1 /* 2 * services/cache/rrset.c - Resource record set cache. 3 * 4 * Copyright (c) 2007, NLnet Labs. All rights reserved. 5 * 6 * This software is open source. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * Redistributions of source code must retain the above copyright notice, 13 * this list of conditions and the following disclaimer. 14 * 15 * Redistributions in binary form must reproduce the above copyright notice, 16 * this list of conditions and the following disclaimer in the documentation 17 * and/or other materials provided with the distribution. 18 * 19 * Neither the name of the NLNET LABS nor the names of its contributors may 20 * be used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 26 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 27 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 28 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 29 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 30 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 31 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 32 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34 */ 35 36 /** 37 * \file 38 * 39 * This file contains the rrset cache. 40 */ 41 #include "config.h" 42 #include "services/cache/rrset.h" 43 #include "sldns/rrdef.h" 44 #include "util/storage/slabhash.h" 45 #include "util/config_file.h" 46 #include "util/data/packed_rrset.h" 47 #include "util/data/msgreply.h" 48 #include "util/regional.h" 49 #include "util/alloc.h" 50 51 void 52 rrset_markdel(void* key) 53 { 54 struct ub_packed_rrset_key* r = (struct ub_packed_rrset_key*)key; 55 r->id = 0; 56 } 57 58 struct rrset_cache* rrset_cache_create(struct config_file* cfg, 59 struct alloc_cache* alloc) 60 { 61 size_t slabs = (cfg?cfg->rrset_cache_slabs:HASH_DEFAULT_SLABS); 62 size_t startarray = HASH_DEFAULT_STARTARRAY; 63 size_t maxmem = (cfg?cfg->rrset_cache_size:HASH_DEFAULT_MAXMEM); 64 65 struct rrset_cache *r = (struct rrset_cache*)slabhash_create(slabs, 66 startarray, maxmem, ub_rrset_sizefunc, ub_rrset_compare, 67 ub_rrset_key_delete, rrset_data_delete, alloc); 68 slabhash_setmarkdel(&r->table, &rrset_markdel); 69 return r; 70 } 71 72 void rrset_cache_delete(struct rrset_cache* r) 73 { 74 if(!r) 75 return; 76 slabhash_delete(&r->table); 77 /* slabhash delete also does free(r), since table is first in struct*/ 78 } 79 80 struct rrset_cache* rrset_cache_adjust(struct rrset_cache *r, 81 struct config_file* cfg, struct alloc_cache* alloc) 82 { 83 if(!r || !cfg || cfg->rrset_cache_slabs != r->table.size || 84 cfg->rrset_cache_size != slabhash_get_size(&r->table)) 85 { 86 rrset_cache_delete(r); 87 r = rrset_cache_create(cfg, alloc); 88 } 89 return r; 90 } 91 92 void 93 rrset_cache_touch(struct rrset_cache* r, struct ub_packed_rrset_key* key, 94 hashvalue_t hash, rrset_id_t id) 95 { 96 struct lruhash* table = slabhash_gettable(&r->table, hash); 97 /* 98 * This leads to locking problems, deadlocks, if the caller is 99 * holding any other rrset lock. 100 * Because a lookup through the hashtable does: 101 * tablelock -> entrylock (for that entry caller holds) 102 * And this would do 103 * entrylock(already held) -> tablelock 104 * And if two threads do this, it results in deadlock. 105 * So, the caller must not hold entrylock. 106 */ 107 lock_quick_lock(&table->lock); 108 /* we have locked the hash table, the item can still be deleted. 109 * because it could already have been reclaimed, but not yet set id=0. 