Simon Wilkinson [Sat, 18 Jun 2011 10:58:57 +0000 (11:58 +0100)]
rx: Add Karn-style backoffs to RX retransmits
When we retransmit a packet, we may be doing so because the RTT of the
connection has grown dramatically larger than earlier within the call.
However, RX doesn't permit all ACKs to retransmitted packets to be
counted within the RTT calculation.
So, adopt the same approach as Karn developed for TCP, and as described
in detail in RFC2988. When a retransmit event occurs, backoff the
connection RTT by doubling its value, and hold at this doubled value
until either another retransmit occurs (in which case we back off again,
up to a predetermined ceiling), or we receive an ACK packet which we
can use within the RTT calculation, in which case we drop back down to
the newly measured value.
This change replaces the per-packet backoff strategy originally
implemented in RX (which, whilst allowing resent packets more chance of
arriving, doesn't help with computing a correct RTT).
Simon Wilkinson [Sat, 18 Jun 2011 10:48:45 +0000 (11:48 +0100)]
rx: Make clock_Add correctly add to itself
With the existing clock_Add code, the following:
struct clock a = {2, 800000};
clock_Add(&a, &a);
gives a clock value of {6, 600000}, rather than the expected {5, 60000}.
This is because the ordering of instructions leads it to double count
the carry on the seconds field. Reorder the instructions so that the
carry is correctly applied.
Simon Wilkinson [Sat, 18 Jun 2011 10:35:30 +0000 (11:35 +0100)]
rx: Remove resending logic into its own function
Create a new function, rxi_Resend, which is the entry point to running
the transmit queue as a result of a resend event. This concentrates all
of the resend logic into one place, removes the need for
rxi_StartUnlocked, and means that rxi_Start's arguments don't need to
match those of an event handler.
Simon Wilkinson [Mon, 25 Oct 2010 09:14:12 +0000 (10:14 +0100)]
rx: Don't let timeouts force fast recovery
The current RX implementation goes into fast recovery whenever a
timeout occurs. This is incredibly wasteful, particularly on fast
connections. So, remove this in favour of TCP style behaviour.
Simon Wilkinson [Mon, 25 Oct 2010 08:16:09 +0000 (09:16 +0100)]
rx: Fix resend accounting
rxi_Start flagged itself as 'resending' whenever it flushed the
transmit queue due to a resend event. However, it would flush the
entire transmit queue at this point, rather than only transmitting
packets that require a resend. When running with large window sizes
this results an a large number of packets erroneously being marked
as resent.
Instead, let SendXmitList decide whether a packet is being
retransmitted by using the presence of a serial number. This takes
advantage of the fact that a retransmitted packet must be the only
entry in a packet list - we just flag the packet list, instead of
having to maintain counters for each individual packet.
Jeffrey Altman [Tue, 12 Oct 2010 14:53:43 +0000 (10:53 -0400)]
Rx: Consolidate wait for tq busy and make its use uniform
rxi_WaitforTQBusy() is now used wherever a wait for the transmit
queue is required. It returns either when the transmit queue is
no longer busy or when the call enters an error state.
Having made this change it is clear that call->currentPacket is
not always validated when the call->lock is reacquired which may be
true when rxi_WaitforTQBusy() is called.
Simon Wilkinson [Sat, 18 Jun 2011 09:46:53 +0000 (10:46 +0100)]
rx: Change the way that the RTT timer is applied
RX maintains a retryTime for every packet that it has transmitted,
which is held as the time that that packet was sent, plus the smoothed
RTT of the connection. If a packet is in the queue with a retryTime
older than the current time, then it is resent at the first opportunity.
In some circumstances, this first opportunity will be as a result of
the resend event timer expiring, in others it will happen as part of
a normal queue run.
There are a number of problems with this approach on congested networks.
Firstly, on a network with a large window size, which is in "normal"
flow, it means that we will never actually perform fast retransmit as
the timeout for this packet will have expired before we have received
any further ACKs. This is because, on a network with a relatively stable
RTT the ACK for packet n+1, n+2, or n+3 cannot arrive before the
expected time of arrival of the ACK for packet n. As we retry
immediately this expected time of arrival has passed, we never have the
opportunity of using these later ACKs to learn that packet n is lost.
Secondly, the fact that we may resend packets from a "normal" queue run,
rather than as a result of a resend event, means that there is no clear
entry point for resends. As resends should be assumed to be a result of
network congestion, and result in both the call throttling back, and the
RTT being increased, this lack of a clean entry point makes things
tricky.
As a solution, this patch changes the way in which retransmit times are
applied to use the algorithm described in RFC2988.
*) Whenever we send a new packet, we start a timer for the current call
rto value if one isn't already running.
