xref: /illumos-gate/usr/src/cmd/ldapcachemgr/cachemgr_change.c (revision efd4c9b63ad77503c101fc6c2ed8ba96c9d52964)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #include <strings.h>
27 #include <stdlib.h>
28 #include <syslog.h>
29 #include <errno.h>
30 #include <libintl.h>
31 #include <door.h>
32 #include <sys/types.h>
33 #include <sys/stat.h>
34 #include <fcntl.h>
35 #include <procfs.h>
36 #include "cachemgr.h"
37 
38 extern admin_t	current_admin;
39 
40 #define	CLEANUP_WAIT_TIME 60
41 
42 typedef enum cleanup_type {
43 	CLEANUP_ALL	= 1,
44 	CLEANUP_BY_PID	= 2
45 } cleanup_type_t;
46 
47 typedef struct cleanup_op {
48 	pid_t		pid;
49 	cleanup_type_t	type;
50 } cleanup_op_t;
51 
52 typedef struct main_nscd_struct {
53 	pid_t		pid;			/* main nscd pid */
54 	thread_t	tid;			/* main nscd tid */
55 	int		in_progress;		/* A main nscd thread is */
56 						/* waiting for change or */
57 						/* copying data */
58 	int		is_waiting_cleanup;	/* A main nscd thread is */
59 						/* waiting for another main */
60 						/* nscd thread to be cleaned */
61 						/* up */
62 } main_nscd_t;
63 
64 static chg_info_t chg = { DEFAULTMUTEX, DEFAULTCV, 0, NULL, NULL, NULL, 0 };
65 
66 static main_nscd_t chg_main_nscd = {0, 0, 0, 0};
67 static mutex_t chg_main_nscd_lock = DEFAULTMUTEX;
68 static cond_t chg_main_nscd_cv = DEFAULTCV;
69 
70 /*
71  * The cookie of the configuration and its mutex
72  */
73 static ldap_get_chg_cookie_t config_cookie = {0, 0};
74 static mutex_t config_cookie_lock = DEFAULTMUTEX;
75 
76 static void cleanup_thread_by_pid(pid_t pid);
77 
78 ldap_get_chg_cookie_t
79 chg_config_cookie_get(void)
80 {
81 	ldap_get_chg_cookie_t cookie;
82 	(void) mutex_lock(&config_cookie_lock);
83 	cookie = config_cookie;
84 	(void) mutex_unlock(&config_cookie_lock);
85 	return (cookie);
86 }
87 
88 static void
89 chg_config_cookie_increment_seq_num(void)
90 {
91 	(void) mutex_lock(&config_cookie_lock);
92 	config_cookie.seq_num++;
93 	(void) mutex_unlock(&config_cookie_lock);
94 }
95 
96 void
97 chg_config_cookie_set(ldap_get_chg_cookie_t *cookie)
98 {
99 	(void) mutex_lock(&config_cookie_lock);
100 	config_cookie.mgr_pid = cookie->mgr_pid;
101 	config_cookie.seq_num = cookie->seq_num;
102 	(void) mutex_unlock(&config_cookie_lock);
103 }
104 static boolean_t
105 chg_cookie_equal(ldap_get_chg_cookie_t *c1, ldap_get_chg_cookie_t *c2)
106 {
107 	if (c1->mgr_pid == c2->mgr_pid && c1->seq_num == c2->seq_num)
108 		return (B_TRUE);
109 	else
110 		return (B_FALSE);
111 }
112 /*
113  * Create a node in the list and output the node. The caller can NOT free it.
