commit 3516b818d980c345f14772c0ed6616701de5328f from: Stefan Sperling date: Sat Sep 08 15:42:23 2018 UTC init ibuf only once for the lifetime of a privsep child commit - 7cc94e29d3adf2b69dedf6c238eb04cfb255089c commit + 3516b818d980c345f14772c0ed6616701de5328f blob - ea058702e40e67e713aa1321c05e22edb72d9700 blob + 83664d5c5fa5bdad1b2dc3c1553e78bfe9df2840 --- lib/got_lib_repository.h +++ lib/got_lib_repository.h @@ -47,6 +47,7 @@ struct got_object_cache { struct got_privsep_child { int imsg_fd; pid_t pid; + struct imsgbuf *ibuf; }; struct got_repository { blob - d4f209240efa15b01cc928f166088b0c268144ef blob + cffa8b71e369595ae12df72d5ae5f97964e9265e --- lib/object_parse.c +++ lib/object_parse.c @@ -93,18 +93,15 @@ static const struct got_error * request_object(struct got_object **obj, struct got_repository *repo, int fd) { const struct got_error *err = NULL; - struct imsgbuf ibuf; + struct imsgbuf *ibuf; - imsg_init(&ibuf, - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_OBJECT].imsg_fd); + ibuf = repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_OBJECT].ibuf; - err = got_privsep_send_obj_req(&ibuf, fd, NULL); + err = got_privsep_send_obj_req(ibuf, fd, NULL); if (err) - goto done; - err = got_privsep_recv_obj(obj, &ibuf); -done: - imsg_clear(&ibuf); - return err; + return err; + + return got_privsep_recv_obj(obj, ibuf); } static void @@ -136,10 +133,15 @@ got_object_read_header_privsep(struct got_object **obj { int imsg_fds[2]; pid_t pid; + struct imsgbuf *ibuf; if (repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_OBJECT].imsg_fd != -1) return request_object(obj, repo, obj_fd); + ibuf = calloc(1, sizeof(*ibuf)); + if (ibuf == NULL) + return got_error_from_errno(); + if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, imsg_fds) == -1) return got_error_from_errno(); @@ -155,6 +157,8 @@ got_object_read_header_privsep(struct got_object **obj repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_OBJECT].imsg_fd = imsg_fds[0]; repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_OBJECT].pid = pid; + imsg_init(ibuf, imsg_fds[0]); + repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_OBJECT].ibuf = ibuf; return request_object(obj, repo, obj_fd); } @@ -608,19 +612,15 @@ request_commit(struct got_commit_object **commit, stru struct got_object *obj, int fd) { const struct got_error *err = NULL; - struct imsgbuf ibuf; + struct imsgbuf *ibuf; - imsg_init(&ibuf, - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_COMMIT].imsg_fd); + ibuf = repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_COMMIT].ibuf; - err = got_privsep_send_obj_req(&ibuf, fd,obj); - if (err) - goto done; + err = got_privsep_send_obj_req(ibuf, fd,obj); + if (err) + return err; - err = got_privsep_recv_commit(commit, &ibuf); -done: - imsg_clear(&ibuf); - return err; + return got_privsep_recv_commit(commit, ibuf); } const struct got_error * @@ -629,10 +629,15 @@ got_object_read_commit_privsep(struct got_commit_objec { int imsg_fds[2]; pid_t pid; + struct imsgbuf *ibuf; if (repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_COMMIT].imsg_fd != -1) return request_commit(commit, repo, obj, obj_fd); + ibuf = calloc(1, sizeof(*ibuf)); + if (ibuf == NULL) + return got_error_from_errno(); + if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, imsg_fds) == -1) return got_error_from_errno(); @@ -648,6 +653,8 @@ got_object_read_commit_privsep(struct got_commit_objec repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_COMMIT].imsg_fd = imsg_fds[0]; repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_COMMIT].pid = pid; + imsg_init(ibuf, imsg_fds[0]); + repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_COMMIT].ibuf = ibuf; return request_commit(commit, repo, obj, obj_fd); } @@ -657,19 +664,15 @@ request_tree(struct got_tree_object **tree, struct got struct got_object *obj, int fd) { const struct got_error *err = NULL; - struct imsgbuf ibuf; + struct imsgbuf *ibuf; - imsg_init(&ibuf, - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TREE].imsg_fd); + ibuf = repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TREE].ibuf; - err = got_privsep_send_obj_req(&ibuf, fd,obj); + err = got_privsep_send_obj_req(ibuf, fd,obj); if (err) - goto done; + return err; - err = got_privsep_recv_tree(tree, &ibuf); -done: - imsg_clear(&ibuf); - return err; + return got_privsep_recv_tree(tree, ibuf); } const struct got_error * @@ -678,10 +681,15 @@ got_object_read_tree_privsep(struct got_tree_object ** { int imsg_fds[2]; pid_t pid; + struct imsgbuf *ibuf; if (repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TREE].imsg_fd != -1) return request_tree(tree, repo, obj, obj_fd); + ibuf = calloc(1, sizeof(*ibuf)); + if (ibuf == NULL) + return got_error_from_errno(); + if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, imsg_fds) == -1) return got_error_from_errno(); @@ -694,10 +702,14 @@ got_object_read_tree_privsep(struct got_tree_object ** } close(imsg_fds[1]); + repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TREE].imsg_fd = imsg_fds[0]; repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TREE].pid = pid; + imsg_init(ibuf, imsg_fds[0]); + repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_TREE].ibuf = ibuf; + return request_tree(tree, repo, obj, obj_fd); } @@ -705,28 +717,26 @@ static const struct got_error * request_blob(size_t *size, int outfd, int infd, struct got_repository *repo) { const struct got_error *err = NULL; - struct imsgbuf ibuf; int outfd_child; + struct imsgbuf *ibuf; outfd_child = dup(outfd); if (outfd_child == -1) return got_error_from_errno(); - imsg_init(&ibuf, - repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_BLOB].imsg_fd); + ibuf = repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_BLOB].ibuf; - err = got_privsep_send_blob_req(&ibuf, outfd_child, infd); + err = got_privsep_send_blob_req(ibuf, outfd_child, infd); if (err) - goto done; + return err; - err = got_privsep_recv_blob(size, &ibuf); + err = got_privsep_recv_blob(size, ibuf); if (err) - goto done; + return err; if (lseek(outfd, SEEK_SET, 0) == -1) - err = got_error_from_errno(); -done: - imsg_clear(&ibuf); + return got_error_from_errno(); + return err; } @@ -736,10 +746,15 @@ got_object_read_blob_privsep(size_t *size, int outfd, { int imsg_fds[2]; pid_t pid; + struct imsgbuf *ibuf; if (repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_BLOB].imsg_fd != -1) return request_blob(size, outfd, infd, repo); + ibuf = calloc(1, sizeof(*ibuf)); + if (ibuf == NULL) + return got_error_from_errno(); + if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, imsg_fds) == -1) return got_error_from_errno(); @@ -755,6 +770,8 @@ got_object_read_blob_privsep(size_t *size, int outfd, repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_BLOB].imsg_fd = imsg_fds[0]; repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_BLOB].pid = pid; + imsg_init(ibuf, imsg_fds[0]); + repo->privsep_children[GOT_REPO_PRIVSEP_CHILD_BLOB].ibuf = ibuf; return request_blob(size, outfd, infd, repo); } blob - 7ebf16fd18566adf4b16ba0bb1c5c0d7bde1ea09 blob + 2a9822b7424239898ca9534c7fde9149e577eefc --- lib/repository.c +++ lib/repository.c @@ -415,8 +415,9 @@ got_repo_open(struct got_repository **repop, const cha } for (i = 0; i < nitems(repo->privsep_children); i++) { + memset(&repo->privsep_children[i], 0, + sizeof(repo->privsep_children[0])); repo->privsep_children[i].imsg_fd = -1; - repo->privsep_children[i].pid = 0; } repo->objcache.type = GOT_OBJECT_CACHE_TYPE_OBJ; @@ -586,6 +587,8 @@ got_repo_close(struct got_repository *repo) for (i = 0; i < nitems(repo->privsep_children); i++) { if (repo->privsep_children[i].imsg_fd == -1) continue; + imsg_clear(repo->privsep_children[i].ibuf); + free(repo->privsep_children[i].ibuf); err = got_privsep_send_stop(repo->privsep_children[i].imsg_fd); child_err = wait_for_child(repo->privsep_children[i].pid); if (child_err && err == NULL)