summaryrefslogtreecommitdiff
path: root/lib/tdb/common/open.c
AgeCommit message (Collapse)AuthorFilesLines
2013-02-16tdb: Fix a typoVolker Lendecke1-1/+1
Signed-off-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Simo Sorce <idra@samba.org> Autobuild-Date(master): Sat Feb 16 17:13:32 CET 2013 on sn-devel-104
2013-02-05tdb: Remove "header" from tdb_contextVolker Lendecke1-17/+22
header.hash_size was the only thing we ever referenced outside of tdb_open_ex and its direct callees. So this shrinks the tdb_context by 164 bytes. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Tue Feb 5 13:18:28 CET 2013 on sn-devel-104
2013-02-05tdb: Pass argument "header" to check_header_hashVolker Lendecke1-4/+6
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-02-05tdb: Pass argument "header" to tdb_new_databaseVolker Lendecke1-6/+8
Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Make tdb_new_database() follow a more conventional styleVolker Lendecke1-3/+4
We usually "goto fail" on every error and then in normal flow set the return variable to success. This patch removes a comment which from my point of view is now obsolete. It violates the {} rule from README.Coding here in favor of the style used in this function. Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-21tdb: Fix blank line endingsVolker Lendecke1-3/+3
Reviewed-by: Rusty Russell <rusty@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-10-06tdb: Make tdb robust against improper CLEAR_IF_FIRST restartVolker Lendecke1-4/+28
When winbind is restarted, there is a potential crash in tdb. Following situation: We are in a cluster with ctdb. A winbind child hangs in a request to the DC. Cluster monitoring decides the node has a problem. Cluster monitoring decides to kill ctdbd. winbind child still hangs in a RPC request. winbind parent figures that ctdb is dead and immediately commits suicide. winbind parent is restarted by cluster management, overwriting gencache.tdb with CLEAR_IF_FIRST. The CLEAR_IF_FIRST logic as implemented now will not see that a child still has the tdb open, only the parent holds the ACTIVE_LOCK due to performance reasons. During the CLEAR_IF_FIRST logic is done, there is a very small window where we ftruncate(tfd, 0) the file and re-write a proper header without a lock. When during this small window the winbind child comes back, wanting to store something into gencache.tdb, that winbind child will crash with a SIGBUS. Sounds unlikely? See: [2012/09/29 07:02:31.871607, 0] lib/util.c:1183(smb_panic) PANIC (pid 1814517): internal error [2012/09/29 07:02:31.877596, 0] lib/util.c:1287(log_stack_trace) BACKTRACE: 35 stack frames: #0 winbindd(log_stack_trace+0x1a) [0x7feb7d4ca18a] #1 winbindd(smb_panic+0x2b) [0x7feb7d4ca25b] #2 winbindd(+0x1a3cc4) [0x7feb7d4bacc4] #3 /lib64/libc.so.6(+0x32900) [0x7feb7a929900] #4 /lib64/libc.so.6(memcpy+0x35) [0x7feb7a97f355] #5 /usr/lib64/libtdb.so.1(+0x6e76) [0x7feb7b0b0e76] #6 /usr/lib64/libtdb.so.1(+0x3d37) [0x7feb7b0add37] #7 /usr/lib64/libtdb.so.1(+0x863d) [0x7feb7b0b263d] #8 /usr/lib64/libtdb.so.1(+0x8700) [0x7feb7b0b2700] #9 /usr/lib64/libtdb.so.1(+0x2505) [0x7feb7b0ac505] #10 /usr/lib64/libtdb.so.1(+0x25b7) [0x7feb7b0ac5b7] #11 /usr/lib64/libtdb.so.1(tdb_fetch+0x13) [0x7feb7b0ac633] #12 winbindd(gencache_set_data_blob+0x259) [0x7feb7d4d8449] #13 winbindd(gencache_set+0x53) [0x7feb7d4d85b3] #14 winbindd(gencache_del+0x5e) [0x7feb7d4d879e] #15 winbindd(saf_delete+0x93) [0x7feb7d54b693] #16 winbindd(+0xe507e) [0x7feb7d3fc07e] #17 winbindd(+0xe85e5) [0x7feb7d3ff5e5] #18 winbindd(+0xe65be) [0x7feb7d3fd5be] #19 winbindd(+0xe7562) [0x7feb7d3fe562] #20 winbindd(init_dc_connection+0x2e) [0x7feb7d3fe5be] #21 winbindd(+0xe75d9) [0x7feb7d3fe5d9] #22 winbindd(cm_connect_netlogon+0x58) [0x7feb7d3fe658] #23 winbindd(_wbint_PingDc+0x61) [0x7feb7d410991] #24 winbindd(+0x103175) [0x7feb7d41a175] #25 winbindd(winbindd_dual_ndrcmd+0xb7) [0x7feb7d4107d7] #26 winbindd(+0xf8609) [0x7feb7d40f609] #27 winbindd(+0xf9075) [0x7feb7d410075] #28 winbindd(tevent_common_loop_immediate+0xe8) [0x7feb7d4db198] #29 winbindd(run_events_poll+0x3c) [0x7feb7d4d93fc] #30 winbindd(+0x1c2b52) [0x7feb7d4d9b52] #31 winbindd(_tevent_loop_once+0x90) [0x7feb7d4d9f60] #32 winbindd(main+0x7b3) [0x7feb7d3e7aa3] #33 /lib64/libc.so.6(__libc_start_main+0xfd) [0x7feb7a915cdd] #34 winbindd(+0xce2a9) [0x7feb7d3e52a9] This is in a winbind child, logfiles surrounding indicate the parent was restarted. This patch takes all chain locks around the CLEAR_IF_FIRST introduced tdb_new_database.
2012-03-22lib/tdb: fix OpenBSD incoherent mmap.Rusty Russell1-1/+3
This comment appears in two places in the code (commit 4c6a8273c6dd3e2aeda5a63c4a62aa55bc133099 from 2001): /* * We must ensure the file is unmapped before doing this * to ensure consistency with systems like OpenBSD where * writes and mmaps are not consistent. */ But this doesn't help, because if one process is using mmap and another using pwrite, we get incoherent results. As demonstrated by OpenBSD's failure on the tdb unit tests. Rather than disable mmap on OpenBSD, we test for this issue and force mmap to be enabled. This means that we will fail on very large TDBs on 32-bit systems, but it's better than the horrendous performance penalty on every OpenBSD system. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2011-12-19tdb: be more careful on 4G files.Rusty Russell1-0/+10
I came across a tdb which had wrapped to 4G + 4K, and the contents had been destroyed by processes which thought it only 4k long. Fix this by checking on open, and making tdb_oob() check for wrap itself. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Autobuild-User: Rusty Russell <rusty@rustcorp.com.au> Autobuild-Date: Mon Dec 19 07:52:01 CET 2011 on sn-devel-104
2010-11-27tdb:common/open.c - use "discard_const_p" for certain "tdb->name" assignmentsMatthias Dieter Wallnöfer1-2/+2
In order to suppress compiler warnings.