*) Whenever we receive an ACK that acknowledges new data, and we have
packets that are sent but not yet acknowledged, we restart the
retransmit timer using the current rto value.
This alogrithm solves the first problem, as it means that if the
connection is still flowing, we will continue to receive ACKs, and we
can enter fast retransmit.
In implementation terms, we longer track a retryTime per packet, and
instead simply record if a packet has been sent or not. Packets which
have been sent may only be resent as a result of a resend timer
expiring, or of entering fast retransmit, so solving the second issue.
Simon Wilkinson [Fri, 17 Jun 2011 21:06:54 +0000 (22:06 +0100)]
rx: Compute smoothed RTT per call, not per peer.
RX uses the TCP RTT smoothing algorithm as described in RFC2988.
However, the TCP algorithm is designed to accept samples from a
single connection, accepting a new sample once per RTT.
RFC2988 suggests that "when multiple samples are taken
per RTT the [ alogrithm ] may keep an inadequate RTT history."
In RX's implementation, we use a single instance of this alogrithm
per peer, and input all of the samples from all of the active calls
and connections into this same instance. This leads to us taking
a significantly (potentially many magnitudes) larger number of samples
per RTT, and rapidly losing the RTT history. With RX's implementation,
short lived network events may easily bias the RTT, and cause large
numbers of packets to time out.
This change fixes this by moving the RTT calculation onto a per call
basis. We still update the peer with our caclulated value, so that new
calls may be created with an RTT corresponding to the current value for
the connection, rather than having to start high and converge downwards.
Simon Wilkinson [Sun, 5 Jun 2011 10:04:12 +0000 (11:04 +0100)]
rx: Reorganise transmit queue walk
The transmit queue is stored in the order that we transmitted the
packets (by sequence number). This means that we can do all of the
ACK processing by just doing a single walk of this queue, rather
than having to walk the queue multiple times, once for each type of
ACK.
This clarifies the queue processing, and should reduce the amount of
time that we spending iterating large transmit queues.
Jeffrey Altman [Sun, 5 Jun 2011 22:41:24 +0000 (18:41 -0400)]
rx: Add RX_CALL_ACKALL_SENT flag and rxi_SendAck processing
3cd3715e608b801b4848399e42cb47464e6e3cc3 modified rxi_ReceiveDataPacket
to send an ACKALL whenever RX_CALL_RECEIVE_DONE is set on the call.
This produced the potential for a race with ACKs that set the
firstPacket value to 'rnext' when the receive queue for the call
has yet to be emptied. From the perspective of receiver the ACK
was already processed and does not require a response since the
previously received ACKALL acknowledged the delivery of all data
packets to the application. When sending ACKs after ACKALL it is
therefore required that firstPacket be set to the sequence number
after the last unprocessed packet in the receive queue.
Thanks to Simon Wilkinson for his extensive assistance in identifying
the problem and the development of this patchset.
Jeffrey Altman [Sun, 5 Jun 2011 20:02:46 +0000 (16:02 -0400)]
rx: do not rxi_AckAll for one data packet call
rxi_ReceiveDataPacket() calls rxi_AckAll() when the call reaches
the RX_CALL_RECEIVE_DONE state to permit the caller to empty the
transmit queue. That reduces the memory consumption of the caller
and avoids unnecessary retransmits which the call is in process.
If the call data consists of a single packet it is possible that
Ping ACK packets sent as part of connection establishment could
race with the ACKALL and be delivered out of order. If the Ping
ACK is delivered second, it will be ignored by the peer forcing
a two second delay in connection establishment. To avoid the race
do not send an ACKALL for a single packet call.
Simon Wilkinson [Sat, 14 May 2011 07:55:50 +0000 (08:55 +0100)]
rx: Reverse the consumption order of idle queue
Currently, the rx server thread idle queue is used in an LRU manner.
This means that we round robin requests between all of the threads
configured on a given system, which means that we end up thrashing
CPU caches on machines whose workload doesn't require that all of
the configured threads be used.
Change this so that we always use the most recently idle thread. This
isn't as "fair" to all of our waiting threads, but should mean that we
scale better on SMP machines, as a thread that is recently idle is
likely to have been recently scheduled.
Simon Wilkinson [Fri, 17 Jun 2011 19:35:59 +0000 (20:35 +0100)]
rx: Remove incorrect backoff code
The ACK packet handling routine contains code which causes the
RTT to backoff if the selective ACK response indicates that there is
a missing packet. The comment justifies this code as being in line
with Phil Karn's work on TCP.
