From 88d8afbb115f18007dcc11f7ebac1b238c3ebd98 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Mon, 25 Sep 2023 12:36:09 +0200 Subject: [PATCH] MC: a couple of additions to 'recover from invalid memory cache size' patch MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Additions to 641e5f73d3bd5b3d32cafd551013d3bfd2a52732 : - handle all invalidations consistently - supply a valid pointer to `sss_mmap_cache_validate_or_reinit()`, not a pointer to a local var Reviewed-by: Pavel Březina Reviewed-by: Sumit Bose --- src/responder/nss/nss_get_object.c | 10 ++--- src/responder/nss/nss_iface.c | 8 ++-- src/responder/nss/nsssrv_mmap_cache.c | 64 ++++++++++++++++++--------- src/responder/nss/nsssrv_mmap_cache.h | 10 ++--- 4 files changed, 56 insertions(+), 36 deletions(-) diff --git a/src/responder/nss/nss_get_object.c b/src/responder/nss/nss_get_object.c index 5d62dd0985..29f9cb59b5 100644 --- a/src/responder/nss/nss_get_object.c +++ b/src/responder/nss/nss_get_object.c @@ -34,13 +34,13 @@ memcache_delete_entry_by_name(struct sss_nss_ctx *nss_ctx, switch (type) { case SSS_MC_PASSWD: - ret = sss_mmap_cache_pw_invalidate(nss_ctx->pwd_mc_ctx, name); + ret = sss_mmap_cache_pw_invalidate(&nss_ctx->pwd_mc_ctx, name); break; case SSS_MC_GROUP: - ret = sss_mmap_cache_gr_invalidate(nss_ctx->grp_mc_ctx, name); + ret = sss_mmap_cache_gr_invalidate(&nss_ctx->grp_mc_ctx, name); break; case SSS_MC_INITGROUPS: - ret = sss_mmap_cache_initgr_invalidate(nss_ctx->initgr_mc_ctx, name); + ret = sss_mmap_cache_initgr_invalidate(&nss_ctx->initgr_mc_ctx, name); break; default: return EINVAL; @@ -66,10 +66,10 @@ memcache_delete_entry_by_id(struct sss_nss_ctx *nss_ctx, switch (type) { case SSS_MC_PASSWD: - ret = sss_mmap_cache_pw_invalidate_uid(nss_ctx->pwd_mc_ctx, (uid_t)id); + ret = sss_mmap_cache_pw_invalidate_uid(&nss_ctx->pwd_mc_ctx, (uid_t)id); break; case SSS_MC_GROUP: - ret = sss_mmap_cache_gr_invalidate_gid(nss_ctx->grp_mc_ctx, (gid_t)id); + ret = sss_mmap_cache_gr_invalidate_gid(&nss_ctx->grp_mc_ctx, (gid_t)id); break; default: return EINVAL; diff --git a/src/responder/nss/nss_iface.c b/src/responder/nss/nss_iface.c index 07e91aa811..db743f8b7e 100644 --- a/src/responder/nss/nss_iface.c +++ b/src/responder/nss/nss_iface.c @@ -78,7 +78,7 @@ sss_nss_update_initgr_memcache(struct sss_nss_ctx *nctx, if (ret == ENOENT || res->count == 0) { /* The user is gone. Invalidate the mc record */ - ret = sss_mmap_cache_pw_invalidate(nctx->pwd_mc_ctx, delete_name); + ret = sss_mmap_cache_pw_invalidate(&nctx->pwd_mc_ctx, delete_name); if (ret != EOK && ret != ENOENT) { DEBUG(SSSDBG_CRIT_FAILURE, "Internal failure in memory cache code: %d [%s]\n", @@ -125,7 +125,7 @@ sss_nss_update_initgr_memcache(struct sss_nss_ctx *nctx, for (i = 0; i < gnum; i++) { id = groups[i]; - ret = sss_mmap_cache_gr_invalidate_gid(nctx->grp_mc_ctx, id); + ret = sss_mmap_cache_gr_invalidate_gid(&nctx->grp_mc_ctx, id); if (ret != EOK && ret != ENOENT) { DEBUG(SSSDBG_CRIT_FAILURE, "Internal failure in memory cache code: %d [%s]\n", @@ -134,7 +134,7 @@ sss_nss_update_initgr_memcache(struct sss_nss_ctx *nctx, } to_sized_string(delete_name, fq_name); - ret = sss_mmap_cache_initgr_invalidate(nctx->initgr_mc_ctx, + ret = sss_mmap_cache_initgr_invalidate(&nctx->initgr_mc_ctx, delete_name); if (ret != EOK && ret != ENOENT) { DEBUG(SSSDBG_CRIT_FAILURE, @@ -208,7 +208,7 @@ sss_nss_memorycache_invalidate_group_by_id(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_TRACE_LIBS, "Invalidating group %u from memory