sd_journal_enumerate_unique will lock its mmap window to prevent it
from being released by calling mmap_cache_get with keep_always=true.
This call may return windows that are wider, but compatible with the
parameters provided to it.
This can result in a mismatch where the window to be released cannot
properly be selected, because we have more than one window matching the
parameters of mmap_cache_release. Therefore, introduce a release_cookie
to be used when releasing the window.
https://bugs.freedesktop.org/show_bug.cgi?id=79380
---
src/journal/journal-file.c | 2 +-
src/journal/journal-file.h | 11 ++++-------
src/journal/journal-verify.c | 2 +-
src/journal/mmap-cache.c | 32 +++++++++++++++++++-------------
src/journal/mmap-cache.h | 8 +++-----
src/journal/sd-journal.c | 11 ++++++-----
src/journal/test-mmap-cache.c | 10 +++++-----
7 files changed, 39 insertions(+), 37 deletions(-)
diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c
index 7286e14..0ed51ed 100644
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@@ -391,7 +391,7 @@ static int journal_file_move_to(JournalFile *f, int
context, bool keep_always, u
return -EADDRNOTAVAIL;
}
- return mmap_cache_get(f->mmap, f->fd, f->prot, context, keep_always, offset,
size, &f->last_stat, ret);
+ return mmap_cache_get(f->mmap, f->fd, f->prot, context, keep_always, offset,
size, &f->last_stat, ret, NULL);
}
static uint64_t minimum_header_size(Object *o) {
diff --git a/src/journal/journal-file.h b/src/journal/journal-file.h
index da2ef3b..da1b793 100644
--- a/src/journal/journal-file.h
+++ b/src/journal/journal-file.h
@@ -212,17 +212,14 @@ static unsigned type_to_context(int type) {
return type > 0 && type < _OBJECT_TYPE_MAX ? type : 0;
}
-static inline int journal_file_object_keep(JournalFile *f, Object *o, uint64_t
offset) {
+static inline int journal_file_object_keep(JournalFile *f, Object *o, uint64_t
offset, void **release_cookie) {
unsigned context = type_to_context(o->object.type);
uint64_t s = le64toh(o->object.size);
return mmap_cache_get(f->mmap, f->fd, f->prot, context, true,
- offset, s, &f->last_stat, NULL);
+ offset, s, &f->last_stat, NULL, release_cookie);
}
-static inline int journal_file_object_release(JournalFile *f, Object *o,
uint64_t offset) {
- unsigned context = type_to_context(o->object.type);
- uint64_t s = le64toh(o->object.size);
-
- return mmap_cache_release(f->mmap, f->fd, f->prot, context, offset, s);
+static inline int journal_file_object_release(JournalFile *f, void
*release_cookie) {
+ return mmap_cache_release(f->mmap, f->fd, release_cookie);
}
diff --git a/src/journal/journal-verify.c b/src/journal/journal-verify.c
index 6c8ca8c..a1c34ac 100644
--- a/src/journal/journal-verify.c
+++ b/src/journal/journal-verify.c
@@ -368,7 +368,7 @@ static int contains_uint64(MMapCache *m, int fd, uint64_t
n, uint64_t p) {
c = (a + b) / 2;
- r = mmap_cache_get(m, fd, PROT_READ|PROT_WRITE, 0, false, c *
sizeof(uint64_t), sizeof(uint64_t), NULL, (void **) &z);
+ r = mmap_cache_get(m, fd, PROT_READ|PROT_WRITE, 0, false, c *
sizeof(uint64_t), sizeof(uint64_t), NULL, (void **) &z, NULL);
if (r < 0)
return r;
diff --git a/src/journal/mmap-cache.c b/src/journal/mmap-cache.c
index 7dbbb5e..64bc8da 100644
--- a/src/journal/mmap-cache.c
+++ b/src/journal/mmap-cache.c
@@ -352,7 +352,8 @@ static int try_context(
bool keep_always,
uint64_t offset,
size_t size,
- void **ret) {
+ void **ret,
+ void **release_cookie) {
Context *c;
@@ -381,6 +382,8 @@ static int try_context(
if (ret)
*ret = (uint8_t*) c->window->ptr + (offset -
c->window->offset);
+ if (keep_always && release_cookie)
+ *release_cookie = c->window;
return 1;
}
@@ -392,7 +395,8 @@ static int find_mmap(
bool keep_always,
uint64_t offset,
size_t size,
- void **ret) {
+ void **ret,
+ void **release_cookie) {
FileDescriptor *f;
Window *w;
@@ -425,6 +429,8 @@ static int find_mmap(
if (ret)
*ret = (uint8_t*) w->ptr + (offset - w->offset);
+ if (keep_always && release_cookie)
+ *release_cookie = c->window;
return 1;
}
@@ -437,7 +443,8 @@ static int add_mmap(
uint64_t offset,
size_t size,
struct stat *st,
- void **ret) {
+ void **ret,
+ void **release_cookie) {
uint64_t woffset, wsize;
Context *c;
@@ -521,6 +528,8 @@ static int add_mmap(
if (ret)
*ret = (uint8_t*) w->ptr + (offset - w->offset);
+ if (keep_always && release_cookie)
+ *release_cookie = c->window;
return 1;
}