However, the TCP behaviour is that we backoff when we enter resend. Both
TCP and RX have difficulty computing RTTs for resent packets due to the
ambiguous ACK problem. Whilst RX is slightly better than TCP in this
regard, we can't always tell whether an ACK refers to the original, or
resent packet, so resent packets are unable to contribute to the RTT.
This means that if the RTT ends up too low for the connection, and we
start resending every packet, the RTT will never grow to account for
this, as we never feed it any packet samples.
Karn's solution to this was to backoff (double) the RTT value when we
resend a packet, and then to not drop it back down until we receive an
ACK that we can count. This means that we will always get a new sample
for the connection, and the RTT will grow again.
The original author confirms that the current behaviour in RX is
incorrect, so simply remove it with this patchset.
Simon Wilkinson [Fri, 17 Jun 2011 18:38:29 +0000 (19:38 +0100)]
rx: Account for delayed ACKS when computing RTO
RX currently only soft ACKs every second packet, therefore a soft ACK
may be delayed by a period of time (currently 100ms, although RX did
expose this as a public variable in earlier versions).
RTT values are computed using only non-delayed ACKs, so the timeout
is a smoothed average of the exact time taken to send and directly
ACK a packet. Therefore, if the peer ends up using a delayed ACK for
the packet, using just the RTT will cause that packet to be timed out.
A while ago, this was dealt with by padding the calculated RTT with an
additional 350ms. This was then removed, and changed to a 350ms minimum
value. When this caused large numbers of spurious resends, the padding
was restored, but with a 20ms default value. As noted above, 20ms is
too low, as we may wait for up to 100ms before sending an ACK.
This patch changes minPeerTimeout so that it does what it says on
the tin - sets a minimum value below which the peer timout may not
fall. It then adds to either this value, or the calculated one, 200ms
of padding. This makes our padding identical to TCPs, and allows some
future leway as to the softAckDelay value.
Simon Wilkinson [Fri, 17 Jun 2011 18:12:09 +0000 (19:12 +0100)]
rx: Make rx_softAckDelay & rx_lastAckDelay private
The values of these two parameters directly affect the modifiers
that are needed in the peer's RTT calculations, and so can not
arbitrarily be changed by applications.
lastAckDelay has been 400ms since the first OpenAFS release, and
that value is used as a modifier when computing the timeout of the
last packet. It is likely that any change which made this value
longer than 400ms would have detrimental effects on deployed clients
softAckDelay has been 100ms for a similar time period. We have
chopped and changed the value of minPeerTimeout, so it is unclear
what the maximal value for this parameter is. For much of OpenAFS's
life, minPeerTimeout was a 350ms padding value, which suggests that
copying TCP, and setting the maximal value at 200ms would be a safe
option. For now, however, leave it at 100ms to avoid unexpected
side effects.
hardAckDelay is not addressed by this patch set, as all ACK packets
sent from the application thread are marked as delayed, and so
currently have no part in computing RTT times. It is likely, however,
that any changes to the hard ACK timeout should be very carefully
considered.
Jeffrey Altman [Mon, 27 Jun 2011 13:31:54 +0000 (09:31 -0400)]
Windows: MergeStatus before SyncOpDone
cm_SyncOp/cm_SyncOpDone is used to synchronize the RPC processing
to ensure that calls which are in conflict cannot occur at the
same time but also to ensure that the ordering of operations
is consistent. cm_MergeStatus() was in many cases executed after
cm_SyncOpDone() removed the synchronization barrier which in turn
permitted status information to be applied out of order. Side
effects could have included data loss due to client side file
truncation. More commonly two StoreData RPCs would have their
status information applied out of order forcing the cache manager
to invalidate all of the cached data for the file.
Jeffrey Altman [Thu, 23 Jun 2011 21:51:22 +0000 (17:51 -0400)]
Windows: TRANS2_FIND_FIRST2 for _._AFS_IOCTL_._
smb_T2SearchDirSingle() must not fail directory search requests
for the _._AFS_IOCTL_._ file. Although this file does not actually
exist, it is successfully processed by CreateFile operations.
Therefore, an explicit search for it should return a valid answer.
Jeffrey Altman [Fri, 24 Jun 2011 03:49:32 +0000 (23:49 -0400)]
Windows: Fix SMB_COM_NEGOTIATE for MS11-043
MS11-043 adds response validation for SMB_COM_NEGOTIATE messages
received by the SMB Redirector. OpenAFS failed to properly specify
a Challenge and DomainName in the response when the security mode
is SMB_AUTH_NONE (or share with password). This patchset corrects
smb_ReceiveNegotiate() so that it adheres to the protocol specification.
