StoreDataCb; #endif #ifndef WOLFSSL_SNIFFER_NO_RECOVERY static void UpdateMissedDataSessions(void) { +#ifndef SINGLE_THREADED wc_LockMutex(&RecoveryMutex); +#endif MissedDataSessions += 1; +#ifndef SINGLE_THREADED wc_UnLockMutex(&RecoveryMutex); +#endif } #endif #ifdef WOLFSSL_SNIFFER_STATS - #ifdef HAVE_C___ATOMIC + #if defined(WOLFSSL_ATOMIC_OPS) || defined(SINGLE_THREADED) #define LOCK_STAT() WC_DO_NOTHING #define UNLOCK_STAT() WC_DO_NOTHING - #define NOLOCK_ADD_TO_STAT(x,y) ({ TraceStat(#x, y); \ - __atomic_fetch_add(&x, y, __ATOMIC_RELAXED); }) #else #define LOCK_STAT() wc_LockMutex(&StatsMutex) #define UNLOCK_STAT() wc_UnLockMutex(&StatsMutex) - #define NOLOCK_ADD_TO_STAT(x,y) ({ TraceStat(#x, y); x += y; }) #endif - #define NOLOCK_INC_STAT(x) NOLOCK_ADD_TO_STAT(x,1) - #define ADD_TO_STAT(x,y) do { LOCK_STAT(); \ - NOLOCK_ADD_TO_STAT(x,y); UNLOCK_STAT(); } while (0) - #define INC_STAT(x) do { LOCK_STAT(); \ - NOLOCK_INC_STAT(x); UNLOCK_STAT(); } while (0) + + #define ADD_TO_STAT(x,y) ({ TraceStat(#x, y); wolfSSL_Atomic_Int_FetchAdd(x, y); }) + #define INC_STAT(x) ADD_TO_STAT(x,1) + + #define ADD_TO_STAT(x,y) do { \ + LOCK_STAT(); \ + TraceStat(#x, y); \ + (void)wolfSSL_Atomic_Int_FetchAdd(x, y); \ + UNLOCK_STAT(); \ + } while (0) + + #define INC_STAT(x) ADD_TO_STAT(x, 1) #endif /* WOLFSSL_SNIFFER_STATS */ -#ifdef HAVE_C___ATOMIC +#ifdef SINGLE_THREADED #define LOCK_SESSION() WC_DO_NOTHING #define UNLOCK_SESSION() WC_DO_NOTHING #define LOCK_SERVER_LIST() WC_DO_NOTHING @@ -656,7 +669,7 @@ static void UpdateMissedDataSessions(void) #if defined(WOLF_CRYPTO_CB) || defined(WOLFSSL_ASYNC_CRYPT) - static WOLFSSL_GLOBAL int CryptoDeviceId = INVALID_DEVID; + static WC_THREADSHARED int CryptoDeviceId = INVALID_DEVID; #endif #if defined(WOLFSSL_SNIFFER_KEYLOGFILE) @@ -682,19 +695,16 @@ static int addKeyLogSnifferServerHelper(const char* address, void ssl_InitSniffer_ex(int devId) { wolfSSL_Init(); -#ifndef WOLFSSL_MUTEX_INITIALIZER -#ifndef HAVE_C___ATOMIC +#if !defined(WOLFSSL_MUTEX_INITIALIZER) && !defined(SINGLE_THREADED) wc_InitMutex(&ServerListMutex); wc_InitMutex(&SessionMutex); -#endif #ifndef WOLFSSL_SNIFFER_NO_RECOVERY wc_InitMutex(&RecoveryMutex); #endif #ifdef WOLFSSL_SNIFFER_STATS - XMEMSET(&SnifferStats, 0, sizeof(SSLStats)); wc_InitMutex(&StatsMutex); #endif -#endif /* !WOLFSSL_MUTEX_INITIALIZER */ +#endif /* !WOLFSSL_MUTEX_INITIALIZER && !SINGLE_THREADED */ #ifdef WOLFSSL_SNIFFER_STATS XMEMSET(&SnifferStats, 0, sizeof(SSLStats)); @@ -799,10 +809,14 @@ static void FreeSnifferServer(SnifferServer* srv) { if (srv) { #ifdef HAVE_SNI +#ifndef SINGLE_THREADED wc_LockMutex(&srv->namedKeysMutex); +#endif FreeNamedKeyList(srv->namedKeys); +#ifndef SINGLE_THREADED wc_UnLockMutex(&srv->namedKeysMutex); wc_FreeMutex(&srv->namedKeysMutex); +#endif #endif wolfSSL_CTX_free(srv->ctx); } @@ -905,15 +919,16 @@ void ssl_FreeSniffer(void) #endif /* WOLFSSL_SNIFFER_KEYLOGFILE */ -#ifndef WOLFSSL_MUTEX_INITIALIZER +#if !defined(WOLFSSL_MUTEX_INITIALIZER) && !defined(SINGLE_THREADED) #ifndef WOLFSSL_SNIFFER_NO_RECOVERY wc_FreeMutex(&RecoveryMutex); #endif -#ifndef HAVE_C___ATOMIC wc_FreeMutex(&SessionMutex); wc_FreeMutex(&ServerListMutex); +#ifdef WOLFSSL_SNIFFER_STATS + wc_FreeMutex(&StatsMutex); #endif -#endif /* !WOLFSSL_MUTEX_INITIALIZER */ +#endif /* !WOLFSSL_MUTEX_INITIALIZER && !SINGLE_THREADED */ #ifdef WOLF_CRYPTO_CB #ifdef HAVE_INTEL_QA_SYNC @@ -1914,10 +1929,14 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port, } #ifdef HAVE_SNI else { +#ifndef SINGLE_THREADED wc_LockMutex(&sniffer->namedKeysMutex); +#endif namedKey->next = sniffer->namedKeys; sniffer->namedKeys = namedKey; +#ifndef SINGLE_THREADED wc_UnLockMutex(&sniffer->namedKeysMutex); +#endif } #endif @@ -3956,7 +3975,9 @@ static int LoadNamedKey(SnifferSession* session, const byte* name, word16 nameSz WOLFSSL* ssl = session->sslServer; NamedKey* namedKey; +#ifndef SINGLE_THREADED wc_LockMutex(&session->context->namedKeysMutex); +#endif namedKey = session->context->namedKeys; while (namedKey != NULL) { if (nameSz == namedKey->nameSz && @@ -3984,7 +4005,9 @@ static int LoadNamedKey(SnifferSession* session, const byte* name, word16 nameSz } namedKey = namedKey->next; } +#ifndef SINGLE_THREADED wc_UnLockMutex(&session->context->namedKeysMutex); +#endif return ret; } #endif @@ -5057,26 +5080,15 @@ static void RemoveSession(SnifferSession* session, IpInfo* ipInfo, SnifferSession* previous = 0; SnifferSession* current; word32 row = rowHint; -#ifndef HAVE_C___ATOMIC - int haveLock = 0; -#endif Trace(REMOVE_SESSION_STR); if (ipInfo && tcpInfo) row = SessionHash(ipInfo, tcpInfo); -#ifndef HAVE_C___ATOMIC - else - haveLock = 1; -#endif if (row >= HASH_SIZE) return; -#ifndef HAVE_C___ATOMIC - if (!haveLock) { - LOCK_SESSION(); - } -#endif + LOCK_SESSION(); current = SessionTable[row]; @@ -5094,11 +5106,7 @@ static void RemoveSession(SnifferSession* session, IpInfo* ipInfo, current = current->next; } -#ifndef HAVE_C___ATOMIC - if (!haveLock) { - UNLOCK_SESSION(); - } -#endif + UNLOCK_SESSION(); } @@ -6907,9 +6915,13 @@ int ssl_GetSessionStats(unsigned int* active, unsigned int* total, if (missedData) { #ifndef WOLFSSL_SNIFFER_NO_RECOVERY + #ifndef SINGLE_THREADED wc_LockMutex(&RecoveryMutex); + #endif *missedData = MissedDataSessions; + #ifndef SINGLE_THREADED wc_UnLockMutex(&RecoveryMutex); + #endif #endif } @@ -6966,9 +6978,13 @@ int ssl_SetConnectionCtx(void* ctx) * returns 0 on success, -1 on error */ int ssl_ResetStatistics(void) { +#ifndef SINGLE_THREADED wc_LockMutex(&StatsMutex); +#endif XMEMSET(&SnifferStats, 0, sizeof(SSLStats)); +#ifndef SINGLE_THREADED wc_UnLockMutex(&StatsMutex); +#endif return 0; } @@ -7234,16 +7250,15 @@ typedef struct SecretNode { #define WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE HASH_SIZE #endif -static THREAD_LS_T WOLFSSL_GLOBAL -SecretNode* +static WC_THREADSHARED SecretNode* secretHashTable[WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE] = {NULL}; -#ifndef