commit e0c4e6e32d9cd4b1b2c9647cd12a2e6214986e07
author Steven Luong <sluong@cisco.com> Tue Oct 22 10:44:07 2024 -0700
committer Florin Coras <florin.coras@gmail.com> Wed Nov 06 18:13:01 2024 +0000
tree 3b521af4895eddf2ed7ca0dcae165c2abf60cd7d
parent afd05739d68fe7708153687e1aa177fee4411c5f

session: session table holding free appns index

session table may be shared among multiple appns's.
  app ns add id blue secret 1 if tap0
  app ns add id red secret 1 if tap0

session table holds the last added app_ns's appns_index.
If the last app_ns is deleted, session table is not free
since there is still an appns which uses the same session
table. In that case, session table is holding the free
app_ns's appns_index and it can cause problem.

The fix is to modify appns_index in session table to hold
a vector of appns_index's instead of just the appns_index
that was last added. When the app ns is deleted, remove the
deleted appns_index from the session table's vector of
appns_index's.

Type: fix

Change-Id: Ied8bc97f185071dc89b9b56656e18efbd2995131
Signed-off-by: Steven Luong <sluong@cisco.com>

src/vnet/session/session_sdl.c

diff --git a/src/vnet/session/session_sdl.c b/src/vnet/session/session_sdl.c
index 2fd63d1..f1dfac4 100644
--- a/src/vnet/session/session_sdl.c
+++ b/src/vnet/session/session_sdl.c
@@ -244,13 +244,17 @@
   session_sdl_block_t *sdlb;
   u8 all = fib_proto > FIB_PROTOCOL_IP6 ? 1 : 0;
   char name[80];
-  app_namespace_t *app_ns = app_namespace_get (st->appns_index);
+  u32 appns_index;
+  app_namespace_t *app_ns;
   session_rules_table_group_t *srtg;
 
   /* Don't support local table */
   if (st->is_local == 1)
     return;
 
+  appns_index =
+    *vec_elt_at_index (st->appns_index, vec_len (st->appns_index) - 1);
+  app_ns = app_namespace_get (appns_index);
   srtg = srtg_instance_alloc (st, 0);
   srt = srtg->session_rules;
   sdlb = &srt->sdl_block;