Jeffrey Altman [Wed, 8 Jun 2011 06:22:41 +0000 (02:22 -0400)]
Windows: shell extension is multithreaded
Since the shell extension is multithreaded and it is possible
for more than one thread to be executing in the gui2fs.cpp module
at a time, it is not safe to use a single static 'space' buffer
by more than one thread at a time. Move the buffer into the
stack of each function that uses it so that we have thread safety.
Ben Kaduk [Wed, 30 Mar 2011 02:26:50 +0000 (22:26 -0400)]
Unbreak make dest for FBSD
It turns out that we do need an afs.rc.fbsd that is set up for
transarc paths in this directory. To get it to work properly
will require the user to symlink to it from a dir that gets
checked by rcorder, but them's the breaks.
Ben Kaduk [Fri, 17 Jun 2011 06:22:34 +0000 (02:22 -0400)]
FBSD: do not FlushAllVCaches
In normal operation, any AFS vcache with associated data will have
an associated vnode, which will be on the list of vnodes associated
with the /afs mountpoint. We already call FreeBSD's vflush() in
our afs_unmount, which walks the list of vnodes associated with the
mountpoint and calls vgonel() on them, which calls VOP_CLOSE and
VOP_RECLAIM on the vnode. Our implementation of VOP_RECLAIM already
calls FlushVCache, so in normal operation, FlushAllVCaches() will
be a no-op.
However, in the presence of bugs, it is actively harmful, causing
panics. For example, if a vnode has been reclaimed but FlushVCache
failed (which we cannot report back since the VFS will panic in this
case), and we attempt to flush it again, the associated vnode has
already been cleaned up and we will panic. Likewise if our list of
vcaches becomes corrupt and has a vcache with bad or missing vnode
for some other reason, we will panic.
Since there is no gain in normal operation and abnormal operation
is more likely to panic than save data, skip the extra flush.
Ben Kaduk [Tue, 7 Jun 2011 15:30:18 +0000 (11:30 -0400)]
Also install afszcm.cat for i386_fbsd
The change gerrit/4760 enabled the use of gencat to actually build
this file, but failed to also change installation logic, so it was
sitting unused in the build tree. Fix this, and install the file.
This allows us to remove a shell case statement which had formerly
been needed to enforce this restriction.
configure should attempt to find the XML tools we need to process
the documentation. if it can't, it should provide a safe default.
still allow the user to override via command line.
Reviewed-on: http://gerrit.openafs.org/4766 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit cc2bc3e17ff5f7a10c515e309f8fec47a6fa14b6)
Jeff Blaine [Fri, 27 May 2011 19:49:52 +0000 (15:49 -0400)]
kvno invocation correction, language cleanup, afs/cell principal preferred
Properly show kvno command syntax, add information about preferring
'afs/cell' for the principal over 'afs', and changed "noted this down"
to "made note of"
Reviewed-on: http://gerrit.openafs.org/4740 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit 07f461e8e35147af605ebc86c139b31d2db0bb28)
Simon Wilkinson [Tue, 31 May 2011 07:31:55 +0000 (08:31 +0100)]
vos: print_addrs never receives multi-homed addrs
The magic address that tells the vlserver that a host is multi-homed,
and to look up the multi-homed address structure is an internal
implementation feature, which shouldn't be exposed to clients.
print_addrs is only ever called with the results of VL_GetAddrsU, which
has already converted any multi-homed pointers, so it doesn't need the
logic to handle them itself.
Michael Meffie [Fri, 24 Sep 2010 01:18:36 +0000 (21:18 -0400)]
xstat: cope with different size timeval structures
In xstat_fs_test and afsmonitor, try to display the xstat data
from the fileserver even if the fileserver has differently sized
timeval structures, or different word ordering, as the xstat
client program.
linux: rpm: Fix SELinux attributes on /afs when installing openafs-client package
Since the directory /afs isn't included in the package manifest, but
rather created in a script in the openafs-client package, it never
gets the appropriate SELinux attributes that are required to mount a
volume (mnt_t).
This change fixes the problem by running '/sbin/restorecon' (if it is
an executable that exists) on the /afs directory after the
openafs-client package is installed, right after the directory is
created.
Reviewed-on: http://gerrit.openafs.org/4763 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit b3232b2cb44a3df02a37efd852ecfef2f3a9e5cc)
Ben Kaduk [Tue, 31 May 2011 19:25:35 +0000 (15:25 -0400)]
Enable gencat for i386_fbsd_*
The machines certainly have a /usr/bin/gencat, and I see nothing
in history to indicate a reason for this prevention.
Allow the 32-bit machines to build afszcm.cat and make packaging
more uniform between architectures.
