tdb2: careful on wrap.

[ccan] / ccan / tdb2 / open.c

diff --git a/ccan/tdb2/open.c b/ccan/tdb2/open.c
index 59b4667d1bb86320ef79f226e3de609888dc6939..e238d99248b6ed5813418661a9bb86f3c1f966da 100644 (file)
--- a/ccan/tdb2/open.c
+++ b/ccan/tdb2/open.c
@@ -16,6 +16,7 @@
    License along with this library; if not, see <http://www.gnu.org/licenses/>.
 */
 #include "private.h"
+#include <ccan/build_assert/build_assert.h>
 #include <assert.h>
 
 /* all tdbs, to detect double-opens (fcntl file don't nest!) */
@@ -95,6 +96,15 @@ static uint64_t random_number(struct tdb_context *tdb)
        return ret;
 }
 
+static void tdb2_context_init(struct tdb_context *tdb)
+{
+       /* Initialize the TDB2 fields here */
+       tdb_io_init(tdb);
+       tdb->tdb2.direct_access = 0;
+       tdb->tdb2.transaction = NULL;
+       tdb->tdb2.access = NULL;
+}
+
 struct new_database {
        struct tdb_header hdr;
        struct tdb_freetable ftable;
@@ -125,6 +135,7 @@ static enum TDB_ERROR tdb_new_database(struct tdb_context *tdb,
        newdb.hdr.recovery = 0;
        newdb.hdr.features_used = newdb.hdr.features_offered = TDB_FEATURE_MASK;
        newdb.hdr.seqnum = 0;
+       newdb.hdr.capabilities = 0;
        memset(newdb.hdr.reserved, 0, sizeof(newdb.hdr.reserved));
        /* Initial hashes are empty. */
        memset(newdb.hdr.hashtable, 0, sizeof(newdb.hdr.hashtable));
@@ -195,6 +206,7 @@ static enum TDB_ERROR tdb_new_file(struct tdb_context *tdb)
        tdb->file->lockrecs = NULL;
        tdb->file->allrecord_lock.count = 0;
        tdb->file->refcnt = 1;
+       tdb->file->map_ptr = NULL;
        return TDB_SUCCESS;
 }
 
@@ -347,6 +359,71 @@ void tdb_unset_attribute(struct tdb_context *tdb,
        }
 }
 
+static bool is_tdb1(struct tdb1_header *hdr, const void *buf, ssize_t rlen)
+{
+       /* This code assumes we've tried to read entire tdb1 header. */
+       BUILD_ASSERT(sizeof(*hdr) <= sizeof(struct tdb_header));
+
+       if (rlen < (ssize_t)sizeof(*hdr)) {
+               return false;
+       }
+
+       memcpy(hdr, buf, sizeof(*hdr));
+       if (strcmp(hdr->magic_food, TDB_MAGIC_FOOD) != 0)
+               return false;
+
+       return hdr->version == TDB1_VERSION
+               || hdr->version == TDB1_BYTEREV(TDB1_VERSION);
+}
+
+/* The top three bits of the capability tell us whether it matters. */
+enum TDB_ERROR unknown_capability(struct tdb_context *tdb, const char *caller,
+                                 tdb_off_t type)
+{
+       if (type & TDB_CAP_NOOPEN) {
+               return tdb_logerr(tdb, TDB_ERR_IO, TDB_LOG_ERROR,
+                                 "%s: file has unknown capability %llu",
+                                 caller, type & TDB_CAP_NOOPEN);
+       }
+
+       if ((type & TDB_CAP_NOWRITE) && !(tdb->flags & TDB_RDONLY)) {
+               return tdb_logerr(tdb, TDB_ERR_RDONLY, TDB_LOG_ERROR,
+                                 "%s: file has unknown capability %llu"
+                                 " (cannot write to it)",
+                                 caller, type & TDB_CAP_NOOPEN);
+       }
+
+       if (type & TDB_CAP_NOCHECK) {
+               tdb->flags |= TDB_CANT_CHECK;
+       }
+       return TDB_SUCCESS;
+}
+
+static enum TDB_ERROR capabilities_ok(struct tdb_context *tdb,
+                                     tdb_off_t capabilities)
+{
+       tdb_off_t off, next;
+       enum TDB_ERROR ecode = TDB_SUCCESS;
+       const struct tdb_capability *cap;
+
+       /* Check capability list. */
+       for (off = capabilities; off && ecode == TDB_SUCCESS; off = next) {
+               cap = tdb_access_read(tdb, off, sizeof(*cap), true);
+               if (TDB_PTR_IS_ERR(cap)) {
+                       return TDB_PTR_ERR(cap);
+               }
+
+               switch (cap->type & TDB_CAP_TYPE_MASK) {
+               /* We don't understand any capabilities (yet). */
+               default:
+                       ecode = unknown_capability(tdb, "tdb_open", cap->type);
+               }
+               next = cap->next;
+               tdb_access_release(tdb, cap);
+       }
+       return ecode;
+}
+
 struct tdb_context *tdb_open(const char *name, int tdb_flags,
                             int open_flags, mode_t mode,
                             union tdb_attribute *attr)
@@ -360,6 +437,7 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
        struct tdb_header hdr;
        struct tdb_attribute_seed *seed = NULL;
        struct tdb_attribute_tdb1_hashsize *hsize_attr = NULL;
+       struct tdb_attribute_tdb1_max_dead *maxsize_attr = NULL;
        tdb_bool_err berr;
        enum TDB_ERROR ecode;
        int openlock;
@@ -388,10 +466,6 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
        memset(&tdb->stats, 0, sizeof(tdb->stats));
        tdb->stats.base.attr = TDB_ATTRIBUTE_STATS;
        tdb->stats.size = sizeof(tdb->stats);
-       tdb_io_init(tdb);
-       tdb->tdb2.direct_access = 0;
-       tdb->tdb2.transaction = NULL;
-       tdb->tdb2.access = NULL;
 
