2 * Copyright (C) 2008 Andre Noll <maan@systemlinux.org>
4 * Licensed under the GPL v2. For licencing details see COPYING.
7 /** \file user.c \brief User and user ID handling. */
10 #include <dirent.h> /* readdir() */
11 #include <sys/types.h>
19 * Describes one range of admissible user IDs.
21 * adu converts the admissible user ids given at the command line
22 * into an array of such structs.
25 /** Lowest admissible user ID. */
27 /** Greatest admissible user ID. */
31 /** Iterate over all uid ranges. */
32 #define FOR_EACH_UID_RANGE(ur, urs) for (ur = urs; ur->low <= ur->high; ur++)
34 /** Flags for the user hash table. */
36 /** Whether this slot of the hash table is used. */
38 /** Whether this uid should be taken into account. */
43 * Contains info for each user that owns at least one regular file.
45 * Even users that are not taken into account because of the --uid
46 * option occupy a slot in this hash table. This allows to find out
47 * quicky whether a uid is admissible. And yes, this has to be fast.
49 static struct user_info *uid_hash_table;
51 /** This is always a power of two. It is set in create_hash_table(). */
52 static uint32_t uid_hash_table_size;
54 /** The number of used slots in the hash table. */
55 static uint32_t num_uids;
58 * The columns of the per-user tables.
60 * Adu tracks disk usage on a per-user basis. For each user, a user table is
61 * being created. The rows of the user table have three columns: The directory
62 * number that may be resolved to the path using the directory table, the
63 * number of bytes and the number of files in that directory owned by the given
66 static struct osl_column_description user_table_cols[] = {
68 .storage_type = OSL_MAPPED_STORAGE,
69 .storage_flags = OSL_RBTREE | OSL_FIXED_SIZE | OSL_UNIQUE,
71 .compare_function = uint64_compare,
72 .data_size = sizeof(uint64_t)
75 .storage_type = OSL_MAPPED_STORAGE,
76 .storage_flags = OSL_RBTREE | OSL_FIXED_SIZE,
77 .compare_function = size_compare,
79 .data_size = sizeof(uint64_t)
82 .storage_type = OSL_MAPPED_STORAGE,
83 .storage_flags = OSL_RBTREE | OSL_FIXED_SIZE,
84 .compare_function = size_compare,
86 .data_size = sizeof(uint64_t)
90 static int check_uid_arg(const char *arg, uint32_t *uid)
92 const uint32_t max = ~0U;
94 * we need an 64-bit int for string -> uid conversion because strtoll()
95 * returns a signed value.
98 int ret = atoi64(arg, &val);
102 if (val < 0 || val > max)
103 return -ERRNO_TO_ERROR(EINVAL);
108 static int parse_uid_range(const char *orig_arg, struct uid_range *ur)
111 char *arg = adu_strdup(orig_arg), *p = strchr(arg, '-');
113 if (!p || p == arg) { /* -42 or 42 */
114 ret = check_uid_arg(p? p + 1 : arg, &ur->high);
117 ur->low = p? 0 : ur->high;
124 ret = check_uid_arg(arg, &ur->low);
128 if (*p) { /* 42-4711 */
129 ret = check_uid_arg(p, &ur->high);
133 if (ur->low > ur->high)
134 ret = -ERRNO_TO_ERROR(EINVAL);
137 ERROR_LOG("bad uid option: %s\n", orig_arg);
139 INFO_LOG("admissible uid range: %u - %u\n", ur->low,
146 * Convert the --uid argument to an array of uid ranges.
148 * \param orig_arg The argument to the --uid option.
149 * \param ur Result pointer.
151 * Returns Negative on errors. On success, the number of uid ranges
154 int parse_uid_arg(const char *orig_arg, struct uid_range **ur)
162 arg = adu_strdup(orig_arg);
163 n = split_args(arg, &argv, ",");
166 *ur = adu_malloc((n + 1) * sizeof(struct uid_range));
167 for (i = 0; i < n; i++) {
168 ret = parse_uid_range(argv[i], *ur + i);
179 /* an empty range indicates the end of the list */
185 static int uid_is_admissible(uint32_t uid, struct uid_range *urs)
187 struct uid_range *ur;
190 if (!urs) /* empty array means all uids are allowed */
192 FOR_EACH_UID_RANGE(ur, urs)
193 if (ur->low <= uid && ur->high >= uid)
197 DEBUG_LOG("uid %u is %sadmissible\n", (unsigned)uid,
203 * Add each given user to the array of admissible users.
205 * \param users Array of user names to add.
206 * \param num_users Length of \a users.
207 * \param admissible_uids The users which are already admissible.