@@ -533,7 +542,8 @@ int mmap_cache_get(
uint64_t offset,
size_t size,
struct stat *st,
- void **ret) {
+ void **ret,
+ void **release_cookie) {
int r;
@@ -543,14 +553,14 @@ int mmap_cache_get(
assert(size > 0);
/* Check whether the current context is the right one already */
- r = try_context(m, fd, prot, context, keep_always, offset, size, ret);
+ r = try_context(m, fd, prot, context, keep_always, offset, size, ret,
release_cookie);
if (r != 0) {
m->n_hit ++;
return r;
}
/* Search for a matching mmap */
- r = find_mmap(m, fd, prot, context, keep_always, offset, size, ret);
+ r = find_mmap(m, fd, prot, context, keep_always, offset, size, ret,
release_cookie);
if (r != 0) {
m->n_hit ++;
return r;
@@ -559,16 +569,13 @@ int mmap_cache_get(
m->n_missed++;
/* Create a new mmap */
- return add_mmap(m, fd, prot, context, keep_always, offset, size, st,
ret);
+ return add_mmap(m, fd, prot, context, keep_always, offset, size, st,
ret, release_cookie);
}
int mmap_cache_release(
MMapCache *m,
int fd,
- int prot,
- unsigned context,
- uint64_t offset,
- size_t size) {
+ void *release_cookie) {
FileDescriptor *f;
Window *w;
@@ -576,7 +583,6 @@ int mmap_cache_release(
assert(m);
assert(m->n_ref > 0);
assert(fd >= 0);
- assert(size > 0);
f = hashmap_get(m->fds, INT_TO_PTR(fd + 1));
if (!f)
@@ -585,7 +591,7 @@ int mmap_cache_release(
assert(f->fd == fd);
LIST_FOREACH(by_fd, w, f->windows)
- if (window_matches(w, fd, prot, offset, size))
+ if (w == release_cookie)
break;
if (!w)
diff --git a/src/journal/mmap-cache.h b/src/journal/mmap-cache.h
index 647555a..76e5316 100644
--- a/src/journal/mmap-cache.h
+++ b/src/journal/mmap-cache.h
@@ -40,14 +40,12 @@ int mmap_cache_get(
uint64_t offset,
size_t size,
struct stat *st,
- void **ret);
+ void **ret,
+ void **release_cookie);
int mmap_cache_release(
MMapCache *m,
int fd,
- int prot,
- unsigned context,
- uint64_t offset,
- size_t size);
+ void *release_cookie);
void mmap_cache_close_fd(MMapCache *m, int fd);
void mmap_cache_close_context(MMapCache *m, unsigned context);
diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c
index 693707c..edb60bb 100644
--- a/src/journal/sd-journal.c
+++ b/src/journal/sd-journal.c
@@ -2520,6 +2520,7 @@ _public_ int sd_journal_enumerate_unique(sd_journal *j,
const void **data, size_
size_t ol;
bool found;
int r;
+ void *release_cookie;
/* Proceed to next data object in the field's linked list */
if (j->unique_offset == 0) {
@@ -2563,7 +2564,7 @@ _public_ int sd_journal_enumerate_unique(sd_journal *j,
const void **data, size_
return -EBADMSG;
}
- r = journal_file_object_keep(j->unique_file, o,
j->unique_offset);
+ r = journal_file_object_keep(j->unique_file, o, j->unique_offset,
&release_cookie);
if (r < 0)
return r;
@@ -2611,13 +2612,13 @@ _public_ int sd_journal_enumerate_unique(sd_journal *j,
const void **data, size_
found = true;
}
- if (found)
- continue;
-
- r = journal_file_object_release(j->unique_file, o,
j->unique_offset);
+ r = journal_file_object_release(j->unique_file,
release_cookie);
if (r < 0)
return r;
+ if (found)
+ continue;
+
r = return_data(j, j->unique_file, o, data, l);
if (r < 0)
return r;
diff --git a/src/journal/test-mmap-cache.c b/src/journal/test-mmap-cache.c
index b7bb260..778e884 100644
--- a/src/journal/test-mmap-cache.c
+++ b/src/journal/test-mmap-cache.c
@@ -49,23 +49,23 @@ int main(int argc, char *argv[]) {
assert(z >= 0);
unlink(pz);
- r = mmap_cache_get(m, x, PROT_READ, 0, false, 1, 2, NULL, &p);
+ r = mmap_cache_get(m, x, PROT_READ, 0, false, 1, 2, NULL, &p, NULL);
assert(r >= 0);
- r = mmap_cache_get(m, x, PROT_READ, 0, false, 2, 2, NULL, &q);
+ r = mmap_cache_get(m, x, PROT_READ, 0, false, 2, 2, NULL, &q, NULL);
assert(r >= 0);
assert((uint8_t*) p + 1 == (uint8_t*) q);
- r = mmap_cache_get(m, x, PROT_READ, 1, false, 3, 2, NULL, &q);
+ r = mmap_cache_get(m, x, PROT_READ, 1, false, 3, 2, NULL, &q, NULL);
assert(r >= 0);
assert((uint8_t*) p + 2 == (uint8_t*) q);
- r = mmap_cache_get(m, x, PROT_READ, 0, false, 16ULL*1024ULL*1024ULL, 2,
NULL, &p);
+ r = mmap_cache_get(m, x, PROT_READ, 0, false, 16ULL*1024ULL*1024ULL, 2,
NULL, &p, NULL);
assert(r >= 0);
- r = mmap_cache_get(m, x, PROT_READ, 1, false, 16ULL*1024ULL*1024ULL+1, 2,
NULL, &q);
+ r = mmap_cache_get(m, x, PROT_READ, 1, false, 16ULL*1024ULL*1024ULL+1, 2,
NULL, &q, NULL);
assert(r >= 0);
assert((uint8_t*) p + 1 == (uint8_t*) q);
