diff options
| author | Jakub Jelinek <jakub@redhat.com> | 2007-07-12 18:26:36 +0000 |
|---|---|---|
| committer | Jakub Jelinek <jakub@redhat.com> | 2007-07-12 18:26:36 +0000 |
| commit | 0ecb606cb6cf65de1d9fc8a919bceb4be476c602 (patch) | |
| tree | 2ea1f8305970753e4a657acb2ccc15ca3eec8e2c /nscd | |
| parent | 7d58530341304d403a6626d7f7a1913165fe2f32 (diff) | |
| download | glibc-0ecb606cb6cf65de1d9fc8a919bceb4be476c602.tar.xz glibc-0ecb606cb6cf65de1d9fc8a919bceb4be476c602.zip | |
2.5-18.1
Diffstat (limited to 'nscd')
| -rw-r--r-- | nscd/Makefile | 45 | ||||
| -rw-r--r-- | nscd/aicache.c | 60 | ||||
| -rw-r--r-- | nscd/cache.c | 97 | ||||
| -rw-r--r-- | nscd/connections.c | 587 | ||||
| -rw-r--r-- | nscd/dbg_log.c | 24 | ||||
| -rw-r--r-- | nscd/gai.c | 21 | ||||
| -rw-r--r-- | nscd/getgrgid_r.c | 22 | ||||
| -rw-r--r-- | nscd/getgrnam_r.c | 22 | ||||
| -rw-r--r-- | nscd/gethstbyad_r.c | 22 | ||||
| -rw-r--r-- | nscd/gethstbynm2_r.c | 22 | ||||
| -rw-r--r-- | nscd/getpwnam_r.c | 22 | ||||
| -rw-r--r-- | nscd/getpwuid_r.c | 22 | ||||
| -rw-r--r-- | nscd/grpcache.c | 80 | ||||
| -rw-r--r-- | nscd/hstcache.c | 58 | ||||
| -rw-r--r-- | nscd/initgrcache.c | 63 | ||||
| -rw-r--r-- | nscd/mem.c | 52 | ||||
| -rw-r--r-- | nscd/nscd-client.h | 26 | ||||
| -rw-r--r-- | nscd/nscd.c | 102 | ||||
| -rw-r--r-- | nscd/nscd.conf | 11 | ||||
| -rw-r--r-- | nscd/nscd.h | 34 | ||||
| -rw-r--r-- | nscd/nscd.init | 43 | ||||
| -rw-r--r-- | nscd/nscd_conf.c | 194 | ||||
| -rw-r--r-- | nscd/nscd_getai.c | 83 | ||||
| -rw-r--r-- | nscd/nscd_getgr_r.c | 114 | ||||
| -rw-r--r-- | nscd/nscd_gethst_r.c | 159 | ||||
| -rw-r--r-- | nscd/nscd_getpw_r.c | 74 | ||||
| -rw-r--r-- | nscd/nscd_helper.c | 253 | ||||
| -rw-r--r-- | nscd/nscd_initgroups.c | 77 | ||||
| -rw-r--r-- | nscd/nscd_nischeck.c | 96 | ||||
| -rw-r--r-- | nscd/nscd_setup_thread.c | 26 | ||||
| -rw-r--r-- | nscd/nscd_stat.c | 26 | ||||
| -rw-r--r-- | nscd/pwdcache.c | 77 | ||||
| -rw-r--r-- | nscd/selinux.c | 154 | ||||
| -rw-r--r-- | nscd/selinux.h | 12 |
34 files changed, 1873 insertions, 907 deletions
diff --git a/nscd/Makefile b/nscd/Makefile index 70a35198c2..9c98018217 100644 --- a/nscd/Makefile +++ b/nscd/Makefile @@ -1,4 +1,5 @@ -# Copyright (C) 1998, 2000, 2002, 2003, 2004 Free Software Foundation, Inc. +# Copyright (C) 1998,2000,2002,2003,2004,2005,2006 +# Free Software Foundation, Inc. # This file is part of the GNU C Library. # The GNU C Library is free software; you can redistribute it and/or @@ -36,13 +37,12 @@ nscd-modules := nscd connections pwdcache getpwnam_r getpwuid_r grpcache \ ifeq ($(have-thread-library),yes) -others := nscd_nischeck ifneq (yesyes,$(have-fpie)$(build-shared)) others += nscd endif -install-sbin := nscd nscd_nischeck +install-sbin := nscd -extra-objs := $(nscd-modules:=.o) nscd_nischeck.o +extra-objs := $(nscd-modules:=.o) endif @@ -51,15 +51,32 @@ otherlibs += $(nssobjdir)/libnss_files.a $(resolvobjdir)/libnss_dns.a \ $(resolvobjdir)/libresolv.a endif +all-nscd-modules := $(nscd-modules) selinux ifeq (yes,$(have-selinux)) +ifeq (yes,$(have-libaudit)) +libaudit = -laudit +ifeq (yes,$(have-libcap)) +libcap = -lcap +endif +endif + nscd-modules += selinux -selinux-LIBS := -lselinux +selinux-LIBS := -lselinux $(libaudit) $(libcap) + +# The configure.in check for libselinux and its headers did not use +# $SYSINCLUDES. The directory specified by --with-headers usually +# contains only the basic kernel interface headers, not something like +# libselinux. So the