From b1828371af03d739bb7988aabeac4f87b9344bcc Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 29 Mar 2019 14:32:21 -0700 Subject: [PATCH] s3: smbd: Share modes should not use the generic memcache. Create a separate, non-size-limited memcache cache for share modes. They must not be evicted from the cache (which they could be from the generic cache) if the cache gets full, this leads to smbd crashes. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13871 Signed-off-by: Jeremy Allison --- source3/locking/share_mode_lock.c | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/source3/locking/share_mode_lock.c b/source3/locking/share_mode_lock.c index a97d8d44930..ac383c376b8 100644 --- a/source3/locking/share_mode_lock.c +++ b/source3/locking/share_mode_lock.c @@ -60,6 +60,9 @@ /* the locking database handle */ static struct db_context *lock_db; +/* share mode memcache handle. */ +static struct memcache *share_mode_memcache; + static bool locking_init_internal(bool read_only) { struct db_context *backend; @@ -98,6 +101,8 @@ static bool locking_init_internal(bool read_only) return False; } + share_mode_memcache = memcache_init(NULL, 0); + return True; } @@ -135,11 +140,8 @@ static TDB_DATA locking_key(const struct file_id *id) Share mode cache utility functions that store/delete/retrieve entries from memcache. - For now share the statcache (global cache) memory space. If - a lock record gets orphaned (which shouldn't happen as we're - using the same locking_key data as lookup) it will eventually - fall out of the cache via the normal LRU trim mechanism. If - necessary we can always make this a separate (smaller) cache. + Use a separate non memory limited cache. A record can't get + orphaned as we're using a consistent locking_key for lookup. ******************************************************************/ static DATA_BLOB memcache_key(const struct file_id *id) @@ -156,7 +158,7 @@ static void share_mode_memcache_delete(struct share_mode_data *d) d->sequence_number, file_id_string(talloc_tos(), &d->id)); - memcache_delete(NULL, + memcache_delete(share_mode_memcache, SHARE_MODE_LOCK_CACHE, key); } @@ -182,7 +184,7 @@ static void share_mode_memcache_store(struct share_mode_data *d) talloc_set_destructor(d, NULL); /* Cache will own d after this call. */ - memcache_add_talloc(NULL, + memcache_add_talloc(share_mode_memcache, SHARE_MODE_LOCK_CACHE, key, &d); @@ -227,7 +229,7 @@ static struct share_mode_data *share_mode_memcache_fetch(TALLOC_CTX *mem_ctx, memcpy(&id, id_key.dptr, id_key.dsize); key = memcache_key(&id); - ptr = memcache_lookup_talloc(NULL, + ptr = memcache_lookup_talloc(share_mode_memcache, SHARE_MODE_LOCK_CACHE, key); if (ptr == NULL) { @@ -242,7 +244,7 @@ static struct share_mode_data *share_mode_memcache_fetch(TALLOC_CTX *mem_ctx, DEBUG(10,("bad blob %u key %s\n", (unsigned int)ndr_err, file_id_string(mem_ctx, &id))); - memcache_delete(NULL, + memcache_delete(share_mode_memcache, SHARE_MODE_LOCK_CACHE, key); return NULL; @@ -256,7 +258,7 @@ static struct share_mode_data *share_mode_memcache_fetch(TALLOC_CTX *mem_ctx, sequence_number, file_id_string(mem_ctx, &id)); /* Cache out of date. Remove entry. */ - memcache_delete(NULL, + memcache_delete(share_mode_memcache, SHARE_MODE_LOCK_CACHE, key); return NULL; @@ -272,7 +274,7 @@ static struct share_mode_data *share_mode_memcache_fetch(TALLOC_CTX *mem_ctx, talloc_set_destructor(d, share_mode_data_nofree_destructor); /* Remove from the cache. We own it now. */ - memcache_delete(NULL, + memcache_delete(share_mode_memcache, SHARE_MODE_LOCK_CACHE, key); -- 2.21.0.392.gf8f6787159e-goog