suricata
output-packet.c
Go to the documentation of this file.
1 /* Copyright (C) 2007-2024 Open Information Security Foundation
2  *
3  * You can copy, redistribute or modify this Program under the terms of
4  * the GNU General Public License version 2 as published by the Free
5  * Software Foundation.
6  *
7  * This program is distributed in the hope that it will be useful,
8  * but WITHOUT ANY WARRANTY; without even the implied warranty of
9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10  * GNU General Public License for more details.
11  *
12  * You should have received a copy of the GNU General Public License
13  * version 2 along with this program; if not, write to the Free Software
14  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15  * 02110-1301, USA.
16  */
17 
18 /**
19  * \file
20  *
21  * \author Victor Julien <victor@inliniac.net>
22  *
23  * Packet Logger Output registration functions
24  */
25 
26 #include "suricata-common.h"
27 #include "output.h"
28 #include "output-packet.h"
29 #include "util-profiling.h"
30 #include "util-validate.h"
31 
32 /** per thread data for this module, contains a list of per thread
33  * data for the packet loggers. */
34 typedef struct OutputPacketLoggerThreadData_ {
35  OutputLoggerThreadStore *store;
36 } OutputPacketLoggerThreadData;
37 
38 /* logger instance, a module + a output ctx,
39  * it's perfectly valid that have multiple instances of the same
40  * log module (e.g. fast.log) with different output ctx'. */
41 typedef struct OutputPacketLogger_ {
42  PacketLogger LogFunc;
43  PacketLogCondition ConditionFunc;
44  /** Data that will be passed to the ThreadInit callback. */
45  void *initdata;
46  struct OutputPacketLogger_ *next;
47  const char *name;
48  LoggerId logger_id;
49  ThreadInitFunc ThreadInit;
50  ThreadDeinitFunc ThreadDeinit;
51 } OutputPacketLogger;
52 
53 static OutputPacketLogger *list = NULL;
54 
55 int SCOutputRegisterPacketLogger(LoggerId logger_id, const char *name, PacketLogger LogFunc,
56  PacketLogCondition ConditionFunc, void *initdata, ThreadInitFunc ThreadInit,
57  ThreadDeinitFunc ThreadDeinit)
58 {
59  OutputPacketLogger *op = SCCalloc(1, sizeof(*op));
60  if (op == NULL)
61  return -1;
62 
63  op->LogFunc = LogFunc;
64  op->ConditionFunc = ConditionFunc;
65  op->initdata = initdata;
66  op->name = name;
67  op->ThreadInit = ThreadInit;
68  op->ThreadDeinit = ThreadDeinit;
69  op->logger_id = logger_id;
70 
71  if (list == NULL)
72  list = op;
73  else {
74  OutputPacketLogger *t = list;
75  while (t->next)
76  t = t->next;
77  t->next = op;
78  }
79 
80  SCLogDebug("OutputRegisterPacketLogger happy");
81  return 0;
82 }
83 
84 static TmEcode OutputPacketLog(ThreadVars *tv, Packet *p, void *thread_data)
85 {
86  DEBUG_VALIDATE_BUG_ON(thread_data == NULL);
87 
88  if (list == NULL) {
89  /* No child loggers. */
90  return TM_ECODE_OK;
91  }
92 
93  OutputPacketLoggerThreadData *op_thread_data = (OutputPacketLoggerThreadData *)thread_data;
94  OutputPacketLogger *logger = list;
95  OutputLoggerThreadStore *store = op_thread_data->store;
96 
97  DEBUG_VALIDATE_BUG_ON(store == NULL);
98 
99  while (logger && store) {
100  DEBUG_VALIDATE_BUG_ON(logger->LogFunc == NULL || logger->ConditionFunc == NULL);
101 
102  if (logger->ConditionFunc(tv, store->thread_data, (const Packet *)p)) {
103  PACKET_PROFILING_LOGGER_START(p, logger->logger_id);
104  logger->LogFunc(tv, store->thread_data, (const Packet *)p);
105  PACKET_PROFILING_LOGGER_END(p, logger->logger_id);
106  }
107 
108  logger = logger->next;
109  store = store->next;
110 
111  DEBUG_VALIDATE_BUG_ON(logger == NULL && store != NULL);
112  DEBUG_VALIDATE_BUG_ON(logger != NULL && store == NULL);
113  }
114 
115  return TM_ECODE_OK;
116 }
117 
118 /** \brief thread init for the packet logger
119  * This will run the thread init functions for the individual registered
120  * loggers */
121 static TmEcode OutputPacketLogThreadInit(ThreadVars *tv, const void *initdata, void **data)
122 {
123  OutputPacketLoggerThreadData *td = SCCalloc(1, sizeof(*td));
124  if (td == NULL)
125  return TM_ECODE_FAILED;
126 
127  *data = (void *)td;
128 
129  SCLogDebug("OutputPacketLogThreadInit happy (*data %p)", *data);
130 
131  OutputPacketLogger *logger = list;
132  while (logger) {
133  if (logger->ThreadInit) {
134  void *retptr = NULL;
135  if (logger->ThreadInit(tv, (void *)logger->initdata, &retptr) == TM_ECODE_OK) {
136  OutputLoggerThreadStore *ts = SCCalloc(1, sizeof(*ts));
137  /* todo */ BUG_ON(ts == NULL);
138 
139  /* store thread handle */
140  ts->thread_data = retptr;
141 
142  if (td->store == NULL) {
143  td->store = ts;
144  } else {
145  OutputLoggerThreadStore *tmp = td->store;
146  while (tmp->next != NULL)
147  tmp = tmp->next;
148  tmp->next = ts;
149  }
150 
151  SCLogDebug("%s is now set up", logger->name);
152  }
153  }
154 
155  logger = logger->next;
156  }
157 
158  return TM_ECODE_OK;
159 }
160 
161 static TmEcode OutputPacketLogThreadDeinit(ThreadVars *tv, void *thread_data)
162 {
163  OutputPacketLoggerThreadData *op_thread_data = (OutputPacketLoggerThreadData *)thread_data;
164  OutputLoggerThreadStore *store = op_thread_data->store;
165  OutputPacketLogger *logger = list;
166 
167  while (logger && store) {
168  if (logger->ThreadDeinit) {
169  logger->ThreadDeinit(tv, store->thread_data);
170  }
171 
172  OutputLoggerThreadStore *next_store = store->next;
173  SCFree(store);
174  store = next_store;
175 
176  logger = logger->next;
177  }
178 
179  SCFree(op_thread_data);
180  return TM_ECODE_OK;
181 }
182 
183 static uint32_t OutputPacketLoggerGetActiveCount(void)
184 {
185  uint32_t cnt = 0;
186  for (OutputPacketLogger *p = list; p != NULL; p = p->next) {
187  cnt++;
188  }
189  return cnt;
190 }
191 
192 void OutputPacketLoggerRegister(void)
193 {
194  OutputRegisterRootLogger(OutputPacketLogThreadInit, OutputPacketLogThreadDeinit,
195  OutputPacketLog, OutputPacketLoggerGetActiveCount);
196 }
197 
198 void OutputPacketShutdown(void)
199 {
200  OutputPacketLogger *logger = list;
201  while (logger) {
202  OutputPacketLogger *next_logger = logger->next;
203  SCFree(logger);
204  logger = next_logger;
205  }
206 
207  /* reset list pointer */
208  list = NULL;
209 }
OutputPacketLoggerThreadData_
Definition: output-packet.c:34
OutputPacketLogger_::ThreadDeinit
ThreadDeinitFunc ThreadDeinit
Definition: output-packet.c:50
OutputPacketLogger_::next
struct OutputPacketLogger_ * next
Definition: output-packet.c:46
ts
uint64_t ts
Definition: source-erf-file.c:55
OutputLoggerThreadStore_
Definition: output.h:33
OutputRegisterRootLogger
void OutputRegisterRootLogger(ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit, OutputLogFunc LogFunc, OutputGetActiveCountFunc ActiveCntFunc)
Definition: output.c:855
SCLogDebug
#define SCLogDebug(...)