        while (attr) {
                switch (attr->base.attr) {
@@ -409,6 +483,9 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
                case TDB_ATTRIBUTE_TDB1_HASHSIZE:
                        hsize_attr = &attr->tdb1_hashsize;
                        break;
+               case TDB_ATTRIBUTE_TDB1_MAX_DEAD:
+                       maxsize_attr = &attr->tdb1_max_dead;
+                       break;
                default:
                        /* These are set as normal. */
                        ecode = tdb_set_attribute(tdb, attr);
@@ -420,7 +497,7 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
 
        if (tdb_flags & ~(TDB_INTERNAL | TDB_NOLOCK | TDB_NOMMAP | TDB_CONVERT
                          | TDB_NOSYNC | TDB_SEQNUM | TDB_ALLOW_NESTING
-                         | TDB_RDONLY)) {
+                         | TDB_RDONLY | TDB_VERSION1)) {
                ecode = tdb_logerr(tdb, TDB_ERR_EINVAL, TDB_LOG_USE_ERROR,
                                   "tdb_open: unknown flags %u", tdb_flags);
                goto fail;
@@ -486,13 +563,21 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
                        goto fail;
                }
                tdb->file->fd = -1;
-               ecode = tdb_new_database(tdb, seed, &hdr);
+               if (tdb->flags & TDB_VERSION1)
+                       ecode = tdb1_new_database(tdb, hsize_attr, maxsize_attr);
+               else {
+                       ecode = tdb_new_database(tdb, seed, &hdr);
+                       if (ecode == TDB_SUCCESS) {
+                               tdb_convert(tdb, &hdr.hash_seed,
+                                           sizeof(hdr.hash_seed));
+                               tdb->hash_seed = hdr.hash_seed;
+                               tdb2_context_init(tdb);
+                               tdb_ftable_init(tdb);
+                       }
+               }
                if (ecode != TDB_SUCCESS) {
                        goto fail;
                }
-               tdb_convert(tdb, &hdr.hash_seed, sizeof(hdr.hash_seed));
-               tdb->hash_seed = hdr.hash_seed;
-               tdb_ftable_init(tdb);
                return tdb;
        }
 
@@ -534,7 +619,7 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
                tdb->file->device = st.st_dev;
                tdb->file->inode = st.st_ino;
                tdb->file->map_ptr = NULL;
-               tdb->file->map_size = sizeof(struct tdb_header);
+               tdb->file->map_size = 0;
        }
 
        /* ensure there is only one process initialising at once */
@@ -558,6 +643,12 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
        /* If they used O_TRUNC, read will return 0. */
        rlen = pread(tdb->file->fd, &hdr, sizeof(hdr), 0);
        if (rlen == 0 && (open_flags & O_CREAT)) {
+               if (tdb->flags & TDB_VERSION1) {
+                       ecode = tdb1_new_database(tdb, hsize_attr, maxsize_attr);
+                       if (ecode != TDB_SUCCESS)
+                               goto fail;
+                       goto finished;
+               }
                ecode = tdb_new_database(tdb, seed, &hdr);
                if (ecode != TDB_SUCCESS) {
                        goto fail;
@@ -569,6 +660,12 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
                goto fail;
        } else if (rlen < sizeof(hdr)
                   || strcmp(hdr.magic_food, TDB_MAGIC_FOOD) != 0) {
+               if (is_tdb1(&tdb->tdb1.header, &hdr, rlen)) {
+                       ecode = tdb1_open(tdb, maxsize_attr);
+                       if (!ecode)
+                               goto finished;
+                       goto fail;
+               }
                ecode = tdb_logerr(tdb, TDB_ERR_IO, TDB_LOG_ERROR,
                                   "tdb_open: %s is not a tdb file", name);
                goto fail;
@@ -578,6 +675,12 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
                if (hdr.version == bswap_64(TDB_VERSION))
                        tdb->flags |= TDB_CONVERT;
                else {
+                       if (is_tdb1(&tdb->tdb1.header, &hdr, rlen)) {
+                               ecode = tdb1_open(tdb, maxsize_attr);
+                               if (!ecode)
+                                       goto finished;
+                               goto fail;
+                       }
                        /* wrong version */
                        ecode = tdb_logerr(tdb, TDB_ERR_IO, TDB_LOG_ERROR,
                                           "tdb_open:"
@@ -593,6 +696,13 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
                goto fail;
        }
 
