| blob | 6dd552bb47f8a4956e6d73fea59fd6892335ade5 |
1 /* Extended resolver state separate from struct __res_state.
2 Copyright (C) 2017-2022 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <https://www.gnu.org/licenses/>. */
19 #include <resolv_conf.h>
21 #include <alloc_buffer.h>
22 #include <assert.h>
23 #include <libc-lock.h>
24 #include <resolv-internal.h>
25 #include <sys/stat.h>
26 #include <libc-symbols.h>
27 #include <file_change_detection.h>
29 /* _res._u._ext.__glibc_extension_index is used as an index into a
30 struct resolv_conf_array object. The intent of this construction
31 is to make reasonably sure that even if struct __res_state objects
32 are copied around and patched by applications, we can still detect
33 accesses to stale extended resolver state. The array elements are
34 either struct resolv_conf * pointers (if the LSB is cleared) or
35 free list entries (if the LSB is set). The free list is used to
36 speed up finding available entries in the array. */
37 #define DYNARRAY_STRUCT resolv_conf_array
38 #define DYNARRAY_ELEMENT uintptr_t
39 #define DYNARRAY_PREFIX resolv_conf_array_
40 #define DYNARRAY_INITIAL_SIZE 0
41 #include <malloc/dynarray-skeleton.c>
43 /* A magic constant for XORing the extension index
44 (_res._u._ext.__glibc_extension_index). This makes it less likely
45 that a valid index is created by accident. In particular, a zero
46 value leads to an invalid index. */
47 #define INDEX_MAGIC 0x26a8fa5e48af8061ULL
49 /* Global resolv.conf-related state. */
50 struct resolv_conf_global
51 {
52 /* struct __res_state objects contain the extension index
53 (_res._u._ext.__glibc_extension_index ^ INDEX_MAGIC), which
54 refers to an element of this array. When a struct resolv_conf
55 object (extended resolver state) is associated with a struct
56 __res_state object (legacy resolver state), its reference count
57 is increased and added to this array. Conversely, if the
58 extended state is detached from the basic state (during
59 reinitialization or deallocation), the index is decremented, and
60 the array element is overwritten with NULL. */
63 /* Start of the free list in the array. Zero if the free list is
64 empty. Otherwise, free_list_start >> 1 is the first element of
65 the free list (and the free list entries all have their LSB set
66 and are shifted one to the left). */
69 /* Cached current configuration object for /etc/resolv.conf. */
72 /* File system identification for /etc/resolv.conf. */
74 };
76 /* Lazily allocated storage for struct resolv_conf_global. */
79 /* The lock synchronizes access to global and *global. It also
80 protects the __refcount member of struct resolv_conf. */
83 /* Ensure that GLOBAL is allocated and lock it. Return NULL if
84 memory allocation failes. */
87 {
89 /* Use relaxed MO through because of load outside the lock in
90 __resolv_conf_detach. */
93 {
99 }
101 }
103 /* Relinquish the lock acquired by get_locked_global. */
104 static void
106 {
108 }
110 /* Decrement the reference counter. The caller must acquire the lock
111 around the function call. */
112 static void
114 {
118 }
122 {
133 /* We can reuse the cached configuration object. */
135 else
136 {
137 /* Parse configuration while holding the lock. This avoids
138 duplicate work. */
142 {
147 /* Update file change detection data, but only if it matches
148 the initial measurement. This avoids an ABA race in case
149 /etc/resolv.conf is temporarily replaced while the file
150 is read (after the initial measurement), and restored to
151 the initial version later. */
154 else
155 /* If there is a discrepancy, trigger a reload during the
156 next use. */
158 }
159 }
162 {
163 /* Return an additional reference. */
167 }
170 }
172 /* Internal implementation of __resolv_conf_get, without validation
173 against *RESP. */
176 {
177 /* Not initialized, and therefore no assoicated context. */
183 /* A memory allocation failure here means that no associated
184 contexts exists, so returning NULL is correct. */
189 {
192 {
196 }
197 }
200 }
202 /* Return true if both IPv4 addresses are equal. */
203 static bool
206 {
209 }
211 /* Return true if both IPv6 addresses are equal. This ignores the
212 flow label. */
