From 0374398fd14bf587d80d9d31e361e266e69387c8 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Sat, 23 May 2009 12:09:06 +0200 Subject: conntrackd: add child process infrastructure This patch adds a simple infrastructure that allows to account the child processes that have been forked. This also includes a callback handler that can be registered that is called once the child process finishes. We can extended this later to include an alarm to limit the maximum lifetime of a forked child process. This is good to ensure that child processes behave timely. Signed-off-by: Pablo Neira Ayuso --- include/Makefile.am | 3 ++- include/process.h | 14 ++++++++++++++ src/Makefile.am | 2 +- src/process.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++ src/run.c | 4 ++++ src/sync-mode.c | 11 ++++++----- 6 files changed, 82 insertions(+), 7 deletions(-) create mode 100644 include/process.h create mode 100644 src/process.c diff --git a/include/Makefile.am b/include/Makefile.am index f02ce89..0ea056c 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -3,5 +3,6 @@ noinst_HEADERS = alarm.h jhash.h cache.h linux_list.h linux_rbtree.h \ sync.h conntrackd.h local.h udp.h \ debug.h log.h hash.h mcast.h conntrack.h \ network.h filter.h queue.h vector.h cidr.h \ - traffic_stats.h netlink.h fds.h event.h bitops.h channel.h + traffic_stats.h netlink.h fds.h event.h bitops.h channel.h \ + process.h diff --git a/include/process.h b/include/process.h new file mode 100644 index 0000000..a7f07ea --- /dev/null +++ b/include/process.h @@ -0,0 +1,14 @@ +#ifndef _PROCESS_H_ +#define _PROCESS_H_ + +struct child_process { + struct list_head head; + int pid; + void (*cb)(void *data); + void *data; +}; + +int fork_process_new(void (*cb)(void *data), void *data); +int fork_process_delete(int pid); + +#endif diff --git a/src/Makefile.am b/src/Makefile.am index 8a45bf9..decc545 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -12,7 +12,7 @@ conntrack_LDFLAGS = $(all_libraries) @LIBNETFILTER_CONNTRACK_LIBS@ conntrackd_SOURCES = alarm.c main.c run.c hash.c queue.c rbtree.c \ local.c log.c mcast.c udp.c netlink.c vector.c \ - filter.c fds.c event.c \ + filter.c fds.c event.c process.c \ cache.c cache_iterators.c \ cache_timer.c cache_wt.c \ sync-mode.c sync-alarm.c sync-ftfw.c sync-notrack.c \ diff --git a/src/process.c b/src/process.c new file mode 100644 index 0000000..a89f388 --- /dev/null +++ b/src/process.c @@ -0,0 +1,55 @@ +/* + * (C) 2009 by Pablo Neira Ayuso + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "conntrackd.h" +#include "process.h" + +static LIST_HEAD(process_list); + +int fork_process_new(void (*cb)(void *data), void *data) +{ + struct child_process *c; + + c = calloc(sizeof(struct child_process), 1); + if (c == NULL) + return -1; + + c->cb = cb; + c->data = data; + + list_add(&c->head, &process_list); + + return fork(); +} + +int fork_process_delete(int pid) +{ + struct child_process *this, *tmp; + + list_for_each_entry_safe(this, tmp, &process_list, head) { + if (this->pid == pid) { + list_del(&this->head); + if (this->cb) { + this->cb(this->data); + } + free(this); + return 1; + } + } + return 0; +} diff --git a/src/run.c b/src/run.c index 6465699..09e2ae9 100644 --- a/src/run.c +++ b/src/run.c @@ -25,6 +25,7 @@ #include "alarm.h" #include "fds.h" #include "traffic_stats.h" +#include "process.h" #include #include @@ -77,6 +78,9 @@ static void child(int foo) STATE(stats).wait_failed++; break; } + /* delete process from list and run the callback */ + fork_process_delete(ret); + if (!WIFSIGNALED(status)) continue; diff --git a/src/sync-mode.c b/src/sync-mode.c index 298fcd2..0d35923 100644 --- a/src/sync-mode.c +++ b/src/sync-mode.c @@ -26,6 +26,7 @@ #include "fds.h" #include "event.h" #include "queue.h" +#include "process.h" #include #include @@ -391,28 +392,28 @@ static int local_handler_sync(int fd, int type, void *data) switch(type) { case DUMP_INTERNAL: - ret = fork(); + ret = fork_process_new(NULL, NULL); if (ret == 0) { cache_dump(STATE_SYNC(internal), fd, NFCT_O_PLAIN); exit(EXIT_SUCCESS); } break; case DUMP_EXTERNAL: - ret = fork(); + ret = fork_process_new(NULL, NULL); if (ret == 0) { cache_dump(STATE_SYNC(external), fd, NFCT_O_PLAIN); exit(EXIT_SUCCESS); } break; case DUMP_INT_XML: - ret = fork(); + ret = fork_process_new(NULL, NULL); if (ret == 0) { cache_dump(STATE_SYNC(internal), fd, NFCT_O_XML); exit(EXIT_SUCCESS); } break; case DUMP_EXT_XML: - ret = fork(); + ret = fork_process_new(NULL, NULL); if (ret == 0) { cache_dump(STATE_SYNC(external), fd, NFCT_O_XML); exit(EXIT_SUCCESS); @@ -421,7 +422,7 @@ static int local_handler_sync(int fd, int type, void *data) case COMMIT: /* delete the reset alarm if any before committing */ del_alarm(&STATE_SYNC(reset_cache_alarm)); - ret = fork(); + ret = fork_process_new(NULL, NULL); if (ret == 0) { dlog(LOG_NOTICE, "committing external cache"); cache_commit(STATE_SYNC(external)); -- cgit v1.2.3