1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
|
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
*
* SPDX-License-Identifier: MPL-2.0
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, you can obtain one at https://mozilla.org/MPL/2.0/.
*
* See the COPYRIGHT file distributed with this work for additional
* information regarding copyright ownership.
*/
#pragma once
/*****
***** Module Info
*****/
/*! \file isc/quota.h
*
* \brief The isc_quota_t object is a simple helper object for implementing
* quotas on things like the number of simultaneous connections to
* a server. It keeps track of the amount of quota in use, and
* encapsulates the locking necessary to allow multiple tasks to
* share a quota.
*/
/***
*** Imports.
***/
#include <isc/atomic.h>
#include <isc/lang.h>
#include <isc/magic.h>
#include <isc/mutex.h>
#include <isc/types.h>
/*****
***** Types.
*****/
ISC_LANG_BEGINDECLS
/*% isc_quota_cb - quota callback structure */
typedef struct isc_quota_cb isc_quota_cb_t;
typedef void (*isc_quota_cb_func_t)(isc_quota_t *quota, void *data);
struct isc_quota_cb {
int magic;
isc_quota_cb_func_t cb_func;
void *data;
ISC_LINK(isc_quota_cb_t) link;
};
/*% isc_quota structure */
struct isc_quota {
int magic;
atomic_uint_fast32_t max;
atomic_uint_fast32_t used;
atomic_uint_fast32_t soft;
atomic_uint_fast32_t waiting;
isc_mutex_t cblock;
ISC_LIST(isc_quota_cb_t) cbs;
ISC_LINK(isc_quota_t) link;
};
void
isc_quota_init(isc_quota_t *quota, unsigned int max);
/*%<
* Initialize a quota object.
*/
void
isc_quota_destroy(isc_quota_t *quota);
/*%<
* Destroy a quota object.
*/
void
isc_quota_soft(isc_quota_t *quota, unsigned int soft);
/*%<
* Set a soft quota.
*/
void
isc_quota_max(isc_quota_t *quota, unsigned int max);
/*%<
* Re-set a maximum quota.
*/
unsigned int
isc_quota_getmax(isc_quota_t *quota);
/*%<
* Get the maximum quota.
*/
unsigned int
isc_quota_getsoft(isc_quota_t *quota);
/*%<
* Get the soft quota.
*/
unsigned int
isc_quota_getused(isc_quota_t *quota);
/*%<
* Get the current usage of quota.
*/
isc_result_t
isc_quota_attach(isc_quota_t *quota, isc_quota_t **p);
/*%<
*
* Attempt to reserve one unit of 'quota', and also attaches '*p' to the quota
* if successful (ISC_R_SUCCESS or ISC_R_SOFTQUOTA).
*
* Returns:
* \li #ISC_R_SUCCESS Success
* \li #ISC_R_SOFTQUOTA Success soft quota reached
* \li #ISC_R_QUOTA Quota is full
*/
isc_result_t
isc_quota_attach_cb(isc_quota_t *quota, isc_quota_t **p, isc_quota_cb_t *cb);
/*%<
*
* Like isc_quota_attach(), but if there's no quota left then cb->cb_func will
* be called when we are attached to quota.
*
* Note: It's the caller's responsibility to make sure that we don't end up
* with a huge number of callbacks waiting, making it easy to create a
* resource exhaustion attack. For example, in the case of TCP listening,
* we simply don't accept new connections when the quota is exceeded, so
* the number of callbacks waiting in the queue will be limited by the
* listen() backlog.
*
* Returns:
* \li #ISC_R_SUCCESS Success
* \li #ISC_R_SOFTQUOTA Success soft quota reached
* \li #ISC_R_QUOTA Quota is full
*/
void
isc_quota_cb_init(isc_quota_cb_t *cb, isc_quota_cb_func_t cb_func, void *data);
/*%<
* Initialize isc_quota_cb_t - setup the list, set the callback and data.
*/
void
isc_quota_detach(isc_quota_t **p);
/*%<
* Release one unit of quota, and also detaches '*p' from the quota.
*/
ISC_LANG_ENDDECLS
|
