From patchwork Tue Nov 10 21:46:02 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: DJ Delorie X-Patchwork-Id: 1397810 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=sourceware.org; envelope-from=libc-alpha-bounces@sourceware.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=sourceware.org Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha256 header.s=default header.b=hd8z+dpc; dkim-atps=neutral Received: from sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4CW1dd2Vg7z9s1l for ; Wed, 11 Nov 2020 08:46:13 +1100 (AEDT) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id E78F73986812; Tue, 10 Nov 2020 21:46:10 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org E78F73986812 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1605044771; bh=18YNkHHENoTq6Xj/WF5vHWXNQ61eBjsJ0kJV9uIDwzE=; h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=hd8z+dpcctSqOoRNmiSh+ejPxCZMs6OuCFjtGr/A8dQDabYwLk0IIpprBSRPMDged BcokyApfmpj8+YCYYRrWrHiuyq9KWqrsfGZGvHx5M6vwZxSlzwFFGsHyOk9srzfaVW 5cfVqk/MiUPS57rzR9iGeLwFwp6VTikPpX76+cMk= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by sourceware.org (Postfix) with ESMTP id A56A93842423 for ; Tue, 10 Nov 2020 21:46:07 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org A56A93842423 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-51-NcUfdEhqMH2rHFiSiGGz1g-1; Tue, 10 Nov 2020 16:46:04 -0500 X-MC-Unique: NcUfdEhqMH2rHFiSiGGz1g-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6AE3F8049DB for ; Tue, 10 Nov 2020 21:46:03 +0000 (UTC) Received: from greed.delorie.com (ovpn-112-91.rdu2.redhat.com [10.10.112.91]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2F1095B4D5 for ; Tue, 10 Nov 2020 21:46:03 +0000 (UTC) Received: from greed.delorie.com.redhat.com (localhost [127.0.0.1]) by greed.delorie.com (8.14.7/8.14.7) with ESMTP id 0AALk2OQ028804 for ; Tue, 10 Nov 2020 16:46:02 -0500 Date: Tue, 10 Nov 2020 16:46:02 -0500 Message-Id: To: libc-alpha@sourceware.org Subject: v4 [PATCH 2/6] : New abstraction for combining NSS modules and NSS actions X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-12.5 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: DJ Delorie via Libc-alpha From: DJ Delorie Reply-To: DJ Delorie Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" From 9cb4fd5df60173d7009b3ea0b6731493d23c402e Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Thu, 20 Feb 2020 09:32:27 +0100 Subject: [PATCH 2/6] : New abstraction for combining NSS modules and NSS actions Reviewed-by: Siddhesh Poyarekar --- nss/Makefile | 3 +- nss/nss_action.c | 116 ++++++++++++++++++++++++ nss/nss_action.h | 108 ++++++++++++++++++++++ nss/nss_action_parse.c | 197 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 423 insertions(+), 1 deletion(-) create mode 100644 nss/nss_action.c create mode 100644 nss/nss_action.h create mode 100644 nss/nss_action_parse.c diff --git a/nss/Makefile b/nss/Makefile index 18035a4fb4..f3e555066b 100644 --- a/nss/Makefile +++ b/nss/Makefile @@ -30,7 +30,8 @@ routines = nsswitch getnssent getnssent_r digits_dots \ $(addsuffix -lookup,$(databases)) \ compat-lookup nss_hash nss_files_fopen \ nss_readline nss_parse_line_result \ - nss_fgetent_r nss_module + nss_fgetent_r nss_module nss_action \ + nss_action_parse # These are the databases that go through nss dispatch. # Caution: if you add a database here, you must add its real name diff --git a/nss/nss_action.c b/nss/nss_action.c new file mode 100644 index 0000000000..b9c3b93fea --- /dev/null +++ b/nss/nss_action.c @@ -0,0 +1,116 @@ +/* NSS actions, elements in a nsswitch.conf configuration line. + Copyright (c) 2020 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +#include +#include + +/* Maintain a global list of NSS action lists. Since most databases + use the same list of actions, this list is usually short. + Deduplication in __nss_action_allocate ensures that the list does + not grow without bounds. */ + +struct nss_action_list_wrapper +{ + /* The next element of the list. */ + struct nss_action_list_wrapper *next; + + /* Number of elements in the list (excluding the terminator). */ + size_t count; + + /* NULL-terminated list of actions. */ + struct nss_action actions[]; +}; + +/* Toplevel list of allocated NSS action lists. */ +static struct nss_action_list_wrapper *nss_actions; + +/* Lock covers the nss_actions list. */ +__libc_lock_define (static, nss_actions_lock); + +/* Returns true if the actions are equal (same module, same actions + array). */ +static bool +actions_equal (const