114  */
115 static  int
116 waiting_list_add(chg_info_t *info, pid_t pid, thread_t tid,
117     waiting_list_t **wlp)
118 {
119 
120 	waiting_list_t	*wl;
121 
122 	*wlp = NULL;
123 
124 	if ((wl = (waiting_list_t *)calloc(1, sizeof (waiting_list_t)))
125 	    == NULL) {
126 		logit("waiting_list_add: No memory. pid %ld tid %d\n",
127 		    pid, tid);
128 		return (CHG_NO_MEMORY);
129 	}
130 
131 	wl->pid = pid;
132 	wl->tid = tid;
133 
134 	if (info->chg_w_first == NULL) {
135 		info->chg_w_first = wl;
136 		info->chg_w_last = wl;
137 	} else {
138 		info->chg_w_last->next = wl;
139 		wl->prev = info->chg_w_last;
140 		info->chg_w_last = wl;
141 	}
142 	*wlp = wl;
143 	return (CHG_SUCCESS);
144 }
145 
146 /*
147  * Find a node with matching tid in the list and remove it from the list.
148  */
149 static int
150 waiting_list_delete(chg_info_t *info, thread_t tid)
151 {
152 	waiting_list_t	*wl;
153 
154 	for (wl = info->chg_w_first; wl != NULL; wl = wl->next) {
155 		if (wl->tid == tid) {
156 			if (wl->next == NULL) {
157 				if (wl->prev == NULL) {
158 					info->chg_w_first = NULL;
159 					info->chg_w_last = NULL;
160 				} else {
161 					wl->prev->next = NULL;
162 					info->chg_w_last =  wl->prev;
163 				}
164 			} else {
165 				if (wl->prev == NULL) {
166 					wl->next->prev = NULL;
167 					info->chg_w_first = wl->next;
168 				} else {
169 					wl->prev->next = wl->next;
170 					wl->next->prev = wl->prev;
171 				}
172 			}
173 			free(wl);
174 			return (CHG_SUCCESS);
175 		}
176 	}
177 	return (CHG_NOT_FOUND_IN_WAITING_LIST);
178 }
179 
180 /*
181  * Delete the thread from the waiting list and remove data when the list
182  * is empty.
183  */
184 static void
185 waiting_list_cleanup(chg_info_t *chg, thread_t tid)
186 {
187 	int	rc;
188 
189 	rc = waiting_list_delete(chg, tid);
190 
191 	if (rc == CHG_SUCCESS && chg->chg_w_first == NULL) {
192 		free(chg->chg_data);
193 		chg->chg_data = NULL;
194 		chg->chg_wakeup = 0;
195 	}
196 }
197 
198 /*
199  * Set flag by pid so it can be cleaned up.
200  */
201 static void
202 waiting_list_set_cleanup(chg_info_t *info, pid_t pid)
203 {
204 	waiting_list_t	*wl;
205 
206 	for (wl = info->chg_w_first; wl != NULL; wl = wl->next) {
207 		if (wl->pid == pid) {
208 			wl->cleanup = 1;
209 			break;
210 		}
211 	}
212 }
213 
214 /*
215  * Return: 1 - door client is dead, 0 - door client is alive
216  */
217 static int
218 door_client_dead(void)
219 {
220 	ucred_t *uc = NULL;
221 	int	rc;
222 
223 	if (door_ucred(&uc) == -1 && errno == EINVAL) {
224 		rc = 1;
225 	} else {
226 		rc = 0;
227 	}
228 	if (uc)
229 		ucred_free(uc);
230 
231 	return (rc);
232 }
233 
234 /*
235  * This function handles GETSTATUSCHANGE call from main nscd.
236  * The call can be a START op or STOP op. A cookie is sent from main nscd too.
237  * The static global variable main_nscd keeps record of pid, tid and some flags.
238  * If the thread is door_return(), main_nscd.pid, main_nscd.tid are set to 0.
239  * When the call is START op, it checks if main_nscd.pid is 0. If it is, it
240  * proceeds to wait for the change notification. If it's not, which means
241  * another main nscd handling thread is still around. It sends broadcast to
242  * clean up that thread and wait until the cleanup is done then proceeds to
243  * wait for the change notification. If same main nscd sends START op
244  * repeatedly, it'll be rejected.
245  * It also checks the cookie from main nscd. If it's not the same as
246  * ldap_cachemgr's cookie, door returns config change.
247  * If the door call is STOP op, it creates a thread to clean up main nscd START
248  * thread so it won't be blocking.
