Solaris and mlock()

Gerald (Jerry) Carter jerry at samba.org
Wed Feb 21 21:27:56 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gerald (Jerry) Carter wrote:
> Jeremy & Guenther,
> 
> Looks like this is still an issue.  Have either of you
> tested the mlock() usage on non-Linux platforms? (e.g.
> Solaris).  Doesn't the memory need to page aligned or
> something?
> 
>  failed to mlock memory: Invalid argument (22)
>  Failed to store memory creds: NT_STATUS_INVALID_HANDLE
>  Plain-text authentication for user AD\smitty returned
>    NT_STATUS_INVALID_HANDLE (PAM: 4)
> 
> Also, why is this showing up at all with the krb5 tkt
> refresh and offline support disabled in the smb.conf
> file?

How about this patch?


cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFF3LlcIR7qMdg1EfYRAlNCAJkBT0AZuuVoizTpdajESrMFybJQVgCgzpM2
fg1rbEbBFNVO+msQytcfgkA=
=+VGa
-----END PGP SIGNATURE-----
-------------- next part --------------
Index: nsswitch/winbindd_cred_cache.c
===================================================================
--- nsswitch/winbindd_cred_cache.c	(revision 13384)
+++ nsswitch/winbindd_cred_cache.c	(working copy)
@@ -471,6 +471,8 @@
 #if !defined(HAVE_MLOCK)
 	return NT_STATUS_OK;
 #else
+	int psize = getpagesize();
+
 	/* new_entry->nt_hash is the base pointer for the block
 	   of memory pointed into by new_entry->lm_hash and
 	   new_entry->pass (if we're storing plaintext). */
@@ -480,24 +482,31 @@
 		memcredp->len += strlen(pass)+1;
 	}
 
-	memcredp->nt_hash = (unsigned char *)TALLOC_ZERO(memcredp, memcredp->len);
-	if (!memcredp->nt_hash) {
+	/* On non-linux platforms, mlock()'d memory must be aligned on
+	   a page boundary so allocate a bit more so we can offset
+	   enough */
+
+	memcredp->len += psize;
+
+	memcredp->buffer = (unsigned char *)TALLOC_ZERO(memcredp, memcredp->len);
+	if (!memcredp->buffer) {
 		return NT_STATUS_NO_MEMORY;
 	}
 
+	/* point the nt_hash at the page boundary in the buffer */
+	memcredp->nt_hash = memcredp->buffer + 
+		(psize - ((uint32)memcredp->buffer % psize));
+
 	memcredp->lm_hash = memcredp->nt_hash + NT_HASH_LEN;
 #ifdef DEBUG_PASSWORD
 	DEBUG(10,("mlocking memory: %p\n", memcredp->nt_hash));
 #endif		
 
-#if 0   /* FIXME! Disabled until I get the page size alignement
-	   working on Solaris */
-	if ((mlock(memcredp->nt_hash, memcredp->len)) == -1) {
+	if ((mlock(memcredp->nt_hash, memcredp->len - psize)) == -1) {
 		DEBUG(0,("failed to mlock memory: %s (%d)\n", 
 			strerror(errno), errno));
 		return map_nt_error_from_unix(errno);
 	}
-#endif
 
 #ifdef DEBUG_PASSWORD
 	DEBUG(10,("mlocked memory: %p\n", memcredp->nt_hash));
@@ -525,15 +534,16 @@
 #if !defined(HAVE_MUNLOCK)
 	return NT_STATUS_OK;
 #else
-#if 0   /* FIXME! */
-	if (munlock(memcredp->nt_hash, memcredp->len) == -1) {
+	int psize = getpagesize();	
+
+	if (munlock(memcredp->nt_hash, memcredp->len - psize) == -1) {
 		DEBUG(0,("failed to munlock memory: %s (%d)\n", 
 			strerror(errno), errno));
 		return map_nt_error_from_unix(errno);
 	}
-#endif
 	memset(memcredp->nt_hash, '\0', memcredp->len);
-	TALLOC_FREE(memcredp->nt_hash);
+	TALLOC_FREE(memcredp->buffer);
+	memcredp->nt_hash = NULL;
 	memcredp->lm_hash = NULL;
 	memcredp->pass = NULL;
 	memcredp->len = 0;
Index: nsswitch/winbindd_nss.h
===================================================================
--- nsswitch/winbindd_nss.h	(revision 13384)
+++ nsswitch/winbindd_nss.h	(working copy)
@@ -469,6 +469,8 @@
 	uid_t uid;
 	int ref_count;
 	size_t len;
+	unsigned char *buffer;  /* buffer block containing the
+				   following 3 */
 	unsigned char *nt_hash; /* Base pointer for the following 2 */
 	unsigned char *lm_hash;
 	char *pass;


More information about the samba-technical mailing list