struct nss_action *a, const struct nss_action *b) +{ + return a->module == b->module && a->action_bits == b->action_bits; +} + + +/* Returns true if COUNT actions at A and B are equal (according to + actions_equal above). Caller must ensure that either A or B have at + least COUNT actions. */ +static bool +action_lists_equal (const struct nss_action *a, const struct nss_action *b, + size_t count) +{ + for (size_t i = 0; i < count; ++i) + if (!actions_equal (a + i, b + i)) + return false; + return true; +} + +/* Returns a pre-allocated action list for COUNT actions at ACTIONS, + or NULL if no such list exists. */ +static nss_action_list +find_allocated (struct nss_action *actions, size_t count) +{ + for (struct nss_action_list_wrapper *p = nss_actions; p != NULL; p = p->next) + if (p->count == count && action_lists_equal (p->actions, actions, count)) + return p->actions; + return NULL; +} + +nss_action_list +__nss_action_allocate (struct nss_action *actions, size_t count) +{ + nss_action_list result = NULL; + __libc_lock_lock (nss_actions_lock); + + result = find_allocated (actions, count); + if (result == NULL) + { + struct nss_action_list_wrapper *wrapper + = malloc (sizeof (*wrapper) + sizeof (*actions) * count); + if (wrapper != NULL) + { + wrapper->next = nss_actions; + wrapper->count = count; + memcpy (wrapper->actions, actions, sizeof (*actions) * count); + nss_actions = wrapper; + result = wrapper->actions; + } + } + + __libc_lock_unlock (nss_actions_lock); + return result; +} + +void __libc_freeres_fn_section +__nss_action_freeres (void) +{ + struct nss_action_list_wrapper *current = nss_actions; + while (current != NULL) + { + struct nss_action_list_wrapper *next = current->next; + free (current); + current = next; + } + nss_actions = NULL; +} diff --git a/nss/nss_action.h b/nss/nss_action.h new file mode 100644 index 0000000000..fa280afd05 --- /dev/null +++ b/nss/nss_action.h @@ -0,0 +1,108 @@ +/* NSS actions, elements in a nsswitch.conf configuration line. + Copyright (c) 2020 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#ifndef _NSS_ACTION_H +#define _NSS_ACTION_H + +#include + +/* See nss_database.h for a summary of how this relates. */ + +#include "nsswitch.h" /* For lookup_actions. */ + +struct nss_module; + +/* A NSS action pairs a service module with the action for each result + state. */ +struct nss_action +{ + /* The service module that provides the functionality (potentially + not yet loaded). */ + struct nss_module *module; + + /* Action according to result. Two bits for each lookup_actions + value (from nsswitch.h), indexed by enum nss_status (from nss.h). */ + unsigned int action_bits; +}; + +/* Value to add to first nss_status value to get zero. */ +#define NSS_STATUS_BIAS 2 +/* Number of bits per lookup action. */ +#define NSS_BPL 2 +#define NSS_BPL_MASK ((1 << NSS_BPL) - 1) + +/* Index in actions of an NSS status. Note that in nss/nss.h the + status starts at -2, and we shift that up to zero by adding 2. + Thus for example NSS_STATUS_TRYAGAIN, which is -2, would index into + the 0th bit place as expected. */ +static inline int +nss_actions_bits_index (enum nss_status status) +{ + return NSS_BPL * (NSS_STATUS_BIAS + status); +} + +/* Returns the lookup_action value for STATUS in ACTION. */ +static inline lookup_actions +nss_action_get (const struct nss_action *action, enum nss_status status) +{ + return ((action->action_bits >> nss_actions_bits_index (status)) + & NSS_BPL_MASK); +} + +/* Sets the lookup_action value for STATUS in ACTION. */ +static inline void +nss_action_set (struct nss_action *action, + enum nss_status status, lookup_actions actions) +{ + int offset = nss_actions_bits_index (status); + unsigned int mask = NSS_BPL_MASK << offset; + action->action_bits = ((action->action_bits & ~mask) + | ((unsigned int) actions << offset)); +} + +static inline void +nss_action_set_all (struct nss_action *action, lookup_actions actions) +{ + unsigned int bits = actions & NSS_BPL_MASK; + action->action_bits = ( bits + | (bits << (NSS_BPL * 1)) + | (bits << (NSS_BPL * 2)) + | (bits << (NSS_BPL * 3)) + | (bits << (NSS_BPL * 4)) + ); +} + +/* A list of struct nss_action objects in array terminated by an + action with a NULL module. */ +typedef struct nss_action *nss_action_list; + +/* Returns a pointer to an allocated NSS action list that has COUNT + actions that matches the array at ACTIONS. */ +nss_action_list __nss_action_allocate (struct nss_action *actions, + size_t count) attribute_hidden; + +/* Returns