213 static bool
216 {
221 }
223 static bool
225 {
229 {
236 }
238 }
240 /* Check that *RESP and CONF match. Used by __resolv_conf_get. */
241 static bool
244 {
245 /* NB: Do not compare the options, retrans, retry, ndots. These can
246 be changed by applicaiton. */
248 /* Check that the name servers in *RESP have not been modified by
249 the application. */
250 {
254 /* _ext.nscount is 0 until initialized by res_send.c. */
259 {
261 {
267 }
273 }
274 }
276 /* Check that the search list in *RESP has not been modified by the
277 application. */
278 {
280 {
281 /* Empty search list. No default domain name. */
283 }
286 /* If the search list is not empty, it must start with the
287 default domain name. */
295 /* Search list is not null-terminated. */
300 {
302 {
306 }
307 else
308 {
309 /* resp->dnsrch is truncated if the number of elements
310 exceeds MAXDNSRCH, or if the combined storage space for
311 the search list exceeds what can be stored in
312 resp->defdname. */
315 /* Otherwise, a mismatch indicates a match failure. */
317 }
318 }
319 }
321 /* Check that the sort list has not been modified. */
322 {
332 }
335 }
339 {
347 }
349 void
351 {
358 }
362 {
363 /* Allocate in decreasing order of alignment. */
373 /* Space needed by the nameserver addresses. */
378 else
379 {
382 }
384 /* Space needed by the search list strings. */
389 /* Allocate the buffer. */
394 + address_space
402 /* Memory allocation failure. */
406 /* Initialize the contents. */
413 /* Allocate the arrays with pointers. These must come first because
414 they have the highets alignment. */
425 /* Fill the name server list array. */
428 {
433 }
434 else
435 {
440 }
442 /* Allocate and fill the sort list array. */
443 {
450 }
452 /* Fill the search list array. This must come last because the
453 strings are the least aligned part of the allocation. */
454 {
458 }
462 }
464 /* Update *RESP from the extended state. */
467 {
481 /* Copy the name server addresses. */
482 {
489 {
491 {
495 }
496 else
497 {
500 /* Make a defensive copy of the name server address, in
501 case the application overwrites it. */
504 {
508 }
511 }
513 }
515 /* Leave resp->_u._ext.nscount at 0. res_send.c handles this. */
516 }
518 /* Fill in the prefix of the search list. It is truncated either at
519 MAXDNSRCH, or if reps->defdname has insufficient space. */
520 {
521 struct alloc_buffer buffer
526 {
530 /* No more space in resp->defdname. Truncate. */
532 }
534 }
536 /* Copy the sort list. */
537 {
542 {
545 }
547 }
549 /* The overlapping parts of both configurations should agree after
550 initialization. */
553 }
555 /* Decrement the configuration object at INDEX and free it if the
556 reference counter reaches 0. *GLOBAL_COPY must be locked and
557 remains so. */
558 static void
560 {
562 {
563 /* Index found. */
565 /* Check that the slot is not already part of the free list. */
567 {
570 /* Put the slot onto the free list. */
573 }
574 }
575 }
577 bool
579 {
586 /* Try to find an unused index in the array. */
588 {
590 {
591 /* Unlink from the free list. */
597 /* Install the configuration pointer. */
599 }
600 else
601 {
603 /* No usable index found. Increase the array size. */
606 {
610 }
611 /* The new array element was added at the end. */
613 }
614 }
616 /* We have added a new reference to the object. */
622 {
623 /* Drop the reference we acquired. Reacquire the lock. The
624 object has already been allocated, so it cannot be NULL this
625 time. */
630 }
634 }
636 void
638 {
640 /* Detach operation after a shutdown, or without any prior
641 attachment. We cannot free the data (and there might not be
642 anything to free anyway). */
649 /* Clear the index field, so that accidental reuse is less
650 likely. */
654 }
656 /* Deallocate the global data. */
658 {
659 /* No locking because this function is supposed to be called when
660 the process has turned single-threaded. */
665 {
668 }
670 /* Note that this frees only the array itself. The pointed-to
671 configuration objects should have been deallocated by res_nclose
672 and per-thread cleanup functions. */
677 /* Stop potential future __resolv_conf_detach calls from accessing
678 deallocated memory. */
680 }