249  * In waiting for the change notification phase, the thread is waken up by
250  * the notification threads or by the cleanup threads.
251  * If it's a notification, it copies data to the stack then door return.
252  * If it's a cleanup, door_client_dead() is called to verify it then
253  * door return.
254  */
255 int
256 chg_get_statusChange(LineBuf *info, ldap_call_t *in, pid_t nscd_pid)
257 {
258 	int	rc = CHG_SUCCESS, another_main_nscd_thread_alive = 0;
259 	int	len, return_now;
260 	thread_t this_tid = thr_self();
261 	waiting_list_t	*wl = NULL;
262 	ldap_get_change_out_t *cout;
263 	ldap_get_chg_cookie_t cookie;
264 
265 	info->str = NULL;
266 	info->len = 0;
267 
268 	if (in->ldap_u.get_change.op == NS_STATUS_CHANGE_OP_START) {
269 
270 		(void) mutex_lock(&chg_main_nscd_lock);
271 		if (chg_main_nscd.pid != 0) {
272 			if (nscd_pid != chg_main_nscd.pid) {
273 				/*
274 				 * This is the case that nscd doesn't shut down
275 				 * properly(e.g. core) and STOP op is not sent,
276 				 * the thread handling it is still around and
277 				 * not cleaned up yet.
278 				 * Test if the thread is still alive.
279 				 * If it is, clean it up.
280 				 * For thr_kill, if sig is 0, a validity check
281 				 * is done for the existence of the target
282 				 * thread; no signal is sent.
283 				 */
284 				if (thr_kill(chg_main_nscd.tid, 0) == 0) {
285 					another_main_nscd_thread_alive = 1;
286 					cleanup_thread_by_pid(
287 					    chg_main_nscd.pid);
288 				}
289 			} else if (chg_main_nscd.in_progress ||
290 			    chg_main_nscd.is_waiting_cleanup) {
291 				/*
292 				 * Same nscd pid can only send door call
293 				 * one at a time and wait for ldap_cachemgr to
294 				 * return change data. If it's the same pid
295 				 * again, it's an nscd error.
296 				 */
297 				(void) mutex_unlock(&chg_main_nscd_lock);
298 				return (CHG_NSCD_REPEATED_CALL);
299 			}
300 		}
301 		/*
302 		 * Wait for another thread to be cleaned up if it's alive.
303 		 * After that this cond var is waken up.
304 		 */
305 		if (another_main_nscd_thread_alive) {
306 			while (chg_main_nscd.in_progress) {
307 				chg_main_nscd.is_waiting_cleanup = 1;
308 				(void) cond_wait(&chg_main_nscd_cv,
309 				    &chg_main_nscd_lock);
310 			}
311 		}
312 
313 		/*
314 		 * Replace pid and tid and set the flag.
315 		 */
316 		chg_main_nscd.is_waiting_cleanup = 0;
317 		chg_main_nscd.pid = nscd_pid;
318 		chg_main_nscd.tid = this_tid;
319 		chg_main_nscd.in_progress = 1;
320 		(void) mutex_unlock(&chg_main_nscd_lock);
321 
322 		cookie = chg_config_cookie_get();
323 
324 		if (!chg_cookie_equal(&cookie, &in->ldap_u.get_change.cookie)) {
325 			/*
326 			 * different cookie, set new cookie and
327 			 * return door call right away
328 			 */
329 			len = sizeof (ldap_get_change_out_t);
330 			if ((cout = calloc(1, len)) == NULL) {
331 				rc = CHG_NO_MEMORY;
332 			} else {
333 				cout->type = NS_STATUS_CHANGE_TYPE_CONFIG;
334 				cout->cookie = cookie;
335 				info->str = (char *)cout;
336 				info->len = len;
337 			}
338 
339 		} else {
340 			(void) mutex_lock(&chg.chg_lock);
341 
342 			/* wait for the change notification */
343 			rc = waiting_list_add(&chg, nscd_pid, this_tid, &wl);
344 			if (rc == CHG_SUCCESS) {
345 				return_now = 0;
346 				while (!chg.chg_wakeup) {
347 					if (wl->cleanup ||
348 					    door_client_dead()) {
349 						return_now = 1;
350 						break;
351 					}
352 					(void) cond_wait(&chg.chg_cv,
353 					    &chg.chg_lock);
354 				}
355 				/* Check if door client is still alive again */
356 				if (!return_now && !wl->cleanup &&
357 				    !door_client_dead()) {
358 					/* copy data to buffer */
359 					if ((info->str = malloc(
360 					    chg.chg_data_size)) == NULL) {
361 						rc = CHG_NO_MEMORY;
362 					} else {
363 						(void) memcpy(info->str,
364 						    chg.chg_data,
365 						    chg.chg_data_size);
366 						info->len = chg.chg_data_size;
367 					}
368 				}
369 				waiting_list_cleanup(&chg, this_tid);
370 			}
371 			(void) mutex_unlock(&chg.chg_lock);
372 		}
373 
374 
375 		/*
376 		 * Reset pid, tid and flag, send wakeup signal.
