+/*
+ * Copyright (C) 2008 Andre Noll <maan@systemlinux.org>
+ *
+ * Licensed under the GPL v2. For licencing details see COPYING.
+ */
+
+/** \file user.c uid User and user ID handling. */
+
+#include "adu.h"
+#include <dirent.h> /* readdir() */
+#include <sys/types.h>
+#include <pwd.h>
+#include "cmdline.h" /* TODO: This file should be independent of command line options */
+#include "user.h"
+#include "fd.h"
+#include "string.h"
+#include "error.h"
+
+/**
+ * Describes one range of admissible user IDs.
+ *
+ * adu converts the admissible user ids given at the command line
+ * into an array of such structs.
+ */
+struct uid_range {
+ /** Lowest admissible user ID. */
+ uint32_t low;
+ /** Greatest admissible user ID. */
+ uint32_t high;
+};
+
+#define FOR_EACH_UID_RANGE(ur, urs) for (ur = urs; ur->low <= ur->high; ur++)
+
+/** Flags for the user hash table. */
+enum uid_info_flags {
+ /** Whether this slot of the hash table is used. */
+ UI_FL_SLOT_USED = 1,
+ /** Whether this uid should be taken into account. */
+ UI_FL_ADMISSIBLE = 2,
+};
+/*
+ * Contains info for each user that owns at least one regular file.
+ *
+ * Even users that are not taken into account because of the --uid
+ * option occupy a slot in this hash table. This allows to find out
+ * quicky whether a uid is admissible. And yes, this has to be fast.
+ */
+static struct user_info *uid_hash_table;
+
+/** This is always a power of two. It is set in create_hash_table(). */
+static uint32_t uid_hash_table_size;
+
+/*
+ * The columns of the per-user tables.
+ *
+ * Adu tracks disk usage on a per-user basis. For each user, a user table is
+ * being created. The rows of the user table have three columns: The directory
+ * number that may be resolved to the path using the directory table, the
+ * number of bytes and the number of files in that directory owned by the given
+ * user.
+ */
+static struct osl_column_description user_table_cols[] = {
+ [UT_DIR_NUM] = {
+ .storage_type = OSL_MAPPED_STORAGE,
+ .storage_flags = OSL_RBTREE | OSL_FIXED_SIZE | OSL_UNIQUE,
+ .name = "dir_num",
+ .compare_function = uint64_compare,
+ .data_size = sizeof(uint64_t)
+ },
+ [UT_BYTES] = {
+ .storage_type = OSL_MAPPED_STORAGE,
+ .storage_flags = OSL_RBTREE | OSL_FIXED_SIZE,
+ .compare_function = size_compare,
+ .name = "num_bytes",
+ .data_size = sizeof(uint64_t)
+ },
+ [UT_FILES] = {
+ .storage_type = OSL_MAPPED_STORAGE,
+ .storage_flags = OSL_RBTREE | OSL_FIXED_SIZE,
+ .compare_function = size_compare,
+ .name = "num_files",
+ .data_size = sizeof(uint64_t)
+ },
+};
+
+static int check_uid_arg(const char *arg, uint32_t *uid)
+{
+ const uint32_t max = ~0U;
+ /*
+ * we need an 64-bit int for string -> uid conversion because strtoll()
+ * returns a signed value.
+ */
+ int64_t val;
+ int ret = atoi64(arg, &val);
+
+ if (ret < 0)
+ return ret;
+ if (val < 0 || val > max)
+ return -ERRNO_TO_ERROR(EINVAL);
+ *uid = val;
+ return 1;
+}
+
+static int parse_uid_range(const char *orig_arg, struct uid_range *ur)
+{
+ int ret;
+ char *arg = adu_strdup(orig_arg), *p = strchr(arg, '-');
+
+ if (!p || p == arg) { /* -42 or 42 */
+ ret = check_uid_arg(p? p + 1 : arg, &ur->high);
+ if (ret < 0)
+ goto out;
+ ur->low = p? 0 : ur->high;
+ ret = 1;
+ goto out;
+ }
+ /* 42- or 42-4711 */
+ *p = '\0';
+ p++;
+ ret = check_uid_arg(arg, &ur->low);
+ if (ret < 0)
+ goto out;
+ ur->high = ~0U;
+ if (*p) { /* 42-4711 */
+ ret = check_uid_arg(p, &ur->high);
+ if (ret < 0)
