[PATCH] Fix a tdb glitch
vl at samba.org
vl at samba.org
Mon Apr 10 06:12:56 UTC 2017
Hi!
Attached find fix for a small locking bug in tdb.
Review appreciated!
Thanks, Volker
-------------- next part --------------
From e614f312f1a020ab3bc515799974b0ce6f7a04ab Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Mon, 7 Nov 2016 21:38:58 +0100
Subject: [PATCH 1/3] tdb: Fix some signed/unsigned hickups
Signed-off-by: Volker Lendecke <vl at samba.org>
---
lib/tdb/common/lock.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/lib/tdb/common/lock.c b/lib/tdb/common/lock.c
index 195dbb5..594c287 100644
--- a/lib/tdb/common/lock.c
+++ b/lib/tdb/common/lock.c
@@ -294,7 +294,7 @@ fail:
static struct tdb_lock_type *find_nestlock(struct tdb_context *tdb,
tdb_off_t offset)
{
- unsigned int i;
+ int i;
for (i=0; i<tdb->num_lockrecs; i++) {
if (tdb->lockrecs[i].off == offset) {
@@ -381,7 +381,7 @@ static int tdb_lock_and_recover(struct tdb_context *tdb)
static bool have_data_locks(const struct tdb_context *tdb)
{
- unsigned int i;
+ int i;
for (i = 0; i < tdb->num_lockrecs; i++) {
if (tdb->lockrecs[i].off >= lock_offset(-1))
@@ -560,7 +560,8 @@ static int tdb_allrecord_check(struct tdb_context *tdb, int ltype,
return -1;
}
- if (tdb->allrecord_lock.count && tdb->allrecord_lock.ltype == ltype) {
+ if (tdb->allrecord_lock.count &&
+ tdb->allrecord_lock.ltype == (uint32_t)ltype) {
tdb->allrecord_lock.count++;
return 0;
}
@@ -706,7 +707,7 @@ int tdb_allrecord_unlock(struct tdb_context *tdb, int ltype, bool mark_lock)
}
/* Upgradable locks are marked as write locks. */
- if (tdb->allrecord_lock.ltype != ltype
+ if (tdb->allrecord_lock.ltype != (uint32_t)ltype
&& (!tdb->allrecord_lock.off || ltype != F_RDLCK)) {
tdb->ecode = TDB_ERR_LOCK;
return -1;
@@ -945,7 +946,8 @@ bool tdb_have_extra_locks(struct tdb_context *tdb)
/* The transaction code uses this to remove all locks. */
void tdb_release_transaction_locks(struct tdb_context *tdb)
{
- unsigned int i, active = 0;
+ int i;
+ unsigned int active = 0;
if (tdb->allrecord_lock.count != 0) {
tdb_allrecord_unlock(tdb, tdb->allrecord_lock.ltype, false);
--
2.1.4
From b579c097f1d76ed1cd40f02e11bfff4c187d78d1 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Mon, 7 Nov 2016 21:40:15 +0100
Subject: [PATCH 2/3] tdb: Do lock upgrades properly
When a process holds a readlock and wants to upgrade, this needs to be
reflected in the underlying lock. Without this, it is possible to cheat:
One process holds a readlock, and another process wants to write this
record. All the writer has to do is take a readonly lock on the key and
then do the store.
Signed-off-by: Volker Lendecke <vl at samba.org>
---
lib/tdb/common/lock.c | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/lib/tdb/common/lock.c b/lib/tdb/common/lock.c
index 594c287..4ad70cf 100644
--- a/lib/tdb/common/lock.c
+++ b/lib/tdb/common/lock.c
@@ -321,6 +321,22 @@ int tdb_nest_lock(struct tdb_context *tdb, uint32_t offset, int ltype,
new_lck = find_nestlock(tdb, offset);
if (new_lck) {
+ if ((new_lck->ltype == F_RDLCK) && (ltype == F_WRLCK)) {
+ if (!tdb_have_mutexes(tdb)) {
+ int ret;
+ /*
+ * Upgrade the underlying fcntl
+ * lock. Mutexes don't do readlocks,
+ * so this only applies to fcntl
+ * locking.
+ */
+ ret = tdb_brlock(tdb, ltype, offset, 1, flags);
+ if (ret != 0) {
+ return ret;
+ }
+ }
+ new_lck->ltype = F_WRLCK;
+ }
/*
* Just increment the in-memory struct, posix locks
* don't stack.