208 * \param num_uid_ranges The number of intervals of \a admissible_uids.
210 * For each given user, the function checks whether that user is already
211 * admissible, i.e. its uid is contained in one of the ranges given by \a
212 * admissible_uids. If it is, the function ignores that user. Otherwise, a new
213 * length-one range consisting of that uid only is appended to \a
216 * \return Negative on errors, the new number of uid ranges on success.
218 int append_users(char **users, int num_users,
219 struct uid_range **admissible_uids, int num_uid_ranges)
222 struct uid_range *au = *admissible_uids;
224 for (i = 0; i < num_users; i++) {
226 struct uid_range *ur;
227 struct passwd *pw = getpwnam(u);
230 ERROR_LOG("user %s not found\n", u);
231 return -ERRNO_TO_ERROR(EINVAL);
233 if (au && uid_is_admissible(pw->pw_uid, au))
234 continue; /* nothing to do */
235 /* add a range consisting of this uid only */
237 au = adu_realloc(au, (num_uid_ranges + 1) *
238 sizeof(struct uid_range));
239 *admissible_uids = au;
240 ur = au + num_uid_ranges - 1; /* the new uid range */
241 ur->low = ur->high = pw->pw_uid;
242 /* terminate the list */
247 return num_uid_ranges;
250 static inline int ui_used(struct user_info *ui)
252 return ui->flags & UI_FL_SLOT_USED;
255 static inline int ui_admissible(struct user_info *ui)
257 return ui->flags & UI_FL_ADMISSIBLE;
260 static int open_user_table(struct user_info *ui, int create)
265 ui->desc = adu_malloc(sizeof(*ui->desc));
266 ui->desc->num_columns = NUM_UT_COLUMNS;
268 ui->desc->column_descriptions = user_table_cols;
269 ui->desc->dir = adu_strdup(database_dir);
270 ui->desc->name = make_message("%u", (unsigned)ui->uid);
271 pw = getpwuid(ui->uid);
272 if (pw && pw->pw_name)
273 ui->pw_name = adu_strdup(pw->pw_name);
275 INFO_LOG("opening table for uid %u\n", (unsigned)ui->uid);
277 ret = osl(osl_create_table(ui->desc));
282 ret = osl(osl_open_table(ui->desc, &ui->table));
287 free((char *)ui->desc->name);
288 free((char *)ui->desc->dir);
291 ui->desc->name = NULL;
292 ui->desc->dir = NULL;
299 /** Iterate over each user in the uid hash table. */
300 #define FOR_EACH_USER(ui) for (ui = uid_hash_table; ui < \
301 uid_hash_table + uid_hash_table_size; ui++)
305 * Execute the given function for each admissible user.
307 * \param func The function to execute.
308 * \param data Arbitrary pointer.
310 * This function calls \a func for each admissible user in the uid hash table.
311 * The \a data pointer is passed as the second argument to \a func.
313 * \return As soon as \a func returns a negative value, the loop is terminated
314 * and that negative value is returned. Otherwise, the function returns 1.
316 int for_each_admissible_user(int (*func)(struct user_info *, void *),
321 assert(uid_hash_table);
322 for (i = 0; i < uid_hash_table_size; i++) {
324 struct user_info *ui = uid_hash_table + i;
326 if (!ui_used(ui) || !ui_admissible(ui))
328 ret = func(ui, data);
335 /** Prime number used for calculating the slot for an uid. */
336 #define PRIME1 0xb11924e1
337 /** Prime number used for probe all slots. */
338 #define PRIME2 0x01000193
341 * Create a hash table large enough of given size.
343 * \param bits Sets the maximal number of hash table entries to ^bits.
345 void create_hash_table(unsigned bits)
347 uid_hash_table_size = 1 << bits;
348 uid_hash_table = adu_calloc(uid_hash_table_size *
349 sizeof(struct user_info));
353 * Close all open user tables and destroy the uid hash table.
355 * For each used slot in the uid hash table, close the osl user table if it is
356 * open. Finally, free the uid hash table.
358 void close_user_tables(void)
360 struct user_info *ui;
369 INFO_LOG("closing user table for uid %u\n", (unsigned)ui->uid);
370 ret = osl(osl_close_table(ui->table, OSL_MARK_CLEAN));
372 ERROR_LOG("failed to close user table %u: %s\n",
373 (unsigned)ui->uid, adu_strerror(-ret));
374 free((char *)ui->desc->name);
375 ui->desc->name = NULL;
376 free((char *)ui->desc->dir);
377 ui->desc->dir = NULL;
385 free(uid_hash_table);
386 uid_hash_table = NULL;
390 * We use a hash table of size s=2^uid_hash_bits to map the uids into the
391 * interval [0..s-1]. Hash collisions are treated by open addressing, i.e.