simplest thing is to presume that the standard +# system headers will be ok for this file. +$(objpfx)nscd_stat.o: sysincludes = # nothing +$(objpfx)selinux.o: sysincludes = # nothing endif +LDLIBS-nscd = $(selinux-LIBS) + distribute := nscd.h nscd-client.h dbg_log.h \ - $(addsuffix .c, $(filter-out xmalloc, $(nscd-modules))) \ - nscd_nischeck.c nscd.conf nscd.init nscd_proto.h \ - nscd-types.h + $(addsuffix .c, $(filter-out xmalloc,$(all-nscd-modules))) \ + nscd.conf nscd.init nscd_proto.h nscd-types.h include ../Rules @@ -69,10 +86,13 @@ CFLAGS-nscd_gethst_r.c = -fexceptions CFLAGS-nscd_getai.c = -fexceptions CFLAGS-nscd_initgroups.c = -fexceptions -nscd-cflags = -DIS_IN_nscd=1 +nscd-cflags = -DIS_IN_nscd=1 -D_FORTIFY_SOURCE=2 ifeq (yesyes,$(have-fpie)$(build-shared)) nscd-cflags += -fpie endif +ifeq (yes,$(have-ssp)) +nscd-cflags += -fstack-protector +endif CFLAGS-nscd.c += $(nscd-cflags) CFLAGS-connections.c += $(nscd-cflags) @@ -104,13 +124,13 @@ relro-LDFLAGS += -Wl,-z,now endif $(objpfx)nscd: $(addprefix $(objpfx),$(nscd-modules:=.o)) - $(LINK.o) -pie -Wl,-O1 \ + $(LINK.o) -pie -Wl,-O1 $(nscd-cflags) \ $(sysdep-LDFLAGS) $(config-LDFLAGS) $(relro-LDFLAGS) \ $(extra-B-$(@F:lib%.so=%).so) -B$(csu-objpfx) \ $(extra-B-$(@F:lib%.so=%).so) $(load-map-file) \ $(LDFLAGS) $(LDFLAGS-$(@F)) \ -L$(subst :, -L,$(rpath-link)) -Wl,-rpath-link=$(rpath-link) \ - -o $@ $^ $(selinux-LIBS) $(common-objpfx)libc_nonshared.a + -o $@ $^ $(LDLIBS-nscd) $(common-objpfx)libc_nonshared.a endif # This makes sure -DNOT_IN_libc is passed for all these modules. @@ -119,14 +139,11 @@ lib := nonlib include $(patsubst %,$(..)cppflags-iterator.mk,$(cpp-srcs-left)) $(objpfx)nscd: $(nscd-modules:%=$(objpfx)%.o) -$(objpfx)nscd_nischeck: $(objpfx)nscd_nischeck.o ifeq ($(build-shared),yes) $(objpfx)nscd: $(common-objpfx)rt/librt.so $(shared-thread-library) \ $(common-objpfx)nis/libnsl.so -$(objpfx)nscd_nischeck: $(common-objpfx)nis/libnsl.so else $(objpfx)nscd: $(common-objpfx)rt/librt.a $(static-thread-library) \ $(common-objpfx)nis/libnsl.a -$(objpfx)nscd_nischeck: $(common-objpfx)nis/libnsl.a endif diff --git a/nscd/aicache.c b/nscd/aicache.c index 4e0496ff44..4640b4df94 100644 --- a/nscd/aicache.c +++ b/nscd/aicache.c @@ -1,22 +1,20 @@ /* Cache handling for host lookup. - Copyright (C) 2004 Free Software Foundation, Inc. + Copyright (C) 2004, 2005, 2006 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@redhat.com>, 2004. - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License version 2 as + published by the Free Software Foundation. - The GNU C Library is distributed in the hope that it will be useful, + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library; if not, write to the Free - Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA - 02111-1307 USA. */ + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation, + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ #include <assert.h> #include <errno.h> @@ -26,8 +24,12 @@ #include <time.h> #include <unistd.h> #include <sys/mman.h> -#include <dbg_log.h> -#include <nscd.h> + +#include "dbg_log.h" +#include "nscd.h" +#ifdef HAVE_SENDFILE +# include <kernel-features.h> +#endif typedef enum nss_status (*nss_gethostbyname3_r) @@ -310,7 +312,7 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req, *family++ = th[j].h_addrtype; } - char *cp = family; + void *cp = family; if (canon != NULL) cp = mempcpy (cp, canon, canonlen); @@ -365,7 +367,31 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req, wait. */ assert (fd != -1); - TEMP_FAILURE_RETRY (write (fd, &dataset->resp, total)); +#ifdef HAVE_SENDFILE + if (__builtin_expect (db->mmap_used, 1) && !alloca_used) + { + assert (db->wr_fd != -1); + assert ((char *) &dataset->resp > (char *) db->data); + assert ((char *) &dataset->resp - (char *) db->head + + total + <= (sizeof (struct database_pers_head) + + db->head->module * sizeof (ref_t) + + db->head->data_size)); + ssize_t written; + written = sendfileall (fd, db->wr_fd, + (char *) &dataset->resp + - (char *) db->head, total); +# ifndef __ASSUME_SENDFILE + if (written == -1 && errno == ENOSYS) + goto use_write; +# endif + } + else +# ifndef __ASSUME_SENDFILE + use_write: +# endif +#endif + writeall (fd, &dataset->resp, total); } goto out; @@ -399,7 +425,7 @@ addhstaiX (struct database_dyn *db, int fd, request_header *req, total = sizeof (notfound); if (fd != -1) - TEMP_FAILURE_RETRY (write (fd, ¬found, total)); + TEMP_FAILURE_RETRY (send (fd, ¬found, total, MSG_NOSIGNAL)); dataset = mempool_alloc (db, sizeof (struct dataset) + req->key_len); /* If we cannot permanently store the result, so be it. */ diff --git a/nscd/cache.c b/nscd/cache.c index efac4b3bcc..be9be2aa4f 100644 --- a/nscd/cache.c +++ b/nscd/cache.c @@ -1,26 +1,25 @@ -/* Copyright (c) 1998, 1999, 2003, 2004 Free Software Foundation, Inc. +/* Copyright (c) 1998, 1999, 2003-2005, 2006 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998. - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License version 2 as + published by the Free Software Foundation. - The GNU C Library is distributed in the hope that it will be useful, + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library; if not, write to the Free - Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA - 02111-1307 USA. */ + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation, + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ #include <assert.h> #include <atomic.h> #include <errno.h> #include <error.h> +#include <inttypes.h> #include <limits.h> #include <stdlib.h> #include <string.h> @@ -169,6 +168,12 @@ cache_add (int type, const void *key, size_t len, struct datahead *packet, if (nentries > table->head->maxnentries) table->head->maxnentries = nentries; + if (table->persistent) + // XXX async OK? + msync ((void *) table->head, + (char *) &table->head->array[hash] - (char *) table->head + + sizeof (ref_t), MS_ASYNC); + return 0; } @@ -185,21 +190,42 @@ cache_add (int type, const void *key, size_t len, struct datahead *packet, free the data structures since some hash table entries share the same data. */ void -prune_cache (struct database_dyn *table, time_t now) +prune_cache (struct database_dyn *table, time_t now, int fd) { size_t cnt = table->head->module; /* If this table is not actually used don't do anything. */ if (cnt == 0) - return; + { + if (fd != -1) + { + /* Reply to the INVALIDATE initiator. */ + int32_t resp = 0; + writeall (fd, &resp, sizeof (resp)); + } + return; + } + + /* This function can be called from the cleanup thread but also in + response to an invalidate command. Make sure only one thread is + running. When not serving INVALIDATE request, no need for the + second to wait around. */ + if (fd == -1) + { + if (pthread_mutex_trylock (&table->prunelock) != 0) + /* The work is already being done. */ + return; + } + else + pthread_mutex_lock (&table->prunelock); /* If we check for the modification of the underlying file we invalidate the entries also in this