diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2014-11-21 11:28:36 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-11-24 20:54:00 +0100 |
commit | 6a60e29468fc6b4043a4dc52d3aab73e8465db70 (patch) | |
tree | 8c79f852113b017fe6a875ff2259b67fb38b71ee /src/sss_client/nss_mc_group.c | |
parent | 19f6a6733b5c6cf7dd2f6f746cfa5c787706331c (diff) | |
download | sssd-6a60e29468fc6b4043a4dc52d3aab73e8465db70.tar.gz sssd-6a60e29468fc6b4043a4dc52d3aab73e8465db70.tar.xz sssd-6a60e29468fc6b4043a4dc52d3aab73e8465db70.zip |
sss_client: Fix race condition in memory cache
Thread safe initialisation was fixed in ticket #2380, but there is
still race condition in reinitialisation.
If caches is invalidated with command sss_cache -U (-G or -E) then
client code will need to reinitialize fast memory cache.
Let say we have two threads. The 1st thread find out that memory cache
should be reinitialized; therefore the fast memory cached is unmapped
and context destroyed. In the same time, 2nd thread tried to check
header of memory cache whether it is initialized and valid. As a result
of previously unmapped memory the 2nd thread access
out of bound memory (SEGFAULT).
The destroying of fast memory cache cannot be done any time. We need
to be sure that there isn't any other thread which uses mmaped memory.
The new counter of active threads was added for this purpose. The state
of fast memory cache was converted from boolean to three value state
(UNINITIALIZED, INITIALIZED, RECYCLED)
UNINITIALIZED
- the fast memory cache need to be initialized.
- if there is a problem with initialisation the state will not change
- after successful initialisation, the state will change to INITIALIZED
INITIALIZED
- if the cahe was invalidated or there is any other problem was
detected in memory cache header the state will change to RECYCLED
and memory cache IS NOT destroyed.
RECYCLED
- nothing will be done is there are any active threads which may use
the data from mmaped memory
- if there aren't active threads the fast memory cahe is destroyed and
state is changed to UNINITIALIZED.
https://fedorahosted.org/sssd/ticket/2445
Reviewed-by: Michal Židek <mzidek@redhat.com>
Diffstat (limited to 'src/sss_client/nss_mc_group.c')
-rw-r--r-- | src/sss_client/nss_mc_group.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/src/sss_client/nss_mc_group.c b/src/sss_client/nss_mc_group.c index 268b40ef0..e0fdb97f6 100644 --- a/src/sss_client/nss_mc_group.c +++ b/src/sss_client/nss_mc_group.c @@ -29,7 +29,8 @@ #include "nss_mc.h" #include "util/util_safealign.h" -struct sss_cli_mc_ctx gr_mc_ctx = { false, -1, 0, NULL, 0, NULL, 0, NULL, 0 }; +struct sss_cli_mc_ctx gr_mc_ctx = { UNINITIALIZED, -1, 0, NULL, 0, NULL, 0, + NULL, 0, 0 }; static errno_t sss_nss_mc_parse_result(struct sss_mc_rec *rec, struct group *result, @@ -176,6 +177,7 @@ errno_t sss_nss_mc_getgrnam(const char *name, size_t name_len, done: free(rec); + __sync_sub_and_fetch(&gr_mc_ctx.active_threads, 1); return ret; } @@ -198,7 +200,8 @@ errno_t sss_nss_mc_getgrgid(gid_t gid, len = snprintf(gidstr, 11, "%ld", (long)gid); if (len > 10) { - return EINVAL; + ret = EINVAL; + goto done; } /* hashes are calculated including the NULL terminator */ @@ -242,6 +245,7 @@ errno_t sss_nss_mc_getgrgid(gid_t gid, done: free(rec); + __sync_sub_and_fetch(&gr_mc_ctx.active_threads, 1); return ret; } |