HAVE_C___ATOMIC -static WOLFSSL_GLOBAL wolfSSL_Mutex secretListMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(secretListMutex); +#ifndef SINGLE_THREADED +static WC_THREADSHARED wolfSSL_Mutex secretListMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(secretListMutex); #endif static unsigned int secretHashFunction(unsigned char* clientRandom); -#ifdef HAVE_C___ATOMIC +#ifdef SINGLE_THREADED #define LOCK_SECRET_LIST() WC_DO_NOTHING #define UNLOCK_SECRET_LIST() WC_DO_NOTHING #else diff --git a/src/ssl.c b/src/ssl.c index 1f7534520..16d886299 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -1032,12 +1032,12 @@ int GetEchConfigsEx(WOLFSSL_EchConfig* configs, byte* output, word32* outputLen) #endif /* prevent multiple mutex initializations */ -static volatile WOLFSSL_GLOBAL int initRefCount = 0; +static volatile WC_THREADSHARED int initRefCount = 0; /* init ref count mutex */ -static WOLFSSL_GLOBAL wolfSSL_Mutex inits_count_mutex +static WC_THREADSHARED wolfSSL_Mutex inits_count_mutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(inits_count_mutex); #ifndef WOLFSSL_MUTEX_INITIALIZER -static WOLFSSL_GLOBAL volatile int inits_count_mutex_valid = 0; +static WC_THREADSHARED volatile int inits_count_mutex_valid = 0; #endif /* Create a new WOLFSSL_CTX struct and return the pointer to created struct. diff --git a/src/ssl_sess.c b/src/ssl_sess.c index 91f2c8473..65f14e0e4 100644 --- a/src/ssl_sess.c +++ b/src/ssl_sess.c @@ -113,10 +113,10 @@ } SessionRow; #define SIZEOF_SESSION_ROW (sizeof(WOLFSSL_SESSION) + (sizeof(int) * 2)) - static WOLFSSL_GLOBAL SessionRow SessionCache[SESSION_ROWS]; + static WC_THREADSHARED SessionRow SessionCache[SESSION_ROWS]; #if defined(WOLFSSL_SESSION_STATS) && defined(WOLFSSL_PEAK_SESSIONS) - static WOLFSSL_GLOBAL word32 PeakSessions; + static WC_THREADSHARED word32 PeakSessions; #endif #ifdef ENABLE_SESSION_CACHE_ROW_LOCK @@ -124,8 +124,8 @@ #define SESSION_ROW_WR_LOCK(row) wc_LockRwLock_Wr(&(row)->row_lock) #define SESSION_ROW_UNLOCK(row) wc_UnLockRwLock(&(row)->row_lock); #else - static WOLFSSL_GLOBAL wolfSSL_RwLock session_lock; /* SessionCache lock */ - static WOLFSSL_GLOBAL int session_lock_valid = 0; + static WC_THREADSHARED wolfSSL_RwLock session_lock; /* SessionCache lock */ + static WC_THREADSHARED int session_lock_valid = 0; #define SESSION_ROW_RD_LOCK(row) wc_LockRwLock_Rd(&session_lock) #define SESSION_ROW_WR_LOCK(row) wc_LockRwLock_Wr(&session_lock) #define SESSION_ROW_UNLOCK(row) wc_UnLockRwLock(&session_lock); @@ -176,15 +176,15 @@ ClientSession Clients[CLIENT_SESSIONS_PER_ROW]; } ClientRow; - static WOLFSSL_GLOBAL ClientRow ClientCache[CLIENT_SESSION_ROWS]; + static WC_THREADSHARED ClientRow ClientCache[CLIENT_SESSION_ROWS]; /* Client Cache */ /* uses session mutex */ /* ClientCache mutex */ - static WOLFSSL_GLOBAL wolfSSL_Mutex clisession_mutex + static WC_THREADSHARED wolfSSL_Mutex clisession_mutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(clisession_mutex); #ifndef