Andrew Deason [Mon, 25 Jan 2010 23:05:09 +0000 (17:05 -0600)]
Use -A and -u in pthreaded ubik rxgen
Use -A for rxgen in tvlserver and tptserver to generate ANSI code, so we
don't generate warnings. Also use -u in tubik rxgen, so we generate the
ubik_* functions that new code uses.
Simon Wilkinson [Fri, 29 Jan 2010 14:17:46 +0000 (14:17 +0000)]
Remove internal vldbClientInit prototype
vldbClientInit is used by other modules in the backup suite, and is
already prototyped in bucoord_prototypes.h. So, remove it from the
internal header.
Simon Wilkinson [Fri, 29 Jan 2010 14:13:47 +0000 (14:13 +0000)]
Fix USS to use volser prototypes
Fix the uss_vol.c file to use the volser prototypes. This clears up the
list of the warnings in this file, so drop the warning supression from
the Makefile, and remove the entry from README.WARNINGS
Simon Wilkinson [Tue, 2 Feb 2010 13:14:28 +0000 (13:14 +0000)]
xdr_proc_t really is different on linux26_i386
i386 Linux uses a register based calling convention within the
kernel, but uses the stack for va_args based functions. This means
that the hack of prototyping xdrproc_t as a va_args function doesn't
work, as you end up with arguments being in the wrong place.
Restore the Linux only xdrproc_t prototype that 167e1aa21f5bbea1272b239dc6518a7bdbfc3ee6 removed, add a warning to
explain why its there, and modify xdr_free() so that it works
without error.
Simon Wilkinson [Tue, 2 Feb 2010 00:03:04 +0000 (00:03 +0000)]
Linux: Fix breakage in llseek error handling
Commit 7a5cee30cc5f0e6d5780387633ce2b46608fd5fb changed the way
that errors from llseek are dealt with. Unfortunately, it is missing
some all important bracing, and so we end up going down the error
path, even when the llseek succeeds.
My fault. Sorry.
Change-Id: I03061ba0663b610a8fb73a08d257f6d786795076
Reviewed-on: http://gerrit.openafs.org/1194 Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Tested-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Simon Wilkinson [Fri, 29 Jan 2010 17:47:12 +0000 (17:47 +0000)]
Darwin: Don't use ARCHFLAGS to determine arch
The Darwin build uses ARCHFLAGS to control the architectures it
builds binaries for. However, this causes problems for standalone
builds which just do ./configure && make. So, if ARCHFLAGS is
undefined, ask gcc which architecture it thinks that it is
building for, and use that.
Jeffrey Altman [Tue, 26 Jan 2010 15:23:03 +0000 (10:23 -0500)]
Windows: drop cm_Freelance_Lock before call to cm_FreelanceAddMount
The cm_Freelance_Lock must not be held before calling
cm_FreelanceAddMount(). cm_InitLocalMountPoints() was violating
this requirement. It is safe to drop the lock because the only
time the lock would be dropped is if the "Freelance" registry
key does not exist. This should only be true during the initial
startup of the application the first time afsd_service.exe
executes on the machine. At this point in time there is only
one thread that is executing that could be initializing the
Freelance mount point list.
Marc Dionne [Wed, 27 Jan 2010 00:48:24 +0000 (19:48 -0500)]
Linux: don't count pag keys against root's keyring quotas
Keys associated with PAGs are created with root ownership for
security reasons, which means that they count agains root's
keyring quotas. The default configuration used by most distros
restricts root to the same quotas as a regular user, so a single
user can potentially fill up the quota and prevent new pags from
getting created system-wide.
This can also be an issue for busy multi-user systems where the
default maximum number of keys (200 currently) can easily be reached.
Simon Wilkinson [Wed, 27 Jan 2010 02:30:09 +0000 (02:30 +0000)]
XDR memory management fixes
Change the xdr_free function so that it matches in signature and
behaviour the xdr_free that is available in other xdr packages, and
update all callers.
Don't use xdr_alloc where the data we're allocating isn't freed by
xdr. The only place where xdr_alloc is required is in server stubs
when filling OUT parameters.
