aboutsummaryrefslogtreecommitdiff
path: root/src/os/unix
Commit message (Collapse)AuthorAge
...
* Fixed checking ngx_tcp_push() and ngx_tcp_nopush() return values.Ruslan Ermilov2018-03-19
| | | | No functional changes.
* Fixed capabilities version.Roman Arutyunyan2017-12-19
| | | | | | | | | | Previously, capset(2) was called with the 64-bit capabilities version _LINUX_CAPABILITY_VERSION_3. With this version Linux kernel expected two copies of struct __user_cap_data_struct, while only one was submitted. As a result, random stack memory was accessed and random capabilities were requested by the worker. This sometimes caused capset() errors. Now the 32-bit version _LINUX_CAPABILITY_VERSION_1 is used instead. This is OK since CAP_NET_RAW is a 32-bit capability (CAP_NET_RAW = 13).
* Improved the capabilities feature detection.Roman Arutyunyan2017-12-18
| | | | | | | | | | | | Previously included file sys/capability.h mentioned in capset(2) man page, belongs to the libcap-dev package, which may not be installed on some Linux systems when compiling nginx. This prevented the capabilities feature from being detected and compiled on that systems. Now linux/capability.h system header is included instead. Since capset() declaration is located in sys/capability.h, now capset() syscall is defined explicitly in code using the SYS_capset constant, similarly to other Linux-specific features in nginx.
* Retain CAP_NET_RAW capability for transparent proxying.Roman Arutyunyan2017-12-13
| | | | | | | | The capability is retained automatically in unprivileged worker processes after changing UID if transparent proxying is enabled at least once in nginx configuration. The feature is only available in Linux.
* Use sysconf to determine cacheline size at runtime.Debayan Ghosh2017-12-11
| | | | | | Determine cacheline size at runtime if supported using sysconf(_SC_LEVEL1_DCACHE_LINESIZE). In case not supported, fallback to compile time defaults.
* Removed unused FreeBSD-specific definitions in ngx_posix_config.h.Sergey Kandaurov2017-11-28
|
* Fixed "changing binary" when reaper is not init.Ruslan Ermilov2017-11-28
| | | | | | | | | On some systems, it's possible that reaper of orphaned processes is set to something other than "init" process. On such systems, the changing binary procedure did not work. The fix is to check if PPID has changed, instead of assuming it's always 1 for orphaned processes.
* Removed more remnants of the old pthread implementation.Ruslan Ermilov2017-09-18
| | | | After e284f3ff6831, ngx_crypt() can no longer return NGX_AGAIN.
* Style.Sergey Kandaurov2017-08-09
|
* Style.Maxim Dounin2017-06-01
|
* Added missing "fall through" comments (ticket #1259).Maxim Dounin2017-04-27
| | | | Found by gcc7 (-Wimplicit-fallthrough).
* Core: signal sender pid logging.Igor Sysoev2017-04-20
|
* Set UDP datagram source address (ticket #1239).Roman Arutyunyan2017-04-11
| | | | | | | | | | | | Previously, the source IP address of a response UDP datagram could differ from the original datagram destination address. This could happen if the server UDP socket is bound to a wildcard address and the network interface chosen to output the response packet has a different default address than the destination address of the original packet. For example, if two addresses from the same network are configured on an interface. Now source address is set explicitly if a response is sent for a server UDP socket bound to a wildcard address.
* Enabled IPV6_RECVPKTINFO / IPV6_PKTINFO on macOS.Sergey Kandaurov2017-04-17
| | | | | This change allows setting the destination IPv6 address of a UDP datagram received on a wildcard socket.
* Simplified and improved sendfile() code on Linux.Maxim Dounin2017-03-28
| | | | | | | | | | | | | | | | | The ngx_linux_sendfile() function is now used for both normal sendfile() and sendfile in threads. The ngx_linux_sendfile_thread() function was modified to use the same interface as ngx_linux_sendfile(), and is simply called from ngx_linux_sendfile() when threads are enabled. Special return code NGX_DONE is used to indicate that a thread task was posted and no further actions are needed. If number of bytes sent is less that what we were sending, we now always retry sending. This is needed for sendfile() in threads as the number of bytes we are sending might have been changed since the thread task was posted. And this is also needed for Linux 4.3+, as sendfile() might be interrupted at any time and provides no indication if it was interrupted or not (ticket #1174).
* Added missing "static" specifier found by gcc -Wtraditional.Ruslan Ermilov2017-03-16
| | | | This has somehow escaped from fbdaad9b0e7b.
* Style.Maxim Dounin2017-03-07
|
* Introduced worker_shutdown_timeout.Maxim Dounin2017-03-07
| | | | | | The directive configures a timeout to be used when gracefully shutting down worker processes. When the timer expires, nginx will try to close all the connections currently open to facilitate shutdown.
