krb5.git/src/lib/kdb, branch master Unnamed repository; edit this file 'description' to name the repository. Maintain complete ulog on iprop slaves 2014-02-21T01:45:51+00:00 Greg Hudson ghudson@mit.edu 2014-01-25T19:40:41+00:00 406c83c835a8ce062d798a2ec4eda2eddd088450 Factor out most of ulog_add_update into a helper function named store_update, and make ulog_add_update just responsible for assigning a serial number and timestamp to the update before storing it. In ulog_replay, use store_update and ulog_finish_update to add each update to the ulog in addition to replaying it to the database. Don't use incr_ret->lastentry to set kdb_last_sno/kdb_last_time, since it will have been set properly by adding the individual updates; instead, just reinitialize the ulog on error. Slave ulogs use serial numbers provided from upstream, and thus do not always begin at serial number 1 after a header reset. As a result, we must: (A) in store_update, detect the first update (for which we must assign kdb_first_sno/kdb_first_time) by comparing kdb_num to 0, instead of by comparing the serial number to 1; (B) in store_update, detect that we are overwriting the first update by comparing kdb_num to ulogentries, instead of comparing the serial number to ulogentries; and (C) in ulog_map, detect that ulogentries changed by verifying the first and last serial number and timestamp against the actual ulog entries, rather than simply comparing kdb_last_sno to kdb_num. Based on code submitted by Richard Basch. ticket: 7855 
Factor out most of ulog_add_update into a helper function named
store_update, and make ulog_add_update just responsible for assigning
a serial number and timestamp to the update before storing it.  In
ulog_replay, use store_update and ulog_finish_update to add each
update to the ulog in addition to replaying it to the database.  Don't
use incr_ret->lastentry to set kdb_last_sno/kdb_last_time, since it
will have been set properly by adding the individual updates; instead,
just reinitialize the ulog on error.

Slave ulogs use serial numbers provided from upstream, and thus do not
always begin at serial number 1 after a header reset.  As a result, we
must: (A) in store_update, detect the first update (for which we must
assign kdb_first_sno/kdb_first_time) by comparing kdb_num to 0,
instead of by comparing the serial number to 1; (B) in store_update,
detect that we are overwriting the first update by comparing kdb_num
to ulogentries, instead of comparing the serial number to ulogentries;
and (C) in ulog_map, detect that ulogentries changed by verifying the
first and last serial number and timestamp against the actual ulog
entries, rather than simply comparing kdb_last_sno to kdb_num.

Based on code submitted by Richard Basch.

ticket: 7855
Simplify ulog_map 2014-02-21T01:42:47+00:00 Greg Hudson ghudson@mit.edu 2014-01-24T21:52:47+00:00 6a4a4b7b5e3265e4a811a9fd72c2534e6c5f5fd4 Get rid of the caller parameter. The kproplog semantics (without -R) for mapping the ulog are simple and almost completely different from other users of the ulog, so implement them as a static helper in kproplog. With hierarchical iprop, kpropd will need the same semantics as FKCOMMAND and FKADMIND, which were already identical. Get rid of the db_args parameter, since ulog_map no longer opens the database after #7552. Remove an inoperative lseek() call when creating a new ulog file. Rename ulog_filesize to filesize and compute it from scratch each time we use it, for easier analysis. If kdb_hmagic is zero, init the ulog header but don't skip the rest of the function; it's possible that we need to expand the ulog file. Remove an unneeded conditional before calling extend_file_to for an existing ulog. ticket: 7855 
Get rid of the caller parameter.  The kproplog semantics (without -R)
for mapping the ulog are simple and almost completely different from
other users of the ulog, so implement them as a static helper in
kproplog.  With hierarchical iprop, kpropd will need the same
semantics as FKCOMMAND and FKADMIND, which were already identical.

Get rid of the db_args parameter, since ulog_map no longer opens the
database after #7552.