Derrick Brashear [Mon, 25 Jan 2010 17:36:25 +0000 (12:36 -0500)]
darwin80 if changes cleanup
fix the indirection here to be correct.
ifnet_list_get needs a pointer to a pointer for the ifnet structure
Change-Id: I81bd7c383c63cc1e312fcfd482d7162d50f6f1d3
Reviewed-on: http://gerrit.openafs.org/1158 Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Simon Wilkinson [Mon, 25 Jan 2010 00:02:11 +0000 (00:02 +0000)]
Linux: Handle llseek failure
If llseek fails, then we return immediately, potentially leaving the
wrong address space configured for this process, and without resetting
the processes saved limits.
Fix this by creating a common exit point for osi_rdwr, and using it.
Marc Dionne [Sat, 23 Jan 2010 01:05:34 +0000 (20:05 -0500)]
Add missing dependencies for pagsh in Makefile
Make pagsh and pagsh.krb depend on the libraries that are used to
link them, and on the source file pagsh.c
Without this dependency, modifying pagsh.c would not trigger a
rebuild of the executable.
Simon Wilkinson [Fri, 22 Jan 2010 20:11:21 +0000 (20:11 +0000)]
Don't throw data away in afs_StoreMini
afs_StoreMini had some interesting error handling. Instead of returning
the error code from StoreData, it would return the error from EndCall,
potentially masking the StoreData error. When it encountered an error
it would discard all of the cached data.
StoreMini's only caller is afs_StoreAllSegments. If StoreAllSegments is
called from DoPartialWrite, then it squashes the error code. This
combination could lead to the user's data being disposed of, without an
error being reported.
Fix all of this by not invalidating segments in StoreMini. Make
StoreMini static to make it clear its only used by StoreAllSegments, and
fix the error handling in StoreMini so that StoreData errors always take
priority.
That change broke the expected semantics of a drop box, by
opening up read() access to users to whom it would usually be
denied. The expected dropbox behaviour is that whilst anyone
can write a file there, only those who are specifically given
r permissions may read it.
Current versions of both MIT Kerberos and Heimdal disable DES enctypes
by default, but DES enctypes are still required for AFS service tickets.
Probe for either krb5_allow_weak_crypto() (MIT Kerberos 1.8) or
krb5_enctype_enable() (Heimdal) and, if found, call them to enable DES
enctypes. If neither is found, assume that the Kerberos libraries are
old enough that DES is enabled by default.
Andrew Deason [Fri, 22 Jan 2010 01:42:33 +0000 (20:42 -0500)]
Fix afs_AccessOK for dropbox case
afs_AccessOK did not check for if we have 'i' rights on a directory, nor
if we were the owner of a file, if we were only checking PRSFS_READ or
PRSFS_WRITE. Thus, it does not correctly address the 'dropbox'
permissions case (if you are the owner of a file and have insert
permissions, you get implicit 'r' and 'w').
Fix this to check for 'i' and ownership when we need to, so the dropbox
special-case check works as intended.
Russ Allbery [Thu, 21 Jan 2010 23:41:49 +0000 (15:41 -0800)]
Enable weak enctypes for aklog if supported by Kerberos
Current versions of both MIT Kerberos and Heimdal disable DES enctypes
by default, but DES enctypes are still required for AFS service tickets.
Probe for either krb5_allow_weak_crypto() (MIT Kerberos 1.8) or
krb5_enctype_enable() (Heimdal) and, if found, call them to enable DES
enctypes. If neither is found, assume that the Kerberos libraries are
old enough that DES is enabled by default.
Jeffrey Altman [Thu, 21 Jan 2010 21:43:18 +0000 (16:43 -0500)]
Windows: Windows v6.0 SDK does not define __RPC__out
The Windows v6.0 SDK does not define __RPC__out in the rpcsal.h
header file. The preprocessor symbol was added in the v6.0A SDK
update. In case the v6.0 SDK is used with the 6000 WDK, add a
symbol declaration.