2010-11-12tdb: set tdb->name early, as it's needed for tdb_name()Stefan Metzmacher1-6/+27
tdb_name() might be used within the given log function, which might be called from within tdb_open_ex(). metze Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Fri Nov 12 11:22:21 UTC 2010 on sn-devel-104
2010-10-21tdb: Set _PUBLIC_ in C file rather than header files (Debian bug 600898)Jelmer Vernooij1-9/+9
Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Thu Oct 21 11:47:22 UTC 2010 on sn-devel-104
2010-09-27tdb: TDB_INCOMPATIBLE_HASH, to allow safe changing of default hash.Rusty Russell1-3/+18
This flag to tdb_open/tdb_open_ex effects creation of a new database: 1) Uses the Jenkins lookup3 hash instead of the old gdbm hash if none is specified, 2) Places a non-zero field in header->rwlocks, so older versions of TDB will refuse to open it. This means that the caller (ie Samba) can set this flag to safely change the hash function. Versions of TDB from this one on will either use the correct hash or refuse to open (if a different hash is specified). Older TDB versions will see the nonzero rwlocks field and refuse to open it under any conditions. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2010-09-27tdb: automatically identify Jenkins hash tdbsRusty Russell1-14/+27
If the caller to tdb_open_ex() doesn't specify a hash, and tdb_old_hash doesn't match, try tdb_jenkins_hash. This was Metze's idea: it makes life simpler, especially with the upcoming TDB_INCOMPATIBLE_HASH flag. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2010-09-27tdb: add Bob Jenkins lookup3 hash as helper hash.Rusty Russell1-15/+1
This is a better hash than the default: shipping it with tdb makes it easy for callers to use it as the hash by passing it to tdb_open_ex(). This version taken from CCAN and modified, which took it from http://www.burtleburtle.net/bob/c/lookup3.c. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2010-09-20lib/tdb: fix c++ build warning in tdb_header_hash().Günther Deschner1-1/+1
Guenther
2010-09-16tdb: added TDB_NO_FSYNC env variableAndrew Tridgell1-0/+4
this might help reduce test times and load on test machines
2010-09-13tdb: put example hashes into header, so we notice incorrect hash_fn.Rusty Russell1-1/+54
This is Stefan Metzmacher <metze@samba.org>'s patch with minor changes: 1) Use the TDB_MAGIC constant so both hashes aren't of strings. 2) Check the hash in tdb_check (paranoia, really). 3) Additional check in the (unlikely!) case where both examples hash to 0. 4) Cosmetic changes to var names and complaint message. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2010-05-11tdb: remove unused variable in tdb_new_database().Günther Deschner1-1/+0
Guenther
2010-05-05tdb: fix short write logic in tdb_new_databaseRusty Russell1-15/+1
Commit 207a213c/24fed55d purported to fix the problem of signals during tdb_new_database (which could cause a spurious short write, hence a failure). However, the code is wrong: newdb+written is not correct. Fix this by introducing a general tdb_write_all() and using it here and in the tracing code. Cc: Stefan Metzmacher <metze@samba.org> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2010-03-25tdb: Fix indentation in tdb_new_database()Volker Lendecke1-1/+1
2010-03-25Fix some nonempty blank linesVolker Lendecke1-4/+4
2010-02-24tdb: use tdb_nest_lock() for active lock.Rusty Russell1-5/+10
Use our newly-generic nested lock tracking for the active lock. Note that the tdb_have_extra_locks() and tdb_release_extra_locks() functions have to skip over this lock now it is tracked. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2010-02-22tdb: use tdb_nest_lock() for open lock.Rusty Russell1-2/+3
This never nests, so it's overkill, but it centralizes the locking into lock.c and removes the ugly flag in the transaction code to track whether we have the lock or not. Note that we have a temporary hack so this places a real lock, despite the fact that we are in a transaction. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2010-02-17tdb: cleanup: tdb_have_extra_locks() helperRusty Russell1-1/+1
In many places we check whether locks are held: add a helper to do this. The _tdb_lockall() case has already checked for the allrecord lock, so the extra work done by tdb_have_extra_locks() is merely redundant. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2010-02-17tdb: cleanup: rename global_lock to allrecord_lock.Rusty Russell1-1/+1
The word global is overloaded in tdb. The global_lock inside struct tdb_context is used to indicate we hold a lock across all the chains. Rename it to allrecord_lock. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2010-02-17tdb: cleanup: rename GLOBAL_LOCK to OPEN_LOCK.Rusty Russell1-4/+4
