Cache network interface information

Whenever getaddrinfo needed network interface information it used the
netlink interface to read the information every single time.  The
problem is that this information can change at any time.

The patch implements monitoring of the network interfaces through
nscd.  If no change is detected the previously read information can
be reused (which is the norm).  This timestamp information is also
made available to other processes using the shared memory segment
between nscd and those processes.

4 files changed, 162 insertions, 7 deletions

diff --git a/nscd/connections.c b/nscd/connections.c
index 2b5c7ef53c..1b8a9bdba7 100644
--- a/nscd/connections.c
+++ b/nscd/connections.c
@@ -24,6 +24,7 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <grp.h>
+#include <ifaddrs.h>
 #include <libintl.h>
 #include <pthread.h>
 #include <pwd.h>
@@ -32,6 +33,9 @@
 #include <stdlib.h>
 #include <unistd.h>
 #include <arpa/inet.h>
+#ifdef HAVE_NETLINK
+# include <netlink/netlink.h>
+#endif
 #ifdef HAVE_EPOLL
 # include <sys/epoll.h>
 #endif
@@ -247,6 +251,11 @@ static int sock;
 int inotify_fd = -1;
 #endif
 
+#ifdef HAVE_NETLINK
+/* Descriptor for netlink status updates.  */
+static int nl_status_fd = -1;
+#endif
+
 #ifndef __ASSUME_SOCK_CLOEXEC
 /* Negative if SOCK_CLOEXEC is not supported, positive if it is, zero
    before be know the result.  */
@@ -903,6 +912,65 @@ cannot set socket to close on exec: %s; disabling paranoia mode"),
       exit (1);
     }
 
+#ifdef HAVE_NETLINK
+  if (dbs[hstdb].enabled)
+    {
+      /* Try to open netlink socket to monitor network setting changes.  */
+      nl_status_fd = socket (AF_NETLINK,
+			     SOCK_RAW | SOCK_CLOEXEC | SOCK_NONBLOCK,
+			     NETLINK_ROUTE);
+      if (nl_status_fd != -1)
+	{
+	  struct sockaddr_nl snl;
+	  memset (&snl, '\0', sizeof (snl));
+	  snl.nl_family = AF_NETLINK;
+	  /* XXX Is this the best set to use?  */
+	  snl.nl_groups = (RTMGRP_IPV4_IFADDR | RTMGRP_TC | RTMGRP_IPV4_MROUTE
+			   | RTMGRP_IPV4_ROUTE | RTMGRP_IPV4_RULE
+			   | RTMGRP_IPV6_IFADDR | RTMGRP_IPV6_MROUTE
+			   | RTMGRP_IPV6_ROUTE | RTMGRP_IPV6_IFINFO
+			   | RTMGRP_IPV6_PREFIX);
+
+	  if (bind (nl_status_fd, (struct sockaddr *) &snl, sizeof (snl)) != 0)
+	    {
+	      close (nl_status_fd);
+	      nl_status_fd = -1;
+	    }
+	  else
+	    {
+	      /* Start the timestamp process.  */
+	      dbs[hstdb].head->extra_data[NSCD_HST_IDX_CONF_TIMESTAMP]
+		= __bump_nl_timestamp ();
+
+# ifndef __ASSUME_SOCK_CLOEXEC
+	      if (have_sock_cloexec < 0)
+		{
+		  /* We don't want to get stuck on accept.  */
+		  int fl = fcntl (nl_status_fd, F_GETFL);
+		  if (fl == -1
+		      || fcntl (nl_status_fd, F_SETFL, fl | O_NONBLOCK) == -1)
+		    {
+		      dbg_log (_("\
+cannot change socket to nonblocking mode: %s"),
+			       strerror (errno));
+		      exit (1);
+		    }
+
+		  /* The descriptor needs to be closed on exec.  */
+		  if (paranoia
+		      && fcntl (nl_status_fd, F_SETFD, FD_CLOEXEC) == -1)
+		    {
+		      dbg_log (_("cannot set socket to close on exec: %s"),
+			       strerror (errno));
+		      exit (1);
+		    }
+		}
+# endif
+	    }
+	}
+    }
+#endif
+
   /* Change to unprivileged uid/gid/groups if specified in config file */
   if (server_user != NULL)
     finish_drop_privileges ();
@@ -1826,6 +1894,18 @@ main_loop_poll (void)
     }
 #endif
 