110 * This is because some lruhash routines have lazy deletion. 111 * so, we must acquire a lock on the item to verify the id != 0. 112 * also, with hash not changed, we are using the right slab. 113 */ 114 lock_rw_rdlock(&key->entry.lock); 115 if(key->id == id && key->entry.hash == hash) { 116 lru_touch(table, &key->entry); 117 } 118 lock_rw_unlock(&key->entry.lock); 119 lock_quick_unlock(&table->lock); 120 } 121 122 /** see if rrset needs to be updated in the cache */ 123 static int 124 need_to_update_rrset(void* nd, void* cd, time_t timenow, int equal, int ns) 125 { 126 struct packed_rrset_data* newd = (struct packed_rrset_data*)nd; 127 struct packed_rrset_data* cached = (struct packed_rrset_data*)cd; 128 /* o store if rrset has been validated 129 * everything better than bogus data 130 * secure is preferred */ 131 if( newd->security == sec_status_secure && 132 cached->security != sec_status_secure) 133 return 1; 134 if( cached->security == sec_status_bogus && 135 newd->security != sec_status_bogus && !equal) 136 return 1; 137 /* o if current RRset is more trustworthy - insert it */ 138 if( newd->trust > cached->trust ) { 139 /* if the cached rrset is bogus, and this one equal, 140 * do not update the TTL - let it expire. */ 141 if(equal && cached->ttl >= timenow && 142 cached->security == sec_status_bogus) 143 return 0; 144 return 1; 145 } 146 /* o item in cache has expired */ 147 if( cached->ttl < timenow ) 148 return 1; 149 /* o same trust, but different in data - insert it */ 150 if( newd->trust == cached->trust && !equal ) { 151 /* if this is type NS, do not 'stick' to owner that changes 152 * the NS RRset, but use the old TTL for the new data, and 153 * update to fetch the latest data. ttl is not expired, because 154 * that check was before this one. */ 155 if(ns) { 156 size_t i; 157 newd->ttl = cached->ttl; 158 for(i=0; i<(newd->count+newd->rrsig_count); i++) 159 if(newd->rr_ttl[i] > newd->ttl) 160 newd->rr_ttl[i] = newd->ttl; 161 } 162 return 1; 163 } 164 return 0; 165 } 166 167 /** Update RRSet special key ID */ 168 static void 169 rrset_update_id(struct rrset_ref* ref, struct alloc_cache* alloc) 170 { 171 /* this may clear the cache and invalidate lock below */ 172 uint64_t newid = alloc_get_id(alloc); 173 /* obtain writelock */ 174 lock_rw_wrlock(&ref->key->entry.lock); 175 /* check if it was deleted in the meantime, if so, skip update */ 176 if(ref->key->id == ref->id) { 177 ref->key->id = newid; 178 ref->id = newid; 179 } 180 lock_rw_unlock(&ref->key->entry.lock); 181 } 182 183 int 184 rrset_cache_update(struct rrset_cache* r, struct rrset_ref* ref, 185 struct alloc_cache* alloc, time_t timenow) 186 { 187 struct lruhash_entry* e; 188 struct ub_packed_rrset_key* k = ref->key; 189 hashvalue_t h = k->entry.hash; 190 uint16_t rrset_type = ntohs(k->rk.type); 191 int equal = 0; 192 log_assert(ref->id != 0 && k->id != 0); 193 log_assert(k->rk.dname != NULL); 194 /* looks up item with a readlock - no editing! */ 195 if((e=slabhash_lookup(&r->table, h, k, 0)) != 0) { 196 /* return id and key as they will be used in the cache 197 * since the lruhash_insert, if item already exists, deallocs 198 * the passed key in favor of the already stored key. 199 * because of the small gap (see below) this key ptr and id 200 * may prove later to be already deleted, which is no problem 201 * as it only makes a cache miss. 202 */ 203 ref->key = (struct ub_packed_rrset_key*)e->key; 204 ref->id = ref->key->id; 205 equal = rrsetdata_equal((struct packed_rrset_data*)k->entry. 