BIND merge requestshttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests2023-11-07T09:12:49Zhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/8352convert the RPZ summary database to to use a QP trie2023-11-07T09:12:49ZEvan Huntconvert the RPZ summary database to to use a QP trienow that we have the QP chain mechanism, we can use a QP trie for the RPZ summary database.now that we have the QP chain mechanism, we can use a QP trie for the RPZ summary database.November 2023 (9.16.45, 9.16.45-S1, 9.18.20, 9.18.20-S1, 9.19.18)Evan HuntEvan Hunthttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/8097Use cds_lfht for updatenotify mechanism in dns_db unit2023-08-02T08:21:37ZOndřej SurýUse cds_lfht for updatenotify mechanism in dns_db unitThe updatenotify mechanism in dns_db relied on unlocked ISC_LIST for
adding and removing the "listeners". The mechanism relied on the
exclusive mode - it should have been updated only during reconfiguration
of the server. This turned n...The updatenotify mechanism in dns_db relied on unlocked ISC_LIST for
adding and removing the "listeners". The mechanism relied on the
exclusive mode - it should have been updated only during reconfiguration
of the server. This turned not to be true anymore in the dns_catz - the
updatenotify list could have been updated during offloaded work as the
offloaded threads are not subject to the exclusive mode.
Change the update_listeners to be cds_lfht (lock-free hash-table), and
slightly refactor how register and unregister the callbacks - the calls
are now idempotent (the register call already was and the return value
of the unregister function was mostly ignored by the callers).
Closes #4196August 2023 (9.16.43, 9.16.43-S1, 9.18.18, 9.18.18-S1, 9.19.16)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7512[9.18] Run the RPZ update as offloaded work (2-nd round)2023-05-01T07:46:01ZArаm Sаrgsyаn[9.18] Run the RPZ update as offloaded work (2-nd round)Backport of !5938.
This MR is a revival of the reverted !6072.
The original commits from !6072 were slightly modified to fix cherry-pick conflicts with the current `v9_18`.
The shutdown issue, because of which the original MR was reve...Backport of !5938.
This MR is a revival of the reverted !6072.
The original commits from !6072 were slightly modified to fix cherry-pick conflicts with the current `v9_18`.
The shutdown issue, because of which the original MR was reverted, is expected to be fixed by !7516.
Closes #3190March 2023 (9.16.39, 9.16.39-S1, 9.18.13, 9.18.13-S1, 9.19.11)Arаm SаrgsyаnArаm Sаrgsyаnhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6092Revert "Run the RPZ update as offloaded work" [v9.16]2023-05-01T07:45:50ZOndřej SurýRevert "Run the RPZ update as offloaded work" [v9.16]This reverts MR https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6092.
See #3262 for the reason behind the revert.
Closes #3190This reverts MR https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6092.
See #3262 for the reason behind the revert.
Closes #3190April 2022 (9.16.28, 9.16.28-S1, 9.18.2, 9.19.0)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6091Revert "Run the RPZ update as offloaded work" [v9.18]2023-05-01T07:45:45ZOndřej SurýRevert "Run the RPZ update as offloaded work" [v9.18]This reverts MR https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6072.
See #3262 for the reason behind the revert.
Closes #3190This reverts MR https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6072.
See #3262 for the reason behind the revert.
Closes #3190April 2022 (9.16.28, 9.16.28-S1, 9.18.2, 9.19.0)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6074Run the RPZ update as offloaded work [v9.16]2023-05-01T07:45:30ZOndřej SurýRun the RPZ update as offloaded work [v9.16]Previously, the RPZ updates ran quantized on the main nm_worker loops.
As the quantum was set to 1024, this might lead to service
interruptions when large RPZ update was processed.
Change the RPZ update process to run as the offloaded w...Previously, the RPZ updates ran quantized on the main nm_worker loops.
As the quantum was set to 1024, this might lead to service
interruptions when large RPZ update was processed.
Change the RPZ update process to run as the offloaded work. The update
and cleanup loops were refactored to do as little locking of the
maintenance lock as possible for the shortest periods of time and the db
iterator is being paused for every iteration, so we don't hold the rbtdb
tree lock for prolonged periods of time.
Closes #3190April 2022 (9.16.28, 9.16.28-S1, 9.18.2, 9.19.0)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6072Run the RPZ update as offloaded work [v9.18]2023-05-01T07:44:51ZOndřej SurýRun the RPZ update as offloaded work [v9.18]Previously, the RPZ updates ran quantized on the main nm_worker loops.
