fixed race conditions setting log level and monitor methods

gustavo-iniguez-goya · Jun 14, 2020 · b03bbf0 · b03bbf0
1 parent edfbfbd
commit b03bbf0
Show file tree

Hide file tree

Showing 6 changed files with 46 additions and 22 deletions.
diff --git a/daemon/log/log.go b/daemon/log/log.go
@@ -47,7 +47,7 @@ var (
 	DateFormat = "2006-01-02 15:04:05"
 	MinLevel   = INFO
 
-	mutex  = &sync.Mutex{}
+	mutex  = &sync.RWMutex{}
 	labels = map[int]string{
 		DEBUG:     "DBG",
 		INFO:      "INF",
@@ -103,11 +103,16 @@ func Raw(format string, args ...interface{}) {
 	fmt.Fprintf(Output, format, args...)
 }
 
+func SetLogLevel(newLevel int) {
+	mutex.RLock()
+	defer mutex.RUnlock()
+	MinLevel = newLevel
+}
+
 func Log(level int, format string, args ...interface{}) {
+	mutex.Lock()
+	defer mutex.Unlock()
 	if level >= MinLevel {
-		mutex.Lock()
-		defer mutex.Unlock()
-
 		label := labels[level]
 		color := colors[level]
 		when := time.Now().UTC().Format(DateFormat)

diff --git a/daemon/main.go b/daemon/main.go
@@ -73,15 +73,15 @@ func init() {
 func setupLogging() {
 	golog.SetOutput(ioutil.Discard)
 	if debug {
-		log.MinLevel = log.DEBUG
+		log.SetLogLevel(log.DEBUG)
 	} else if warning {
-		log.MinLevel = log.WARNING
+		log.SetLogLevel(log.WARNING)
 	} else if important {
-		log.MinLevel = log.IMPORTANT
+		log.SetLogLevel(log.IMPORTANT)
 	} else if errorlog {
-		log.MinLevel = log.ERROR
+		log.SetLogLevel(log.ERROR)
 	} else {
-		log.MinLevel = log.INFO
+		log.SetLogLevel(log.INFO)
 	}
 
 	if logFile != "" {
@@ -312,7 +312,7 @@ func main() {
 	// overwrite monitor method from configuration if the user has passed
 	// the option via command line.
 	if procmonMethod != "" {
-		procmon.MonitorMethod = procmonMethod
+		procmon.SetMonitorMethod(procmonMethod)
 	}
 	procmon.Init()
 

diff --git a/daemon/procmon/parse.go b/daemon/procmon/parse.go
@@ -62,12 +62,12 @@ func GetPIDFromINode(inode int, inodeKey string) int {
 		return cachedPid
 	}
 
-	if MonitorMethod == MethodAudit {
+	if monitorMethod == MethodAudit {
 		if aPid, pos := getPIDFromAuditEvents(inode, inodeKey, expect); aPid != -1 {
 			log.Debug("PID found via audit events", time.Since(start), "position", pos)
 			return aPid
 		}
-	} else if MonitorMethod == MethodFtrace && IsWatcherAvailable() {
+	} else if monitorMethod == MethodFtrace && IsWatcherAvailable() {
 		forEachProcess(func(pid int, path string, args []string) bool {
 			if inodeFound("/proc/", expect, inodeKey, inode, pid) {
 				found = pid
@@ -77,7 +77,7 @@ func GetPIDFromINode(inode int, inodeKey string) int {
 			return false
 		})
 	}
-	if found == -1 || MonitorMethod == MethodProc {
+	if found == -1 || monitorMethod == MethodProc {
 		found = lookupPidInProc("/proc/", expect, inodeKey, inode)
 	}
 	log.Debug("new pid lookup took", found, time.Since(start))
@@ -136,7 +136,7 @@ func FindProcess(pid int, interceptUnknown bool) *Process {
 	if interceptUnknown && pid < 0 {
 		return NewProcess(0, "")
 	}
-	if MonitorMethod == MethodAudit {
+	if monitorMethod == MethodAudit {
 		if aevent := audit.GetEventByPid(pid); aevent != nil {
 			audit.Lock.RLock()
 			proc := NewProcess(pid, aevent.ProcPath)

diff --git a/daemon/procmon/process.go b/daemon/procmon/process.go
@@ -7,6 +7,7 @@ import (
 	"github.com/gustavo-iniguez-goya/opensnitch/daemon/procmon/audit"
 )
 
+// Process holds the information of a process.
 type Process struct {
 	ID   int
 	Path string
@@ -15,6 +16,7 @@ type Process struct {
 	CWD  string
 }
 
+// NewProcess returns a new Process structure.
 func NewProcess(pid int, path string) *Process {
 	return &Process{
 		ID:   pid,
@@ -24,31 +26,48 @@ func NewProcess(pid int, path string) *Process {
 	}
 }
 
+// Reload stops the current monitor method and starts it again.
 func Reload() {
 	End()
 	time.Sleep(1 * time.Second)
 	Init()
 }
 
+// SetMonitorMethod configures a new method for parsing connections.
+func SetMonitorMethod(newMonitorMethod string) {
+	lock.Lock()
+	defer lock.Unlock()
+
+	monitorMethod = newMonitorMethod
+}
+
+// End stops the way of parsing new connections.
 func End() {
-	if MonitorMethod == MethodAudit {
+	lock.Lock()
+	defer lock.Unlock()
+
+	if monitorMethod == MethodAudit {
 		audit.Stop()
-	} else if MonitorMethod == MethodFtrace {
+	} else if monitorMethod == MethodFtrace {
 		go Stop()
 	}
 }
 
+// Init starts parsing connections using the method specified.
 func Init() {
-	if MonitorMethod == MethodFtrace {
+	lock.Lock()
+	defer lock.Unlock()
+
+	if monitorMethod == MethodFtrace {
 		if err := Start(); err == nil {
 			return
 		}
-	} else if MonitorMethod == MethodAudit {
+	} else if monitorMethod == MethodAudit {
 		if c, err := audit.Start(); err == nil {
 			go audit.Reader(c, (chan<- audit.Event)(audit.EventChan))
 			return
 		}
 	}
 	log.Info("Process monitor parsing /proc")
-	MonitorMethod = MethodProc
+	monitorMethod = MethodProc
 }
diff --git a/daemon/procmon/watcher.go b/daemon/procmon/watcher.go
@@ -33,7 +33,7 @@ var (
 
 	watcher       = ftrace.NewProbe(probeName, syscallName, subEvents)
 	isAvailable   = false
-	MonitorMethod = MethodProc
+	monitorMethod = MethodProc
 
 	index = make(map[int]*procData)
 	lock  = sync.RWMutex{}

diff --git a/daemon/ui/config.go b/daemon/ui/config.go
@@ -48,10 +48,10 @@ func (c *Client) loadConfiguration(rawConfig []byte) bool {
 		clientErrorRule.Duration = rule.Duration(config.DefaultDuration)
 	}
 	if config.LogLevel != nil {
-		log.MinLevel = int(*config.LogLevel)
+		log.SetLogLevel(int(*config.LogLevel))
 	}
 	if config.ProcMonitorMethod != "" {
-		procmon.MonitorMethod = config.ProcMonitorMethod
+		procmon.SetMonitorMethod(config.ProcMonitorMethod)
 	}
 
 	return true