cache\n", gid); - sss_mmap_cache_gr_invalidate_gid(nctx->grp_mc_ctx, gid); + sss_mmap_cache_gr_invalidate_gid(&nctx->grp_mc_ctx, gid); return EOK; } diff --git a/src/responder/nss/nsssrv_mmap_cache.c b/src/responder/nss/nsssrv_mmap_cache.c index 90d12299a4..06f3d7a694 100644 --- a/src/responder/nss/nsssrv_mmap_cache.c +++ b/src/responder/nss/nsssrv_mmap_cache.c @@ -701,16 +701,22 @@ static inline void sss_mmap_chain_in_rec(struct sss_mc_ctx *mcc, * generic invalidation ***************************************************************************/ -static errno_t sss_mmap_cache_invalidate(struct sss_mc_ctx *mcc, +static errno_t sss_mmap_cache_validate_or_reinit(struct sss_mc_ctx **_mcc); + +static errno_t sss_mmap_cache_invalidate(struct sss_mc_ctx **_mcc, const struct sized_string *key) { + struct sss_mc_ctx *mcc; struct sss_mc_rec *rec; + int ret; - if (mcc == NULL) { - /* cache not initialized? */ - return EINVAL; + ret = sss_mmap_cache_validate_or_reinit(_mcc); + if (ret != EOK) { + return ret; } + mcc = *_mcc; + rec = sss_mc_find_record(mcc, key); if (rec == NULL) { /* nothing to invalidate */ @@ -785,7 +791,7 @@ errno_t sss_mmap_cache_pw_store(struct sss_mc_ctx **_mcc, const struct sized_string *homedir, const struct sized_string *shell) { - struct sss_mc_ctx *mcc = *_mcc; + struct sss_mc_ctx *mcc; struct sss_mc_rec *rec; struct sss_mc_pwd_data *data; struct sized_string uidkey; @@ -795,11 +801,13 @@ errno_t sss_mmap_cache_pw_store(struct sss_mc_ctx **_mcc, size_t pos; int ret; - ret = sss_mmap_cache_validate_or_reinit(&mcc); + ret = sss_mmap_cache_validate_or_reinit(_mcc); if (ret != EOK) { return ret; } + mcc = *_mcc; + ret = snprintf(uidstr, 11, "%ld", (long)uid); if (ret > 10) { return EINVAL; @@ -851,14 +859,15 @@ errno_t sss_mmap_cache_pw_store(struct sss_mc_ctx **_mcc, return EOK; } -errno_t sss_mmap_cache_pw_invalidate(struct sss_mc_ctx *mcc, +errno_t sss_mmap_cache_pw_invalidate(struct sss_mc_ctx **_mcc, const struct sized_string *name) { - return sss_mmap_cache_invalidate(mcc, name); + return sss_mmap_cache_invalidate(_mcc, name); } -errno_t sss_mmap_cache_pw_invalidate_uid(struct sss_mc_ctx *mcc, uid_t uid) +errno_t sss_mmap_cache_pw_invalidate_uid(struct sss_mc_ctx **_mcc, uid_t uid) { + struct sss_mc_ctx *mcc; struct sss_mc_rec *rec = NULL; struct sss_mc_pwd_data *data; uint32_t hash; @@ -866,11 +875,13 @@ errno_t sss_mmap_cache_pw_invalidate_uid(struct sss_mc_ctx *mcc, uid_t uid) char *uidstr; errno_t ret; - ret = sss_mmap_cache_validate_or_reinit(&mcc); + ret = sss_mmap_cache_validate_or_reinit(_mcc); if (ret != EOK) { return ret; } + mcc = *_mcc; + uidstr = talloc_asprintf(NULL, "%ld", (long)uid); if (!uidstr) { return ENOMEM; @@ -927,7 +938,7 @@ int sss_mmap_cache_gr_store(struct sss_mc_ctx **_mcc, gid_t gid, size_t memnum, const char *membuf, size_t memsize) { - struct sss_mc_ctx *mcc = *_mcc; + struct sss_mc_ctx *mcc; struct sss_mc_rec *rec; struct sss_mc_grp_data *data; struct sized_string gidkey; @@ -937,11 +948,13 @@ int sss_mmap_cache_gr_store(struct sss_mc_ctx **_mcc, size_t pos; int ret; - ret = sss_mmap_cache_validate_or_reinit(&mcc); + ret = sss_mmap_cache_validate_or_reinit(_mcc); if (ret != EOK) { return ret; } + mcc = *_mcc; + ret = snprintf(gidstr, 11, "%ld", (long)gid); if (ret > 10) { return EINVAL; @@ -989,14 +1002,15 @@ int sss_mmap_cache_gr_store(struct sss_mc_ctx **_mcc, return EOK; } -errno_t sss_mmap_cache_gr_invalidate(struct sss_mc_ctx *mcc, +errno_t sss_mmap_cache_gr_invalidate(struct sss_mc_ctx **_mcc, const struct sized_string *name) { - return sss_mmap_cache_invalidate(mcc, name); + return