WOLFSSL_MUTEX_INITIALIZER - static WOLFSSL_GLOBAL int clisession_mutex_valid = 0; + static WC_THREADSHARED int clisession_mutex_valid = 0; #endif #endif /* !NO_CLIENT_CACHE */ diff --git a/wolfcrypt/src/cryptocb.c b/wolfcrypt/src/cryptocb.c index 4b903ddb7..1ecc46cad 100644 --- a/wolfcrypt/src/cryptocb.c +++ b/wolfcrypt/src/cryptocb.c @@ -65,7 +65,7 @@ typedef struct CryptoCb { CryptoDevCallbackFunc cb; void* ctx; } CryptoCb; -static WOLFSSL_GLOBAL CryptoCb gCryptoDev[MAX_CRYPTO_DEVID_CALLBACKS]; +static WC_THREADSHARED CryptoCb gCryptoDev[MAX_CRYPTO_DEVID_CALLBACKS]; #ifdef WOLF_CRYPTO_CB_FIND static CryptoDevCallbackFind CryptoCb_FindCb = NULL; diff --git a/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c b/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c index e3f1547be..ab0082e1e 100644 --- a/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c +++ b/wolfcrypt/src/port/Renesas/renesas_fspsm_util.c @@ -56,7 +56,7 @@ extern FSPSM_CONFIG gFSPSM_cfg; #endif #if defined(WOLFSSL_RENESAS_FSPSM_ECC) -WOLFSSL_GLOBAL FSPSM_ST_PKC gPKCbInfo; +WC_THREADSHARED FSPSM_ST_PKC gPKCbInfo; #endif diff --git a/wolfcrypt/test/test.h b/wolfcrypt/test/test.h index 2584b1227..a14f1f64c 100644 --- a/wolfcrypt/test/test.h +++ b/wolfcrypt/test/test.h @@ -37,6 +37,8 @@ #include +#include + #ifdef HAVE_STACK_SIZE THREAD_RETURN WOLFSSL_THREAD wolfcrypt_test(void* args); #else @@ -58,6 +60,8 @@ int wolf_test_task(void); #define WC_TEST_RET_TAG_ERRNO 2L #define WC_TEST_RET_TAG_I 3L +wc_static_assert(-(long)MIN_CODE_E < 0x7ffL); + #define WC_TEST_RET_ENC(line, i, tag) \ ((wc_test_ret_t)(-((wc_test_ret_t)(line) + ((wc_test_ret_t)((word32)(i) & 0x7ffL) * 100000L) + ((wc_test_ret_t)(tag) << 29L)))) diff --git a/wolfssl/wolfcrypt/wc_port.h b/wolfssl/wolfcrypt/wc_port.h index 002e9d405..21f4c00d3 100644 --- a/wolfssl/wolfcrypt/wc_port.h +++ b/wolfssl/wolfcrypt/wc_port.h @@ -1299,9 +1299,9 @@ WOLFSSL_ABI WOLFSSL_API int wolfCrypt_Cleanup(void); /* By default, the OCTEON's global variables are all thread local. This * tag allows them to be shared between threads. */ #include "cvmx-platform.h" - #define WOLFSSL_GLOBAL CVMX_SHARED + #define WC_THREADSHARED CVMX_SHARED #else - #define WOLFSSL_GLOBAL + #define WC_THREADSHARED #endif #ifdef WOLFSSL_DSP From 4ad0dce84edca5f0fc14a9eb573fe3343e7dedc8 Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Thu, 14 Nov 2024 18:00:52 -0600 Subject: [PATCH 2/3] src/sniffer.c: revert refactor pending proper fixes. --- src/sniffer.c | 109 +++++++++++++++++++++++--------------------------- 1 file changed, 49 insertions(+), 60 deletions(-) diff --git a/src/sniffer.c b/src/sniffer.c index 186b810b9..231ac0901 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -32,10 +32,15 @@ #include #endif +#if !defined(HAVE_THREAD_LS) && !defined(SINGLE_THREADED) + #error sniffer requires HAVE_THREAD_LS or SINGLE_THREADED. +#endif + /* Build Options: * WOLFSSL_SNIFFER_NO_RECOVERY: Do not track missed data