377 		 */
378 		(void) mutex_lock(&chg_main_nscd_lock);
379 		chg_main_nscd.pid = 0;
380 		chg_main_nscd.tid = 0;
381 		chg_main_nscd.in_progress = 0;
382 		if (chg_main_nscd.is_waiting_cleanup)
383 			(void) cond_broadcast(&chg_main_nscd_cv);
384 
385 		(void) mutex_unlock(&chg_main_nscd_lock);
386 
387 	} else if (in->ldap_u.get_change.op == NS_STATUS_CHANGE_OP_STOP) {
388 
389 		cleanup_thread_by_pid(nscd_pid);
390 		rc = CHG_SUCCESS;
391 
392 	} else {
393 		rc = CHG_INVALID_PARAM;
394 	}
395 	if (rc == CHG_EXCEED_MAX_THREADS)
396 		cleanup_thread_by_pid(0);
397 
398 	return (rc);
399 }
400 
401 /*
402  * This function copies the header and data stream to the buffer
403  * then send broadcast to wake up the chg_get_statusChange() threads.
404  */
405 int
406 chg_notify_statusChange(char *str)
407 {
408 	ldap_get_change_out_t *cout = (ldap_get_change_out_t *)str;
409 
410 	cout->cookie = chg_config_cookie_get();
411 
412 	(void) mutex_lock(&chg.chg_lock);
413 	if (chg.chg_w_first != NULL && chg.chg_wakeup == 0) {
414 
415 		if (chg.chg_data) {
416 			free(chg.chg_data);
417 			chg.chg_data = NULL;
418 		}
419 
420 		chg.chg_data = str;
421 
422 		if (cout->type == NS_STATUS_CHANGE_TYPE_CONFIG)
423 			chg.chg_data_size = sizeof (ldap_get_change_out_t);
424 		else
425 			/* NS_STATUS_CHANGE_TYPE_SERVER */
426 			chg.chg_data_size = sizeof (ldap_get_change_out_t) -
427 			    sizeof (int) + cout->data_size;
428 
429 		chg.chg_wakeup = 1;
430 		(void) cond_broadcast(&chg.chg_cv);
431 	}
432 	(void) mutex_unlock(&chg.chg_lock);
433 
434 	return (CHG_SUCCESS);
435 }
436 
437 /*
438  * This is called when the configuration is refreshed.
439  * The new configuration is different from the current one, a notification
440  * is sent tochg_get_statusChange() threads.
441  */
442 void
443 chg_test_config_change(ns_config_t *new, int *change_status)
444 {
445 	int	changed = 0;
446 	LineBuf	new_cfg, cur_cfg;
447 	ns_ldap_error_t *errp = NULL;
448 	ldap_config_out_t *new_out, *cur_out;
449 	ldap_get_change_out_t	*cout;
450 
451 	(void) memset(&new_cfg, 0, sizeof (LineBuf));
452 	(void) memset(&cur_cfg, 0, sizeof (LineBuf));
453 	/*
454 	 * Flatten the config data of the newly downloaded config and
455 	 * current default config and compare both.