Reviewed-on: http://gerrit.openafs.org/4760 Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit 55a41d00057106913ce2aba50772a56bc994a9a4)
Andrew Deason [Thu, 17 Mar 2011 21:32:00 +0000 (16:32 -0500)]
libafs: Do not osi_FlushPages for dirs
Directory contents are never mapped or stored in pages, so dealing
with page invalidation on directories is just overhead. So make
osi_FlushPages a no-op when we're given a directory, which can avoid a
lot of locks and other processing (particularly when we are called in
afs_getattr in BOZONLOCK_ENV).
Christof Hanke [Wed, 25 May 2011 20:16:59 +0000 (22:16 +0200)]
autoconf: add test for typedef'd structs
AC_CHECK_LINUX_STRUCT does not work for structs which are typedef'd.
The gcc will complain with "error: storage size of ‘_test’ isn’t known"
and fail the test.
Thus the new test-macro AC_CHECK_LINUX_TYPED_STRUCT.
Ben Kaduk [Thu, 26 May 2011 05:11:14 +0000 (01:11 -0400)]
FBSD: VIMAGE support
Starting in FreeBSD 8.0, there is support for multiple virtual
network stacks (generally to be exposed to separate jail(8) environments).
It is enabled as a kernel configuration option, so our builds against
GENERIC have not failed, but we fail to build when options VIMAGE
is present. Fix our variable references accordingly.
Submitted-by: Hiroki Sato of freebsd.org
Reviewed-on: http://gerrit.openafs.org/4721 Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 9703b023cc0f5088eab5135acf7417e90ebbb2cd)
Derrick Brashear [Wed, 25 May 2011 19:31:40 +0000 (15:31 -0400)]
macos: disable bulkstat
1.6 only change. there's still an issue where potentially
multiple contexts reference a vnode which needs to be finalized; the fixup
is successful but there's no hint to other threads to reref before proceeding
(no actual troublesome access while waiting for the fixup as the vnode
will not have actually been CStatd yet)
Derrick Brashear [Tue, 24 May 2011 18:36:04 +0000 (14:36 -0400)]
des: generated files should not require objects needed in libdes
1.6 only change, since DES is dead. don't require the same misc.o
in both libdes and when generating generated files to making, as
make dependencies then throw away valid input.
Replace uintptr_t type cast with uintptrsz in afs_vcache.c
A recent change (commit 80fe111f0044aa7a67215ad92210dc72cb7eb2c0)
to afs_vcache.c contains a call to afs_warn() whose second parameter
contains a "(uintptr_t)" type cast as part of a double type cast.
This presents an issue on some systems, such as OpenBSD, where this
object type is defined in a header that is not presently included.
This change modifies that type cast to instead use the AFS-internal
"(uintptrsz)" type which should provide the same effect.
Note that an earlier version of this patch attempted to remove the
"offending" type cast as redundant but it was pointed out that some
systems require this kind of cascading type cast when casting pointers
to integers to deal with possible size issues.
Andrew Deason [Tue, 10 May 2011 19:16:06 +0000 (14:16 -0500)]
libafs: Flush vcaches in afs_shutdown
Currently, a few platforms (linux, linux24, solaris, irix) flush all
vcaches during shutdown. However, they do this before calling
afs_shutdown(), resulting in afs_FlushVCache queueing VCBs and
possibly trying to give the callbacks back to the server.
Instead of this, perform the flushes in afs_shutdown itself, so we do
this after we try to give up all callbacks to all servers, and we do
this while afs_shuttingdown is set, so we don't try to queue VCBs.
This also consolidates some of the duplicated code to flush all
vcaches, and now does this for all platforms.
Derrick Brashear [Fri, 20 May 2011 18:13:01 +0000 (14:13 -0400)]
macos: bulkstat redux
simplify the logic which can require sleeps in various vcache
resolution paths. instead of the two-pass system we had before,
just guess using the even/odd hack what type a vnode will be.
if a vnode turns out to be a link and thus we are wrong, we
do a fixup later. other callers who "race" with bulkstat
(which is a supported feature, otherwise you'd have to block
callbacks) will also call through a fixup to get the correct
backing vnode type. this is necessary as the KPI doesn't
let us change the type of a vnode after it's been created.
side effect: eliminate many of the ugly cases where we had been
sleeping waiting for a vnode to be finalized even before bulkstat.
Derrick Brashear [Fri, 20 May 2011 18:10:49 +0000 (14:10 -0400)]
dynroot: mark vnode types on dynroot vnodes
when we create a vnode using a dynroot fid, we weren't bothering
to update the type from the default (typically VREG); most
dynroot vnodes are actually VDIR...