count. */ + /* xctime */ #ifndef XCTIME #define XCTIME ctime @@ -436,10 +441,8 @@ typedef struct SnifferServer { int port; /* server port */ #ifdef HAVE_SNI NamedKey* namedKeys; /* mapping of names and keys */ -#ifndef SINGLE_THREADED wolfSSL_Mutex namedKeysMutex; /* mutex for namedKey list */ #endif -#endif #if defined(WOLFSSL_SNIFFER_KEYLOGFILE) byte useKeyLogFile; /* True if session secrets are coming from a keylog file */ @@ -567,26 +570,24 @@ typedef struct SnifferSession { /* Sniffer Server List and mutex */ -static WC_THREADSHARED SnifferServer* ServerList = NULL; -#ifndef SINGLE_THREADED +static THREAD_LS_T SnifferServer* ServerList = NULL; +#ifndef HAVE_C___ATOMIC static WC_THREADSHARED wolfSSL_Mutex ServerListMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(ServerListMutex); #endif /* Session Hash Table, mutex, and count */ -static WC_THREADSHARED SnifferSession* SessionTable[HASH_SIZE]; -#ifndef SINGLE_THREADED +static THREAD_LS_T SnifferSession* SessionTable[HASH_SIZE]; +#ifndef HAVE_C___ATOMIC static WC_THREADSHARED wolfSSL_Mutex SessionMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(SessionMutex); #endif -static WC_THREADSHARED int SessionCount = 0; +static THREAD_LS_T int SessionCount = 0; static WC_THREADSHARED int RecoveryEnabled = 0; /* global switch */ static WC_THREADSHARED int MaxRecoveryMemory = -1; /* per session max recovery memory */ #ifndef WOLFSSL_SNIFFER_NO_RECOVERY /* Recovery of missed data switches and stats */ -#ifndef SINGLE_THREADED static WC_THREADSHARED wolfSSL_Mutex RecoveryMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(RecoveryMutex); /* for stats */ -#endif /* # of sessions with missed data */ static WC_THREADSHARED word32 MissedDataSessions = 0; #endif @@ -598,10 +599,8 @@ static WC_THREADSHARED void* ConnectionCbCtx = NULL; #ifdef WOLFSSL_SNIFFER_STATS /* Sessions Statistics */ static WC_THREADSHARED SSLStats SnifferStats; -#ifndef SINGLE_THREADED static WC_THREADSHARED wolfSSL_Mutex StatsMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(StatsMutex); #endif -#endif #ifdef WOLFSSL_SNIFFER_KEY_CALLBACK static WC_THREADSHARED SSLKeyCb KeyCb; @@ -623,39 +622,31 @@ static WC_THREADSHARED SSLStoreDataCb StoreDataCb; #ifndef WOLFSSL_SNIFFER_NO_RECOVERY static void UpdateMissedDataSessions(void) { -#ifndef SINGLE_THREADED wc_LockMutex(&RecoveryMutex); -#endif MissedDataSessions += 1; -#ifndef SINGLE_THREADED wc_UnLockMutex(&RecoveryMutex); -#endif } #endif #ifdef WOLFSSL_SNIFFER_STATS - #if defined(WOLFSSL_ATOMIC_OPS) || defined(SINGLE_THREADED) + #ifdef HAVE_C___ATOMIC #define LOCK_STAT() WC_DO_NOTHING #define UNLOCK_STAT() WC_DO_NOTHING + #define NOLOCK_ADD_TO_STAT(x,y) ({ TraceStat(#x, y); \ + __atomic_fetch_add(&x, y, __ATOMIC_RELAXED); }) #else #define LOCK_STAT() wc_LockMutex(&StatsMutex) #define UNLOCK_STAT() wc_UnLockMutex(&StatsMutex) + #define NOLOCK_ADD_TO_STAT(x,y) ({ TraceStat(#x, y); x += y; }) #endif - - #define ADD_TO_STAT(x,y) ({ TraceStat(#x, y); wolfSSL_Atomic_Int_FetchAdd(x, y); }) - #define INC_STAT(x) ADD_TO_STAT(x,1) - - #define ADD_TO_STAT(x,y) do { \ - LOCK_STAT(); \ - TraceStat(#x, y); \ - (void)wolfSSL_Atomic_Int_FetchAdd(x, y); \ - UNLOCK_STAT(); \ - } while (0) - - #define INC_STAT(x) ADD_TO_STAT(x, 1) + #define NOLOCK_INC_STAT(x) NOLOCK_ADD_TO_STAT(x,1) + #define ADD_TO_STAT(x,y) do { LOCK_STAT(); \ + NOLOCK_ADD_TO_STAT(x,y); UNLOCK_STAT(); } while (0) + #define INC_STAT(x) do { LOCK_STAT(); \ + NOLOCK_INC_STAT(x); UNLOCK_STAT(); } while (0) #endif /* WOLFSSL_SNIFFER_STATS */ -#ifdef SINGLE_THREADED +#ifdef HAVE_C___ATOMIC #define LOCK_SESSION() WC_DO_NOTHING #define UNLOCK_SESSION() WC_DO_NOTHING #define LOCK_SERVER_LIST() WC_DO_NOTHING @@ -695,16 +686,19 @@ static int addKeyLogSnifferServerHelper(const char* address, void ssl_InitSniffer_ex(int devId) { wolfSSL_Init(); -#if !defined(WOLFSSL_MUTEX_INITIALIZER) && !defined(SINGLE_THREADED) +#ifndef WOLFSSL_MUTEX_INITIALIZER +#ifndef HAVE_C___ATOMIC wc_InitMutex(&ServerListMutex); wc_InitMutex(&SessionMutex); +#endif #ifndef WOLFSSL_SNIFFER_NO_RECOVERY wc_InitMutex(&RecoveryMutex); #endif #ifdef WOLFSSL_SNIFFER_STATS + XMEMSET(&SnifferStats, 0, sizeof(SSLStats)); wc_InitMutex(&StatsMutex); #endif -#endif /* !WOLFSSL_MUTEX_INITIALIZER && !SINGLE_THREADED */ +#endif /* !WOLFSSL_MUTEX_INITIALIZER */ #ifdef WOLFSSL_SNIFFER_STATS XMEMSET(&SnifferStats, 0, sizeof(SSLStats)); @@ -809,14 +803,10 @@ static void FreeSnifferServer(SnifferServer* srv) { if (srv) { #ifdef HAVE_SNI -#ifndef SINGLE_THREADED wc_LockMutex(&srv->namedKeysMutex); -#endif FreeNamedKeyList(srv->namedKeys); -#ifndef SINGLE_THREADED wc_UnLockMutex(&srv->namedKeysMutex); wc_FreeMutex(&srv->namedKeysMutex); -#endif #endif wolfSSL_CTX_free(srv->ctx); } @@ -919,16 +909,15 @@ void ssl_FreeSniffer(void) #endif /* WOLFSSL_SNIFFER_KEYLOGFILE */ -#if !defined(WOLFSSL_MUTEX_INITIALIZER) && !defined(SINGLE_THREADED) +#ifndef WOLFSSL_MUTEX_INITIALIZER #ifndef WOLFSSL_SNIFFER_NO_RECOVERY wc_FreeMutex(&RecoveryMutex); #endif +#ifndef HAVE_C___ATOMIC wc_FreeMutex(&SessionMutex); wc_FreeMutex(&ServerListMutex); -#ifdef WOLFSSL_SNIFFER_STATS - wc_FreeMutex(&StatsMutex); #endif -#endif /* !WOLFSSL_MUTEX_INITIALIZER && !SINGLE_THREADED */ +#endif /* !WOLFSSL_MUTEX_INITIALIZER */ #ifdef WOLF_CRYPTO_CB #ifdef HAVE_INTEL_QA_SYNC @@ -1929,14 +1918,10 @@ static int SetNamedPrivateKey(const char* name, const char* address, int port, } #ifdef HAVE_SNI else { -#ifndef SINGLE_THREADED wc_LockMutex(&sniffer->namedKeysMutex); -#endif namedKey->next = sniffer->namedKeys; sniffer->namedKeys = namedKey; -#ifndef SINGLE_THREADED wc_UnLockMutex(&sniffer->namedKeysMutex); -#endif } #endif @@ -3975,9 +3960,7 @@ static int LoadNamedKey(SnifferSession* session, const byte* name, word16 nameSz WOLFSSL* ssl = session->sslServer; NamedKey* namedKey; -#ifndef SINGLE_THREADED wc_LockMutex(&session->context->namedKeysMutex); -#endif namedKey = session->context->namedKeys; while (namedKey != NULL) { if (nameSz == namedKey->nameSz && @@ -4005,9 +3988,7 @@ static int LoadNamedKey(SnifferSession* session, const byte* name, word16 nameSz } namedKey = namedKey->next; } -#ifndef SINGLE_THREADED wc_UnLockMutex(&session->context->namedKeysMutex); -#endif return ret; } #endif @@ -5080,15 +5061,26 @@ static void RemoveSession(SnifferSession* session, IpInfo* ipInfo, SnifferSession* previous = 0; SnifferSession* current; word32 row = rowHint; +#ifndef HAVE_C___ATOMIC + int haveLock = 0; +#endif Trace(REMOVE_SESSION_STR); if (ipInfo && tcpInfo) row = SessionHash(ipInfo, tcpInfo); +#ifndef HAVE_C___ATOMIC + else + haveLock = 1; +#endif if (row >= HASH_SIZE) return; - LOCK_SESSION(); +#ifndef HAVE_C___ATOMIC + if (!haveLock) { + LOCK_SESSION(); + } +#endif current = SessionTable[row]; @@ -5106,7 +5098,11 @@ static void RemoveSession(SnifferSession* session, IpInfo* ipInfo, current = current->next; } - UNLOCK_SESSION(); +#ifndef HAVE_C___ATOMIC + if (!haveLock) { + UNLOCK_SESSION(); + } +#endif } @@ -6915,13 +6911,9 @@ int ssl_GetSessionStats(unsigned int* active, unsigned int* total, if (missedData) { #ifndef WOLFSSL_SNIFFER_NO_RECOVERY - #ifndef SINGLE_THREADED wc_LockMutex(&RecoveryMutex); - #endif *missedData = MissedDataSessions; - #ifndef SINGLE_THREADED wc_UnLockMutex(&RecoveryMutex); - #endif #endif } @@ -6978,13 +6970,9 @@ int ssl_SetConnectionCtx(void* ctx) * returns 0 on success, -1 on error */ int ssl_ResetStatistics(void) { -#ifndef SINGLE_THREADED wc_LockMutex(&StatsMutex); -#endif XMEMSET(&SnifferStats, 0, sizeof(SSLStats)); -#ifndef SINGLE_THREADED wc_UnLockMutex(&StatsMutex); -#endif return 0; } @@ -7250,15 +7238,16 @@ typedef struct SecretNode { #define WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE HASH_SIZE #endif -static WC_THREADSHARED SecretNode* +static THREAD_LS_T +SecretNode* secretHashTable[WOLFSSL_SNIFFER_KEYLOGFILE_HASH_TABLE_SIZE] = {NULL}; -#ifndef SINGLE_THREADED +#ifndef HAVE_C___ATOMIC static WC_THREADSHARED wolfSSL_Mutex secretListMutex WOLFSSL_MUTEX_INITIALIZER_CLAUSE(secretListMutex); #endif static unsigned int secretHashFunction(unsigned char* clientRandom); -#ifdef SINGLE_THREADED +#ifdef HAVE_C___ATOMIC #define LOCK_SECRET_LIST() WC_DO_NOTHING #define UNLOCK_SECRET_LIST() WC_DO_NOTHING #else From 469c410393d5ed47d222cf4a6aea9d980227d2de Mon Sep 17 00:00:00 2001 From: Daniel Pouzzner Date: Thu, 14 Nov 2024 18:22:42 -0600 Subject: [PATCH 3/3] src/sniffer.c: remove build-time assert on HAVE_THREAD_LS || SINGLE_THREADED, as it breaks existing build tests. fix more later. --- src/sniffer.c | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/sniffer.c b/src/sniffer.c index 231ac0901..a606a6114 100644 --- a/src/sniffer.c +++ b/src/sniffer.c @@ -32,10 +32,6 @@ #include #endif -#if !defined(HAVE_THREAD_LS) && !defined(SINGLE_THREADED) - #error sniffer requires HAVE_THREAD_LS or SINGLE_THREADED. -#endif - /* Build Options: * WOLFSSL_SNIFFER_NO_RECOVERY: Do not track missed data count. */