From 90d7b5bdeba5e00cdaa61e05e2ab5c6e6609cd69 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?N=C3=A1ndor=20Istv=C3=A1n=20Kr=C3=A1cser?= Date: Wed, 8 May 2024 10:24:05 +0200 Subject: [PATCH] fix proxywasm leaks --- include/proxywasm.h | 4 ++-- src/device_driver.c | 4 +++- src/main.c | 6 +++--- src/proxywasm.c | 42 ++++++++++++++++++++++++++++++++++++++++++ src/socket.c | 1 + src/wasm.c | 1 + 6 files changed, 52 insertions(+), 6 deletions(-) diff --git a/include/proxywasm.h b/include/proxywasm.h index 965b5bb8..07283089 100644 --- a/include/proxywasm.h +++ b/include/proxywasm.h @@ -86,7 +86,9 @@ proxywasm *proxywasm_for_vm(wasm_vm *vm); proxywasm *this_cpu_proxywasm(void); void proxywasm_lock(proxywasm *p, proxywasm_context *c); void proxywasm_unlock(proxywasm *p); +proxywasm_context *proxywasm_get_context(proxywasm *p); void proxywasm_set_context(proxywasm *p, proxywasm_context *context); +void free_proxywasms(void); wasm_vm_result init_proxywasm_for(wasm_vm *vm, wasm_vm_module *module); @@ -100,8 +102,6 @@ wasm_vm_result proxy_on_upstream_connection_close(proxywasm *p, PeerType peer_ty wasm_vm_result proxywasm_create_context(proxywasm *p, buffer_t *upstream_buffer, buffer_t *downstream_buffer); wasm_vm_result proxywasm_destroy_context(proxywasm *p); -proxywasm_context *proxywasm_get_context(proxywasm *p); - // set_property_v is convenience funtion for setting a property on a context, with simple C string paths, // use the '.' as delimiter, those will be replaced to a '0' delimiter void set_property_v(proxywasm_context *p, const char *key, const void *value, const int value_len); diff --git a/src/device_driver.c b/src/device_driver.c index aa7aafc6..c9288f31 100644 --- a/src/device_driver.c +++ b/src/device_driver.c @@ -210,7 +210,9 @@ wasm_vm_result load_module(const char *name, const char *code, unsigned length, } } - result = wasm_vm_compile_module(module); + // since for proxywasm we don't expose a lot of host functions required for compilation + if (strstr(name, PROXY_WASM) == NULL) + result = wasm_vm_compile_module(module); wasm_vm_unlock(vm); wasm_vm_dump_symbols(vm); diff --git a/src/main.c b/src/main.c index f88f05ac..11b29588 100644 --- a/src/main.c +++ b/src/main.c @@ -43,8 +43,9 @@ MODULE_PARM_DESC(ktls_available, "Marks if kTLS is available on the system"); typedef struct camblet_init_status { bool wasm; - bool wasm_opa; bool wasm_csr; + bool wasm_opa; + bool wasm_proxywasm; bool chardev; bool socket; bool sd_table; @@ -136,6 +137,7 @@ static int __init camblet_init(void) goto out; } } + __camblet_init_status.wasm_proxywasm = true; result = load_module("csr_module", csr_wasm, csr_wasm_len, NULL); if (result.err) @@ -144,7 +146,6 @@ static int __init camblet_init(void) ret = -1; goto out; } - __camblet_init_status.wasm_csr = true; result = load_module("socket_opa", socket_wasm, socket_wasm_len, NULL); @@ -154,7 +155,6 @@ static int __init camblet_init(void) ret = -1; goto out; } - __camblet_init_status.wasm_opa = true; out: diff --git a/src/proxywasm.c b/src/proxywasm.c index b101fb31..227035f2 100644 --- a/src/proxywasm.c +++ b/src/proxywasm.c @@ -178,6 +178,33 @@ proxywasm_context *proxywasm_get_context(proxywasm *p) return p->current_context; } +void free_proxywasm(proxywasm *p) +{ + if (p != NULL) + { + proxywasm_filter *f; + for (f = p->filters; f != NULL; f = f->next) + { + kfree(f); + } + free_proxywasm_context(p->root_context); + kfree(p); + } +} + +void free_proxywasms(void) +{ + int i; + for (i = 0; i < NR_CPUS; i++) + { + if (proxywasms[i] != NULL) + { + free_proxywasm(proxywasms[i]); + proxywasms[i] = NULL; + } + } +} + m3ApiRawFunction(proxy_log) { m3ApiReturnType(i32); @@ -345,6 +372,20 @@ m3ApiRawFunction(proxy_set_buffer_bytes) m3ApiReturn(set_buffer_bytes(filter->proxywasm->current_context, buffer_type, start, size, buffer_data, buffer_size)); } +m3ApiRawFunction(proxy_get_current_time_nanoseconds) +{ + m3ApiReturnType(i32); + m3ApiGetArgMem(i64 *, result); + + struct timespec64 ts; + ktime_get_real_ts64(&ts); + + i64 current_time = ts.tv_sec * 1000000000 + ts.tv_nsec; + memcpy(result, ¤t_time, sizeof(i64)); + + m3ApiReturn(WasmResult_Ok); +} + static wasm_vm_result link_proxywasm_hostfunctions(proxywasm_filter *filter, wasm_vm_module *module) { M3Result result = m3Err_none; @@ -357,6 +398,7 @@ static wasm_vm_result link_proxywasm_hostfunctions(proxywasm_filter *filter, was _(SuppressLookupFailure(m3_LinkRawFunctionEx(module, env, "proxy_set_property", "i(*i*i)", proxy_set_property, filter))); _(SuppressLookupFailure(m3_LinkRawFunctionEx(module, env, "proxy_get_buffer_bytes", "i(iii**)", proxy_get_buffer_bytes, filter))); _(SuppressLookupFailure(m3_LinkRawFunctionEx(module, env, "proxy_set_buffer_bytes", "i(iii**)", proxy_set_buffer_bytes, filter))); + _(SuppressLookupFailure(m3_LinkRawFunctionEx(module, env, "proxy_get_current_time_nanoseconds", "i(i)", proxy_get_current_time_nanoseconds, filter))); _catch: return (wasm_vm_result){.err = result}; diff --git a/src/socket.c b/src/socket.c index 66309bc1..7f4b0cb2 100644 --- a/src/socket.c +++ b/src/socket.c @@ -2325,6 +2325,7 @@ void socket_exit(void) free_augmentation_cache(); free_cert_cache(); + free_proxywasms(); pr_info("socket support unloaded"); } diff --git a/src/wasm.c b/src/wasm.c index 87b759bb..615e09a0 100644 --- a/src/wasm.c +++ b/src/wasm.c @@ -497,6 +497,7 @@ wasm_vm_result wasm_vm_compile_module(wasm_vm_module *module) M3Result result = m3_CompileModule(module); if (result) { + pr_err("wasm_vm_compile_module: %s", wasm_vm_last_error(module)); return (wasm_vm_result){.err = result}; } return wasm_vm_ok;