+#ifdef HAVE_NETLINK
+  size_t idx_nl_status_fd = 0;
+  if (nl_status_fd != -1)
+    {
+      idx_nl_status_fd = nused;
+      conns[nused].fd = nl_status_fd;
+      conns[nused].events = POLLRDNORM;
+      ++nused;
+      firstfree = nused;
+    }
+#endif
+
   while (1)
     {
       /* Wait for any event.  We wait at most a couple of seconds so
@@ -1968,6 +2048,20 @@ disabled inotify after read error %d"),
 	    }
 #endif
 
+#ifdef HAVE_NETLINK
+	  if (idx_nl_status_fd != 0 && conns[idx_nl_status_fd].revents != 0)
+	    {
+	      char buf[4096];
+	      /* Read all the data.  We do not interpret it here.  */
+	      while (TEMP_FAILURE_RETRY (read (nl_status_fd, buf,
+					       sizeof (buf))) != -1)
+		;
+
+	      dbs[hstdb].head->extra_data[NSCD_HST_IDX_CONF_TIMESTAMP]
+		= __bump_nl_timestamp ();
+	    }
+#endif
+
 	  for (size_t cnt = first; cnt < nused && n > 0; ++cnt)
 	    if (conns[cnt].revents != 0)
 	      {
@@ -2046,6 +2140,17 @@ main_loop_epoll (int efd)
     }
 # endif
 
+# ifdef HAVE_NETLINK
+  if (nl_status_fd != -1)
+    {
+      ev.events = EPOLLRDNORM;
+      ev.data.fd = nl_status_fd;
+      if (epoll_ctl (efd, EPOLL_CTL_ADD, nl_status_fd, &ev) == -1)
+	/* We cannot use epoll.  */
+	return;
+    }
+# endif
+
   while (1)
     {
       struct epoll_event revs[100];
@@ -2162,6 +2267,18 @@ main_loop_epoll (int efd)
 		}
 	  }
 # endif
+# ifdef HAVE_NETLINK
+	else if (revs[cnt].data.fd == nl_status_fd)
+	  {
+	    char buf[4096];
+	    /* Read all the data.  We do not interpret it here.  */
+	    while (TEMP_FAILURE_RETRY (read (nl_status_fd, buf,
+					     sizeof (buf))) != -1)
+	      ;
+
+	    __bump_nl_timestamp ();
+	  }
+# endif
 	else
 	  {
 	    /* Remove the descriptor from the epoll descriptor.  */
@@ -2185,6 +2302,7 @@ main_loop_epoll (int efd)
       time_t laststart = now - ACCEPT_TIMEOUT;
       assert (starttime[sock] == 0);
       assert (inotify_fd == -1 || starttime[inotify_fd] == 0);
+      assert (nl_status_fd == -1 || starttime[nl_status_fd] == 0);
       for (int cnt = highest; cnt > STDERR_FILENO; --cnt)
 	if (starttime[cnt] != 0 && starttime[cnt] < laststart)
 	  {
diff --git a/nscd/nscd-client.h b/nscd/nscd-client.h
index caad26a9cc..b5cd2d2c1e 100644
--- a/nscd/nscd-client.h
+++ b/nscd/nscd-client.h
@@ -260,12 +260,17 @@ struct hashentry
 
 
 /* Current persistent database version.  */
-#define DB_VERSION	1
+#define DB_VERSION	2
 
 /* Maximum time allowed between updates of the timestamp.  */
 #define MAPPING_TIMEOUT (5 * 60)
 
