Merge branch '4475-use-atomics-to-access-trust-access-in-dns_ncache' into 'main'

Use atomic operations to access the trust byte in ncache data

Closes #4475

See merge request isc-projects/bind9!8946

CHANGES

@@ -1,3 +1,6 @@
+6371.	[bug]		Access to the trust bytes in the ncache data needed to
+			be made thread safe. [GL #4475]
+
 6370.	[bug]		Wrong source address used for IPv6 notify messages.
 			[GL #4669]
 

lib/dns/name.c

@@ -716,7 +716,7 @@ dns_name_fromregion(dns_name_t *name, const isc_region_t *r) {
 	unsigned char *offsets;
 	dns_offsets_t odata;
 	unsigned int len;
-	isc_region_t r2;
+	isc_region_t r2 = { .base = NULL, .length = 0 };
 
 	/*
 	 * Make 'name' refer to region 'r'.
@@ -728,6 +728,7 @@ dns_name_fromregion(dns_name_t *name, const isc_region_t *r) {
 
 	INIT_OFFSETS(name, offsets, odata);
 
+	name->ndata = r->base;
 	if (name->buffer != NULL) {
 		isc_buffer_clear(name->buffer);
 		isc_buffer_availableregion(name->buffer, &r2);
@@ -735,13 +736,8 @@ dns_name_fromregion(dns_name_t *name, const isc_region_t *r) {
 		if (len > DNS_NAME_MAXWIRE) {
 			len = DNS_NAME_MAXWIRE;
 		}
-		if (len != 0) {
-			memmove(r2.base, r->base, len);
-		}
-		name->ndata = r2.base;
 		name->length = len;
 	} else {
-		name->ndata = r->base;
 		name->length = (r->length <= DNS_NAME_MAXWIRE)
 				       ? r->length
 				       : DNS_NAME_MAXWIRE;
@@ -755,6 +751,15 @@ dns_name_fromregion(dns_name_t *name, const isc_region_t *r) {
 	}
 
 	if (name->buffer != NULL) {
+		/*
+		 * name->length has been updated by set_offsets to the actual
+		 * length of the name data so we can now copy the actual name
+		 * data and not anything after it.
+		 */
+		if (name->length > 0) {
+			memmove(r2.base, r->base, name->length);
+		}
+		name->ndata = r2.base;
 		isc_buffer_add(name->buffer, name->length);
 	}
 }

lib/dns/ncache.c

@@ -42,6 +42,14 @@
  *
  */
 
+static uint8_t
+atomic_getuint8(isc_buffer_t *b) {
+	atomic_uchar *cp = isc_buffer_current(b);
+	uint8_t ret = atomic_load_relaxed(cp);
+	isc_buffer_forward(b, 1);
+	return (ret);
+}
+
 static isc_result_t
 addoptout(dns_message_t *message, dns_db_t *cache, dns_dbnode_t *node,
 	  dns_rdatatype_t covers, isc_stdtime_t now, dns_ttl_t minttl,
@@ -493,10 +501,10 @@ rdataset_count(dns_rdataset_t *rdataset) {
 
 static void
 rdataset_settrust(dns_rdataset_t *rdataset, dns_trust_t trust) {
-	unsigned char *raw;
+	atomic_uchar *raw;
 
-	raw = rdataset->ncache.raw;
-	raw[-1] = (unsigned char)trust;
+	raw = (atomic_uchar *)rdataset->ncache.raw;
+	atomic_store_relaxed(&raw[-1], (unsigned char)trust);
 	rdataset->trust = trust;
 }
 
@@ -548,7 +556,7 @@ dns_ncache_getrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name,
 		ttype = isc_buffer_getuint16(&source);
 
 		if (ttype == type && dns_name_equal(&tname, name)) {
-			trust = isc_buffer_getuint8(&source);
+			trust = atomic_getuint8(&source);
 			INSIST(trust <= dns_trust_ultimate);
 			isc_buffer_remainingregion(&source, &remaining);
 			break;
@@ -627,7 +635,7 @@ dns_ncache_getsigrdataset(dns_rdataset_t *ncacherdataset, dns_name_t *name,
 		}
 
 		INSIST(remaining.length >= 1);
-		trust = isc_buffer_getuint8(&source);
+		trust = atomic_getuint8(&source);
 		INSIST(trust <= dns_trust_ultimate);
 		isc_region_consume(&remaining, 1);
 
@@ -705,7 +713,7 @@ dns_ncache_current(dns_rdataset_t *ncacherdataset, dns_name_t *found,
 
 	INSIST(remaining.length >= 5);
 	type = isc_buffer_getuint16(&source);
-	trust = isc_buffer_getuint8(&source);
+	trust = atomic_getuint8(&source);
 	INSIST(trust <= dns_trust_ultimate);
 	isc_buffer_remainingregion(&source, &remaining);