case. */ if (table->check_file) { - struct stat st; + struct stat64 st; - if (stat (table->filename, &st) < 0) + if (stat64 (table->filename, &st) < 0) { char buf[128]; /* We cannot stat() the file, disable file checking if the @@ -232,6 +258,10 @@ prune_cache (struct database_dyn *table, time_t now) char *const data = table->data; bool any = false; + if (__builtin_expect (debug_level > 2, 0)) + dbg_log (_("pruning %s cache; time %ld"), + dbnames[table - dbs], (long int) now); + do { ref_t run = table->head->array[--cnt]; @@ -241,6 +271,25 @@ prune_cache (struct database_dyn *table, time_t now) struct hashentry *runp = (struct hashentry *) (data + run); struct datahead *dh = (struct datahead *) (data + runp->packet); + /* Some debug support. */ + if (__builtin_expect (debug_level > 2, 0)) + { + char buf[INET6_ADDRSTRLEN]; + const char *str; + + if (runp->type == GETHOSTBYADDR || runp->type == GETHOSTBYADDRv6) + { + inet_ntop (runp->type == GETHOSTBYADDR ? AF_INET : AF_INET6, + data + runp->key, buf, sizeof (buf)); + str = buf; + } + else + str = data + runp->key; + + dbg_log (_("considering %s entry \"%s\", timeout %" PRIu64), + serv2str[runp->type], str, dh->timeout); + } + /* Check whether the entry timed out. */ if (dh->timeout < now) { @@ -339,6 +388,14 @@ prune_cache (struct database_dyn *table, time_t now) } while (cnt > 0); + if (fd != -1) + { + /* Reply to the INVALIDATE initiator that the cache has been + invalidated. */ + int32_t resp = 0; + writeall (fd, &resp, sizeof (resp)); + } + if (first <= last) { struct hashentry *head = NULL; @@ -395,7 +452,7 @@ prune_cache (struct database_dyn *table, time_t now) /* Make sure the data is saved to disk. */ if (table->persistent) msync (table->head, - table->data + table->head->first_free - (char *) table->head, + data + table->head->first_free - (char *) table->head, MS_ASYNC); /* One extra pass if we do debugging. */ @@ -411,11 +468,11 @@ prune_cache (struct database_dyn *table, time_t now) if (runp->type == GETHOSTBYADDR || runp->type == GETHOSTBYADDRv6) { inet_ntop (runp->type == GETHOSTBYADDR ? AF_INET : AF_INET6, - table->data + runp->key, buf, sizeof (buf)); + data + runp->key, buf, sizeof (buf)); str = buf; } else - str = table->data + runp->key; + str = data + runp->key; dbg_log ("remove %s entry \"%s\"", serv2str[runp->type], str); @@ -427,4 +484,6 @@ prune_cache (struct database_dyn *table, time_t now) /* Run garbage collection if any entry has been removed or replaced. */ if (any) gc (table); + + pthread_mutex_unlock (&table->prunelock); } diff --git a/nscd/connections.c b/nscd/connections.c index f22d72e265..8f11421431 100644 --- a/nscd/connections.c +++ b/nscd/connections.c @@ -1,22 +1,20 @@ /* Inner loops of cache daemon. - Copyright (C) 1998-2003, 2004 Free Software Foundation, Inc. + Copyright (C) 1998-2003, 2004, 2005, 2006 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998. - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License version 2 as + published by the Free Software Foundation. - The GNU C Library is distributed in the hope that it will be useful, + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library; if not, write to the Free - Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA - 02111-1307 USA. */ + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software Foundation, + Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ #include <alloca.h> #include <assert.h> @@ -39,6 +37,9 @@ #include <sys/mman.h> #include <sys/param.h> |