Michael Meffie [Wed, 18 May 2011 17:42:27 +0000 (13:42 -0400)]
volinfo: fix -filenames option check
Fix the logic for checking the presense of the volinfo -filenames
option. The original patch inadvertently added the -filenames
check as an if-else cause to the -orphaned flag check, which
prevents filenames from being printed when listing orphaned
vnodes.
Andrew Deason [Thu, 19 May 2011 22:02:35 +0000 (17:02 -0500)]
SOLARIS: Reset syscalls on mod_install failure
If our call to mod_install fails for any reason (for example, if the
afs entry is missing from /etc/name_to_sysnum), we may still have set
the sysent structures for setgroups and ioctl to point at libafs code.
So calls to those syscalls will cause a panic, since the code they
point to is no longer loaded.
To avoid this, just reset the sysent entries back to what they were if
we fail to load, just like we do when unloading the module.
rx: always use/protect the xdr routines in the kernel
This clears up some warnings about duplicate symbols with Solaris 11
since the Solaris kernel already has these routines. Since we never
use stock kernel version of the xdr routines perhaps we should always
use/protect our version of the symbols.
Reviewed-on: http://gerrit.openafs.org/4252 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
(cherry picked from commit 8336d31ac5092a16cfb206707e69c19f07f99241)
Jeffrey Altman [Wed, 18 May 2011 17:51:53 +0000 (13:51 -0400)]
auth: failback to afs3-vlserver for afs3-prserver
If the DNS SRV lookup is for afs3-prserver or afs3-kaserver,
fallback to a lookup for afs3-vlserver since those services
are traditionally hosted on the same machine as the vlserver.
Marc Dionne [Sun, 15 May 2011 00:57:12 +0000 (20:57 -0400)]
Linux: fix reading files larger than the chunk size
Commit 2571b6285d5da8ef62ab38c3a938258ddd7bac4e fixed an issue with
the use of tmpfs as a disk cache and ftruncate() on files in AFS.
But it introduced a problem reading larger files as reported in
RT ticket 129880.
What should be compared against the current cache file size is the
offset into the current chunk, not the overall offset for the whole
file.
Andrew Deason [Tue, 10 May 2011 17:54:53 +0000 (12:54 -0500)]
libafs: Do not write-lock afs_xserver on ICBS
Our RXAFSCB_InitCallBackState* handler currently write-locks
afs_xserver when it clears the SCAPS_KNOWN flag for the relevant
server. However, the afs_xserver lock is for protecting the global
list and hash table of server structures, and is not necessary to
acquire in order to modify the flags of an individual server struct.
For instance, CkSrv_GetCaps does not acquire any locks to modify the
server flags.
Taking this lock conflicts with a read lock on afs_xserver acquired by
afs_FlushVCBs when it traverses the list of server structures.
afs_FlushVCBs may contact a server that then calls InitCallBackState
on us, causing a deadlock if ICBS waits for the afs_xserver lock.
So, avoid locking afs_xserver in this case, to avoid that deadlock.
Reviewed-on: http://gerrit.openafs.org/4639 Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit ae638fa383b8270fe2461a2ad91b9101c74f3593)
Andrew Deason [Fri, 6 May 2011 18:12:17 +0000 (13:12 -0500)]
dasalvager: unlink fsstate.dat when standalone
If the DAFS salvager is running in a standalone mode, unlink the
fileserver's fsstate.dat file if any volumes change. Otherwise, volume
data could have changed and the fileserver will retain callback
promises for the data in those volumes until it tries to attach the
volume. This way, callbacks are broken via callback state
reinitialization.
A better solution is to record which volumes have changed, and the
fileserver can break callbacks for them on startup. But this at least
eliminates a regression from non-DAFS behavior.
Reviewed-on: http://gerrit.openafs.org/4638 Tested-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit 38efda16a2c5c9e74b5a23b5bdd2818a3353eec2)
Marc Dionne [Sat, 14 May 2011 17:19:52 +0000 (13:19 -0400)]
Linux: fix permission op test for certain compilers
Some compilers complain that _inode is used uninitialised here.
Since this test requires -Werror, it causes the test to fail
and our permission op to be used in RCU mode, leading to lockups.
Initialise it to make the compilers happy.
Fixes a lockup seen on kernels 2.6.38+ on Gentoo and Debian.
Jeffrey Altman [Mon, 9 May 2011 14:46:46 +0000 (10:46 -0400)]
Windows: always try afs/cell@USER-REALM first
In the KFW_AFS library, always try afs/cell@USER-REALM
first, even when KFW_AFS_klog() is called with an explicit
realm mapping for the cell. An afs service principal from
the user's realm is always preferred. No cross realm and
if the realm is AD, the ability to avoid the inclusion of
a PAC.