392 * unused slots in the table are used to store different uids that hash to the
395 * If a hash collision occurs, different slots are successively probed in order
396 * to find an unused slot for the new uid. Probing is implemented via a second
397 * hash function that maps the uid to h=(uid * PRIME2) | 1, which is always an
400 * An odd number is sufficient to make sure each entry of the hash table gets
401 * probed for probe_num between 0 and s-1 because s is a power of two, hence
402 * the second hash value has never a common divisor with the hash table size.
403 * IOW: h is invertible in the ring [0..s-1].
405 static uint32_t double_hash(uint32_t uid, uint32_t probe_num)
407 return (uid * PRIME1 + ((uid * PRIME2) | 1) * probe_num)
408 % uid_hash_table_size;
411 static struct user_info *lookup_uid(uint32_t uid)
415 for (p = 0; p < uid_hash_table_size; p++) {
416 struct user_info *ui = uid_hash_table + double_hash(uid, p);
426 * Create and open a osl table for the given uid.
428 * \param uid The user ID.
429 * \param ui_ptr Result pointer
431 * Find out whether \a uid already exists in the uid hash table. If yes, just
432 * return the user info struct via \a ui_ptr. Otherwise, insert \a uid into the
433 * uid hash table, create and open the osl user table and also return the user
434 * info struct via \a ui_ptr.
438 int create_user_table(uint32_t uid, struct user_info **ui_ptr)
440 struct user_info *ui = lookup_uid(uid);
443 return -E_HASH_TABLE_OVERFLOW;
448 ui->flags |= UI_FL_SLOT_USED;
449 return open_user_table(ui, 1);
452 static char *get_uid_list_name(void)
454 return make_message("%s/uid_list", database_dir);
457 * Open the osl tables for all admissible uids.
459 * \param admissible_uids Determines which uids are considered admissible.
461 * Each slot in the hash table contains, among other information, a bit which
462 * specifies whether the uid of the slot is admissible in the current context.
464 * This function iterates over all entries in the hash table and checks for
465 * each used slot whether the corresponding uid is admissible with respect to
466 * \a admissible_uids. If so, it sets the admissible bit for this slot and
467 * opens the osl table of the uid.
471 int open_admissible_user_tables(struct uid_range *admissible_uids)
473 struct user_info *ui;
475 assert(uid_hash_table);
476 DEBUG_LOG("size: %d\n", uid_hash_table_size);
482 if (!uid_is_admissible(ui->uid, admissible_uids)) {
483 DEBUG_LOG("uid %u is not admissible\n", ui->uid);
484 ui->flags &= ~UI_FL_ADMISSIBLE;
487 ui->flags |= UI_FL_ADMISSIBLE;
490 ret = open_user_table(ui, 0);
498 * Read the file of all possible uids.
500 * This is called from select/interactive mode. First a large hash table, large
501 * enough to store all uids contained in the uid file is created. Next, the
502 * uids are read from the uid file which was created during the creation of the
503 * database and each uid is inserted into the hash table.
505 * \sa write_uid_file().
509 int read_uid_file(void)
513 char *filename = get_uid_list_name(), *map;
514 int ret = mmap_full_file(filename, O_RDONLY, (void **)&map, &size, NULL);
518 ERROR_LOG("failed to map %s\n", filename);
523 INFO_LOG("found %u uids in %s\n", (unsigned)num_uids, filename);
526 * Compute number of hash table bits. The hash table size must be a
527 * power of two and larger than the number of uids.
530 while (1 << bits < num_uids)
532 create_hash_table(bits);
533 for (n = 0; n < num_uids; n++) {
534 uint32_t uid = read_u32(map + n * sizeof(uid));
535 struct user_info *ui = lookup_uid(uid);
537 if (ui_used(ui)) { /* impossible */
538 ERROR_LOG("duplicate user id!?\n");
543 ui->flags |= UI_FL_SLOT_USED;
547 adu_munmap(map, size);
552 * Write the list of uids to permanent storage.
554 * This is called from create mode after the dir table and all uer tables have
555 * been created. The file simply contains the list of all uids that own at
556 * least one regular file in the base directory and hence an osl table for this
559 * \sa read_uid_file().
563 int write_uid_file(void)
565 char *buf, *p, *filename;
566 size_t size = num_uids * sizeof(uint32_t);
568 struct user_info *ui;
572 buf = p = adu_malloc(size);
576 write_u32(p, ui->uid);
577 p += sizeof(uint32_t);
579 filename = get_uid_list_name();
580 ret = adu_write_file(filename, buf, size);
projects / adu.git / blob