key_stats *find_key_stats(proxy_td *ptd, char *key, int key_len,
uint64_t msec_time) {
key_stats *ks;
cb_assert(ptd);
cb_assert(key);
cb_assert(key_len > 0);
ks = mcache_get(&ptd->key_stats, key, key_len, msec_time);
if (ks == NULL) {
ks = calloc(1, sizeof(key_stats));
if (ks != NULL) {
memcpy(ks->key, key, key_len);
ks->key[key_len] = '\0';
ks->refcount = 1;
ks->added_at = msec_time;
mcache_set(&ptd->key_stats, ks,
msec_time +
ptd->behavior_pool.base.key_stats_lifespan,
true, false);
}
}
return ks;
}
bool multiget_ascii_downstream(downstream *d, conn *uc,
int (*emit_start)(conn *c, char *cmd, int cmd_len),
int (*emit_skey)(conn *c, char *skey, int skey_len),
int (*emit_end)(conn *c),
mcache *front_cache) {
assert(d != NULL);
assert(d->downstream_conns != NULL);
assert(d->multiget == NULL);
assert(uc != NULL);
assert(uc->noreply == false);
proxy_td *ptd = d->ptd;
assert(ptd != NULL);
proxy_stats_cmd *psc_get =
&ptd->stats.stats_cmd[STATS_CMD_TYPE_REGULAR][STATS_CMD_GET];
proxy_stats_cmd *psc_get_key =
&ptd->stats.stats_cmd[STATS_CMD_TYPE_REGULAR][STATS_CMD_GET_KEY];
int nwrite = 0;
int nconns = mcs_server_count(&d->mst);
for (int i = 0; i < nconns; i++) {
if (d->downstream_conns[i] != NULL &&
cproxy_prep_conn_for_write(d->downstream_conns[i]) == false) {
d->ptd->stats.stats.err_downstream_write_prep++;
cproxy_close_conn(d->downstream_conns[i]);
return false;
}
}
if (uc->next != NULL) {
// More than one upstream conn, so we need a hashtable
// to track keys for de-deplication.
//
d->multiget = genhash_init(128, skeyhash_ops);
if (settings.verbose > 1) {
fprintf(stderr, "cproxy multiget hash table new\n");
}
}
// Snapshot the volatile only once.
//
uint32_t msec_current_time_snapshot = msec_current_time;
int uc_num = 0;
conn *uc_cur = uc;
while (uc_cur != NULL) {
assert(uc_cur->cmd == -1);
assert(uc_cur->item == NULL);
assert(uc_cur->state == conn_pause);
assert(IS_ASCII(uc_cur->protocol));
assert(IS_PROXY(uc_cur->protocol));
char *command = uc_cur->cmd_start;
assert(command != NULL);
char *space = strchr(command, ' ');
assert(space > command);
int cmd_len = space - command;
assert(cmd_len == 3 || cmd_len == 4); // Either get or gets.
int cas_emit = (command[3] == 's');
if (settings.verbose > 1) {
fprintf(stderr, "forward multiget %s (%d %d)\n",
command, cmd_len, uc_num);
}
while (space != NULL) {
char *key = space + 1;
char *next_space = strchr(key, ' ');
int key_len;
if (next_space != NULL) {
key_len = next_space - key;
} else {
key_len = strlen(key);
// We've reached the last key.
//
psc_get->read_bytes += (key - command + key_len);
}
// This key_len check helps skip consecutive spaces.
//
if (key_len > 0) {
ptd->stats.stats.tot_multiget_keys++;
psc_get_key->seen++;
psc_get_key->read_bytes += key_len;
// Update key-based statistics.
//
bool do_key_stats =
matcher_check(&ptd->key_stats_matcher,
key, key_len, true) == true &&
matcher_check(&ptd->key_stats_unmatcher,
key, key_len, false) == false;
if (do_key_stats) {
touch_key_stats(ptd, key, key_len,
msec_current_time_snapshot,
STATS_CMD_TYPE_REGULAR,
STATS_CMD_GET_KEY,
1, 0, 0,
key_len, 0);
}
// Handle a front cache hit by queuing response.
//
// Note, front cache stats are part of mcache.
//
if (!cas_emit) {
item *it = mcache_get(front_cache, key, key_len,
msec_current_time_snapshot);
if (it != NULL) {
assert(it->nkey == key_len);
assert(strncmp(ITEM_key(it), key, it->nkey) == 0);
cproxy_upstream_ascii_item_response(it, uc_cur, 0);
psc_get_key->hits++;
psc_get_key->write_bytes += it->nbytes;
if (do_key_stats) {
touch_key_stats(ptd, key, key_len,
msec_current_time_snapshot,
STATS_CMD_TYPE_REGULAR,
STATS_CMD_GET_KEY,
0, 1, 0,
0, it->nbytes);
}
// The refcount was inc'ed by mcache_get() for us.
//
item_remove(it);
goto loop_next;
}
}
bool self = false;
conn *c = cproxy_find_downstream_conn(d, key, key_len,
&self);
if (c != NULL) {
if (self) {
// Optimization for talking with ourselves,
// to avoid extra network hop.
