Fix race condition in tls half open ctx get/put

[vpp.git] / src / vnet / tls / tls.c

diff --git a/src/vnet/tls/tls.c b/src/vnet/tls/tls.c
index b576c00..4fb0dfb 100644 (file)
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c
@@ -94,16 +94,17 @@ tls_ctx_half_open_alloc (void)
     {
       clib_rwlock_writer_lock (&tm->half_open_rwlock);
       pool_get (tm->half_open_ctx_pool, ctx);
-      memset (ctx, 0, sizeof (*ctx));
-      ctx_index = ctx - tm->half_open_ctx_pool;
       clib_rwlock_writer_unlock (&tm->half_open_rwlock);
     }
   else
     {
+      /* reader lock assumption: only main thread will call pool_get */
+      clib_rwlock_reader_lock (&tm->half_open_rwlock);
       pool_get (tm->half_open_ctx_pool, ctx);
-      memset (ctx, 0, sizeof (*ctx));
-      ctx_index = ctx - tm->half_open_ctx_pool;
+      clib_rwlock_reader_unlock (&tm->half_open_rwlock);
     }
+  memset (ctx, 0, sizeof (*ctx));
+  ctx_index = ctx - tm->half_open_ctx_pool;
   return ctx_index;
 }