456 	 */
457 	if ((errp = __ns_ldap_LoadDoorInfo(&new_cfg, NULL, new, 0)) != NULL) {
458 		__ns_ldap_freeError(&errp);
459 		/* error, assume the config is changed */
460 		changed = 1;
461 	} else if ((errp = __ns_ldap_LoadDoorInfo(&cur_cfg, NULL, NULL, 0))
462 	    != NULL) {
463 		__ns_ldap_freeError(&errp);
464 		/* error, assume the config is changed */
465 		changed = 1;
466 	}
467 	if (changed == 0) {
468 		new_out = (ldap_config_out_t *)new_cfg.str;
469 		cur_out = (ldap_config_out_t *)cur_cfg.str;
470 		if (strcmp(new_out->config_str, cur_out->config_str) != 0) {
471 			changed = 1;
472 			if (current_admin.debug_level >= DBG_PROFILE_REFRESH) {
473 				logit("config changed.\n");
474 			}
475 		}
476 	}
477 	if (cur_cfg.str)
478 		free(cur_cfg.str);
479 	if (new_cfg.str)
480 		free(new_cfg.str);
481 
482 	if (changed) {
483 
484 		if ((cout = calloc(1, sizeof (ldap_get_change_out_t)))
485 		    == NULL) {
486 			logit("chg_test_config_change: No Memory\n");
487 		} else {
488 			/*
489 			 * Replace the currentdefault config with the new
490 			 * config
491 			 */
492 			__s_api_init_config(new);
493 			chg_config_cookie_increment_seq_num();
494 			cout->type = NS_STATUS_CHANGE_TYPE_CONFIG;
495 			/*
496 			 * cout->cookie is set by
497 			 * chg_notify_statusChange
498 			 */
499 			(void) chg_notify_statusChange((char *)cout);
500 		}
501 	} else {
502 		__s_api_destroy_config(new);
503 	}
504 
505 	*change_status = changed;
506 }
507 
508 /*
509  * Wake up chg_get_statusChange() threads to clean up the threads
510  * that main nscd doesn't exist on the other of door anymore or
511  * the thread is marked as cleanup.
512  */
513 static void
514 cleanup_threads(chg_info_t *chg, pid_t pid, cleanup_type_t type)
515 {
516 	(void) mutex_lock(&chg->chg_lock);
517 	if (type == CLEANUP_BY_PID)
518 		waiting_list_set_cleanup(chg, pid);
519 	/*
520 	 * wake up threads without setting chg.chg_wakeup.
521 	 * It's for cleanup purpose, not for notifying changes.
522 	 */
523 	(void) cond_broadcast(&chg->chg_cv);
524 	(void) mutex_unlock(&chg->chg_lock);
525 }
526 /*
527  * If arg is NULL, it loops forever,
528  * else it calls cleanup_threads once and exits.
529  */
530 void *
531 chg_cleanup_waiting_threads(void *arg)
532 {
533 	cleanup_op_t *op = (cleanup_op_t *)arg;
534 	cleanup_type_t type = 0;
535 	pid_t	pid;
536 	int	always = 1, waiting;
537 
538 	if (op == NULL) {
539 		waiting = 1;
540 		type = CLEANUP_ALL;
541 		pid = 0;
542 	} else {
543 		waiting = 0;
544 		type = op->type;
545 		pid = op->pid;
546 	}
547 
548 	while (always) {
549 		if (waiting)
550 			(void) sleep(CLEANUP_WAIT_TIME);
551 		cleanup_threads(&chg, pid, type);
552 		if (!waiting)
553 			break;
554 	}
555 
556 	if (op)
557 		free(op);
558 
559 	thr_exit(NULL);
560 	return (NULL);
561 }
562 /*
563  * The door server thead which has the door client pid will be marked
564  * as to be clean up. If pid is 0, no marking and just clean up all.