 
+/* Used indices for the EXTRA_DATA element of 'database_pers_head'.
+   Each database has its own indices.  */
+#define NSCD_HST_IDX_CONF_TIMESTAMP	0
+
+
 /* Header of persistent database file.  */
 struct database_pers_head
 {
@@ -274,6 +279,8 @@ struct database_pers_head
   volatile int32_t gc_cycle;
   volatile int32_t nscd_certainly_running;
   volatile nscd_time_t timestamp;
+  /* Room for extensions.  */
+  volatile uint32_t extra_data[4];
 
   nscd_ssize_t module;
   nscd_ssize_t data_size;
@@ -322,6 +329,12 @@ extern int __nscd_open_socket (const char *key, size_t keylen,
 			       request_type type, void *response,
 			       size_t responselen) attribute_hidden;
 
+/* Try to get a file descriptor for the shared meory segment
+   containing the database.  */
+extern struct mapped_database *__nscd_get_mapping (request_type type,
+						   const char *key,
+						   struct mapped_database **mappedp) attribute_hidden;
+
 /* Get reference of mapping.  */
 extern struct mapped_database *__nscd_get_map_ref (request_type type,
 						   const char *name,
@@ -371,4 +384,7 @@ extern ssize_t writeall (int fd, const void *buf, size_t len)
 extern ssize_t sendfileall (int tofd, int fromfd, off_t off, size_t len)
   attribute_hidden;
 
+/* Get netlink timestamp counter from mapped area or zero.  */
+extern uint32_t __nscd_get_nl_timestamp (void);
+
 #endif /* nscd.h */
diff --git a/nscd/nscd_gethst_r.c b/nscd/nscd_gethst_r.c
index 70631fa961..6ee142d71b 100644
--- a/nscd/nscd_gethst_r.c
+++ b/nscd/nscd_gethst_r.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 1998-2005, 2006, 2007, 2008, 2009
+/* Copyright (C) 1998-2005, 2006, 2007, 2008, 2009, 2011
    Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998.
@@ -98,6 +98,27 @@ libc_freeres_fn (hst_map_free)
 }
 
 
+uint32_t
+__nscd_get_nl_timestamp (void)
+{
+  if (__nss_not_use_nscd_hosts != 0)
+    return 0;
+
+  struct mapped_database *map = __hst_map_handle.mapped;
+
+  if (map == NULL
+      || (map != NO_MAPPING
+	  && map->head->nscd_certainly_running == 0
+	  && map->head->timestamp + MAPPING_TIMEOUT < time (NULL)))
+    map = __nscd_get_mapping (GETFDHST, "hosts", &__hst_map_handle.mapped);
+
+  if (map == NO_MAPPING)
+    return 0;
+
+  return map->head->extra_data[NSCD_HST_IDX_CONF_TIMESTAMP];
+}
+
+
 int __nss_have_localdomain attribute_hidden;
 
 static int
diff --git a/nscd/nscd_helper.c b/nscd/nscd_helper.c
index fe63f9a7fe..365b599892 100644
--- a/nscd/nscd_helper.c
+++ b/nscd/nscd_helper.c
@@ -277,9 +277,9 @@ __nscd_unmap (struct mapped_database *mapped)
 
 /* Try to get a file descriptor for the shared meory segment
    containing the database.  */
-static struct mapped_database *
-get_mapping (request_type type, const char *key,
-	     struct mapped_database **mappedp)
+struct mapped_database *
+__nscd_get_mapping (request_type type, const char *key,
+		    struct mapped_database **mappedp)
 {
   struct mapped_database *result = NO_MAPPING;
 #ifdef SCM_RIGHTS
@@ -449,8 +449,8 @@ __nscd_get_map_ref (request_type type, const char *name,
 	  || (cur->head->nscd_certainly_running == 0
 	      && cur->head->timestamp + MAPPING_TIMEOUT < time (NULL))
 	  || cur->head->data_size > cur->datasize)
-	cur = get_mapping (type, name,
-			   (struct mapped_database **) &mapptr->mapped);
+	cur = __nscd_get_mapping (type, name,
+				  (struct mapped_database **) &mapptr->mapped);
 
       if (__builtin_expect (cur != NO_MAPPING, 1))
 	{