+ goto out;
+ }
+ if (ur->low > ur->high)
+ ret = -ERRNO_TO_ERROR(EINVAL);
+out:
+ if (ret < 0)
+ ERROR_LOG("bad uid option: %s\n", orig_arg);
+ else
+ INFO_LOG("admissible uid range: %u - %u\n", ur->low,
+ ur->high);
+ free(arg);
+ return ret;
+}
+
+int parse_uid_arg(const char *orig_arg, struct uid_range **ur)
+{
+ char *arg, **argv;
+ unsigned n;
+ int i, ret = 1;
+
+ if (!orig_arg)
+ return 0;
+ arg = adu_strdup(orig_arg);
+ n = split_args(arg, &argv, ",");
+ if (!n)
+ return -E_SYNTAX;
+ *ur = adu_malloc((n + 1) * sizeof(struct uid_range));
+ for (i = 0; i < n; i++) {
+ ret = parse_uid_range(argv[i], *ur + i);
+ if (ret < 0)
+ break;
+ }
+ free(argv);
+ free(arg);
+ if (ret < 0) {
+ free(*ur);
+ *ur = NULL;
+ return ret;
+ }
+ /* an empty range indicates the end of the list */
+ (*ur)[n].low = 1;
+ (*ur)[n].high = 0;
+ return n;
+}
+
+
+static inline int ui_used(struct user_info *ui)
+{
+ return ui->flags & UI_FL_SLOT_USED;
+}
+
+static inline int ui_admissible(struct user_info *ui)
+{
+ return ui->flags & UI_FL_ADMISSIBLE;
+}
+
+static int open_user_table(struct user_info *ui, int create)
+{
+ int ret;
+ struct passwd *pw;
+
+ ui->desc = adu_malloc(sizeof(*ui->desc));
+ ui->desc->num_columns = NUM_UT_COLUMNS;
+ ui->desc->flags = 0;
+ ui->desc->column_descriptions = user_table_cols;
+ ui->desc->dir = adu_strdup(conf.database_dir_arg);
+ ui->desc->name = make_message("%u", (unsigned)ui->uid);
+ pw = getpwuid(ui->uid);
+ if (pw && pw->pw_name)
+ ui->pw_name = adu_strdup(pw->pw_name);
+
+ INFO_LOG(".............................uid #%u: %u\n",
+ (unsigned)num_uids, (unsigned)ui->uid);
+ if (create) {
+ ret = osl(osl_create_table(ui->desc));
+ if (ret < 0)
+ goto err;
+ num_uids++;
+ }
+ ret = osl(osl_open_table(ui->desc, &ui->table));
+ if (ret < 0)
+ goto err;
+ return 1;
+err:
+ free((char *)ui->desc->name);
+ free((char *)ui->desc->dir);
+ free(ui->pw_name);
+ free(ui->desc);
+ ui->desc->name = NULL;
+ ui->desc->dir = NULL;
+ ui->desc = NULL;
+ ui->table = NULL;
+ ui->flags = 0;
+ return ret;
+}
+
+int for_each_admissible_user(int (*func)(struct user_info *, void *),
+ void *data)
+{
+ struct user_info *ui = uid_hash_table;
+
+ if (!ui)
+ return -ERRNO_TO_ERROR(EFAULT);
+
+ for (; ui < uid_hash_table + uid_hash_table_size; ui++) {
+ int ret;
+
+ if (!ui_used(ui) || !ui_admissible(ui))
+ continue;
+ ret = func(ui, data);
+ if (ret < 0)
+ return ret;
+ }
+ return 1;
+}
+
+#define PRIME1 0xb11924e1
+#define PRIME2 0x01000193
+
+void create_hash_table(unsigned bits)
+{
+ uid_hash_table_size = 1 << bits;
+ uid_hash_table = adu_calloc(uid_hash_table_size *
+ sizeof(struct user_info));
+}
+
+void free_hash_table(void)
+{
+ free(uid_hash_table);
+ uid_hash_table = NULL;
+}
+
+static int close_user_table(struct user_info *ui, __a_unused void *data)
+{
+ int ret;
+
+ ret = osl(osl_close_table(ui->table, OSL_MARK_CLEAN));
+ if (ret < 0)
+ ERROR_LOG("failed to close user table %u: %s\n",
+ (unsigned) ui->uid, adu_strerror(-ret));
+ free((char *)ui->desc->name);
+ ui->desc->name = NULL;
+ free((char *)ui->desc->dir);
+ ui->desc->dir = NULL;
+ free(ui->pw_name);
+ ui->pw_name = NULL;
+ free(ui->desc);
+ ui->desc = NULL;
+ ui->table = NULL;
+ ui->flags = 0;
+ return 1;
+}
+
+void close_user_tables(void)
+{
+ for_each_admissible_user(close_user_table, NULL);
+}
+
+/*
+ * We use a hash table of size s=2^uid_hash_bits to map the uids into the
+ * interval [0..s]. Hash collisions are treated by open addressing, i.e.