565  */
566 static void
567 cleanup_thread_by_pid(pid_t pid)
568 {
569 	cleanup_op_t *op;
570 
571 	if ((op = malloc(sizeof (cleanup_op_t))) == NULL)
572 		return;
573 
574 	op->pid = pid;
575 	/* clean up all if pid is 0 */
576 	if (pid == 0)
577 		op->type = CLEANUP_ALL;
578 	else
579 		op->type = CLEANUP_BY_PID;
580 
581 	if (thr_create(NULL, 0, chg_cleanup_waiting_threads,
582 	    (void *)op, THR_BOUND|THR_DETACHED, NULL) != 0) {
583 		free(op);
584 		logit("thr_create failed for cleanup_thread_by_pid(%ld)\n",
585 		    pid);
586 	}
587 }
588 
589 /*
590  * Output a psinfo of an nscd process with process id pid
591  * Return: 0  - Can't find the process or it's not nscd
592  *         1  - psinfo found
593  * Note: If info is NULL, returns 0 or 1 only and no output from info.
594  */
595 static int
596 get_nscd_psinfo(pid_t pid, psinfo_t *info)
597 {
598 	psinfo_t	pinfo;
599 	char		fname[MAXPATHLEN];
600 	ssize_t		ret;
601 	int		fd;
602 
603 	if (snprintf(fname, MAXPATHLEN, "/proc/%d/psinfo", pid) > 0) {
604 		if ((fd = open(fname,  O_RDONLY)) >= 0) {
605 			ret = read(fd, &pinfo, sizeof (psinfo_t));
606 			(void) close(fd);
607 			if ((ret == sizeof (psinfo_t)) &&
608 			    (strcmp(pinfo.pr_fname, "nscd") == 0)) {
609 				if (info)
610 					*info = pinfo;
611 				return (1);
612 			}
613 		}
614 	}
615 	return (0);
616 }
617 /*
618  * If the parent process is nscd and euid is 0, it's a peruser nscd.
619  */
620 static int
621 is_peruser_nscd(pid_t pid)
622 {
623 	pid_t	ppid;
624 	psinfo_t pinfo;
625 
626 	if (get_nscd_psinfo(pid, &pinfo)) {
627 		ppid = pinfo.pr_ppid;
628 		if (get_nscd_psinfo(ppid, &pinfo) && pinfo.pr_euid == 0)
629 			/*
630 			 * get psinfo of parent forker nscd
631 			 */
632 			return (1);
633 		else
634 			return (0);
635 	} else {
636 		return (0);
637 	}
638 }
639 /*
640  * Check if the door client making door call is a nscd or peruser nscd and
641  * output door client's pid.
642  */
643 int
644 chg_is_called_from_nscd_or_peruser_nscd(char *dc_str, pid_t *pidp)
645 {
646 	int	rc;
647 	uid_t	euid;
648 	pid_t	pid;
649 	ucred_t	*uc = NULL;
650 
651 	if (door_ucred(&uc) != 0) {
652 		rc = errno;
653 		logit("door_ucred() call failed %s\n", strerror(rc));
654 		return (0);
655 	}
656 	euid = ucred_geteuid(uc);
657 	pid = *pidp = ucred_getpid(uc);
658 
659 	if ((euid == 0 && is_called_from_nscd(pid)) ||
660 	    is_peruser_nscd(pid)) {
661 		if (current_admin.debug_level >= DBG_ALL)
662 			logit("ldap_cachemgr received %s call from pid %ld, "
663 			    "uid %u, euid %u\n", dc_str, pid,
664 			    ucred_getruid(uc), euid);
665 		rc = 1;
666 	} else {
667 		if (current_admin.debug_level >= DBG_CANT_FIND)
668 			logit("%s call failed(cred): caller pid %ld, uid %u, "
669 			    "euid %u\n", dc_str, pid,
670 			    ucred_getruid(uc), euid);
671 
672 		rc = 0;
673 	}
674 
675 	ucred_free(uc);
676 
677 	return (rc);
678 }
679