Remove an inoperative lseek() call when creating a new ulog file.
Rename ulog_filesize to filesize and compute it from scratch each time
we use it, for easier analysis.  If kdb_hmagic is zero, init the ulog
header but don't skip the rest of the function; it's possible that we
need to expand the ulog file.  Remove an unneeded conditional before
calling extend_file_to for an existing ulog.

ticket: 7855
Lock around more ulog operations 2014-02-20T20:55:49+00:00 Greg Hudson ghudson@mit.edu 2014-01-23T16:34:52+00:00 71d028f1054deb186807e7c8048218b82b478422 Always lock the ulog when accessing it. We can currently get away with some laxness on iprop slaves because they are mostly synchronous, but hierarchical iprop will allow master and slave operations to take place concurrently, requiring more strict locking. Add new functions ulog_get_last and ulog_set_last, which access the ulog header with locking, and use them in kdb5_util and kpropd. Add locking to ulog_replay and ulog_init_header. ulog_lock and ulog_sync_header are no longer used outside of kdb_log.c after these changes, so make them static functions and remove the ulog_ prefix. Add an unlock_ulog function for clarity. 
Always lock the ulog when accessing it.  We can currently get away
with some laxness on iprop slaves because they are mostly synchronous,
but hierarchical iprop will allow master and slave operations to take
place concurrently, requiring more strict locking.

Add new functions ulog_get_last and ulog_set_last, which access the
ulog header with locking, and use them in kdb5_util and kpropd.  Add
locking to ulog_replay and ulog_init_header.

ulog_lock and ulog_sync_header are no longer used outside of kdb_log.c
after these changes, so make them static functions and remove the
ulog_ prefix.  Add an unlock_ulog function for clarity.
Factor out ulog serial number status check 2014-02-20T20:55:48+00:00 Greg Hudson ghudson@mit.edu 2014-01-20T23:46:52+00:00 d1f9aa3737b2b3e62b5c5ed488d6112b7ce8a5ad Add a new function ulog_get_sno_status, which checks a serial number and timestamp against the ulog for currency. Use it in kdb5_util dump and in ulog_get_entries. Adjust parse_iprop_header's contract in dump.c to better match the ulog_get_sno_status contract. This change causes some minor behavior differences. kadmind will check for an empty ulog unless the last serial number matches exactly, and will never set lastentry when returning UPDATE_FULL_RESYNC_NEEDED (which was pointless). kdb5_util dump will recognize a dump file as current if it exactly matches the last serial number, even if the ulog is empty; it will be more robust in the presence of non-monotonic clocks; and it will properly lock around the ulog access. 
Add a new function ulog_get_sno_status, which checks a serial number
and timestamp against the ulog for currency.  Use it in kdb5_util dump
and in ulog_get_entries.  Adjust parse_iprop_header's contract in
dump.c to better match the ulog_get_sno_status contract.

This change causes some minor behavior differences.  kadmind will
check for an empty ulog unless the last serial number matches exactly,
and will never set lastentry when returning UPDATE_FULL_RESYNC_NEEDED
(which was pointless).  kdb5_util dump will recognize a dump file as
current if it exactly matches the last serial number, even if the ulog
is empty; it will be more robust in the presence of non-monotonic
clocks; and it will properly lock around the ulog access.
Simplify iprop update locking and avoid deadlock 2014-02-20T20:55:48+00:00 Greg Hudson ghudson@mit.edu 2014-02-13T00:13:43+00:00 444ef5fe9ec8d64a5db27b3a8aaf6813dd7ef0e0 Since we are no longer treating the update log like a journal (#7552), we don't need two-stage update logging. In kdb5.c, add an update log entry after each DB change in one step, without getting an explicit lock. In kdb_log.c, combine ulog_add_update with ulog_finish_update, and make ulog_add_update lock the ulog internally. This change avoids deadlock by removing the only cases where the ulog is locked before the DB. ticket: 7861 
Since we are no longer treating the update log like a journal (#7552),
we don't need two-stage update logging.  In kdb5.c, add an update log
entry after each DB change in one step, without getting an explicit
lock.  In kdb_log.c, combine ulog_add_update with ulog_finish_update,
and make ulog_add_update lock the ulog internally.

