diff --git a/network/clean.go b/network/clean.go index ec51b611..3b1bbac9 100644 --- a/network/clean.go +++ b/network/clean.go @@ -41,8 +41,14 @@ func cleanConnections() (activePIDs map[int]struct{}) { now := time.Now().Unix() deleteOlderThan := time.Now().Add(-deleteConnsAfterEndedThreshold).Unix() - // network connections + // lock both together because we cannot fully guarantee in which map a connection lands + // of course every connection should land in the correct map, but this increases resilience connsLock.Lock() + defer connsLock.Unlock() + dnsConnsLock.Lock() + defer dnsConnsLock.Unlock() + + // network connections for key, conn := range conns { conn.Lock() @@ -67,10 +73,8 @@ func cleanConnections() (activePIDs map[int]struct{}) { conn.Unlock() } - connsLock.Unlock() // dns requests - dnsConnsLock.Lock() for _, conn := range dnsConns { conn.Lock() @@ -82,7 +86,6 @@ func cleanConnections() (activePIDs map[int]struct{}) { conn.Unlock() } - dnsConnsLock.Unlock() return nil }) diff --git a/network/database.go b/network/database.go index 073dcbc0..ee42a5b1 100644 --- a/network/database.go +++ b/network/database.go @@ -77,9 +77,11 @@ func (s *StorageInterface) processQuery(q *query.Query, it *iterator.Iterator) { if slashes <= 1 { // processes for _, proc := range process.All() { + proc.Lock() if q.Matches(proc) { it.Next <- proc } + proc.Unlock() } } @@ -87,9 +89,11 @@ func (s *StorageInterface) processQuery(q *query.Query, it *iterator.Iterator) { // dns scopes only dnsConnsLock.RLock() for _, dnsConn := range dnsConns { + dnsConn.Lock() if q.Matches(dnsConn) { it.Next <- dnsConn } + dnsConn.Unlock() } dnsConnsLock.RUnlock() } @@ -98,9 +102,11 @@ func (s *StorageInterface) processQuery(q *query.Query, it *iterator.Iterator) { // connections connsLock.RLock() for _, conn := range conns { + conn.Lock() if q.Matches(conn) { it.Next <- conn } + conn.Unlock() } connsLock.RUnlock() }