commit 58a93e8ef288b0bae75ec7186ba96bdcaf85d0d4
author Florin Coras <fcoras@cisco.com> Mon Jan 14 23:33:46 2019 -0800
committer Dave Barach <openvpp@barachs.net> Thu Jan 17 20:31:54 2019 +0000
tree 2345aa718a507bd8bfc1857d705e9614e408be18
parent 72b04288d9a670829050a6ca5d931ae5b55b33ed

tls: preallocate app sessions on connect/accept

Avoid allocating session and possibly reallocating thread session pool
on builtin session rx.

Change-Id: I70e7c604678b44ce8d22603489e247a2c5faa439
Signed-off-by: Florin Coras <fcoras@cisco.com>

src/vnet/tls/tls.c

diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index 34de539..d51d5db 100644
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c
@@ -206,7 +206,7 @@
   app = application_get (app_wrk->app_index);
   lctx = tls_listener_ctx_get (ctx->listener_ctx_index);
 
-  app_session = session_alloc (vlib_get_thread_index ());
+  app_session = session_get (ctx->c_s_index, ctx->c_thread_index);
   app_session->app_wrk_index = ctx->parent_app_index;
   app_session->connection_index = ctx->tls_ctx_handle;
 
@@ -221,7 +221,6 @@
       TLS_DBG (1, "failed to allocate fifos");
       return rv;
     }
-  ctx->c_s_index = app_session->session_index;
   ctx->app_session_handle = session_handle (app_session);
   session_lookup_add_connection (&ctx->connection,
 				 session_handle (app_session));
@@ -251,7 +250,7 @@
     goto failed;
 
   sm = app_worker_get_connect_segment_manager (app_wrk);
-  app_session = session_alloc (vlib_get_thread_index ());
+  app_session = session_get (ctx->c_s_index, ctx->c_thread_index);
   app_session->app_wrk_index = ctx->parent_app_index;
   app_session->connection_index = ctx->tls_ctx_handle;
   app_session->session_type =
@@ -261,7 +260,6 @@
   if (session_alloc_fifos (sm, app_session))
     goto failed;
 
-  ctx->app_session_handle = session_handle (app_session);
   app_session->session_state = SESSION_STATE_CONNECTING;
   if (cb_fn (ctx->parent_app_index, ctx->parent_app_api_context,
 	     app_session, 0 /* not failed */ ))
@@ -271,9 +269,7 @@
       return -1;
     }
 
-  /* parent_app_api_context should not be overwitten before used,
-   * so defer setting c_s_index */
-  ctx->c_s_index = app_session->session_index;
+  ctx->app_session_handle = session_handle (app_session);
   app_session->session_state = SESSION_STATE_READY;
   session_lookup_add_connection (&ctx->connection,
 				 session_handle (app_session));
@@ -405,7 +401,7 @@
 int
 tls_session_accept_callback (stream_session_t * tls_session)
 {
-  stream_session_t *tls_listener;
+  stream_session_t *tls_listener, *app_session;
   tls_ctx_t *lctx, *ctx;
   u32 ctx_handle;
 
@@ -422,6 +418,12 @@
   ctx->tls_session_handle = session_handle (tls_session);
   ctx->listener_ctx_index = tls_listener->opaque;
 
+  /* Preallocate app session. Avoids allocating a session post handshake
+   * on tls_session rx and potentially invalidating the session pool */
+  app_session = session_alloc (ctx->c_thread_index);
+  app_session->session_state = SESSION_STATE_CLOSED;
+  ctx->c_s_index = app_session->session_index;
+
   TLS_DBG (1, "Accept on listener %u new connection [%u]%x",
 	   tls_listener->opaque, vlib_get_thread_index (), ctx_handle);
 
@@ -453,6 +455,7 @@
 tls_session_connected_callback (u32 tls_app_index, u32 ho_ctx_index,
 				stream_session_t * tls_session, u8 is_fail)
 {
+  stream_session_t *app_session;
   tls_ctx_t *ho_ctx, *ctx;
   u32 ctx_handle;
 
@@ -496,6 +499,12 @@
   tls_session->opaque = ctx_handle;
   tls_session->session_state = SESSION_STATE_READY;
 
+  /* Preallocate app session. Avoids allocating a session post handshake
+   * on tls_session rx and potentially invalidating the session pool */
+  app_session = session_alloc (ctx->c_thread_index);
+  app_session->session_state = SESSION_STATE_CLOSED;
+  ctx->c_s_index = app_session->session_index;
+
   return tls_ctx_init_client (ctx);
 }