a pointer to a list allocated by __nss_action_allocate, or + NULL on error. ENOMEM means a (temporary) memory allocation error, + EINVAL means that LINE is syntactically invalid. */ +nss_action_list __nss_action_parse (const char *line); + +/* Called from __libc_freeres. */ +void __nss_action_freeres (void) attribute_hidden; + + +#endif /* _NSS_ACTION_H */ diff --git a/nss/nss_action_parse.c b/nss/nss_action_parse.c new file mode 100644 index 0000000000..52acdbd9f2 --- /dev/null +++ b/nss/nss_action_parse.c @@ -0,0 +1,197 @@ +/* Parse a service line from nsswitch.conf. + Copyright (c) 1996-2020 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include "nss_action.h" +#include "nss_module.h" + +#include +#include +#include + +/* Staging area during parsing. */ +#define DYNARRAY_STRUCT action_list +#define DYNARRAY_ELEMENT struct nss_action +#define DYNARRAY_PREFIX action_list_ +#include + +/* Skip whitespace in line[]. */ +#define SKIP_WS() \ + while (line[0] != '\0' && isspace (line[0])) \ + ++line; + +/* Read the source names: + `( ( "[" "!"? ( "=" )+ "]" )? )*' + */ +static bool +nss_action_parse (const char *line, struct action_list *result) +{ + while (1) + { + SKIP_WS (); + if (line[0] == '\0') + /* No more sources specified. */ + return true; + + /* Read identifier. */ + const char *name = line; + while (line[0] != '\0' && !isspace (line[0]) && line[0] != '[') + ++line; + if (name == line) + return true; + + struct nss_action new_service + = { .module = __nss_module_allocate (name, line - name), }; + if (new_service.module == NULL) + { + /* Memory allocation error. */ + action_list_mark_failed (result); + return false; + } + nss_action_set_all (&new_service, NSS_ACTION_CONTINUE); + nss_action_set (&new_service, NSS_STATUS_SUCCESS, NSS_ACTION_RETURN); + nss_action_set (&new_service, NSS_STATUS_RETURN, NSS_ACTION_RETURN); + + SKIP_WS (); + + if (line[0] == '[') + { + /* Read criterions. */ + + /* Skip the '['. */ + ++ line; + SKIP_WS (); + + do + { + int not; + enum nss_status status; + lookup_actions action; + + /* Grok ! before name to mean all statuses but that one. */ + not = line[0] == '!'; + if (not) + ++line; + + /* Read status name. */ + name = line; + while (line[0] != '\0' && !isspace (line[0]) && line[0] != '=' + && line[0] != ']') + ++line; + + /* Compare with known statuses. */ + if (line - name == 7) + { + if (__strncasecmp (name, "SUCCESS", 7) == 0) + status = NSS_STATUS_SUCCESS; + else if (__strncasecmp (name, "UNAVAIL", 7) == 0) + status = NSS_STATUS_UNAVAIL; + else + return false; + } + else if (line - name == 8) + { + if (__strncasecmp (name, "NOTFOUND", 8) == 0) + status = NSS_STATUS_NOTFOUND; + else if (__strncasecmp (name, "TRYAGAIN", 8) == 0) + status = NSS_STATUS_TRYAGAIN; + else + return false; + } + else + return false; + + SKIP_WS (); + if (line[0] != '=') + return false; + + /* Skip the '='. */ + ++ line; + SKIP_WS (); + name = line; + while (line[0] != '\0' && !isspace (line[0]) && line[0] != '=' + && line[0] != ']') + ++line; + + if (line - name == 6 && __strncasecmp (name, "RETURN", 6) == 0) + action = NSS_ACTION_RETURN; + else if (line - name == 8 + && __strncasecmp (name, "CONTINUE", 8) == 0) + action = NSS_ACTION_CONTINUE; + else if (line - name == 5 + && __strncasecmp (name, "MERGE", 5) == 0) + action = NSS_ACTION_MERGE; + else + return false; + + if (not) + { + /* Save the current action setting for this status, + set them all to the given action, and reset this one. */ + const lookup_actions save + = nss_action_get (&new_service, status); + nss_action_set_all (&new_service, action); + nss_action_set (&new_service, status, save); + } + else + nss_action_set (&new_service, status, action); + + SKIP_WS (); + } + while (line[0] != ']'); + + /* Skip the ']'. */ + ++line; + } + + action_list_add (result, new_service); + } +} + +nss_action_list + __nss_action_parse (const char *line) +{ + struct action_list list; + action_list_init (&list); + if (nss_action_parse (line, &list)) + { + size_t size = action_list_size (&list); + nss_action_list result + = malloc (sizeof (*result) * (size + 1)); + if (result == NULL) + { + action_list_free (&list); + return NULL; + } + memcpy (result, action_list_begin (&list), sizeof (*result) * size); + /* Sentinel. */ + result[size].module = NULL; + return result; + } + else if (action_list_has_failed (&list)) + { + /* Memory allocation error. */ + __set_errno (ENOMEM); + return NULL; + } + else + { + /* Parse error. */ + __set_errno (EINVAL); + return NULL; + } +}