This change avoids deadlock by removing the only cases where the ulog
is locked before the DB.

ticket: 7861
Generate dependencies for t_stringattr 2014-02-12T19:00:00+00:00 Greg Hudson ghudson@mit.edu 2014-02-12T04:19:36+00:00 b69543edc0afc424a3982cc49176c09d887679cd When t_stringattr.c was introduced, it wasn't added to EXTRADEPSRCS, so no dependencies were created for it. Fix that now. 
When t_stringattr.c was introduced, it wasn't added to EXTRADEPSRCS,
so no dependencies were created for it.  Fix that now.
Correctly get default realm in kdb5.c 2014-02-12T01:06:16+00:00 Greg Hudson ghudson@mit.edu 2014-02-10T20:26:34+00:00 6625843761468d79b0121a97d16fb2ca1db7542e Call krb5_get_default_realm instead of directly accessing context->default_realm, to remove the requirement that krb5_get_default_realm or krb5_set_default_realm be used before krb5_db_open. 
Call krb5_get_default_realm instead of directly accessing
context->default_realm, to remove the requirement that
krb5_get_default_realm or krb5_set_default_realm be used before
krb5_db_open.
Don't get KDB lock in ulog_get_entries 2014-02-05T05:21:30+00:00 Greg Hudson ghudson@mit.edu 2014-01-30T17:37:46+00:00 3c3638e1cfafa6ec5595e6c2c06ca209cf9d0d09 ulog_get_entries does not access the KDB, only the ulog, so it does not need a KDB lock; its read lock on the ulog is sufficient to prevent logged updates from happening while it is running. There is no reason to serialize against unlogged KDB updates such as those performed by the KDC, as those do not affect the ulog. 
ulog_get_entries does not access the KDB, only the ulog, so it does
not need a KDB lock; its read lock on the ulog is sufficient to
prevent logged updates from happening while it is running.  There is
no reason to serialize against unlogged KDB updates such as those
performed by the KDC, as those do not affect the ulog.
In kdb5_util load, init ulog closer to promote 2014-02-05T05:21:30+00:00 Greg Hudson ghudson@mit.edu 2014-01-23T15:51:21+00:00 1c0507df449ded505f54383387032db2723bd871 Always map the ulog with FKCOMMAND, not FKLOAD which reinitializes the ulog. Don't reinitialize the ulog until just before calling krb5_db_promote(). Get rid of FKLOAD since it isn't needed any more; we can just call ulog_init_header() manually. 
Always map the ulog with FKCOMMAND, not FKLOAD which reinitializes the
ulog.  Don't reinitialize the ulog until just before calling
krb5_db_promote().  Get rid of FKLOAD since it isn't needed any more;
we can just call ulog_init_header() manually.
Modernize iprop code 2014-02-05T05:21:29+00:00 Greg Hudson ghudson@mit.edu 2014-01-23T23:15:24+00:00 6506c87aab5567ae855d1f75dc9b41e1a091f542 * Don't use "extern" for kdb_log.h prototypes. * Avoid passing structures by value. * Avoid the need to cast the result of the INDEX macro, and use char * instead of unsigned long for pointer arithmetic. * Reorganize kdb_log.c so static helpers are at the top and don't use the "ulog_" prefix. * Get rid of ulog_finish_update_slave since it's more concise to open-code it in ulog_replay. * Get rid of ulog_delete_update. In krb5_db_delete_principal, just call ulog_add_update with kdb_deleted set in upd. * Modernize coding style of kproplog.c. Use k5memdup0 instead of snprintf in print_str to convert a byte range to a C string. Remove an unnecesary textdomain call; libkrb5 takes care of calling bindtextdomain in the library initializer. * Modernize coding style of kpropd.c and kprop.c. No functional changes. 
* Don't use "extern" for kdb_log.h prototypes.
* Avoid passing structures by value.
* Avoid the need to cast the result of the INDEX macro, and use char *
  instead of unsigned long for pointer arithmetic.
* Reorganize kdb_log.c so static helpers are at the top and don't use
  the "ulog_" prefix.
* Get rid of ulog_finish_update_slave since it's more concise to
  open-code it in ulog_replay.
* Get rid of ulog_delete_update.  In krb5_db_delete_principal, just
  call ulog_add_update with kdb_deleted set in upd.
* Modernize coding style of kproplog.c.  Use k5memdup0 instead of
  snprintf in print_str to convert a byte range to a C string.
  Remove an unnecesary textdomain call; libkrb5 takes care of calling
  bindtextdomain in the library initializer.
* Modernize coding style of kpropd.c and kprop.c.

No functional changes.