+       /* This is a version2 tdb. */
+       if (tdb->flags & TDB_VERSION1) {
+               tdb->flags &= ~TDB_VERSION1;
+       }
+
+       tdb2_context_init(tdb);
+
        tdb_convert(tdb, &hdr, sizeof(hdr));
        tdb->hash_seed = hdr.hash_seed;
        hash_test = TDB_HASH_MAGIC;
@@ -606,6 +716,11 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
                goto fail;
        }
 
+       ecode = capabilities_ok(tdb, hdr.capabilities);
+       if (ecode != TDB_SUCCESS) {
+               goto fail;
+       }
+
        /* Clear any features we don't understand. */
        if ((open_flags & O_ACCMODE) != O_RDONLY) {
                hdr.features_used &= TDB_FEATURE_MASK;
@@ -617,49 +732,64 @@ struct tdb_context *tdb_open(const char *name, int tdb_flags,
                        goto fail;
        }
 
+finished:
+       if (tdb->flags & TDB_VERSION1) {
+               /* if needed, run recovery */
+               if (tdb1_transaction_recover(tdb) == -1) {
+                       ecode = tdb->last_error;
+                       goto fail;
+               }
+       }
+
        tdb_unlock_open(tdb, openlock);
 
-       /* This make sure we have current map_size and mmap. */
-       ecode = tdb->tdb2.io->oob(tdb, tdb->file->map_size + 1, true);
+       /* This makes sure we have current map_size and mmap. */
+       if (tdb->flags & TDB_VERSION1) {
+               ecode = tdb1_probe_length(tdb);
+       } else {
+               ecode = tdb->tdb2.io->oob(tdb, tdb->file->map_size, 1, true);
+       }
        if (unlikely(ecode != TDB_SUCCESS))
                goto fail;
 
-       /* Now it's fully formed, recover if necessary. */
-       berr = tdb_needs_recovery(tdb);
-       if (unlikely(berr != false)) {
-               if (berr < 0) {
-                       ecode = berr;
-                       goto fail;
+       if (!(tdb->flags & TDB_VERSION1)) {
+               /* Now it's fully formed, recover if necessary. */
+               berr = tdb_needs_recovery(tdb);
+               if (unlikely(berr != false)) {
+                       if (berr < 0) {
+                               ecode = TDB_OFF_TO_ERR(berr);
+                               goto fail;
+                       }
+                       ecode = tdb_lock_and_recover(tdb);
+                       if (ecode != TDB_SUCCESS) {
+                               goto fail;
+                       }
                }
-               ecode = tdb_lock_and_recover(tdb);
+
+               ecode = tdb_ftable_init(tdb);
                if (ecode != TDB_SUCCESS) {
                        goto fail;
                }
        }
 
-       ecode = tdb_ftable_init(tdb);
-       if (ecode != TDB_SUCCESS) {
-               goto fail;
-       }
-
        tdb->next = tdbs;
        tdbs = tdb;
        return tdb;
 
  fail:
        /* Map ecode to some logical errno. */
-       switch (ecode) {
-       case TDB_ERR_CORRUPT:
-       case TDB_ERR_IO:
+       switch (TDB_ERR_TO_OFF(ecode)) {
+       case TDB_ERR_TO_OFF(TDB_ERR_CORRUPT):
+       case TDB_ERR_TO_OFF(TDB_ERR_IO):
                saved_errno = EIO;
                break;
-       case TDB_ERR_LOCK:
+       case TDB_ERR_TO_OFF(TDB_ERR_LOCK):
                saved_errno = EWOULDBLOCK;
                break;
-       case TDB_ERR_OOM:
+       case TDB_ERR_TO_OFF(TDB_ERR_OOM):
                saved_errno = ENOMEM;
                break;
-       case TDB_ERR_EINVAL:
+       case TDB_ERR_TO_OFF(TDB_ERR_EINVAL):
                saved_errno = EINVAL;
                break;
        default:
@@ -702,8 +832,14 @@ int tdb_close(struct tdb_context *tdb)
 
        tdb_trace(tdb, "tdb_close");
 
-       if (tdb->tdb2.transaction) {
-               tdb_transaction_cancel(tdb);
+       if (tdb->flags & TDB_VERSION1) {
+               if (tdb->tdb1.transaction) {
+                       tdb1_transaction_cancel(tdb);
+               }
+       } else {
+               if (tdb->tdb2.transaction) {
+                       tdb_transaction_cancel(tdb);
+               }
        }
 
        if (tdb->file->map_ptr) {