//
ptd->stats.stats.tot_optimize_self++;
item *it = item_get(key, key_len);
if (it != NULL) {
cproxy_upstream_ascii_item_response(it, uc_cur,
cas_emit);
psc_get_key->hits++;
psc_get_key->write_bytes += it->nbytes;
if (do_key_stats) {
touch_key_stats(ptd, key, key_len,
msec_current_time_snapshot,
STATS_CMD_TYPE_REGULAR,
STATS_CMD_GET_KEY,
0, 1, 0,
0, it->nbytes);
}
// The refcount was inc'ed by item_get() for us.
//
item_remove(it);
if (settings.verbose > 1) {
fprintf(stderr,
"optimize self multiget hit: %s\n",
key);
}
} else {
psc_get_key->misses++;
if (do_key_stats) {
touch_key_stats(ptd, key, key_len,
msec_current_time_snapshot,
STATS_CMD_TYPE_REGULAR,
STATS_CMD_GET_KEY,
0, 0, 1,
0, 0);
}
if (settings.verbose > 1) {
fprintf(stderr,
"optimize self multiget miss: %s\n",
key);
}
}
goto loop_next;
}
// See if we've already requested this key via
// the multiget hash table, in order to
// de-deplicate repeated keys.
//
bool first_request = true;
if (d->multiget != NULL) {
// TODO: Use Trond's allocator here.
//
multiget_entry *entry =
calloc(1, sizeof(multiget_entry));
if (entry != NULL) {
entry->upstream_conn = uc_cur;
entry->opaque = 0;
entry->hits = 0;
entry->next = genhash_find(d->multiget, key);
genhash_update(d->multiget, key, entry);
if (entry->next != NULL) {
first_request = false;
}
} else {
// TODO: Handle out of multiget entry memory.
}
}
if (first_request) {
assert(c->item == NULL);
assert(c->state == conn_pause);
assert(IS_PROXY(c->protocol));
assert(c->ilist != NULL);
assert(c->isize > 0);
if (c->msgused <= 1 &&
c->msgbytes <= 0) {
emit_start(c, command, cmd_len);
}
// Provide the preceding space as optimization
// for ascii-to-ascii configuration.
//
emit_skey(c, key - 1, key_len + 1);
} else {
ptd->stats.stats.tot_multiget_keys_dedupe++;
if (settings.verbose > 1) {
char buf[KEY_MAX_LENGTH + 10];
memcpy(buf, key, key_len);
buf[key_len] = '\0';
fprintf(stderr,
"%d cproxy multiget dedpue: %s\n",
uc_cur->sfd, buf);
}
}
} else {
// TODO: Handle when downstream conn is down.
}
}
loop_next:
space = next_space;
}
uc_num++;
uc_cur = uc_cur->next;
}
for (int i = 0; i < nconns; i++) {
conn *c = d->downstream_conns[i];
if (c != NULL &&
(c->msgused > 1 ||
c->msgbytes > 0)) {
emit_end(c);
conn_set_state(c, conn_mwrite);
c->write_and_go = conn_new_cmd;
if (update_event(c, EV_WRITE | EV_PERSIST)) {
nwrite++;
if (uc->noreply) {
c->write_and_go = conn_pause;
}
} else {
if (settings.verbose > 1) {
fprintf(stderr,
"Couldn't update cproxy write event\n");
}
d->ptd->stats.stats.err_oom++;
cproxy_close_conn(c);
}
}
}
if (settings.verbose > 1) {
fprintf(stderr, "forward multiget nwrite %d out of %d\n",
nwrite, nconns);
}
d->downstream_used_start = nwrite;
d->downstream_used = nwrite;
if (cproxy_dettach_if_noreply(d, uc) == false) {
d->upstream_suffix = "END\r\n";
cproxy_start_downstream_timeout(d, NULL);
}
return nwrite > 0;
}
uint32_t
mselinux_check_alloc(selinux_engine_t *se, const void *cookie,
const void *key, size_t keylen)
{
static security_id_t tsid = NULL;
mcache_t *mcache;
security_id_t ssid;
security_id_t nsid;
uint32_t secid;
if (!se->config.selinux)
return 0;
if (!tsid)
{
security_context_t context;
if (getcon_raw(&context) < 0)
return 0;
if (avc_context_to_sid_raw(context, &tsid) < 0)
{
freecon(context);
return 0;
}
freecon(context);
}
/*
* It the new allocation tries to replace an existing key,
* we copy security id from the older chunk.
*/
mcache = mcache_get(se, key, keylen);
if (mcache)
{
secid = mcache->mchunk->item.secid;
if (secid > 0)
{
mchunk_t *lchunk = mlabel_lookup_secid(se, secid);
if (!lchunk)
secid = 0;
else
lchunk->label.refcount++;
}
mcache_put(se, mcache);
return secid;
}
ssid = se->server.core->get_engine_specific(cookie);
pthread_rwlock_rdlock(&permissions.lock);
avc_compute_create(ssid, tsid, permissions.tclass, &nsid);
pthread_rwlock_unlock(&permissions.lock);
secid = mlabel_get(se, nsid->ctx);
if (se->config.debug)
fprintf(stderr, "%s: ssid=%s tsid=%s nsid=%s (secid=%u)\n",
__FUNCTION__, ssid->ctx, tsid->ctx, nsid->ctx, secid);
return secid;
}
