From: Vladimír Čunát Date: Fri, 9 Jun 2023 09:01:06 +0000 (+0200) Subject: lib/rules: DB size+path: make configurable, bump to 100 MiB X-Git-Tag: v6.0.1~9^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6a2b5f533c63e2a722a683ceb8a24d3a4188e00f;p=thirdparty%2Fknot-resolver.git lib/rules: DB size+path: make configurable, bump to 100 MiB Ideally we'd expand it as needed, but that seems relatively complicated, so for now let's go big with the sparse file and allow to override. --- diff --git a/daemon/lua/kres-gen-30.lua b/daemon/lua/kres-gen-30.lua index f92fa0b67..0a26f7ea7 100644 --- a/daemon/lua/kres-gen-30.lua +++ b/daemon/lua/kres-gen-30.lua @@ -489,6 +489,7 @@ int kr_cache_remove(struct kr_cache *, const knot_dname_t *, uint16_t); int kr_cache_remove_subtree(struct kr_cache *, const knot_dname_t *, _Bool, int); int kr_cache_commit(struct kr_cache *); uint32_t packet_ttl(const knot_pkt_t *); +int kr_rules_init(const char *, size_t); int kr_view_insert_action(const char *, const char *); int kr_view_select_action(const struct kr_request *, knot_db_val_t *); int kr_rule_tag_add(const char *, kr_rule_tags_t *); diff --git a/daemon/lua/kres-gen-31.lua b/daemon/lua/kres-gen-31.lua index 4bc38f34b..605e225d8 100644 --- a/daemon/lua/kres-gen-31.lua +++ b/daemon/lua/kres-gen-31.lua @@ -489,6 +489,7 @@ int kr_cache_remove(struct kr_cache *, const knot_dname_t *, uint16_t); int kr_cache_remove_subtree(struct kr_cache *, const knot_dname_t *, _Bool, int); int kr_cache_commit(struct kr_cache *); uint32_t packet_ttl(const knot_pkt_t *); +int kr_rules_init(const char *, size_t); int kr_view_insert_action(const char *, const char *); int kr_view_select_action(const struct kr_request *, knot_db_val_t *); int kr_rule_tag_add(const char *, kr_rule_tags_t *); diff --git a/daemon/lua/kres-gen-32.lua b/daemon/lua/kres-gen-32.lua index 69ccfee88..bd7d2c300 100644 --- a/daemon/lua/kres-gen-32.lua +++ b/daemon/lua/kres-gen-32.lua @@ -490,6 +490,7 @@ int kr_cache_remove(struct kr_cache *, const knot_dname_t *, uint16_t); int kr_cache_remove_subtree(struct kr_cache *, const knot_dname_t *, _Bool, int); int kr_cache_commit(struct kr_cache *); uint32_t packet_ttl(const knot_pkt_t *); +int kr_rules_init(const char *, size_t); int kr_view_insert_action(const char *, const char *); int kr_view_select_action(const struct kr_request *, knot_db_val_t *); int kr_rule_tag_add(const char *, kr_rule_tags_t *); diff --git a/daemon/lua/kres-gen.sh b/daemon/lua/kres-gen.sh index d4ee27724..c52ba095e 100755 --- a/daemon/lua/kres-gen.sh +++ b/daemon/lua/kres-gen.sh @@ -289,6 +289,7 @@ ${CDEFS} ${LIBKRES} functions <<-EOF # FIXME: perhaps rename this exported symbol packet_ttl # New policy + kr_rules_init kr_view_insert_action kr_view_select_action kr_rule_tag_add diff --git a/daemon/main.c b/daemon/main.c index 6b8ca064b..d1e9f57d6 100644 --- a/daemon/main.c +++ b/daemon/main.c @@ -583,14 +583,6 @@ int main(int argc, char **argv) goto cleanup; } - ret = kr_rules_init(); - if (ret) { - kr_log_error(RULES, "failed to initialize policy rule engine: %s\n", - kr_strerror(ret)); - ret = EXIT_FAILURE; - goto cleanup; - } - for (i = 0; i < the_args->config.len; ++i) { const char *config = the_args->config.at[i]; if (engine_loadconf(&engine, config) != 0) { @@ -600,6 +592,14 @@ int main(int argc, char **argv) lua_settop(engine.L, 0); } + ret = kr_rules_init_ensure(); + if (ret) { + kr_log_error(RULES, "failed to initialize policy rule engine: %s\n", + kr_strerror(ret)); + ret = EXIT_FAILURE; + goto cleanup; + } + drop_capabilities(); if (engine_start(&engine) != 0) { diff --git a/lib/rules/api.c b/lib/rules/api.c index 6cd9da82d..325ed77df 100644 --- a/lib/rules/api.c +++ b/lib/rules/api.c @@ -62,7 +62,7 @@ static int tag_names_default(void) int kr_rule_tag_add(const char *tag, kr_rule_tags_t *tagset) { - kr_require(the_rules); + ENSURE_the_rules; // Construct the DB key. const uint8_t key_prefix[] = "\0tag_"; knot_db_val_t key; @@ -128,20 +128,27 @@ int kr_rule_tag_add(const char *tag, kr_rule_tags_t *tagset) } -int kr_rules_init(void) +int kr_rules_init_ensure(void) { - kr_require(!the_rules); + if (the_rules) + return kr_ok(); + return kr_rules_init(NULL, 0); +} +int kr_rules_init(const char *path, size_t maxsize) +{ + if (the_rules) + return kr_error(EINVAL); the_rules = calloc(1, sizeof(*the_rules)); kr_require(the_rules); the_rules->api = kr_cdb_lmdb(); struct kr_cdb_opts opts = { .is_cache = false, - .path = "ruledb", // under current workdir + .path = path ? path : "ruledb", // under current workdir // FIXME: the file will be sparse, but we still need to choose its size somehow. // Later we might improve it to auto-resize in case of running out of space. // Caveat: mdb_env_set_mapsize() can only be called without transactions open. - .maxsize = 10 * 1024*(size_t)1024, + .maxsize = maxsize ? maxsize : 100 * 1024*(size_t)1024, }; int ret = the_rules->api->open(&the_rules->db, &the_rules->stats, &opts, NULL); /* No persistence - we always refill from config for now. @@ -171,8 +178,8 @@ int kr_rules_init(void) failure: free(the_rules); the_rules = NULL; - auto_free const char *path = kr_absolutize_path(".", opts.path); - kr_log_error(RULES, "failed while opening or initializing rule DB %s/\n", path); + auto_free const char *path_abs = kr_absolutize_path(".", opts.path); + kr_log_error(RULES, "failed while opening or initializing rule DB %s/\n", path_abs); return ret; } @@ -503,7 +510,6 @@ static int answer_exact_match(struct kr_query *qry, knot_pkt_t *pkt, uint16_t ty return kr_ok(); } - knot_db_val_t local_data_key(const knot_rrset_t *rrs, uint8_t key_data[KEY_MAXLEN], const char *ruleset_name) { @@ -526,7 +532,7 @@ knot_db_val_t local_data_key(const knot_rrset_t *rrs, uint8_t key_data[KEY_MAXLE int kr_rule_local_data_ins(const knot_rrset_t *rrs, const knot_rdataset_t *sig_rds, kr_rule_tags_t tags) { - kr_require(the_rules); + ENSURE_the_rules; // Construct the DB key. uint8_t key_data[KEY_MAXLEN]; knot_db_val_t key = local_data_key(rrs, key_data, RULESET_DEFAULT); @@ -559,7 +565,7 @@ int local_data_ins(knot_db_val_t key, const knot_rrset_t *rrs, } int