suricata
output-flow.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2022 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Victor Julien <victor@inliniac.net>
22  *
23  * Flow Logger Output registration functions
24  */
25 
26 #include "suricata-common.h"
27 #include "tm-modules.h"
28 #include "output.h"
29 #include "output-flow.h"
30 #include "util-profiling.h"
31 #include "util-validate.h"
32 
33 /** per thread data for this module, contains a list of per thread
34  * data for the packet loggers. */
35 typedef struct OutputFlowLoggerThreadData_ {
36  OutputLoggerThreadStore *store;
37 } OutputFlowLoggerThreadData;
38 
39 /* logger instance, a module + a output ctx,
40  * it's perfectly valid that have multiple instances of the same
41  * log module (e.g. http.log) with different output ctx'. */
42 typedef struct OutputFlowLogger_ {
43  FlowLogger LogFunc;
44  OutputCtx *output_ctx;
45  struct OutputFlowLogger_ *next;
46  const char *name;
47  TmEcode (*ThreadInit)(ThreadVars *, const void *, void **);
48  TmEcode (*ThreadDeinit)(ThreadVars *, void *);
49  void (*ThreadExitPrintStats)(ThreadVars *, void *);
50 } OutputFlowLogger;
51 
52 static OutputFlowLogger *list = NULL;
53 
54 int OutputRegisterFlowLogger(const char *name, FlowLogger LogFunc,
55  OutputCtx *output_ctx, ThreadInitFunc ThreadInit,
56  ThreadDeinitFunc ThreadDeinit,
57  ThreadExitPrintStatsFunc ThreadExitPrintStats)
58 {
59  OutputFlowLogger *op = SCMalloc(sizeof(*op));
60  if (op == NULL)
61  return -1;
62  memset(op, 0x00, sizeof(*op));
63 
64  op->LogFunc = LogFunc;
65  op->output_ctx = output_ctx;
66  op->name = name;
67  op->ThreadInit = ThreadInit;
68  op->ThreadDeinit = ThreadDeinit;
69  op->ThreadExitPrintStats = ThreadExitPrintStats;
70 
71  if (list == NULL)
72  list = op;
73  else {
74  OutputFlowLogger *t = list;
75  while (t->next)
76  t = t->next;
77  t->next = op;
78  }
79 
80  SCLogDebug("OutputRegisterFlowLogger happy");
81  return 0;
82 }
83 
84 /** \brief Run flow logger(s)
85  * \note flow is already write locked
86  */
87 TmEcode OutputFlowLog(ThreadVars *tv, void *thread_data, Flow *f)
88 {
89  DEBUG_VALIDATE_BUG_ON(thread_data == NULL);
90 
91  if (list == NULL)
92  return TM_ECODE_OK;
93 
94  FlowSetEndFlags(f);
95 
96  OutputFlowLoggerThreadData *op_thread_data = (OutputFlowLoggerThreadData *)thread_data;
97  OutputFlowLogger *logger = list;
98  OutputLoggerThreadStore *store = op_thread_data->store;
99 
100  DEBUG_VALIDATE_BUG_ON(logger == NULL && store != NULL);
101  DEBUG_VALIDATE_BUG_ON(logger != NULL && store == NULL);
102  DEBUG_VALIDATE_BUG_ON(logger == NULL && store == NULL);
103 
104  while (logger && store) {
105  DEBUG_VALIDATE_BUG_ON(logger->LogFunc == NULL);
106 
107  SCLogDebug("logger %p", logger);
108  //PACKET_PROFILING_LOGGER_START(p, logger->module_id);
109  logger->LogFunc(tv, store->thread_data, f);
110  //PACKET_PROFILING_LOGGER_END(p, logger->module_id);
111 
112  logger = logger->next;
113  store = store->next;
114 
115  DEBUG_VALIDATE_BUG_ON(logger == NULL && store != NULL);
116  DEBUG_VALIDATE_BUG_ON(logger != NULL && store == NULL);
117  }