* Cancelable timers are now preserved if there are other timers.Maxim Dounin2017-03-07
| | | | | | | | | There is no need to cancel timers early if there are other timers blocking shutdown anyway. Preserving such timers allows nginx to continue some periodic work till the shutdown is actually possible. With the new approach, timers with ev->cancelable are simply ignored when checking if there are any timers left during shutdown.
* Removed pthread mutex / conditional variables debug messages.Maxim Dounin2017-01-20
| | | | | These messages doesn't seem to be needed in practice and only make debugging logs harder to read.
* Fixed trailer construction with limit on FreeBSD and macOS.Maxim Dounin2017-01-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | The ngx_chain_coalesce_file() function may produce more bytes to send then requested in the limit passed, as it aligns the last file position to send to memory page boundary. As a result, (limit - send) may become negative. This resulted in big positive number when converted to size_t while calling ngx_output_chain_to_iovec(). Another part of the problem is in ngx_chain_coalesce_file(): it changes cl to the next chain link even if the current buffer is only partially sent due to limit. Therefore, if a file buffer was not expected to be fully sent due to limit, and was followed by a memory buffer, nginx called sendfile() with a part of the file buffer, and the memory buffer in trailer. If there were enough room in the socket buffer, this resulted in a part of the file buffer being skipped, and corresponding part of the memory buffer sent instead. The bug was introduced in 8e903522c17a (1.7.8). Configurations affected are ones using limits, that is, limit_rate and/or sendfile_max_chunk, and memory buffers after file ones (may happen when using subrequests or with proxying with disk buffering). Fix is to explicitly check if (send < limit) before constructing trailer with ngx_output_chain_to_iovec(). Additionally, ngx_chain_coalesce_file() was modified to preserve unfinished file buffers in cl.
* Cache: cache manager limits.Dmitry Volyntsev2016-10-05
| | | | | | | | | The new parameters "manager_files", "manager_sleep" and "manager_threshold" were added to proxy_cache_path and friends. Note that ngx_path_manager_pt was changed to return ngx_msec_t instead of time_t (API change).
* Stream: filters.Roman Arutyunyan2016-09-15
|
* Always seed PRNG with PID, seconds, and milliseconds.Ruslan Ermilov2016-08-04
|
* Fixed undefined behavior when left shifting signed integer.Ruslan Ermilov2016-08-04
|
* Fixed spelling.Otto Kekäläinen2016-06-08
|
* Core: skip special buffers on writing (ticket #981).Maxim Dounin2016-05-31
| | | | | | | | | | | | | | | A special last buffer with cl->buf->pos set to NULL can be present in a chain when writing request body if chunked encoding was used. This resulted in a NULL pointer dereference if it happened to be the only buffer left after a do...while loop iteration in ngx_write_chain_to_file(). The problem originally appeared in nginx 1.3.9 with chunked encoding support. Additionally, rev. 3832b608dc8d (nginx 1.9.13) changed the minimum number of buffers to trigger this from IOV_MAX (typically 1024) to NGX_IOVS_PREALLOCATE (typically 64). Fix is to skip such buffers in ngx_chain_to_iovec(), much like it is done in other places.
* Improved EPOLLRDHUP handling.Valentin Bartenev2016-05-13
| | | | | | | | | | | | | | | | | When it's known that the kernel supports EPOLLRDHUP, there is no need in additional recv() call to get EOF or error when the flag is absent in the event generated by the kernel. A special runtime test is done at startup to detect if EPOLLRDHUP is actually supported by the kernel because epoll_ctl() silently ignores unknown flags. With this knowledge it's now possible to drop the "ready" flag for partial read. Previously, the "ready" flag was kept until the recv() returned EOF or error. In particular, this change allows the lingering close heuristics (which relies on the "ready" flag state) to actually work on Linux, and not wait for more data in most cases. The "available" flag is now used in the read event with the semantics similar to the corresponding counter in kqueue.
* Simplified ngx_unix_recv() and ngx_readv_chain().Ruslan Ermilov2016-04-08
| | | | This makes ngx_unix_recv() and ngx_udp_unix_recv() differ minimally.
* Merged implementations of ngx_unix_recv().Valentin Bartenev2016-04-08
| | | | | There's no real need in two separate implementations, with and without kqueue support.
* Fixed small inconsistency in handling EOF among receive functions.Valentin Bartenev2016-04-08
| | | | Now all functions always drop the ready flag in this case.
* Merged implementations of ngx_udp_unix_recv().Valentin Bartenev2016-04-08
| | | | | There's no real need in two separate implementations, with and without kqueue support.
* Fixed ngx_os_signal_process() prototype.Ruslan Ermilov2016-03-31
|
* Fixed ngx_pid_t formatting in ngx_sprintf() and logging.Sergey Kandaurov2016-03-31
|
* Fixed logging.Sergey Kandaurov2016-03-31
|
* Style.Ruslan Ermilov2016-03-30
|
* Win32: additional error code NGX_EEXIST_FILE (ticket #910).Maxim Dounin2016-03-29
| | | | | | | | | | On Windows there are two possible error codes which correspond to the EEXIST error code: ERROR_FILE_EXISTS used by CreateFile(CREATE_NEW), and ERROR_ALREADY_EXISTS used by CreateDirectory(). MoveFile() seems to use both: ERROR_ALREADY_EXISTS when moving within one filesystem, and ERROR_FILE_EXISTS when copying a file to a different drive.