+ * unused slots in the table are used to store different uids that hash to the
+ * same slot.
+ *
+ * If a hash collision occurs, different slots are successively probed in order
+ * to find an unused slot for the new uid. Probing is implemented via a second
+ * hash function that maps the uid to h=(uid * PRIME2) | 1, which is always an
+ * odd number.
+ *
+ * An odd number is sufficient to make sure each entry of the hash table gets
+ * probed for probe_num between 0 and s-1 because s is a power of two, hence
+ * the second hash value has never a common divisor with the hash table size.
+ * IOW: h is invertible in the ring [0..s].
+ */
+static uint32_t double_hash(uint32_t uid, uint32_t probe_num)
+{
+ return (uid * PRIME1 + ((uid * PRIME2) | 1) * probe_num)
+ % uid_hash_table_size;
+}
+
+static int uid_is_admissible(uint32_t uid, struct uid_range *urs)
+{
+ struct uid_range *ur;
+ int ret = 1;
+
+ if (!urs) /* empty array means all uids are allowed */
+ return 1;
+ FOR_EACH_UID_RANGE(ur, urs)
+ if (ur->low <= uid && ur->high >= uid)
+ goto out;
+ ret = 0;
+out:
+ DEBUG_LOG("uid %u is %sadmissible\n", (unsigned)uid,
+ ret? "" : "not ");
+ return ret;
+}
+
+int search_uid(uint32_t uid, struct uid_range *urs,
+ enum search_uid_flags flags, struct user_info **ui_ptr)
+{
+ uint32_t p;
+
+ for (p = 0; p < uid_hash_table_size; p++) {
+ struct user_info *ui = uid_hash_table + double_hash(uid, p);
+
+ if (!ui_used(ui)) {
+ int ret;
+ if (!flags)
+ return -E_BAD_UID;
+ ui->uid = uid;
+ ui->flags |= UI_FL_SLOT_USED;
+ if (!uid_is_admissible(uid, urs))
+ return 0;
+ ui->flags |= UI_FL_ADMISSIBLE;
+ ret = open_user_table(ui, flags & CREATE_USER_TABLE);
+ if (ret < 0)
+ return ret;
+
+ if (ui_ptr)
+ *ui_ptr = ui;
+ return 1;
+ }
+ if (ui->uid != uid)
+ continue;
+ if (ui_ptr)
+ *ui_ptr = ui;
+ return 0;
+ }
+ return flags? -E_HASH_TABLE_OVERFLOW : -E_BAD_UID;
+}
+
+static char *get_uid_list_name(void)
+{
+ return make_message("%s/uid_list", conf.database_dir_arg);
+}
+
+void sort_hash_table(int (*comp)(const void *, const void *))
+{
+ qsort(uid_hash_table, uid_hash_table_size, sizeof(struct user_info),
+ comp);
+}
+
+int read_uid_file(struct uid_range *admissible_uids)
+{
+ size_t size;
+ uint32_t n;
+ char *filename = get_uid_list_name(), *map;
+ int ret = mmap_full_file(filename, O_RDONLY, (void **)&map, &size, NULL);
+ unsigned bits;
+
+ if (ret < 0) {
+ INFO_LOG("failed to map %s\n", filename);
+ free(filename);
+ return ret;
+ }
+ num_uids = size / 4;
+ INFO_LOG("found %u uids in %s\n", (unsigned)num_uids, filename);
+ free(filename);
+ /*
+ * Compute number of hash table bits. The hash table size must be a
+ * power of two and larger than the number of uids.
+ */
+ bits = 2;
+ while (1 << bits < num_uids)
+ bits++;
+ create_hash_table(bits);
+ for (n = 0; n < num_uids; n++) {
+ uint32_t uid = read_u32(map + n * sizeof(uid));
+ ret = search_uid(uid, admissible_uids, OPEN_USER_TABLE, NULL);
+ if (ret < 0)
+ goto out;
+ }
+out:
+ adu_munmap(map, size);
+ return ret;
+}
+
+static int write_uid(struct user_info *ui, void *data)
+{
+ char **p = data;
+
+ write_u32(*p, ui->uid);
+ *p += sizeof(uint32_t);
+ return 1;
+}
+
+int write_uid_file(void)
+{
+ char *buf, *p, *filename;
+ size_t size = num_uids * sizeof(uint32_t);
+ int ret;
+
+ if (!num_uids)
+ return 0;
+ buf = p = adu_malloc(size);
+ ret = for_each_admissible_user(write_uid, &p);
+ if (ret < 0)
+ goto out;
+ filename = get_uid_list_name();
+ ret = adu_write_file(filename, buf, size);
+ free(filename);
+out:
+ free(buf);
+ return ret;
+}