Fix race condition in tls half open ctx get/put Change-Id: I603094215162bfe7d41bbff1b9fe8ab974aa3fab Signed-off-by: Ping Yu <ping.yu@intel.com>

commit: e6446a3cd5f4b4faab87127c1a310e3c7fbf0e60 [log] [tgz]
author: Ping Yu <ping.yu@intel.com> Tue Aug 28 18:56:27 2018 -0400
committer: Florin Coras <florin.coras@gmail.com> Wed Aug 29 17:34:14 2018 +0000
tree: 884c6bb97a5c3124d8b98a6373cfc775d90e4484
parent: 77eb9073b178e8d4375bf0ef274246586f018ddc [diff] [blame]
diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index b576c00..4fb0dfb 100644
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c

@@ -94,16 +94,17 @@
     {
       clib_rwlock_writer_lock (&tm->half_open_rwlock);
       pool_get (tm->half_open_ctx_pool, ctx);
-      memset (ctx, 0, sizeof (*ctx));
-      ctx_index = ctx - tm->half_open_ctx_pool;
       clib_rwlock_writer_unlock (&tm->half_open_rwlock);
     }
   else
     {
+      /* reader lock assumption: only main thread will call pool_get */
+      clib_rwlock_reader_lock (&tm->half_open_rwlock);
       pool_get (tm->half_open_ctx_pool, ctx);
-      memset (ctx, 0, sizeof (*ctx));
-      ctx_index = ctx - tm->half_open_ctx_pool;
+      clib_rwlock_reader_unlock (&tm->half_open_rwlock);
     }
+  memset (ctx, 0, sizeof (*ctx));
+  ctx_index = ctx - tm->half_open_ctx_pool;
   return ctx_index;
 }
commit	e6446a3cd5f4b4faab87127c1a310e3c7fbf0e60	[log] [tgz]
author	Ping Yu <ping.yu@intel.com>	Tue Aug 28 18:56:27 2018 -0400
committer	Florin Coras <florin.coras@gmail.com>	Wed Aug 29 17:34:14 2018 +0000
tree	884c6bb97a5c3124d8b98a6373cfc775d90e4484
parent	77eb9073b178e8d4375bf0ef274246586f018ddc [diff] [blame]