* Fixed --test-build-*.Ruslan Ermilov2016-03-28
| | | | | | | | | Fixes various aspects of --test-build-devpoll, --test-build-eventport, and --test-build-epoll. In particular, if --test-build-devpoll was used on Linux, then "devpoll" event method would be preferred over "epoll". Also, wrong definitions of event macros were chosen.
* Threads: offloading of temp files writing to thread pools.Maxim Dounin2016-03-18
| | | | | | | | | | | | | | | | | The ngx_thread_write_chain_to_file() function introduced, which uses ngx_file_t thread_handler, thread_ctx and thread_task fields. The task context structure (ngx_thread_file_ctx_t) is the same for both reading and writing, and can be safely shared as long as operations are serialized. The task->handler field is now always set (and not only when task is allocated), as the same task can be used with different handlers. The thread_write flag is introduced in the ngx_temp_file_t structure to explicitly enable use of ngx_thread_write_chain_to_file() in ngx_write_chain_to_temp_file() when supported by caller. In collaboration with Valentin Bartenev.
* Threads: task pointer stored in ngx_file_t.Maxim Dounin2016-03-18
| | | | | | | | | | | | | | This simplifies the interface of the ngx_thread_read() function. Additionally, most of the thread operations now explicitly set file->thread_task, file->thread_handler and file->thread_ctx, to facilitate use of thread operations in other places. (Potential problems remain with sendfile in threads though - it uses file->thread_handler as set in ngx_output_chain(), and it should not be overwritten to an incompatible one.) In collaboration with Valentin Bartenev.
* Fixed timeouts with threaded sendfile() and subrequests.Maxim Dounin2016-03-18
| | | | | | | | | | | | | | | | | | If a write event happens after sendfile() but before we've got the sendfile results in the main thread, this write event will be ignored. And if no more events will happen, the connection will hang. Removing the events works in the simple cases, but not always, as in some cases events are added back by an unrelated code. E.g., the upstream module adds write event in the ngx_http_upstream_init() to track client aborts. Fix is to use wev->complete instead. It is now set to 0 before a sendfile() task is posted, and it is set to 1 once a write event happens. If on completion of the sendfile() task wev->complete is 1, we know that an event happened while we were executing sendfile(), and the socket is still ready for writing even if sendfile() did not sent all the data or returned EAGAIN.
* Truncation detection in sendfilev() on Solaris.Maxim Dounin2016-03-15
| | | | | | | While sendfilev() is documented to return -1 with EINVAL set if the file was truncated, at least Solaris 11 silently returns 0, and this results in CPU hog. Added a test to complain appropriately if 0 is returned.
* Truncation detection in sendfile() on Linux.Maxim Dounin2016-03-15
| | | | | | | | This addresses connection hangs as observed in ticket #504, and CPU hogs with "aio threads; sendfile on" as reported in the mailing list, see http://mailman.nginx.org/pipermail/nginx-ru/2016-March/057638.html. The alert is identical to one used on FreeBSD.
* Stream: UDP proxy.Roman Arutyunyan2016-01-20
|
* Fixed handling of EAGAIN with sendfile in threads.Valentin Bartenev2016-03-14
|
* Fixed sendfile in threads (or with aio preload) and subrequests.Maxim Dounin2016-03-03
| | | | | | | | | | | | | | | | | | | | | | If sendfile in threads is used, it is possible that multiple subrequests will trigger multiple ngx_linux_sendfile_thread() calls, as operations are only serialized in output chain based on r->aio, that is, on subrequest level. This resulted in "task #N already active" alerts, in particular, when running proxy_store.t with "aio threads; sendfile on;". Fix is to tolerate duplicate calls, with an additional safety check that the file is the same as previously used. The same problem also affects "aio on; sendfile on;" on FreeBSD (previously known as "aio sendfile;"), where aio->preload_handler() could be called multiple times due to similar reasons, resulting in "second aio post" alerts. Fix is the same as well. It is also believed that similar problems can arise if a filter calls the next body filter multiple times for some reason. These are mostly theoretical though.
* Introduced the ngx_chain_to_iovec() function.Valentin Bartenev2016-03-03
| | | | It's similar to ngx_output_chain_to_iovec() and uses only preallocated memory.
* Core: added support for more than 64 CPUs in worker_cpu_affinity.Vladimir Homutov2016-02-18
|
* Dynamic modules: dlopen() support.Maxim Dounin2016-02-04
|
* Dynamic modules: changed ngx_modules to cycle->modules.Maxim Dounin2016-02-04
|