118 
119  return TM_ECODE_OK;
120 }
121 
122 /** \brief thread init for the flow logger
123  * This will run the thread init functions for the individual registered
124  * loggers */
125 TmEcode OutputFlowLogThreadInit(ThreadVars *tv, void *initdata, void **data)
126 {
127  OutputFlowLoggerThreadData *td = SCMalloc(sizeof(*td));
128  if (td == NULL)
129  return TM_ECODE_FAILED;
130  memset(td, 0x00, sizeof(*td));
131 
132  *data = (void *)td;
133 
134  SCLogDebug("OutputFlowLogThreadInit happy (*data %p)", *data);
135 
136  OutputFlowLogger *logger = list;
137  while (logger) {
138  if (logger->ThreadInit) {
139  void *retptr = NULL;
140  if (logger->ThreadInit(tv, (void *)logger->output_ctx, &retptr) == TM_ECODE_OK) {
141  OutputLoggerThreadStore *ts = SCMalloc(sizeof(*ts));
142 /* todo */ BUG_ON(ts == NULL);
143  memset(ts, 0x00, sizeof(*ts));
144 
145  /* store thread handle */
146  ts->thread_data = retptr;
147 
148  if (td->store == NULL) {
149  td->store = ts;
150  } else {
151  OutputLoggerThreadStore *tmp = td->store;
152  while (tmp->next != NULL)
153  tmp = tmp->next;
154  tmp->next = ts;
155  }
156 
157  SCLogDebug("%s is now set up", logger->name);
158  }
159  }
160 
161  logger = logger->next;
162  }
163 
164  return TM_ECODE_OK;
165 }
166 
167 TmEcode OutputFlowLogThreadDeinit(ThreadVars *tv, void *thread_data)
168 {
169  OutputFlowLoggerThreadData *op_thread_data = (OutputFlowLoggerThreadData *)thread_data;
170  if (op_thread_data == NULL)
171  return TM_ECODE_OK;
172 
173  OutputLoggerThreadStore *store = op_thread_data->store;
174  OutputFlowLogger *logger = list;
175 
176  while (logger && store) {
177  if (logger->ThreadDeinit) {
178  logger->ThreadDeinit(tv, store->thread_data);
179  }
180 
181  OutputLoggerThreadStore *next_store = store->next;
182  SCFree(store);
183  store = next_store;
184  logger = logger->next;
185  }
186 
187  SCFree(op_thread_data);
188  return TM_ECODE_OK;
189 }
190 
191 void OutputFlowLogExitPrintStats(ThreadVars *tv, void *thread_data)
192 {
193  OutputFlowLoggerThreadData *op_thread_data = (OutputFlowLoggerThreadData *)thread_data;
194  OutputLoggerThreadStore *store = op_thread_data->store;
195  OutputFlowLogger *logger = list;
196 
197  while (logger && store) {
198  if (logger->ThreadExitPrintStats) {
199  logger->ThreadExitPrintStats(tv, store->thread_data);
200  }
201 
202  logger = logger->next;
203  store = store->next;
204  }
205 }
206 
207 void OutputFlowShutdown(void)
208 {
209  OutputFlowLogger *logger = list;
210  while (logger) {
211  OutputFlowLogger *next_logger = logger->next;
212  SCFree(logger);
213  logger = next_logger;
214  }
215  list = NULL;
216 }
OutputFlowLog
TmEcode OutputFlowLog(ThreadVars *tv, void *thread_data, Flow *f)
Run flow logger(s)
Definition: output-flow.c:87
ts
uint64_t ts
Definition: source-erf-file.c:54
OutputLoggerThreadStore_
Definition: output-stats.c:31
OutputLoggerThreadStore_::next
struct OutputLoggerThreadStore_ * next
Definition: output-stats.c:33
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:298
OutputFlowLogger_
Definition: output-flow.c:42
Flow_
Flow data structure.