206 data, (struct packed_rrset_data*)e->data); 207 if(!need_to_update_rrset(k->entry.data, e->data, timenow, 208 equal, (rrset_type==LDNS_RR_TYPE_NS))) { 209 /* cache is superior, return that value */ 210 lock_rw_unlock(&e->lock); 211 ub_packed_rrset_parsedelete(k, alloc); 212 if(equal) return 2; 213 return 1; 214 } 215 lock_rw_unlock(&e->lock); 216 /* Go on and insert the passed item. 217 * small gap here, where entry is not locked. 218 * possibly entry is updated with something else. 219 * we then overwrite that with our data. 220 * this is just too bad, its cache anyway. */ 221 /* use insert to update entry to manage lruhash 222 * cache size values nicely. */ 223 } 224 log_assert(ref->key->id != 0); 225 slabhash_insert(&r->table, h, &k->entry, k->entry.data, alloc); 226 if(e) { 227 /* For NSEC, NSEC3, DNAME, when rdata is updated, update 228 * the ID number so that proofs in message cache are 229 * invalidated */ 230 if((rrset_type == LDNS_RR_TYPE_NSEC 231 || rrset_type == LDNS_RR_TYPE_NSEC3 232 || rrset_type == LDNS_RR_TYPE_DNAME) && !equal) { 233 rrset_update_id(ref, alloc); 234 } 235 return 1; 236 } 237 return 0; 238 } 239 240 struct ub_packed_rrset_key* 241 rrset_cache_lookup(struct rrset_cache* r, uint8_t* qname, size_t qnamelen, 242 uint16_t qtype, uint16_t qclass, uint32_t flags, time_t timenow, 243 int wr) 244 { 245 struct lruhash_entry* e; 246 struct ub_packed_rrset_key key; 247 248 key.entry.key = &key; 249 key.entry.data = NULL; 250 key.rk.dname = qname; 251 key.rk.dname_len = qnamelen; 252 key.rk.type = htons(qtype); 253 key.rk.rrset_class = htons(qclass); 254 key.rk.flags = flags; 255 256 key.entry.hash = rrset_key_hash(&key.rk); 257 258 if((e = slabhash_lookup(&r->table, key.entry.hash, &key, wr))) { 259 /* check TTL */ 260 struct packed_rrset_data* data = 261 (struct packed_rrset_data*)e->data; 262 if(timenow > data->ttl) { 263 lock_rw_unlock(&e->lock); 264 return NULL; 265 } 266 /* we're done */ 267 return (struct ub_packed_rrset_key*)e->key; 268 } 269 return NULL; 270 } 271 272 int 273 rrset_array_lock(struct rrset_ref* ref, size_t count, time_t timenow) 274 { 275 size_t i; 276 for(i=0; i<count; i++) { 277 if(i>0 && ref[i].key == ref[i-1].key) 278 continue; /* only lock items once */ 279 lock_rw_rdlock(&ref[i].key->entry.lock); 280 if(ref[i].id != ref[i].key->id || timenow > 281 ((struct packed_rrset_data*)(ref[i].key->entry.data)) 282 ->ttl) { 283 /* failure! rollback our readlocks */ 284 rrset_array_unlock(ref, i+1); 285 return 0; 286 } 287 } 288 return 1; 289 } 290 291 void 292 rrset_array_unlock(struct rrset_ref* ref, size_t count) 293 { 294 size_t i; 295 for(i=0; i<count; i++) { 296 if(i>0 && ref[i].key == ref[i-1].key) 297 continue; /* only unlock items once */ 298 lock_rw_unlock(&ref[i].key->entry.lock); 299 } 300 } 301 302 void 303 rrset_array_unlock_touch(struct rrset_cache* r, struct regional* scratch, 304 struct rrset_ref* ref, size_t count) 305 { 306 hashvalue_t* h; 307 size_t i; 308 if(count > RR_COUNT_MAX || !