Jeffrey Altman [Fri, 6 May 2011 13:49:52 +0000 (09:49 -0400)]
Windows: replace CYGWIN envvar with CYGWINDIR
The environment variable CYGWIN (starting with cygwin 1.7.1) is
now used by CYGWIN to set configuration parameters for the cygwin
runtime library. OpenAFS used it to indicate the location of the
Cygwin install directory. Since there is a conflict, rename CYGWIN
to CYGWINDIR.
Simon Wilkinson [Tue, 3 May 2011 09:03:22 +0000 (10:03 +0100)]
Fix com_err renaming
The pull up of 352c3e366c2e0a8de4550547192276e62afd2cc1 to the 1.6
branch missed replacing occurences of com_err with afscom_err in
the sgistuff and pam directories. Fix this so that Irix builds
again.
Andrew Deason [Tue, 15 Feb 2011 18:04:32 +0000 (12:04 -0600)]
libafs: Drop xvcache for AllocCBR
Normally when we AllocCBR, we are holding xvcache write-locked, since
it is called from FlushVCache. Before a309e274632993c5aeec04c6e090f5ac95837a40, when AllocCBR needs to flush
CBRs due to a lack of space, we hit the net, giving up callbacks on
fileservers.
This can cause a problem if one of those fileservers needs to contact
us in order to complete that request, since the callback service
thread may be waiting for xvcache, causing a deadlock (that is
eventually broken by network timeouts).
To avoid this, drop xvcache if AllocCBR looks like it does not have
sufficient space. Fix all callers of afs_FlushVCache to handle the
case where we sleep, since with this change, afs_FlushVCache can sleep
on all platforms.
This partially reverts a309e274632993c5aeec04c6e090f5ac95837a40, as it
contains an alternative method of avoiding the xvcache lock in this
situation. This commit restores much of the code path to be much more
similar to how it used to be, except that it allows for dropping
xvcache for AllocCBR. This should make any change to our prior
behavior smaller/simpler, and thus safer and more consistent with
existing clients. This reintroduces the hard limit to how much space
we allocate for CBRs, although the part of a309e274632993c5aeec04c6e090f5ac95837a40 that raised this limit is
retained.
Andrew Deason [Thu, 28 Apr 2011 16:48:18 +0000 (11:48 -0500)]
libafs: Use vcount, not maxvcount to trim vcaches
Every five minutes we afs_ShakeLooseVCaches to try and return the
number of vcaches in use down to the originally configured -stat level
(when we are using dynamic vcaches). We should calculate how many
vcaches to flush based on the number of currently active vcaches
(afs_vcount), not the peak number (afs_maxvcount). Otherwise, once we
exceed the configured -stat level, we will always keep trying to flush
numerous vcaches, even if we barely have any vcaches in use.
Simon Wilkinson [Mon, 25 Apr 2011 18:18:39 +0000 (14:18 -0400)]
Linux: Don't read pages beyond the cache eof
If we attempt to read past the end of the current cache file (for
example, when we're extending the file with ftruncate), don't force
the backend filesystem to populate that page with non-existent data.
This will hopefully fix a bus error when using tmpfs as a backing
cache.
Andrew Deason [Wed, 27 Apr 2011 21:24:46 +0000 (16:24 -0500)]
viced: Improve deleted client log messages
Change the information logged related to deleted clients to be a
little more useful. In particular this includes adding the client and
host refcounts, to help see if the cause is a reference count leak.
Andrew Deason [Wed, 27 Apr 2011 19:23:43 +0000 (14:23 -0500)]
viced: Avoid ref leak on origin callback break
When breaking a callback, sometimes we send a callback to the host
that performed the callback-inducing operation. When we do this,
currently BreakCallBack gives the origin host structure to
MultiBreakCallBack_r, which avoids releasing that host after the
callback is broken.
However, BreakCallBack obtains a reference to every host to which it
delivers a callback, even if it is the origin host, so a reference is
leaked. Fix this by not ever passing a host to MultiBreakCallBack_r,
and just have MultiBreakCallBack_r release a reference for every host
to which it delivers a callback break.
Andrew Deason [Wed, 27 Apr 2011 18:51:23 +0000 (13:51 -0500)]
viced: Transfer host ref in h_FindClient_r
In h_FindClient_r, we can change which client structure we're dealing
with if we find a different client struct in the Rx conn-specific
data. We adjust the refcounts for the client structures themselves,
but not the associated hosts. While the host structures should be the
same most of the time, we are not guaranteed that, so adjust their
refcounts as well.
Andrew Deason [Sat, 23 Apr 2011 21:52:30 +0000 (16:52 -0500)]
viced: Release all hosts in h_Enumerate*
h_Enumerate and h_Enumerate_r were not releasing all of the holds they
obtained when the callback function caused the enumeration to bail
early. Correct them so all host holds are released.