As the quantum was set to 1024, this might lead to service
interruptions when large RPZ update was processed.
Change the RPZ update process to run as the offloaded w...Previously, the RPZ updates ran quantized on the main nm_worker loops.
As the quantum was set to 1024, this might lead to service
interruptions when large RPZ update was processed.
Change the RPZ update process to run as the offloaded work. The update
and cleanup loops were refactored to do as little locking of the
maintenance lock as possible for the shortest periods of time and the db
iterator is being paused for every iteration, so we don't hold the rbtdb
tree lock for prolonged periods of time.
Closes #3190April 2022 (9.16.28, 9.16.28-S1, 9.18.2, 9.19.0)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/5938Run the RPZ update as offloaded work2023-05-01T07:44:49ZOndřej SurýRun the RPZ update as offloaded workPreviously, the RPZ updates ran quantized on the main nm_worker loops.
As the quantum was set to 1024, this might lead to service
interruptions when large RPZ update was processed.
Change the RPZ update process to run as the offloaded w...Previously, the RPZ updates ran quantized on the main nm_worker loops.
As the quantum was set to 1024, this might lead to service
interruptions when large RPZ update was processed.
Change the RPZ update process to run as the offloaded work. The update
and cleanup loops were refactored to do as little locking of the
maintenance lock as possible for the shortest periods of time and the db
iterator is being paused for every iteration, so we don't hold the rbtdb
tree lock for prolonged periods of time.
Closes #3190April 2022 (9.16.28, 9.16.28-S1, 9.18.2, 9.19.0)https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7781silence coverity warnings2023-04-11T20:51:01ZEvan Huntsilence coverity warningssilence warnings in the DNSPRS code.
Closes #3973silence warnings in the DNSPRS code.
Closes #3973April 2023 (9.16.40, 9.16.40-S1, 9.18.14, 9.18.14-S1, 9.19.12)Evan HuntEvan Hunthttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7711Add test for RPZ in multiple views2023-04-11T20:45:03ZOndřej SurýAdd test for RPZ in multiple viewsThis adds rudimentary test for response-policy zones in multiple
views.This adds rudimentary test for response-policy zones in multiple
views.April 2023 (9.16.40, 9.16.40-S1, 9.18.14, 9.18.14-S1, 9.19.12)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7792[9.18] Add test for RPZ in multiple views2023-04-11T20:45:03ZOndřej Surý[9.18] Add test for RPZ in multiple viewsThis adds rudimentary test for response-policy zones in multiple views.
Backport of MR !7711This adds rudimentary test for response-policy zones in multiple views.
Backport of MR !7711April 2023 (9.16.40, 9.16.40-S1, 9.18.14, 9.18.14-S1, 9.19.12)Ondřej SurýOndřej Surýhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7693use a test library for DNSRPS2023-04-11T17:31:30ZEvan Huntuse a test library for DNSRPSadd a feature-limited test-only library that implements the DNSRPS API for testing purposes.add a feature-limited test-only library that implements the DNSRPS API for testing purposes.April 2023 (9.16.40, 9.16.40-S1, 9.18.14, 9.18.14-S1, 9.19.12)Evan HuntEvan Hunthttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7565[9.16] Detach rpzs and catzs from the previous view2023-02-27T10:06:05ZArаm Sаrgsyаn[9.16] Detach rpzs and catzs from the previous viewBackport of !7552.
Closes #3880Backport of !7552.
Closes #3880March 2023 (9.16.39, 9.16.39-S1, 9.18.13, 9.18.13-S1, 9.19.11)Arаm SаrgsyаnArаm Sаrgsyаnhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7564[9.18] Detach rpzs and catzs from the previous view2023-02-21T09:59:59ZArаm Sаrgsyаn[9.18] Detach rpzs and catzs from the previous viewBackport of !7552.
Closes #3880Backport of !7552.
Closes #3880March 2023 (9.16.39, 9.16.39-S1, 9.18.13, 9.18.13-S1, 9.19.11)Arаm SаrgsyаnArаm Sаrgsyаnhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7552Detach rpzs and catzs from the previous view2023-02-21T09:11:25ZArаm SаrgsyаnDetach rpzs and catzs from the previous viewWhen switching to a new view during a reconfiguration (or reverting
to the old view), detach the 'rpzs' and 'catzs' from the previuos view.
The 'catzs' case was earlier solved slightly differently, by detaching
from the new view when re...When switching to a new view during a reconfiguration (or reverting
to the old view), detach the 'rpzs' and 'catzs' from the previuos view.