Definition: util-debug.h:282
name
const char * name
Definition: detect-engine-proto.c:48
LoggerId
LoggerId
Definition: suricata-common.h:485
OutputLoggerThreadStore_::next
struct OutputLoggerThreadStore_ * next
Definition: output.h:35
output-packet.h
PacketLogger
int(* PacketLogger)(ThreadVars *, void *thread_data, const Packet *)
Packet logger function pointer type.
Definition: output-packet.h:35
TM_ECODE_FAILED
@ TM_ECODE_FAILED
Definition: tm-threads-common.h:82
TM_ECODE_OK
@ TM_ECODE_OK
Definition: tm-threads-common.h:81
OutputLoggerThreadStore_::thread_data
void * thread_data
Definition: output.h:34
OutputPacketLogger_::initdata
void * initdata
Definition: output-packet.c:45
OutputPacketShutdown
void OutputPacketShutdown(void)
Definition: output-packet.c:198
ThreadVars_
Per thread variable structure.
Definition: threadvars.h:58
ThreadInitFunc
TmEcode(* ThreadInitFunc)(ThreadVars *, const void *, void **)
Definition: tm-modules.h:43
BUG_ON
#define BUG_ON(x)
Definition: suricata-common.h:325
OutputPacketLogger_::ConditionFunc
PacketLogCondition ConditionFunc
Definition: output-packet.c:43
util-profiling.h
Packet_
Definition: decode.h:514
OutputPacketLoggerRegister
void OutputPacketLoggerRegister(void)
Definition: output-packet.c:192
OutputPacketLogger_::name
const char * name
Definition: output-packet.c:47
OutputPacketLoggerThreadData_::store
OutputLoggerThreadStore * store
Definition: output-packet.c:35
TmEcode
TmEcode
Definition: tm-threads-common.h:80
SCOutputRegisterPacketLogger
int SCOutputRegisterPacketLogger(LoggerId logger_id, const char *name, PacketLogger LogFunc, PacketLogCondition ConditionFunc, void *initdata, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
Register a packet logger.
Definition: output-packet.c:55
PACKET_PROFILING_LOGGER_END
#define PACKET_PROFILING_LOGGER_END(p, id)
Definition: util-profiling.h:240
cnt
uint32_t cnt
Definition: tmqh-packetpool.h:7
suricata-common.h
OutputPacketLogger
struct OutputPacketLogger_ OutputPacketLogger
tv
ThreadVars * tv
Definition: fuzz_decodepcapfile.c:33
PacketLogCondition
bool(* PacketLogCondition)(ThreadVars *, void *thread_data, const Packet *)
Packet logger condition function point type.
Definition: output-packet.h:43
util-validate.h
Packet_::next
struct Packet_ * next
Definition: decode.h:646
SCFree
#define SCFree(p)
Definition: util-mem.h:61
PACKET_PROFILING_LOGGER_START
#define PACKET_PROFILING_LOGGER_START(p, id)
Definition: util-profiling.h:233
OutputPacketLogger_
Definition: output-packet.c:41
OutputPacketLoggerThreadData
struct OutputPacketLoggerThreadData_ OutputPacketLoggerThreadData
OutputPacketLogger_::ThreadInit
ThreadInitFunc ThreadInit
Definition: output-packet.c:49
SCCalloc
#define SCCalloc(nm, sz)
Definition: util-mem.h:53
OutputPacketLogger_::LogFunc
PacketLogger LogFunc
Definition: output-packet.c:42
DEBUG_VALIDATE_BUG_ON
#define DEBUG_VALIDATE_BUG_ON(exp)
Definition: util-validate.h:109
output.h
ThreadDeinitFunc
TmEcode(* ThreadDeinitFunc)(ThreadVars *, void *)
Definition: tm-modules.h:44
OutputPacketLogger_::logger_id
LoggerId logger_id
Definition: output-packet.c:48