2 Unix SMB/CIFS implementation.
4 trivial database library
6 Copyright (C) Andrew Tridgell 1999-2005
7 Copyright (C) Paul `Rusty' Russell 2000
8 Copyright (C) Jeremy Allison 2000-2003
10 ** NOTE! The following LGPL license applies to the tdb
11 ** library. This does NOT imply that all of Samba is released
14 This library is free software; you can redistribute it and/or
15 modify it under the terms of the GNU Lesser General Public
16 License as published by the Free Software Foundation; either
17 version 3 of the License, or (at your option) any later version.
19 This library is distributed in the hope that it will be useful,
20 but WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
22 Lesser General Public License for more details.
24 You should have received a copy of the GNU Lesser General Public
25 License along with this library; if not, see <http://www.gnu.org/licenses/>.
29 #include "tdb_private.h"
32 * We prepend the mutex area, so fixup offsets. See mutex.c for details.
33 * tdb->hdr_ofs is 0 or header.mutex_size.
35 * Note: that we only have the 4GB limit of tdb_off_t for
36 * tdb->map_size. The file size on disk can be 4GB + tdb->hdr_ofs!
39 static bool tdb_adjust_offset(struct tdb_context *tdb, off_t *off)
41 off_t tmp = tdb->hdr_ofs + *off;
43 if ((tmp < tdb->hdr_ofs) || (tmp < *off)) {
52 static ssize_t tdb_pwrite(struct tdb_context *tdb, const void *buf,
53 size_t count, off_t offset)
57 if (!tdb_adjust_offset(tdb, &offset)) {
62 ret = pwrite(tdb->fd, buf, count, offset);
63 } while ((ret == -1) && (errno == EINTR));
68 static ssize_t tdb_pread(struct tdb_context *tdb, void *buf,
69 size_t count, off_t offset)
73 if (!tdb_adjust_offset(tdb, &offset)) {
78 ret = pread(tdb->fd, buf, count, offset);
79 } while ((ret == -1) && (errno == EINTR));
84 static int tdb_ftruncate(struct tdb_context *tdb, off_t length)
88 if (!tdb_adjust_offset(tdb, &length)) {
93 ret = ftruncate(tdb->fd, length);
94 } while ((ret == -1) && (errno == EINTR));
99 #ifdef HAVE_POSIX_FALLOCATE
100 static int tdb_posix_fallocate(struct tdb_context *tdb, off_t offset,
105 if (!tdb_adjust_offset(tdb, &offset)) {
110 ret = posix_fallocate(tdb->fd, offset, len);
111 } while ((ret == -1) && (errno == EINTR));
117 static int tdb_fstat(struct tdb_context *tdb, struct stat *buf)
121 ret = fstat(tdb->fd, buf);
126 if (buf->st_size < tdb->hdr_ofs) {
130 buf->st_size -= tdb->hdr_ofs;
135 /* check for an out of bounds access - if it is out of bounds then
136 see if the database has been expanded by someone else and expand
139 static int tdb_notrans_oob(
140 struct tdb_context *tdb, tdb_off_t off, tdb_len_t len, int probe)
143 if (len + off < len) {
145 /* Ensure ecode is set for log fn. */
146 tdb->ecode = TDB_ERR_IO;
147 TDB_LOG((tdb, TDB_DEBUG_FATAL,"tdb_oob off %u len %u wrap\n",
153 if (off + len <= tdb->map_size)
155 if (tdb->flags & TDB_INTERNAL) {
157 /* Ensure ecode is set for log fn. */
158 tdb->ecode = TDB_ERR_IO;
159 TDB_LOG((tdb, TDB_DEBUG_FATAL,"tdb_oob len %u beyond internal malloc size %u\n",
160 (int)(off + len), (int)tdb->map_size));
165 if (tdb_fstat(tdb, &st) == -1) {
166 tdb->ecode = TDB_ERR_IO;
170 /* Beware >4G files! */
171 if ((tdb_off_t)st.st_size != st.st_size) {
172 /* Ensure ecode is set for log fn. */
173 tdb->ecode = TDB_ERR_IO;
174 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_oob len %llu too large!\n",
175 (long long)st.st_size));
179 /* Unmap, update size, remap. We do this unconditionally, to handle
180 * the unusual case where the db is truncated.
182 * This can happen to a child using tdb_reopen_all(true) on a
183 * TDB_CLEAR_IF_FIRST tdb whose parent crashes: the next
184 * opener will truncate the database. */
185 if (tdb_munmap(tdb) == -1) {
186 tdb->ecode = TDB_ERR_IO;
189 tdb->map_size = st.st_size;
190 if (tdb_mmap(tdb) != 0) {
194 if (st.st_size < (size_t)off + len) {
196 /* Ensure ecode is set for log fn. */
197 tdb->ecode = TDB_ERR_IO;
198 TDB_LOG((tdb, TDB_DEBUG_FATAL,"tdb_oob len %u beyond eof at %u\n",
199 (int)(off + len), (int)st.st_size));
206 /* write a lump of data at a specified offset */
207 static int tdb_write(struct tdb_context *tdb, tdb_off_t off,
208 const void *buf, tdb_len_t len)
214 if (tdb->read_only || tdb->traverse_read) {
215 tdb->ecode = TDB_ERR_RDONLY;
219 if (tdb_oob(tdb, off, len, 0) != 0)
223 memcpy(off + (char *)tdb->map_ptr, buf, len);
225 #ifdef HAVE_INCOHERENT_MMAP
226 tdb->ecode = TDB_ERR_IO;
231 written = tdb_pwrite(tdb, buf, len, off);
233 if ((written != (ssize_t)len) && (written != -1)) {
235 tdb->ecode = TDB_ERR_IO;
236 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_write: wrote only "
237 "%zi of %u bytes at %u, trying once more\n",
239 written = tdb_pwrite(tdb, (const char *)buf+written,
240 len-written, off+written);
243 /* Ensure ecode is set for log fn. */
244 tdb->ecode = TDB_ERR_IO;
245 TDB_LOG((tdb, TDB_DEBUG_FATAL,"tdb_write failed at %u "
246 "len=%u (%s)\n", off, len, strerror(errno)));
248 } else if (written != (ssize_t)len) {
249 tdb->ecode = TDB_ERR_IO;
250 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_write: failed to "
251 "write %u bytes at %u in two attempts\n",
260 /* Endian conversion: we only ever deal with 4 byte quantities */
261 void *tdb_convert(void *buf, uint32_t size)
263 uint32_t i, *p = (uint32_t *)buf;
264 for (i = 0; i < size / 4; i++)
265 p[i] = TDB_BYTEREV(p[i]);
270 /* read a lump of data at a specified offset, maybe convert */
271 static int tdb_read(struct tdb_context *tdb, tdb_off_t off, void *buf,
272 tdb_len_t len, int cv)
274 if (tdb_oob(tdb, off, len, 0) != 0) {
279 memcpy(buf, off + (char *)tdb->map_ptr, len);
281 #ifdef HAVE_INCOHERENT_MMAP
282 tdb->ecode = TDB_ERR_IO;
287 ret = tdb_pread(tdb, buf, len, off);
288 if (ret != (ssize_t)len) {
289 /* Ensure ecode is set for log fn. */
290 tdb->ecode = TDB_ERR_IO;
291 TDB_LOG((tdb, TDB_DEBUG_FATAL,"tdb_read failed at %u "
292 "len=%u ret=%zi (%s) map_size=%u\n",
293 off, len, ret, strerror(errno),
300 tdb_convert(buf, len);
308 do an unlocked scan of the hash table heads to find the next non-zero head. The value
309 will then be confirmed with the lock held
311 static void tdb_next_hash_chain(struct tdb_context *tdb, uint32_t *chain)
315 for (;h < tdb->hash_size;h++) {
316 if (0 != *(uint32_t *)(TDB_HASH_TOP(h) + (unsigned char *)tdb->map_ptr)) {
322 for (;h < tdb->hash_size;h++) {
323 if (tdb_ofs_read(tdb, TDB_HASH_TOP(h), &off) != 0 || off != 0) {
332 int tdb_munmap(struct tdb_context *tdb)
334 if (tdb->flags & TDB_INTERNAL)
341 ret = munmap(tdb->map_ptr, tdb->map_size);
350 /* If mmap isn't coherent, *everyone* must always mmap. */
351 static bool should_mmap(const struct tdb_context *tdb)
353 #ifdef HAVE_INCOHERENT_MMAP
356 return !(tdb->flags & TDB_NOMMAP);
360 int tdb_mmap(struct tdb_context *tdb)
362 if (tdb->flags & TDB_INTERNAL)
366 if (should_mmap(tdb)) {
367 tdb->map_ptr = mmap(NULL, tdb->map_size,
368 PROT_READ|(tdb->read_only? 0:PROT_WRITE),
369 MAP_SHARED|MAP_FILE, tdb->fd,
373 * NB. When mmap fails it returns MAP_FAILED *NOT* NULL !!!!
376 if (tdb->map_ptr == MAP_FAILED) {
378 TDB_LOG((tdb, TDB_DEBUG_WARNING, "tdb_mmap failed for size %u (%s)\n",
379 tdb->map_size, strerror(errno)));
380 #ifdef HAVE_INCOHERENT_MMAP
381 tdb->ecode = TDB_ERR_IO;
394 /* expand a file. we prefer to use ftruncate, as that is what posix
395 says to use for mmap expansion */
396 static int tdb_expand_file(struct tdb_context *tdb, tdb_off_t size, tdb_off_t addition)
402 if (tdb->read_only || tdb->traverse_read) {
403 tdb->ecode = TDB_ERR_RDONLY;
407 if (!tdb_add_off_t(size, addition, &new_size)) {
408 tdb->ecode = TDB_ERR_OOM;
409 TDB_LOG((tdb, TDB_DEBUG_FATAL, "expand_file write "
410 "overflow detected current size[%u] addition[%u]!\n",
411 (unsigned)size, (unsigned)addition));
416 #ifdef HAVE_POSIX_FALLOCATE
417 ret = tdb_posix_fallocate(tdb, size, addition);
423 * The Linux glibc (at least as of 2.24) fallback if
424 * the file system does not support fallocate does not
425 * reset the file size back to where it was. Also, to
426 * me it is unclear from the posix spec of
427 * posix_fallocate whether this is allowed or
428 * not. Better be safe than sorry and "goto fail" but
429 * "return -1" here, leaving the EOF pointer too
436 * Retry the "old" way. Possibly unnecessary, but looking at
437 * our configure script there seem to be weird failure modes
438 * for posix_fallocate. See commit 3264a98ff16de, which
440 * https://sourceware.org/bugzilla/show_bug.cgi?id=1083.
444 ret = tdb_ftruncate(tdb, new_size);
447 ssize_t written = tdb_pwrite(tdb, &b, 1, new_size - 1);
449 /* try once more, potentially revealing errno */
450 written = tdb_pwrite(tdb, &b, 1, new_size - 1);
453 /* again - give up, guessing errno */
457 tdb->ecode = TDB_ERR_OOM;
458 TDB_LOG((tdb, TDB_DEBUG_FATAL, "expand_file to %u failed (%s)\n",
459 (unsigned)new_size, strerror(errno)));
464 /* now fill the file with something. This ensures that the
465 file isn't sparse, which would be very bad if we ran out of
466 disk. This must be done with write, not via mmap */
467 memset(buf, TDB_PAD_BYTE, sizeof(buf));
469 size_t n = addition>sizeof(buf)?sizeof(buf):addition;
470 ssize_t written = tdb_pwrite(tdb, buf, n, size);
472 /* prevent infinite loops: try _once_ more */
473 written = tdb_pwrite(tdb, buf, n, size);
476 /* give up, trying to provide a useful errno */
477 tdb->ecode = TDB_ERR_OOM;
478 TDB_LOG((tdb, TDB_DEBUG_FATAL, "expand_file write "
479 "returned 0 twice: giving up!\n"));
484 tdb->ecode = TDB_ERR_OOM;
485 TDB_LOG((tdb, TDB_DEBUG_FATAL, "expand_file write of "
486 "%u bytes failed (%s)\n", (int)n,
491 TDB_LOG((tdb, TDB_DEBUG_WARNING, "expand_file: wrote "
492 "only %zu of %zi bytes - retrying\n", written,
505 * We're holding the freelist lock or are inside a
506 * transaction. Cutting the file is safe, the space we
507 * tried to allocate can't have been used anywhere in
511 ret = tdb_ftruncate(tdb, size);
513 TDB_LOG((tdb, TDB_DEBUG_WARNING, "expand_file: "
514 "retruncate to %ju failed\n",
524 /* You need 'size', this tells you how much you should expand by. */
525 tdb_off_t tdb_expand_adjust(tdb_off_t map_size, tdb_off_t size, int page_size)
527 tdb_off_t new_size, top_size, increment;
528 tdb_off_t max_size = UINT32_MAX - map_size;
530 if (size > max_size) {
532 * We can't round up anymore, just give back
533 * what we're asked for.
535 * The caller has to take care of the ENOSPC handling.
540 /* limit size in order to avoid using up huge amounts of memory for
541 * in memory tdbs if an oddball huge record creeps in */
542 if (size > 100 * 1024) {
543 increment = size * 2;
545 increment = size * 100;
547 if (increment < size) {
551 if (!tdb_add_off_t(map_size, increment, &top_size)) {
555 /* always make room for at least top_size more records, and at
556 least 25% more space. if the DB is smaller than 100MiB,
557 otherwise grow it by 10% only. */
558 if (map_size > 100 * 1024 * 1024) {
559 new_size = map_size * 1.10;
561 new_size = map_size * 1.25;
563 if (new_size < map_size) {
567 /* Round the database up to a multiple of the page size */
568 new_size = MAX(top_size, new_size);
570 if (new_size + page_size < new_size) {
571 /* There's a "+" in TDB_ALIGN that might overflow... */
575 return TDB_ALIGN(new_size, page_size) - map_size;
579 * Somewhere in between we went over 4GB. Make one big jump to
580 * exactly 4GB database size.
585 /* expand the database at least size bytes by expanding the underlying
586 file and doing the mmap again if necessary */
587 int tdb_expand(struct tdb_context *tdb, tdb_off_t size)
589 struct tdb_record rec;
593 if (tdb_lock(tdb, -1, F_WRLCK) == -1) {
594 TDB_LOG((tdb, TDB_DEBUG_ERROR, "lock failed in tdb_expand\n"));
598 /* must know about any previous expansions by another process */
599 tdb_oob(tdb, tdb->map_size, 1, 1);
602 * Note: that we don't care about tdb->hdr_ofs != 0 here
604 * The 4GB limitation is just related to tdb->map_size
605 * and the offset calculation in the records.
607 * The file on disk can be up to 4GB + tdb->hdr_ofs
609 size = tdb_expand_adjust(tdb->map_size, size, tdb->page_size);
611 if (!tdb_add_off_t(tdb->map_size, size, &new_size)) {
612 tdb->ecode = TDB_ERR_OOM;
613 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_expand "
614 "overflow detected current map_size[%u] size[%u]!\n",
615 (unsigned)tdb->map_size, (unsigned)size));
619 /* form a new freelist record */
620 offset = tdb->map_size;
621 memset(&rec,'\0',sizeof(rec));
622 rec.rec_len = size - sizeof(rec);
624 if (tdb->flags & TDB_INTERNAL) {
627 new_map_ptr = (char *)realloc(tdb->map_ptr, new_size);
629 tdb->ecode = TDB_ERR_OOM;
632 tdb->map_ptr = new_map_ptr;
633 tdb->map_size = new_size;
638 * expand the file itself
640 ret = tdb->methods->tdb_expand_file(tdb, tdb->map_size, size);
645 /* Explicitly remap: if we're in a transaction, this won't
646 * happen automatically! */
648 tdb->map_size = new_size;
649 if (tdb_mmap(tdb) != 0) {
654 /* link it into the free list */
655 if (tdb_free(tdb, offset, &rec) == -1)
658 tdb_unlock(tdb, -1, F_WRLCK);
661 tdb_unlock(tdb, -1, F_WRLCK);
665 int tdb_oob(struct tdb_context *tdb, tdb_off_t off, tdb_len_t len, int probe)
667 int ret = tdb->methods->tdb_oob(tdb, off, len, probe);
671 /* read/write a tdb_off_t */
672 int tdb_ofs_read(struct tdb_context *tdb, tdb_off_t offset, tdb_off_t *d)
674 return tdb->methods->tdb_read(tdb, offset, (char*)d, sizeof(*d), DOCONV());
677 int tdb_ofs_write(struct tdb_context *tdb, tdb_off_t offset, tdb_off_t *d)
680 return tdb->methods->tdb_write(tdb, offset, CONVERT(off), sizeof(*d));
684 /* read a lump of data, allocating the space for it */
685 unsigned char *tdb_alloc_read(struct tdb_context *tdb, tdb_off_t offset, tdb_len_t len)
689 /* some systems don't like zero length malloc */
691 if (!(buf = (unsigned char *)malloc(len ? len : 1))) {
692 /* Ensure ecode is set for log fn. */
693 tdb->ecode = TDB_ERR_OOM;
694 TDB_LOG((tdb, TDB_DEBUG_ERROR,"tdb_alloc_read malloc failed len=%u (%s)\n",
695 len, strerror(errno)));
698 if (tdb->methods->tdb_read(tdb, offset, buf, len, 0) == -1) {
705 /* Give a piece of tdb data to a parser */
707 int tdb_parse_data(struct tdb_context *tdb, TDB_DATA key,
708 tdb_off_t offset, tdb_len_t len,
709 int (*parser)(TDB_DATA key, TDB_DATA data,
718 if ((tdb->transaction == NULL) && (tdb->map_ptr != NULL)) {
720 * Optimize by avoiding the malloc/memcpy/free, point the
721 * parser directly at the mmap area.
723 if (tdb_oob(tdb, offset, len, 0) != 0) {
726 data.dptr = offset + (unsigned char *)tdb->map_ptr;
727 return parser(key, data, private_data);
730 if (!(data.dptr = tdb_alloc_read(tdb, offset, len))) {
734 result = parser(key, data, private_data);
739 /* read/write a record */
740 int tdb_rec_read(struct tdb_context *tdb, tdb_off_t offset, struct tdb_record *rec)
743 tdb_len_t overall_len;
745 if (tdb->methods->tdb_read(tdb, offset, rec, sizeof(*rec),DOCONV()) == -1)
747 if (TDB_BAD_MAGIC(rec)) {
748 /* Ensure ecode is set for log fn. */
749 tdb->ecode = TDB_ERR_CORRUPT;
750 TDB_LOG((tdb, TDB_DEBUG_FATAL,"tdb_rec_read bad magic 0x%x at offset=%u\n", rec->magic, offset));
754 overall_len = rec->key_len + rec->data_len;
755 if (overall_len < rec->data_len) {
760 if (overall_len > rec->rec_len) {
765 ret = tdb_oob(tdb, offset, rec->key_len, 1);
769 ret = tdb_oob(tdb, offset, rec->data_len, 1);
773 ret = tdb_oob(tdb, offset, rec->rec_len, 1);
778 return tdb_oob(tdb, rec->next, sizeof(*rec), 0);
781 int tdb_rec_write(struct tdb_context *tdb, tdb_off_t offset, struct tdb_record *rec)
783 struct tdb_record r = *rec;
784 return tdb->methods->tdb_write(tdb, offset, CONVERT(r), sizeof(r));
787 static const struct tdb_methods io_methods = {
796 initialise the default methods table
798 void tdb_io_init(struct tdb_context *tdb)
800 tdb->methods = &io_methods;