The 'catzs' case was earlier solved slightly differently, by detaching
from the new view when reverting to the old view, but we can not solve
this the same way for 'rpzs', because now in BIND 9.19 and BIND 9.18
a dns_rpz_shutdown_rpzs() call was added in view's destroy() function
before detaching the 'rpzs', so we can not leave the 'rpzs' attached to
the previous view and let it be shut down when we intend to continue
using it with the new view.
Instead, "re-fix" the issue for the 'catzs' pointer the same way as
for 'rpzs' for consistency, and also because a similar shutdown call
is likely to be implemented for 'catzs' in the near future.
Closes #3880March 2023 (9.16.39, 9.16.39-S1, 9.18.13, 9.18.13-S1, 9.19.11)Arаm SаrgsyаnArаm Sаrgsyаnhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7531[9.18] Fix RPZ reference counting error on shutdown2023-02-14T12:28:32ZArаm Sаrgsyаn[9.18] Fix RPZ reference counting error on shutdownBackport of !7526.
Closes #3866Backport of !7526.
Closes #3866March 2023 (9.16.39, 9.16.39-S1, 9.18.13, 9.18.13-S1, 9.19.11)Arаm SаrgsyаnArаm Sаrgsyаnhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7526Fix RPZ reference counting error on shutdown2023-02-14T11:25:06ZArаm SаrgsyаnFix RPZ reference counting error on shutdownA dns_rpz_unref_rpzs() call is missing when taking the 'goto unlock;'
path on shutdown, in order to compensate for the earlier
dns_rpz_ref_rpzs() call.
Move the dns_rpz_ref_rpzs() call after the shutdown check.
Closes #3866A dns_rpz_unref_rpzs() call is missing when taking the 'goto unlock;'
path on shutdown, in order to compensate for the earlier
dns_rpz_ref_rpzs() call.
Move the dns_rpz_ref_rpzs() call after the shutdown check.
Closes #3866March 2023 (9.16.39, 9.16.39-S1, 9.18.13, 9.18.13-S1, 9.19.11)Arаm SаrgsyаnArаm Sаrgsyаnhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7519[9.18] Fix shutdown and error path bugs in the rpz unit2023-02-14T11:19:04ZArаm Sаrgsyаn[9.18] Fix shutdown and error path bugs in the rpz unitBackport of !7289.
Closes #3735Backport of !7289.
Closes #3735March 2023 (9.16.39, 9.16.39-S1, 9.18.13, 9.18.13-S1, 9.19.11)Arаm SаrgsyаnArаm Sаrgsyаnhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/7289Fix shutdown and error path bugs in the rpz unit2023-02-14T10:33:21ZArаm SаrgsyаnFix shutdown and error path bugs in the rpz unitThis MR fixes a bug described in #3735, and ~~two~~ three other similar bugs discovered during the investigation.
Closes #3735This MR fixes a bug described in #3735, and ~~two~~ three other similar bugs discovered during the investigation.
Closes #3735January 2023 (9.16.37, 9.16.37-S1, 9.18.11, 9.18.11-S1, 9.19.9)Arаm SаrgsyаnArаm Sаrgsyаnhttps://gitlab.isc.org/isc-projects/bind9/-/merge_requests/6864Refactor dns_rpz unit to use single reference counting2023-02-14T10:32:31ZOndřej SurýRefactor dns_rpz unit to use single reference countingThe dns_rpz_zones structure was using .refs and .irefs for strong and
weak reference counting. Rewrite the unit to use just a single
reference counting + shutdown sequence (dns_rpz_destroy_rpzs) that must
be called by the creator of the...The dns_rpz_zones structure was using .refs and .irefs for strong and
weak reference counting. Rewrite the unit to use just a single
reference counting + shutdown sequence (dns_rpz_destroy_rpzs) that must
be called by the creator of the dns_rpz_zones_t object. Remove the
reference counting from the dns_rpz_zone structure as it is not needed
because the zone objects are fully embedded into the dns_rpz_zones
structure and dns_rpz_zones_t object must never be destroyed before all
dns_rpz_zone_t objects.
The dns_rps_zones_t reference counting uses the new ISC_REFCOUNT_TRACE
capability - enable by defining DNS_RPZ_TRACE in the dns/rpz.h header.
Additionally, add magic numbers to the dns_rpz_zone and dns_rpz_zones
structures.December 2022 (9.16.36, 9.16.36-S1, 9.18.10, 9.19.8)Ondřej SurýOndřej Surý