--
2.1.4
From 0cf2ee29f5c4c13e66e999fd85f6b22aa68ad9d5 Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl at samba.org>
Date: Tue, 8 Nov 2016 17:01:56 +0100
Subject: [PATCH 3/3] tdb: Test for readonly lock upgrade bug
Signed-off-by: Volker Lendecke <vl at samba.org>
---
lib/tdb/test/run-rdlock-upgrade.c | 166 ++++++++++++++++++++++++++++++++++++++
lib/tdb/wscript | 1 +
2 files changed, 167 insertions(+)
create mode 100644 lib/tdb/test/run-rdlock-upgrade.c
diff --git a/lib/tdb/test/run-rdlock-upgrade.c b/lib/tdb/test/run-rdlock-upgrade.c
new file mode 100644
index 0000000..042001b
--- /dev/null
+++ b/lib/tdb/test/run-rdlock-upgrade.c
@@ -0,0 +1,166 @@
+#include "../common/io.c"
+#include "../common/tdb.c"
+#include "../common/lock.c"
+#include "../common/freelist.c"
+#include "../common/traverse.c"
+#include "../common/transaction.c"
+#include "../common/error.c"
+#include "../common/open.c"
+#include "../common/check.c"
+#include "../common/hash.c"
+#include "../common/mutex.c"
+#include "tap-interface.h"
+#include <stdlib.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <stdarg.h>
+#include "logging.h"
+
+static TDB_DATA key, data;
+
+static void do_chainlock(const char *name, int tdb_flags, int up, int down)
+{
+ struct tdb_context *tdb;
+ int ret;
+ ssize_t nread, nwritten;
+ char c = 0;
+
+ tdb = tdb_open_ex(name, 3, tdb_flags,
+ O_RDWR|O_CREAT, 0755, &taplogctx, NULL);
+ ok(tdb, "tdb_open_ex should succeed");
+
+ ret = tdb_chainlock_read(tdb, key);
+ ok(ret == 0, "tdb_chainlock_read should succeed");
+
+ nwritten = write(up, &c, sizeof(c));
+ ok(nwritten == sizeof(c), "write should succeed");
+
+ nread = read(down, &c, sizeof(c));
+ ok(nread == 0, "read should succeed");
+
+ exit(0);
+}
+
+static void do_trylock(const char *name, int tdb_flags, int up, int down)
+{
+ struct tdb_context *tdb;
+ int ret;
+ ssize_t nread, nwritten;
+ char c = 0;
+
+ tdb = tdb_open_ex(name, 3, tdb_flags,
+ O_RDWR|O_CREAT, 0755, &taplogctx, NULL);
+ ok(tdb, "tdb_open_ex should succeed");
+
+ /*
+ * tdb used to have a bug where with fcntl locks an upgrade
+ * from a readlock to writelock did not check for the
+ * underlying fcntl lock. Mutexes don't distinguish between
+ * readlocks and writelocks, so that bug does not apply here.
+ */
+
+ ret = tdb_chainlock_read(tdb, key);
+ ok(ret == 0, "tdb_chainlock_read should succeed");
+
+ ret = tdb_chainlock_nonblock(tdb, key);
+ ok(ret == -1, "tdb_chainlock_nonblock should fail");
+
+ nwritten = write(up, &c, sizeof(c));
+ ok(nwritten == sizeof(c), "write should succeed");
+
+ nread = read(down, &c, sizeof(c));
+ ok(nread == 0, "read should succeed");
+
+ exit(0);
+}
+
+static int do_tests(const char *name, int tdb_flags)
+{
+ int ret;
+ pid_t chainlock_child, store_child;
+ int chainlock_down[2];
+ int chainlock_up[2];
+ int store_down[2];
+ int store_up[2];
+ char c;
+ ssize_t nread;
+
+ key.dsize = strlen("hi");
+ key.dptr = discard_const_p(uint8_t, "hi");
+ data.dsize = strlen("world");
+ data.dptr = discard_const_p(uint8_t, "world");
+
+ ret = pipe(chainlock_down);
+ ok(ret == 0, "pipe should succeed");
+
+ ret = pipe(chainlock_up);
+ ok(ret == 0, "pipe should succeed");
+
+ ret = pipe(store_down);
+ ok(ret == 0, "pipe should succeed");
+
+ ret = pipe(store_up);
+ ok(ret == 0, "pipe should succeed");
+
+ chainlock_child = fork();
+ ok(chainlock_child != -1, "fork should succeed");
+
+ if (chainlock_child == 0) {
+ close(chainlock_up[0]);
+ close(chainlock_down[1]);
+ close(store_up[0]);
+ close(store_up[1]);
+ close(store_down[0]);
+ close(store_down[1]);
+ do_chainlock(name, tdb_flags,
+ chainlock_up[1], chainlock_down[0]);
+ exit(0);
+ }
+ close(chainlock_up[1]);
+ close(chainlock_down[0]);
+
+ nread = read(chainlock_up[0], &c, sizeof(c));
+ ok(nread == sizeof(c), "read should succeed");
+
+ /*
+ * Now we have a process holding a chain read lock. Start
+ * another process trying to write lock. This should fail.
+ */
+
+ store_child = fork();
+ ok(store_child != -1, "fork should succeed");
+
+ if (store_child == 0) {
+ close(chainlock_up[0]);
+ close(chainlock_down[1]);
+ close(store_up[0]);
+ close(store_down[1]);
+ do_trylock(name, tdb_flags,
+ store_up[1], store_down[0]);
+ exit(0);
+ }
+ close(store_up[1]);
+ close(store_down[0]);
+
+ nread = read(store_up[0], &c, sizeof(c));
+ ok(nread == sizeof(c), "read should succeed");
+
+ close(chainlock_up[0]);
+ close(chainlock_down[1]);
+ close(store_up[0]);
+ close(store_down[1]);
+ diag("%s tests done", name);
+ return exit_status();
+}
+
+int main(int argc, char *argv[])
+{
+ int ret;
+
+ ret = do_tests("rdlock-upgrade.tdb",
+ TDB_CLEAR_IF_FIRST |
+ TDB_INCOMPATIBLE_HASH);
+ ok(ret == 0, "rdlock-upgrade.tdb tests should succeed");
+
+ return exit_status();
+}
diff --git a/lib/tdb/wscript b/lib/tdb/wscript
index 0d682eb..693787c 100644
--- a/lib/tdb/wscript
+++ b/lib/tdb/wscript
@@ -34,6 +34,7 @@ tdb1_unit_tests = [
'run-readonly-check',
'run-rescue',
'run-rescue-find_entry',
+ 'run-rdlock-upgrade',
'run-rwlock-check',
'run-summary',
'run-transaction-expand',
--
2.1.4
More information about the samba-technical
mailing list