Definition: flow.h:353
tm-modules.h
FlowLogger
int(* FlowLogger)(ThreadVars *, void *thread_data, Flow *f)
Definition: output-flow.h:32
OutputFlowLoggerThreadData
struct OutputFlowLoggerThreadData_ OutputFlowLoggerThreadData
OutputFlowLogger_::next
struct OutputFlowLogger_ * next
Definition: output-flow.c:45
TM_ECODE_FAILED
@ TM_ECODE_FAILED
Definition: tm-threads-common.h:83
OutputFlowLogger
struct OutputFlowLogger_ OutputFlowLogger
TM_ECODE_OK
@ TM_ECODE_OK
Definition: tm-threads-common.h:82
OutputFlowLogger_::ThreadExitPrintStats
void(* ThreadExitPrintStats)(ThreadVars *, void *)
Definition: output-flow.c:49
OutputLoggerThreadStore_::thread_data
void * thread_data
Definition: output-stats.c:32
OutputCtx_
Definition: tm-modules.h:78
OutputRegisterFlowLogger
int OutputRegisterFlowLogger(const char *name, FlowLogger LogFunc, OutputCtx *output_ctx, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit, ThreadExitPrintStatsFunc ThreadExitPrintStats)
Definition: output-flow.c:54
OutputFlowLogThreadInit
TmEcode OutputFlowLogThreadInit(ThreadVars *tv, void *initdata, void **data)
thread init for the flow logger This will run the thread init functions for the individual registered...
Definition: output-flow.c:125
OutputFlowLogger_::output_ctx
OutputCtx * output_ctx
Definition: output-flow.c:44
ThreadVars_
Per thread variable structure.
Definition: threadvars.h:58
ThreadInitFunc
TmEcode(* ThreadInitFunc)(ThreadVars *, const void *, void **)
Definition: tm-modules.h:39
BUG_ON
#define BUG_ON(x)
Definition: suricata-common.h:281
util-profiling.h
OutputFlowLogger_::ThreadInit
TmEcode(* ThreadInit)(ThreadVars *, const void *, void **)
Definition: output-flow.c:47
TmEcode
TmEcode
Definition: tm-threads-common.h:81
output-flow.h
OutputFlowLoggerThreadData_::store
OutputLoggerThreadStore * store
Definition: output-flow.c:36
OutputFlowLogger_::name
const char * name
Definition: output-flow.c:46
OutputFlowLogger_::LogFunc
FlowLogger LogFunc
Definition: output-flow.c:43
suricata-common.h
ThreadExitPrintStatsFunc
void(* ThreadExitPrintStatsFunc)(ThreadVars *, void *)
Definition: tm-modules.h:41
tv
ThreadVars * tv
Definition: fuzz_decodepcapfile.c:29
util-validate.h
SCMalloc
#define SCMalloc(sz)
Definition: util-mem.h:47
OutputFlowLogExitPrintStats
void OutputFlowLogExitPrintStats(ThreadVars *tv, void *thread_data)
Definition: output-flow.c:191
OutputFlowLogThreadDeinit
TmEcode OutputFlowLogThreadDeinit(ThreadVars *tv, void *thread_data)
Definition: output-flow.c:167
OutputFlowLoggerThreadData_
Definition: output-flow.c:35
SCFree
#define SCFree(p)
Definition: util-mem.h:61
OutputFlowShutdown
void OutputFlowShutdown(void)
Definition: output-flow.c:207
DEBUG_VALIDATE_BUG_ON
#define DEBUG_VALIDATE_BUG_ON(exp)
Definition: util-validate.h:111
output.h
OutputFlowLogger_::ThreadDeinit
TmEcode(* ThreadDeinit)(ThreadVars *, void *)
Definition: output-flow.c:48
ThreadDeinitFunc
TmEcode(* ThreadDeinitFunc)(ThreadVars *, void *)
Definition: tm-modules.h:40