The word global is overloaded in tdb. The GLOBAL_LOCK offset is used at open time to serialize initialization (and by the transaction code to block open). Rename it to OPEN_LOCK. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2010-02-17tdb: cleanup: split brlock and brunlock methods.Rusty Russell1-9/+9
This is taken from the CCAN code base: rather than using tdb_brlock for locking and unlocking, we split it into brlock and brunlock functions. For extra debugging information, brunlock says what kind of lock it is unlocking (even though fnctl locks don't need this). This requires an extra argument to tdb_transaction_unlock() so we know whether the lock was upgraded to a write lock or not. We also use a "flags" argument tdb_brlock: 1) TDB_LOCK_NOWAIT replaces lck_type = F_SETLK (vs F_SETLKW). 2) TDB_LOCK_MARK_ONLY replaces setting TDB_MARK_LOCK bit in ltype. 3) TDB_LOCK_PROBE replaces the "probe" argument. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2009-11-20tdb: add TDB_DISALLOW_NESTING and make TDB_ALLOW_NESTING the default behaviorStefan Metzmacher1-0/+17
We need to keep TDB_ALLOW_NESTING as default behavior, so that existing code continues to work. However we may change the default together with a major version number change in future. metze
2009-11-20tdb: always set tdb->tracefd to -1 to be safe on goto failStefan Metzmacher1-4/+3
metze
2009-10-29tdb: reset tdb->fd to -1 in tdb_close()Kirill Smelkov1-1/+3
So that erroneous double tdb_close() calls do not try to close() same fd again. This is like SAFE_FREE() but for fd. Signed-off-by: Kirill Smelkov <kirr@mns.spb.ru> Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2009-10-22lib/tdb: wean off TDB_ERRCODE.Rusty Russell1-2/+4
It was a regrettable hack which I used to reduce line count in tdb; in fact it caused confusion as can be seen in this patch. In particular, ecode now needs to be set before TDB_LOG anyway, and having it exposed in the header is useless (the struct tdb_context isn't defined, so it's doubly useless). Also, we should never set errno, as io.c was doing. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2009-10-22lib/tdb: TDB_TRACE support (for developers)Rusty Russell1-2/+29
When TDB_TRACE is defined (in tdb_private.h), verbose tracing of tdb operations is enabled. This can be replayed using "replay_trace" from http://ccan.ozlabs.org/info/tdb. The majority of this patch comes from moving internal functions to _<funcname> to avoid double-tracing. There should be no additional overhead for the normal (!TDB_TRACE) case. Note that the verbose traces compress really well with rzip. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2009-08-28lib/tdb: don't overwrite TDBs with different version numbers.Rusty Russell1-5/+7
In future, this may happen, and we don't want to clobber them. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2009-08-06Add define guards around otherwise unused variable.Jeremy Allison1-0/+3
Jeremy.
2009-07-31tdb: don't alter tdb->flags in tdb_reopen_all()Rusty Russell1-6/+13
The flags are user-visible, via tdb_get_flags/add_flags/remove_flags. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-07-31tdb: Reimplementation of Metze's "lib/tdb: if we know pwrite and pread are ↵Rusty Russell1-5/+10
thread/fork safe tdb_reopen_all() should be a noop". This version just wraps the reopen code, so we still re-grab the lock and do the normal sanity checks. The reason we do this at all is to avoid global fd limits, see: http://forums.fedoraforum.org/showthread.php?t=210393 Note also that this whole reopen concept is fundamentally racy: if the parent goes away before the child calls tdb_reopen_all, the database can be left without an active lock and another TDB_CLEAR_IF_FIRST opener will clear it. A fork_with_tdbs() wrapper could use a pipe to solve this, but it's hardly elegant (what if there are other independent things which have similar needs?). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-07-31tdb: Revert "lib/tdb: if we know pwrite and pread are thread/fork safe ↵Rusty Russell1-5/+0
tdb_reopen_all() should be a noop" This reverts commit e17df483fbedb81aededdef5fbb6ae1d034bc2dd. tdb_reopen_all also restores the active lock, required for TDB_CLEAR_IF_FIRST. Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-02-25lib/tdb: if we know pwrite and pread are thread/fork safe tdb_reopen_all() ↵Stefan Metzmacher1-0/+5
should be a noop The reason for tdb_reopen_all() is that the seek pointer on fds are shared between parent and child. metze
2008-09-17Move common libraries from root to lib/.Jelmer Vernooij1-0/+488