Andrew Deason [Sat, 23 Apr 2011 21:44:41 +0000 (16:44 -0500)]
viced: Print a warning when using a deleted client
We should never get a deleted client back from GetClient. Log a
message if we do, to explain why access may suddenly appear to fail,
and assist in determining why.
Note that we still try to service the request, since the accessing
user may still have enough access to do whatever was requested.
Jeffrey Altman [Sun, 1 May 2011 04:11:13 +0000 (00:11 -0400)]
Windows: Fix caching of non-existing vols
In cm_UpdateVolumeLocation() the conditional that would
trigger the immediate return of CM_ERROR_NOSUCHVOLUME
was backwards which prevented the caching from working.
cm_CheckOfflineVolumes() is called by the daemon thread
to reset the status of offline volumes. Non-existing
volumes are by definition offline and cannot be brought
online. Therefore, the cm_CheckOfflineVolumes() function
should skip volumes with the CM_VOLUMEFLAG_NOEXIST flag
set.
Ben Kaduk [Sun, 19 Dec 2010 04:52:43 +0000 (23:52 -0500)]
Rename libcom_err to libafscom_err
We no longer provide a compatible libcom_err, and in fact
we renamed the symbols in our libcom_err several years ago
to reflect this fact.
When we build on a system where KRB5_LIBS includes
-lkrb5 -lcom_err , the new Unix build system will pick up
our libcom_err (as $(AFS_LDFLAGS) is the first argument in
AFS_LDRULE and pulls in a linker search path for our libcom_err)
which does not provide all the needed symbols for libkrb5.
Fully rename our libcom_err away to avoid these conflicts.
Marc Dionne [Wed, 30 Mar 2011 22:32:04 +0000 (18:32 -0400)]
Linux: Fix fallout from path_lookup commit
Fix a few issues with the recent commit to deal withg the removal
of path_lookup, spotted on RHEL 5:
- the configure tests needs fs.h to be included before namei.h, to
get the definition of struct inode
- we need to avoid the use of struct path unless its needed; on
older kernels the structure doesn't exist
Andrew Deason [Sat, 23 Apr 2011 21:25:00 +0000 (16:25 -0500)]
viced: Fix host enumeration flags
Do not give uninitialized flags values to h_Enumerate callback
functions. In fact, do not give a flags value to h_Enumerate or
h_Enumerate_r callback functions at all, since they are not actually
used.
Fix host enumeration callback functions to just return 0 or the
relevant flags, instead of basing the return value off of the given
flags value. Update MultiBreakVolumeCallBack_r to use the correct
return values, since it currently tries to use the old meanings of the
host enumeration return values.
If the Kerberos v5 library cannot be loaded (pkrb5_init_context
equal to NULL) return a reasonable error code instead of
returning success and doing nothing.
Windows: NPLogonNotify provide password in all cases
When calling KFW_AFS_get_cred() from NPLogonNotify()
always provide the user password. Do not count on a
credential cache existing from a previous call.
Andrew Deason [Fri, 15 Apr 2011 16:18:37 +0000 (11:18 -0500)]
AIX51: Fix PAGs
On AIX 5.1 and later, we set a process' PAG by using the AIX PAG
mechanism (and not by group ids), but we were determining what PAG a
process was in by the group list. Instead use the PAG identifier.
This effectively reverts 277c37f48c8126ba9cb986ffc7361fcb98e2bbf2, but
it puts the kcred_getpag call in a different place that makes more
sense in the current PAG code organization.
Simon Wilkinson [Thu, 21 Apr 2011 15:07:05 +0000 (16:07 +0100)]
Linux: Restrict # of cbrs we allocate at once
With commit a309e274632993c5aeec04c6e090f5ac95837a40, we changed the
number of CBRs that we allocate in a chunk from 300 to 1024. However,
this change takes the amount of memory requried to allocate a chunk
of CBRs above PAGE_SIZE on Linux. This changes the allocator that we
use from kmalloc to vmalloc. Whilst we can, and do, prevent kmalloc
from flushing filesystem pages when we invoke it, we don't have a
similar level of control over vmalloc. 1.6 only: limit it back to 300
elsewhere.
In one reported case, clients deadlock whilst attempting to allocate
this memory, in a call stack that looks something like:
Simon Wilkinson [Mon, 25 Apr 2011 12:56:38 +0000 (13:56 +0100)]
Windows: Remove duplicate file
The 'Streamfiles.txt' file had been committed with both that name,
and an all lower case name. This makes git very sad on systems with
case insensitive filenames.
projects / packages / o / openafs.git / log