(h = (hashvalue_t*)regional_alloc(scratch, 309 sizeof(hashvalue_t)*count))) { 310 log_warn("rrset LRU: memory allocation failed"); 311 h = NULL; 312 } else /* store hash values */ 313 for(i=0; i<count; i++) 314 h[i] = ref[i].key->entry.hash; 315 /* unlock */ 316 for(i=0; i<count; i++) { 317 if(i>0 && ref[i].key == ref[i-1].key) 318 continue; /* only unlock items once */ 319 lock_rw_unlock(&ref[i].key->entry.lock); 320 } 321 if(h) { 322 /* LRU touch, with no rrset locks held */ 323 for(i=0; i<count; i++) { 324 if(i>0 && ref[i].key == ref[i-1].key) 325 continue; /* only touch items once */ 326 rrset_cache_touch(r, ref[i].key, h[i], ref[i].id); 327 } 328 } 329 } 330 331 void 332 rrset_update_sec_status(struct rrset_cache* r, 333 struct ub_packed_rrset_key* rrset, time_t now) 334 { 335 struct packed_rrset_data* updata = 336 (struct packed_rrset_data*)rrset->entry.data; 337 struct lruhash_entry* e; 338 struct packed_rrset_data* cachedata; 339 340 /* hash it again to make sure it has a hash */ 341 rrset->entry.hash = rrset_key_hash(&rrset->rk); 342 343 e = slabhash_lookup(&r->table, rrset->entry.hash, rrset, 1); 344 if(!e) 345 return; /* not in the cache anymore */ 346 cachedata = (struct packed_rrset_data*)e->data; 347 if(!rrsetdata_equal(updata, cachedata)) { 348 lock_rw_unlock(&e->lock); 349 return; /* rrset has changed in the meantime */ 350 } 351 /* update the cached rrset */ 352 if(updata->security > cachedata->security) { 353 size_t i; 354 if(updata->trust > cachedata->trust) 355 cachedata->trust = updata->trust; 356 cachedata->security = updata->security; 357 /* for NS records only shorter TTLs, other types: update it */ 358 if(ntohs(rrset->rk.type) != LDNS_RR_TYPE_NS || 359 updata->ttl+now < cachedata->ttl || 360 cachedata->ttl < now || 361 updata->security == sec_status_bogus) { 362 cachedata->ttl = updata->ttl + now; 363 for(i=0; i<cachedata->count+cachedata->rrsig_count; i++) 364 cachedata->rr_ttl[i] = updata->rr_ttl[i]+now; 365 } 366 } 367 lock_rw_unlock(&e->lock); 368 } 369 370 void 371 rrset_check_sec_status(struct rrset_cache* r, 372 struct ub_packed_rrset_key* rrset, time_t now) 373 { 374 struct packed_rrset_data* updata = 375 (struct packed_rrset_data*)rrset->entry.data; 376 struct lruhash_entry* e; 377 struct packed_rrset_data* cachedata; 378 379 /* hash it again to make sure it has a hash */ 380 rrset->entry.hash = rrset_key_hash(&rrset->rk); 381 382 e = slabhash_lookup(&r->table, rrset->entry.hash, rrset, 0); 383 if(!e) 384 return; /* not in the cache anymore */ 385 cachedata = (struct packed_rrset_data*)e->data; 386 if(now > cachedata->ttl || !rrsetdata_equal(updata, cachedata)) { 387 lock_rw_unlock(&e->lock); 388 return; /* expired, or rrset has changed in the meantime */ 389 } 390 if(cachedata->security > updata->security) { 391 updata->security = cachedata->security; 392 if(cachedata->security == sec_status_bogus) { 393 size_t i; 394 updata->ttl = cachedata->ttl - now; 395 for(i=0; i<cachedata->count+cachedata->rrsig_count; i++) 396 if(cachedata->rr_ttl[i] < now) 397 updata->rr_ttl[i] = 0; 398 else updata->rr_ttl[i] = 399 cachedata->rr_ttl[i]-now; 400 } 401 if(cachedata->trust > updata->trust) 402 updata->trust = cachedata->trust; 403 } 404 lock_rw_unlock(&e->lock); 405 } 406 407 void rrset_cache_remove(struct rrset_cache* r, uint8_t* nm, size_t nmlen, 408 uint16_t type, uint16_t dclass, uint32_t flags) 409 { 410 struct ub_packed_rrset_key key; 411 key.entry.key = &key; 412 key.rk.dname = nm; 413 key.rk.dname_len = nmlen; 414 key.rk.rrset_class = htons(dclass); 415 key.rk.type = htons(type); 416 key.rk.flags = flags; 417 key.entry.hash = rrset_key_hash(&key.rk); 418 slabhash_remove(&r->table, key.entry.hash, &key); 419 } 420