aboutsummaryrefslogtreecommitdiff
path: root/nscd/connections.c
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2008-04-19 16:42:41 +0000
committerUlrich Drepper <drepper@redhat.com>2008-04-19 16:42:41 +0000
commitc52137d39101515cacb67a2bcd43b77bd06284e0 (patch)
tree301583f49438de52f3a7cf54676d958b4158ec8f /nscd/connections.c
parent87a71b8d67e501d422528b8435e733e8e78a165a (diff)
downloadglibc-c52137d39101515cacb67a2bcd43b77bd06284e0.tar
glibc-c52137d39101515cacb67a2bcd43b77bd06284e0.tar.gz
glibc-c52137d39101515cacb67a2bcd43b77bd06284e0.tar.bz2
glibc-c52137d39101515cacb67a2bcd43b77bd06284e0.zip
[BZ #5209, BZ #5381]
2008-04-15 Ulrich Drepper <drepper@redhat.com> [BZ #5209] * sysdeps/unix/sysv/linux/times.c: New file. [BZ #5381] * nscd/nscd.h: Define enum in_flight, mem_in_flight, and mem_in_flight_list variables. Add new parameter to mempool_alloc prototype. * nscd/mem.c (mempool_alloc): Take additional parameter. Initialize appropriate mem_in_flight element. (gc): Take allocations which have not yet been committed to the database into account. * nscd/cache.c (cache_add): Add new parameter to mempool_alloc call. Reset mem_in_flight before returning. * nscd/connections.c (nscd_run_worker): Initialize mem_in_flight and cue it up in mem_in_flight_list. * nscd/aicache.c: Adjust mempool_alloc call. * nscd/grpcache.c: Likewise. * nscd/hstcache.c: Likewise. * nscd/initgrcache.c: Likewise. * nscd/pwdcache.c: Likewise. * nscd/servicescache.c: Likewise. * nscd/Makefile (nscd-flags): Until ld is fixed, use -fpic instead of -fpie. * nscd/connections.c (handle_request): Provide better error message in case SELinux forbids the service. * version.h (VERSION): Bump to 2.8.90.
Diffstat (limited to 'nscd/connections.c')
-rw-r--r--nscd/connections.c47
1 files changed, 44 insertions, 3 deletions
diff --git a/nscd/connections.c b/nscd/connections.c
index 5da5e5f08a..64c82cb892 100644
--- a/nscd/connections.c
+++ b/nscd/connections.c
@@ -225,6 +225,11 @@ static int sock;
/* Number of times clients had to wait. */
unsigned long int client_queued;
+/* Data structure for recording in-flight memory allocation. */
+__thread struct mem_in_flight mem_in_flight;
+/* Global list of the mem_in_flight variables of all the threads. */
+struct mem_in_flight *mem_in_flight_list;
+
ssize_t
writeall (int fd, const void *buf, size_t len)
@@ -964,7 +969,7 @@ send_ro_fd (struct database_dyn *db, char *key, int fd)
/* Handle new request. */
static void
-handle_request (int fd, request_header *req, void *key, uid_t uid)
+handle_request (int fd, request_header *req, void *key, uid_t uid, pid_t pid)
{
if (__builtin_expect (req->version, NSCD_VERSION) != NSCD_VERSION)
{
@@ -979,7 +984,31 @@ cannot handle old request version %d; current version is %d"),
if (selinux_enabled && nscd_request_avc_has_perm (fd, req->type) != 0)
{
if (debug_level > 0)
- dbg_log (_("request not handled due to missing permission"));
+ {
+#ifdef SO_PEERCRED
+# ifdef PATH_MAX
+ char buf[PATH_MAX];
+# else
+ char buf[4096];
+# endif
+
+ snprintf (buf, sizeof (buf), "/proc/%ld/exe", (long int) pid);
+ ssize_t n = readlink (buf, buf, sizeof (buf) - 1);
+
+ if (n <= 0)
+ dbg_log (_("\
+request from %ld not handled due to missing permission"), (long int) pid);
+ else
+ {
+ buf[n] = '\0';
+ dbg_log (_("\
+request from '%s' [%ld] not handled due to missing permission"),
+ buf, (long int) pid);
+ }
+#else
+ dbg_log (_("request not handled due to missing permission"));
+#endif
+ }
return;
}
@@ -1426,6 +1455,16 @@ nscd_run_worker (void *p)
{
char buf[256];
+ /* Initialize the memory-in-flight list. */
+ for (enum in_flight idx = 0; idx < IDX_last; ++idx)
+ mem_in_flight.block[idx].dbidx = -1;
+ /* And queue this threads structure. */
+ do
+ mem_in_flight.next = mem_in_flight_list;
+ while (atomic_compare_and_exchange_bool_acq (&mem_in_flight_list,
+ &mem_in_flight,
+ mem_in_flight.next) != 0);
+
/* Initial locking. */
pthread_mutex_lock (&readylist_lock);
@@ -1491,6 +1530,8 @@ nscd_run_worker (void *p)
if (getsockopt (fd, SOL_SOCKET, SO_PEERCRED, &caller, &optlen) == 0)
pid = caller.pid;
}
+#else
+ const pid_t pid = 0;
#endif
/* It should not be possible to crash the nscd with a silly
@@ -1531,7 +1572,7 @@ handle_request: request received (Version = %d)"), req.version);
}
/* Phew, we got all the data, now process it. */
- handle_request (fd, &req, keybuf, uid);
+ handle_request (fd, &req, keybuf, uid, pid);
}
close_and_out: