This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
[PATCH] resolv: Automatically reload a changed /etc/resolv.conf file [BZ #984]
- From: fweimer at redhat dot com (Florian Weimer)
- To: libc-alpha at sourceware dot org
- Date: Fri, 30 Jun 2017 21:38:25 +0200
- Subject: [PATCH] resolv: Automatically reload a changed /etc/resolv.conf file [BZ #984]
- Authentication-results: sourceware.org; auth=none
- Authentication-results: ext-mx05.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
- Authentication-results: ext-mx05.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=fweimer at redhat dot com
- Dkim-filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 6D17F30AF5B
- Dmarc-filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 6D17F30AF5B
This commit enhances the stub resolver to reload the configuration
in the per-thread _res object if the /etc/resolv.conf file has
changed. The resolver checks whether the application has modified
_res and will not overwrite the _res object in that case.
The struct resolv_context mechanism is used to check the
configuration file only once per name lookup.
2017-06-30 Florian Weimer <fweimer@redhat.com>
[BZ #984]
Reload /etc/resolv.conf if has been changed on disk.
* resolv/resolv_conf.h (resolv_conf): Remove initstamp member.
(__resolv_conf_load, __resolv_conf_get_current): Declare.
* resolv/resolv_conf.c (struct resolv_conf_global): Add
conf_current, conf_mtime, conf_ctime, conf_size, conf_ino members.
(decrement, __resolv_conf_get_current): New functions.
(resolv_conf_get_1): Call decrement.
(__resolv_conf_allocate): Do not initialize initstamp. Call
decrement.
(freeres): Deallocate global.conf_current.
* resolv/resolv.h (RES_NORELOAD): Define.
* resolv/res_debug.c (p_option): Add RES_NORELOAD.
* resolv/resolv-internal.h (__res_initstamp): Remove declaration.
* resolv/resolv_context.c (replicated_configuration_matches): New.
(maybe_init): Call it. Use __resolv_conf_get_current to obtain
the current configration.
* resolv/res_init.c (__res_initstamp): Remove variable definition.
(has_preinit_values): New function.
(__resolv_conf_load): Renamed from __res_vinit. Drop res_state
parameter and do not call __resolv_conf_attach.
(__res_vinit): Reimplement based __resolv_conf_load.
(res_options): Handle no-reload.
* resolv/res_libc.c (res_int): Do not update __res_initstamp.
* resolv/tst-resolv-res_init-skeleton.c (print_resp): Handle
RES_NORELOAD.
(test_cases): Test no-reload.
diff --git a/NEWS b/NEWS
index bf2b5df..6f0322e 100644
--- a/NEWS
+++ b/NEWS
@@ -245,6 +245,10 @@ Version 2.26
array, which is limited to six entries) will only use the first six search
domains, as before.
+* The glibc DNS stub now automatically reloads /etc/resolv.conf to pick up
+ changed configuration settings. The new “no-reload” (RES_NORELOAD)
+ resolver option disables this behavior.
+
Security related changes:
* The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes,
diff --git a/resolv/res_debug.c b/resolv/res_debug.c
index 55d1fe9..919b86e 100644
--- a/resolv/res_debug.c
+++ b/resolv/res_debug.c
@@ -613,6 +613,7 @@ p_option(u_long option) {
case RES_SNGLKUPREOP: return "single-request-reopen";
case RES_USE_DNSSEC: return "dnssec";
case RES_NOTLDQUERY: return "no-tld-query";
+ case RES_NORELOAD: return "no-reload";
/* XXX nonreentrant */
default: sprintf(nbuf, "?0x%lx?", (u_long)option);
return (nbuf);
diff --git a/resolv/res_init.c b/resolv/res_init.c
index 80a21fb..fa46ce7 100644
--- a/resolv/res_init.c
+++ b/resolv/res_init.c
@@ -106,8 +106,6 @@
static uint32_t net_mask (struct in_addr);
-unsigned long long int __res_initstamp;
-
int
res_ninit (res_state statp)
{
@@ -164,6 +162,16 @@ struct resolv_conf_parser
struct resolv_conf template;
};
+/* Return true if *PREINIT contains actual preinitialization. */
+static bool
+has_preinit_values (const struct __res_state *preinit)
+{
+ return (preinit->retrans != 0 && preinit->retrans != RES_TIMEOUT)
+ || (preinit->retry != 0 && preinit->retry != RES_DFLRETRY)
+ || (preinit->options != 0
+ && (preinit->options & ~RES_INIT) != RES_DEFAULT);
+}
+
static void
resolv_conf_parser_init (struct resolv_conf_parser *parser,
const struct __res_state *preinit)
@@ -531,14 +539,8 @@ res_vinit_1 (FILE *fp, struct resolv_conf_parser *parser)
return true;
}
-/* Set up default settings. If the /etc/resolv.conf configuration
- file exist, the values there will have precedence. Otherwise, the
- server address is set to INADDR_LOOPBACK and the default domain
- name comes from gethostname. The RES_OPTIONS and LOCALDOMAIN
- environment variables can be used to override some settings.
- Return 0 if completes successfully, -1 on error. */
-int
-__res_vinit (res_state statp, int preinit)
+struct resolv_conf *
+__resolv_conf_load (struct __res_state *preinit)
{
/* Ensure that /etc/hosts.conf has been loaded (once). */
_res_hconf_init ();
@@ -559,20 +561,14 @@ __res_vinit (res_state statp, int preinit)
default:
/* Other errors refer to resource allocation problems and
need to be handled by the application. */
- return -1;
+ return NULL;
}
struct resolv_conf_parser parser;
- if (preinit)
- {
- resolv_conf_parser_init (&parser, statp);
- statp->id = res_randomid ();
- }
- else
- resolv_conf_parser_init (&parser, NULL);
+ resolv_conf_parser_init (&parser, preinit);
- bool ok = res_vinit_1 (fp, &parser);
- if (ok)
+ struct resolv_conf *conf = NULL;
+ if (res_vinit_1 (fp, &parser))
{
parser.template.nameserver_list
= nameserver_list_begin (&parser.nameserver_list);
@@ -583,21 +579,42 @@ __res_vinit (res_state statp, int preinit)
= search_list_size (&parser.search_list);
parser.template.sort_list = sort_list_begin (&parser.sort_list);
parser.template.sort_list_size = sort_list_size (&parser.sort_list);
- struct resolv_conf *conf = __resolv_conf_allocate (&parser.template);
- if (conf == NULL)
- ok = false;
- else
- {
- ok = __resolv_conf_attach (statp, conf);
- __resolv_conf_put (conf);
- }
+ conf = __resolv_conf_allocate (&parser.template);
}
resolv_conf_parser_free (&parser);
- if (!ok)
+ return conf;
+}
+
+/* Set up default settings. If the /etc/resolv.conf configuration
+ file exist, the values there will have precedence. Otherwise, the
+ server address is set to INADDR_LOOPBACK and the default domain
+ name comes from gethostname. The RES_OPTIONS and LOCALDOMAIN
+ environment variables can be used to override some settings.
+ Return 0 if completes successfully, -1 on error. */
+int
+__res_vinit (res_state statp, int preinit)
+{
+ struct resolv_conf *conf;
+ if (preinit && has_preinit_values (statp))
+ /* For the preinit case, we cannot use the cached configuration
+ because some settings could be different. */
+ conf = __resolv_conf_load (statp);
+ else
+ conf = __resolv_conf_get_current ();
+ if (conf == NULL)
return -1;
+
+ bool ok = __resolv_conf_attach (statp, conf);
+ __resolv_conf_put (conf);
+ if (ok)
+ {
+ if (preinit)
+ statp->id = res_randomid ();
+ return 0;
+ }
else
- return 0;
+ return -1;
}
static void
@@ -652,6 +669,7 @@ res_setoptions (struct resolv_conf_parser *parser, const char *options)
{ STRnLEN ("single-request"), 0, RES_SNGLKUP },
{ STRnLEN ("no_tld_query"), 0, RES_NOTLDQUERY },
{ STRnLEN ("no-tld-query"), 0, RES_NOTLDQUERY },
+ { STRnLEN ("no-reload"), 0, RES_NORELOAD },
{ STRnLEN ("use-vc"), 0, RES_USEVC }
};
#define noptions (sizeof (options) / sizeof (options[0]))
diff --git a/resolv/res_libc.c b/resolv/res_libc.c
index 5066983..2e6c03f 100644
--- a/resolv/res_libc.c
+++ b/resolv/res_libc.c
@@ -90,12 +90,6 @@ res_init (void)
if (!_res.id)
_res.id = res_randomid ();
- atomicinclock (lock);
- /* Request all threads to re-initialize their resolver states,
- resolv.conf might have changed. */
- atomicinc (__res_initstamp);
- atomicincunlock (lock);
-
return __res_vinit (&_res, 1);
}
diff --git a/resolv/resolv-internal.h b/resolv/resolv-internal.h
index 9246497..32dc447 100644
--- a/resolv/resolv-internal.h
+++ b/resolv/resolv-internal.h
@@ -97,7 +97,4 @@ int __res_nopt (struct resolv_context *, int n0,
int __inet_pton_length (int af, const char *src, size_t srclen, void *);
libc_hidden_proto (__inet_pton_length)
-/* Used to propagate the effect of res_init calls across threads. */
-extern unsigned long long int __res_initstamp attribute_hidden;
-
#endif /* _RESOLV_INTERNAL_H */
diff --git a/resolv/resolv.h b/resolv/resolv.h
index 1fb0ad4..c80eb4c 100644
--- a/resolv/resolv.h
+++ b/resolv/resolv.h
@@ -134,6 +134,7 @@ struct res_sym {
#define RES_USE_DNSSEC 0x00800000 /* use DNSSEC using OK bit in OPT */
#define RES_NOTLDQUERY 0x01000000 /* Do not look up unqualified name
as a TLD. */
+#define RES_NORELOAD 0x02000000 /* No automatic configuration reload. */
#define RES_DEFAULT (RES_RECURSE|RES_DEFNAMES|RES_DNSRCH)
diff --git a/resolv/resolv_conf.c b/resolv/resolv_conf.c
index cd2f60d..3cd8ae9 100644
--- a/resolv/resolv_conf.c
+++ b/resolv/resolv_conf.c
@@ -22,6 +22,7 @@
#include <assert.h>
#include <libc-lock.h>
#include <resolv-internal.h>
+#include <sys/stat.h>
/* _res._u._ext.__glibc_extension_index is used as an index into a
struct resolv_conf_array object. The intent of this construction
@@ -54,6 +55,16 @@ struct resolv_conf_global
the array element is overwritten with NULL. */
struct resolv_conf_array array;
+ /* Cached current configuration object for /etc/resolv.conf. */
+ struct resolv_conf *conf_current;
+
+ /* These properties of /etc/resolv.conf are used to check if the
+ configuration needs reloading. */
+ struct timespec conf_mtime;
+ struct timespec conf_ctime;
+ off64_t conf_size;
+ ino64_t conf_ino;
+
/* The lock synchronizes access to the other members of this struct.
It also protects the __refcount member of struct resolv_conf. */
__libc_lock_define (, lock);
@@ -80,6 +91,84 @@ put_locked_global (struct resolv_conf_global *global_copy)
__libc_lock_unlock (global_copy->lock);
}
+/* Decrement the reference counter for *CONF. */
+static void
+decrement (struct resolv_conf *conf)
+{
+ assert (conf->__refcount > 0);
+ if (--conf->__refcount == 0)
+ free (conf);
+}
+
+struct resolv_conf *
+__resolv_conf_get_current (void)
+{
+ struct stat64 st;
+ if (stat64 (_PATH_RESCONF, &st) != 0)
+ {
+ switch (errno)
+ {
+ case EACCES:
+ case EISDIR:
+ case ELOOP:
+ case ENOENT:
+ case ENOTDIR:
+ case EPERM:
+ /* Ignore errors due to file system contents. */
+ memset (&st, 0, sizeof (st));
+ break;
+ default:
+ /* Other errors are fatal. */
+ return NULL;
+ }
+ }
+
+ struct resolv_conf_global *global_copy = get_locked_global ();
+ if (global_copy == NULL)
+ return NULL;
+ struct resolv_conf *conf;
+ if (global_copy->conf_current != NULL
+ && (global_copy->conf_mtime.tv_sec == st.st_mtim.tv_sec
+ && global_copy->conf_mtime.tv_nsec == st.st_mtim.tv_nsec
+ && global_copy->conf_ctime.tv_sec == st.st_ctim.tv_sec
+ && global_copy->conf_ctime.tv_nsec == st.st_ctim.tv_nsec
+ && global_copy->conf_ino == st.st_ino
+ && global_copy->conf_size == st.st_size))
+ /* We can reuse the cached configuration object. */
+ conf = global_copy->conf_current;
+ else
+ {
+ /* Parse configuration while holding the lock. This avoids
+ duplicate work. */
+ conf = __resolv_conf_load (NULL);
+ if (conf != NULL)
+ {
+ if (global_copy->conf_current != NULL)
+ decrement (global_copy->conf_current);
+ global_copy->conf_current = conf; /* Takes ownership. */
+
+ /* Update file modification stamps. The configuration we
+ read could be a newer version of the file, but this does
+ not matter because this will lead to an extraneous reload
+ later. */
+ global_copy->conf_mtime = st.st_mtim;
+ global_copy->conf_ctime = st.st_ctim;
+ global_copy->conf_ino = st.st_ino;
+ global_copy->conf_size = st.st_size;
+ }
+ }
+
+ if (conf != NULL)
+ {
+ /* Return an additional reference. */
+ assert (conf->__refcount > 0);
+ ++conf->__refcount;
+ assert (conf->__refcount > 0);
+ }
+ put_locked_global (global_copy);
+ return conf;
+}
+
/* Internal implementation of __resolv_conf_get, without validation
against *RESP. */
static struct resolv_conf *
@@ -241,13 +330,9 @@ __resolv_conf_put (struct resolv_conf *conf)
if (conf == NULL)
return;
- void *to_deallocate = NULL;
__libc_lock_lock (global.lock);
- if (--conf->__refcount == 0)
- to_deallocate = conf;
+ decrement (conf);
__libc_lock_unlock (global.lock);
-
- free (to_deallocate);
}
struct resolv_conf *
@@ -302,7 +387,6 @@ __resolv_conf_allocate (const struct resolv_conf *init)
conf->retry = init->retry;
conf->options = init->options;
conf->ndots = init->ndots;
- conf->initstamp = __res_initstamp;
/* Allocate the arrays with pointers. These must come first because
they have the highets alignment. */
@@ -461,9 +545,7 @@ decrement_at_index (struct resolv_conf_global *global_copy, size_t index)
struct resolv_conf *conf = *slot;
if (conf != NULL)
{
- assert (conf->__refcount > 0);
- if (--conf->__refcount == 0)
- free (conf);
+ decrement (conf);
/* Clear the slot even if the reference count is positive.
Slots are not shared. */
*slot = NULL;
@@ -559,10 +641,17 @@ static void __attribute__ ((section ("__libc_thread_freeres_fn")))
freeres (void)
{
/* No locking because this function is supposed to be called when
- the process has turned single-threaded. Note that this frees
- only the array itself. The pointed-to configuration objects
- should have been deallocated by res_nclose and per-thread cleanup
- functions. */
+ the process has turned single-threaded. */
+ struct resolv_conf_global *global_copy = &global;
+ if (global_copy->conf_current != NULL)
+ {
+ decrement (global_copy->conf_current);
+ global_copy->conf_current = NULL;
+ }
+
+ /* Note that this frees only the array itself. The pointed-to
+ configuration objects should have been deallocated by res_nclose
+ and per-thread cleanup functions. */
resolv_conf_array_free (&global.array);
}
text_set_element (__libc_subfreeres, freeres);
diff --git a/resolv/resolv_conf.h b/resolv/resolv_conf.h
index 7ca80cd..0ff8bd7 100644
--- a/resolv/resolv_conf.h
+++ b/resolv/resolv_conf.h
@@ -35,11 +35,6 @@ struct resolv_sortlist_entry
object. */
struct resolv_conf
{
- /* Used to propagate the effect of res_init across threads. This
- member is mutable and prevents sharing of the same struct
- resolv_conf object among multiple struct __res_state objects. */
- unsigned long long int initstamp;
-
/* Reference counter. The object is deallocated once it reaches
zero. For internal use within resolv_conf only. */
size_t __refcount;
@@ -69,6 +64,18 @@ struct resolv_conf
struct __res_state;
+/* Read /etc/resolv.conf and return a configuration object, or NULL if
+ /etc/resolv.conf cannot be read due to memory allocation errors.
+ If PREINIT is not NULL, some configuration values are taken from the
+ struct __res_state object. */
+struct resolv_conf *__resolv_conf_load (struct __res_state *preinit)
+ attribute_hidden __attribute__ ((warn_unused_result));
+
+/* Return a configuration object for the current /etc/resolv.conf
+ settings, or NULL on failure. The object is cached. */
+struct resolv_conf *__resolv_conf_get_current (void)
+ attribute_hidden __attribute__ ((warn_unused_result));
+
/* Return the extended resolver state for *RESP, or NULL if it cannot
be determined. A call to this function must be paired with a call
to __resolv_conf_put. */
diff --git a/resolv/resolv_context.c b/resolv/resolv_context.c
index 0ee2184..35d4b3d 100644
--- a/resolv/resolv_context.c
+++ b/resolv/resolv_context.c
@@ -51,6 +51,20 @@
resolver state. */
static __thread struct resolv_context *current attribute_tls_model_ie;
+/* The resolv_conf handling will gives us a ctx->conf pointer even if
+ these fields do not match because a mis-match does not cause a loss
+ of state (_res objects can store the full information). This
+ function checks to ensure that there is a full patch, to prevent
+ overwriting a patched configuration. */
+static bool
+replicated_configuration_matches (const struct resolv_context *ctx)
+{
+ return ctx->resp->options == ctx->conf->options
+ && ctx->resp->retrans == ctx->conf->retrans
+ && ctx->resp->retry == ctx->conf->retry
+ && ctx->resp->ndots == ctx->conf->ndots;
+}
+
/* Initialize *RESP if RES_INIT is not yet set in RESP->options, or if
res_init in some other thread requested re-initializing. */
static __attribute__ ((warn_unused_result)) bool
@@ -59,27 +73,36 @@ maybe_init (struct resolv_context *ctx, bool preinit)
struct __res_state *resp = ctx->resp;
if (resp->options & RES_INIT)
{
+ if (resp->options & RES_NORELOAD)
+ /* Configuration reloading was explicitly disabled. */
+ return true;
+
/* If there is no associated resolv_conf object despite the
initialization, something modified *ctx->resp. Do not
override those changes. */
- if (ctx->conf != NULL && ctx->conf->initstamp != __res_initstamp)
+ if (ctx->conf != NULL && replicated_configuration_matches (ctx))
{
- if (resp->nscount > 0)
- /* This call will detach the extended resolver state. */
- __res_iclose (resp, true);
- /* And this call will attach it again. */
- if (__res_vinit (resp, 1) < 0)
+ struct resolv_conf *current = __resolv_conf_get_current ();
+ if (current == NULL)
+ return false;
+
+ /* Check if the configuration changed. */
+ if (current != ctx->conf)
{
- /* The configuration no longer matches after failed
- initialization. */
- __resolv_conf_put (ctx->conf);
- ctx->conf = NULL;
- return false;
+ /* This call will detach the extended resolver state. */
+ if (resp->nscount > 0)
+ __res_iclose (resp, true);
+ /* Reattach the current configuration. */
+ if (__resolv_conf_attach (ctx->resp, current))
+ {
+ __resolv_conf_put (ctx->conf);
+ /* ctx takes ownership, so we do not release current. */
+ ctx->conf = current;
+ }
}
- /* Delay the release of the old configuration until this
- point, so that __res_vinit can reuse it if possible. */
- __resolv_conf_put (ctx->conf);
- ctx->conf = __resolv_conf_get (ctx->resp);
+ else
+ /* No change. Drop the reference count for current. */
+ __resolv_conf_put (current);
}
return true;
}
diff --git a/resolv/tst-resolv-res_init-skeleton.c b/resolv/tst-resolv-res_init-skeleton.c
index aace94d..3ee5a99 100644
--- a/resolv/tst-resolv-res_init-skeleton.c
+++ b/resolv/tst-resolv-res_init-skeleton.c
@@ -151,6 +151,7 @@ print_resp (FILE *fp, res_state resp)
print_option_flag (fp, &options, RES_SNGLKUPREOP,
"single-request-reopen");
print_option_flag (fp, &options, RES_NOTLDQUERY, "no-tld-query");
+ print_option_flag (fp, &options, RES_NORELOAD, "no-reload");
fputc ('\n', fp);
if (options != 0)
fprintf (fp, "; error: unresolved option bits: 0x%x\n", options);
@@ -470,6 +471,28 @@ struct test_case test_cases[] =
"nameserver 192.0.2.1\n"
"; nameserver[0]: [192.0.2.1]:53\n"
},
+ {.name = "basic no-reload",
+ .conf = "options no-reload\n"
+ "search corp.example.com example.com\n"
+ "nameserver 192.0.2.1\n",
+ .expected = "options no-reload\n"
+ "search corp.example.com example.com\n"
+ "; search[0]: corp.example.com\n"
+ "; search[1]: example.com\n"
+ "nameserver 192.0.2.1\n"
+ "; nameserver[0]: [192.0.2.1]:53\n"
+ },
+ {.name = "basic no-reload via RES_OPTIONS",
+ .conf = "search corp.example.com example.com\n"
+ "nameserver 192.0.2.1\n",
+ .expected = "options no-reload\n"
+ "search corp.example.com example.com\n"
+ "; search[0]: corp.example.com\n"
+ "; search[1]: example.com\n"
+ "nameserver 192.0.2.1\n"
+ "; nameserver[0]: [192.0.2.1]:53\n",
+ .res_options = "no-reload"
+ },
{.name = "whitespace",
.conf = "# This test covers comment and whitespace processing "
" (trailing whitespace,\n"