kr_rule_local_data_del(const knot_rrset_t *rrs, kr_rule_tags_t tags) { - kr_require(the_rules); + ENSURE_the_rules; uint8_t key_data[KEY_MAXLEN]; knot_db_val_t key = local_data_key(rrs, key_data, RULESET_DEFAULT); return ruledb_op(remove, &key, 1); @@ -715,6 +721,7 @@ knot_db_val_t zla_key(const knot_dname_t *apex, uint8_t key_data[KEY_MAXLEN]) int insert_trivial_zone(val_zla_type_t ztype, uint32_t ttl, const knot_dname_t *apex, kr_rule_tags_t tags) { + ENSURE_the_rules; uint8_t key_data[KEY_MAXLEN]; knot_db_val_t key = zla_key(apex, key_data); @@ -820,7 +827,7 @@ bool subnet_is_prefix(uint8_t a, uint8_t b) int kr_view_insert_action(const char *subnet, const char *action) { - kr_require(the_rules); + ENSURE_the_rules; // Parse the subnet string. union kr_sockaddr saddr; saddr.ip.sa_family = kr_straddr_family(subnet); diff --git a/lib/rules/api.h b/lib/rules/api.h index 90ea4a9e0..2ba45f209 100644 --- a/lib/rules/api.h +++ b/lib/rules/api.h @@ -15,8 +15,16 @@ typedef uint64_t kr_rule_tags_t; /// Tags "capacity", i.e. numbered from 0 to _CAP - 1. #define KR_RULE_TAGS_CAP (sizeof(kr_rule_tags_t) * 8) +/** Open the rule DB. + * + * You can call this to override the path or size (NULL/0 -> default). + * Not allowed if already open (EINVAL), so this optional call has to come + * before writing anything into the DB. */ +KR_EXPORT +int kr_rules_init(const char *path, size_t maxsize); +/** kr_rules_init() but OK if already open, and not allowing to override defaults. */ KR_EXPORT -int kr_rules_init(void); +int kr_rules_init_ensure(void); KR_EXPORT void kr_rules_deinit(void); diff --git a/lib/rules/forward.c b/lib/rules/forward.c index 1f4248d01..d0d261d9f 100644 --- a/lib/rules/forward.c +++ b/lib/rules/forward.c @@ -129,6 +129,7 @@ fallback: int kr_rule_forward(const knot_dname_t *apex, kr_rule_fwd_flags_t flags, const struct sockaddr * targets[]) { + ENSURE_the_rules; const kr_rule_tags_t tags = KR_RULE_TAGS_ALL; const val_zla_type_t ztype = VAL_ZLAT_FORWARD; diff --git a/lib/rules/impl.h b/lib/rules/impl.h index 80eaad8d3..fe6c1e035 100644 --- a/lib/rules/impl.h +++ b/lib/rules/impl.h @@ -20,6 +20,12 @@ int rules_defaults_insert(void); struct kr_rules; extern struct kr_rules *the_rules; +#define ENSURE_the_rules \ + if (!the_rules) { \ + int ret = kr_rules_init(NULL, 0); \ + if (ret) return ret; \ + } + #define KEY_RULESET_MAXLEN 16 /**< max. len of ruleset ID + 1(for kind) */ /** When constructing a key, it's convenient that the dname_lf ends on a fixed offset. * Convention: the end here is before the final '\0' byte (if any). */ diff --git a/lib/rules/zonefile.c b/lib/rules/zonefile.c index 00d3bce8a..fc5ff1f51 100644 --- a/lib/rules/zonefile.c +++ b/lib/rules/zonefile.c @@ -210,7 +210,7 @@ static void process_record(zs_scanner_t *s) int kr_rule_zonefile(const struct kr_rule_zonefile_config *c) { - kr_require(c && the_rules); + ENSURE_the_rules; zs_scanner_t s_storage, *s = &s_storage; /* zs_init(), zs_set_input_file(), zs_set_processing() returns -1 in case of error, * so don't print error code as it meaningless. */