sss_mmap_cache_invalidate(_mcc, name); } -errno_t sss_mmap_cache_gr_invalidate_gid(struct sss_mc_ctx *mcc, gid_t gid) +errno_t sss_mmap_cache_gr_invalidate_gid(struct sss_mc_ctx **_mcc, gid_t gid) { + struct sss_mc_ctx *mcc; struct sss_mc_rec *rec = NULL; struct sss_mc_grp_data *data; uint32_t hash; @@ -1004,11 +1018,13 @@ errno_t sss_mmap_cache_gr_invalidate_gid(struct sss_mc_ctx *mcc, gid_t gid) char *gidstr; errno_t ret; - ret = sss_mmap_cache_validate_or_reinit(&mcc); + ret = sss_mmap_cache_validate_or_reinit(_mcc); if (ret != EOK) { return ret; } + mcc = *_mcc; + gidstr = talloc_asprintf(NULL, "%ld", (long)gid); if (!gidstr) { return ENOMEM; @@ -1061,7 +1077,7 @@ errno_t sss_mmap_cache_initgr_store(struct sss_mc_ctx **_mcc, uint32_t num_groups, const uint8_t *gids_buf) { - struct sss_mc_ctx *mcc = *_mcc; + struct sss_mc_ctx *mcc; struct sss_mc_rec *rec; struct sss_mc_initgr_data *data; size_t data_len; @@ -1069,11 +1085,13 @@ errno_t sss_mmap_cache_initgr_store(struct sss_mc_ctx **_mcc, size_t pos; int ret; - ret = sss_mmap_cache_validate_or_reinit(&mcc); + ret = sss_mmap_cache_validate_or_reinit(_mcc); if (ret != EOK) { return ret; } + mcc = *_mcc; + /* array of gids + name + unique_name */ data_len = num_groups * sizeof(uint32_t) + name->len + unique_name->len; rec_len = sizeof(struct sss_mc_rec) + sizeof(struct sss_mc_initgr_data) @@ -1119,10 +1137,10 @@ errno_t sss_mmap_cache_initgr_store(struct sss_mc_ctx **_mcc, return EOK; } -errno_t sss_mmap_cache_initgr_invalidate(struct sss_mc_ctx *mcc, +errno_t sss_mmap_cache_initgr_invalidate(struct sss_mc_ctx **_mcc, const struct sized_string *name) { - return sss_mmap_cache_invalidate(mcc, name); + return sss_mmap_cache_invalidate(_mcc, name); } errno_t sss_mmap_cache_sid_store(struct sss_mc_ctx **_mcc, @@ -1131,18 +1149,20 @@ errno_t sss_mmap_cache_sid_store(struct sss_mc_ctx **_mcc, uint32_t type, bool explicit_lookup) { - struct sss_mc_ctx *mcc = *_mcc; + struct sss_mc_ctx *mcc; struct sss_mc_rec *rec; struct sss_mc_sid_data *data; char idkey[16]; size_t rec_len; int ret; - ret = sss_mmap_cache_validate_or_reinit(&mcc); + ret = sss_mmap_cache_validate_or_reinit(_mcc); if (ret != EOK) { return ret; } + mcc = *_mcc; + ret = snprintf(idkey, sizeof(idkey), "%d-%ld", (type == SSS_ID_TYPE_GID) ? SSS_ID_TYPE_GID : SSS_ID_TYPE_UID, (long)id); diff --git a/src/responder/nss/nsssrv_mmap_cache.h b/src/responder/nss/nsssrv_mmap_cache.h index 686b8e1b21..28ee5adb64 100644 --- a/src/responder/nss/nsssrv_mmap_cache.h +++ b/src/responder/nss/nsssrv_mmap_cache.h @@ -63,17 +63,17 @@ errno_t sss_mmap_cache_sid_store(struct sss_mc_ctx **_mcc, uint32_t type, /* enum sss_id_type*/ bool explicit_lookup); /* false ~ by_id(), true ~ by_uid/gid() */ -errno_t sss_mmap_cache_pw_invalidate(struct sss_mc_ctx *mcc, +errno_t sss_mmap_cache_pw_invalidate(struct sss_mc_ctx **_mcc, const struct sized_string *name); -errno_t sss_mmap_cache_pw_invalidate_uid(struct sss_mc_ctx *mcc, uid_t uid); +errno_t sss_mmap_cache_pw_invalidate_uid(struct sss_mc_ctx **_mcc, uid_t uid); -errno_t sss_mmap_cache_gr_invalidate(struct sss_mc_ctx *mcc, +errno_t sss_mmap_cache_gr_invalidate(struct sss_mc_ctx **_mcc, const struct sized_string *name); -errno_t sss_mmap_cache_gr_invalidate_gid(struct sss_mc_ctx *mcc, gid_t gid); +errno_t sss_mmap_cache_gr_invalidate_gid(struct sss_mc_ctx **_mcc, gid_t gid); -errno_t sss_mmap_cache_initgr_invalidate(struct sss_mc_ctx *mcc, +errno_t sss_mmap_cache_initgr_invalidate(struct sss_mc_ctx **_mcc, const struct sized_string *name); errno_t sss_mmap_cache_reinit(TALLOC_CTX *mem_ctx,