From cf6353327a4bb3f5e9b5916f214d86dba8a581a2 Mon Sep 17 00:00:00 2001
From: Matthias Radestock <matthias.radestock@gmail.com>
Date: Mon, 10 Jul 2017 15:54:34 +0100
Subject: [PATCH] eliminate race in ebpf initialization

We were enabling event processing before feeding in the initial
connections, which results in a non-deterministic outcome.
---
 probe/endpoint/ebpf.go | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/probe/endpoint/ebpf.go b/probe/endpoint/ebpf.go
index f69d48df1..9e9765f2a 100644
--- a/probe/endpoint/ebpf.go
+++ b/probe/endpoint/ebpf.go
@@ -246,15 +246,19 @@ func (t *EbpfTracker) walkConnections(f func(ebpfConnection)) {
 }
 
 func (t *EbpfTracker) feedInitialConnections(conns procspy.ConnIter, seenTuples map[string]fourTuple, processesWaitingInAccept []int, hostNodeID string) {
-	t.readyToHandleConnections = true
+	t.Lock()
 	for conn := conns.Next(); conn != nil; conn = conns.Next() {
 		tuple, namespaceID, incoming := connectionTuple(conn, seenTuples)
-		if incoming {
-			t.handleConnection(tracer.EventAccept, tuple, int(conn.Proc.PID), namespaceID)
-		} else {
-			t.handleConnection(tracer.EventConnect, tuple, int(conn.Proc.PID), namespaceID)
+		t.openConnections[tuple] = ebpfConnection{
+			incoming:         incoming,
+			tuple:            tuple,
+			pid:              int(conn.Proc.PID),
+			networkNamespace: namespaceID,
 		}
 	}
+	t.readyToHandleConnections = true
+	t.Unlock()
+
 	for _, p := range processesWaitingInAccept {
 		t.tracer.AddFdInstallWatcher(uint32(p))
 		log.Debugf("EbpfTracker: install fd-install watcher: pid=%d", p)