Jeffrey Altman [Thu, 21 Jan 2010 20:34:49 +0000 (15:34 -0500)]
Undo labeling of elements of rx structures for Windows
Change I006bbbdb8923dbb72a97fde931a1b23e303375c2 broke
the Windows build. Restore the unlabled assignments for
Windows since Windows always uses the AFS xdr implementation.
Marc Dionne [Thu, 21 Jan 2010 02:03:08 +0000 (21:03 -0500)]
Warning cleanup: implicit function declarations in butc and bucoord
Cleanup some prototype related warnings under bucoord and butc:
- Copy a few prototypes from bucoord_internal.h to bucoord_prototypes.h,
since they are used in other source directories
- Install bc.h under include/afs, and include it in tcmain.c
- Include bucoord_prototypes.h in tcmain.c
- Add a prototype for GetResponseKey
- Remove warning inhibition for tcmain.c, and entry in README.WARNINGS
- Remove warning inhibition for bucoord/dump.c (no entry in README)
Derrick Brashear [Wed, 20 Jan 2010 16:15:29 +0000 (11:15 -0500)]
simplify ufs cache mechanisms available
instead of having use_fh for linux, vnode_path for solaris and darwin,
use the same mechanism for both. for darwin/solaris we cache the path
(tested via gop_lookupname) instead of an fh, freeing the path at
shutdown.
Derrick Brashear [Tue, 19 Jan 2010 06:29:11 +0000 (01:29 -0500)]
batch panic decoding for MacOS
add support for decoding (nominally) any panic for MacOS. Limited testing.
Requires hdutil from http://www.dementia.org/~shadow/dmgutil-0.1.tar.gz
to extract files from DMGs.
now with support for cross-version debugging, when run on 10.6 (e.g. with kextutil)
Change-Id: I5d9db005e3014e22f916070f8af25271a28615ea
Reviewed-on: http://gerrit.openafs.org/1125 Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Simon Wilkinson [Wed, 20 Jan 2010 13:13:58 +0000 (13:13 +0000)]
Fix so that UKERNEL can keep using system xdr
This fix modifies the way that the RX XDR operations are declared
so that UKERNEL can continue using the system provided XDR glue,
rather than using our own (as is the case in userspace, and in
normal kernel modules)
Simon Wilkinson [Sun, 17 Jan 2010 18:34:03 +0000 (18:34 +0000)]
Label elements of rx structures
Label all of the assignments to the xdr_ops structure. This allows
the rec, stdio and mem variants to continue to function, even when
the ordering of the elements has changed in the header.
Russ Allbery [Wed, 20 Jan 2010 01:43:35 +0000 (17:43 -0800)]
Avoid executable headers in local include tree
sys_prototypes.h, afs_AdminErrors.h, and afs_Admin.h were being installed
into include/ in the build tree via ${INSTALL} instead of ${INSTALL_DATA}.
rx_prototypes.h was executable in the repository. Install header files
non-executable and make rx_prototypes.h non-executable for cleanliness.
Discovered by Lintian because the executable permissions were duplicated
by make libafs_tree.
Asanka Herath [Mon, 18 Jan 2010 21:47:31 +0000 (16:47 -0500)]
Windows: Add a context menu for the AFS icon
The OpenAFS plug-in for Network Identity Manager displays an icon
in the notification area that displays status information about
the AFS service and tokens. Add a context menu to the icon so
that users can open the NIM application and get help for the
plug-in from the notification icon.
Derrick Brashear [Sun, 17 Jan 2010 06:10:28 +0000 (01:10 -0500)]
create debugging kext package for MacOS
this creates and installs a debugging kext package for macos. it also
always installs the decode-panic script (which can be used even without
the debug kext)
Marc Dionne [Sat, 16 Jan 2010 22:40:52 +0000 (17:40 -0500)]
More pam warning cleanups - test_pam.c
Clear up a few more warnings in the pam code. The changes here
are very similar to the ones in the previous patch and use
the same configure test:
- use PAM_CONST to conditionally declare pam_message as const
- cast a few arguments to putenv, which expects a non-const pointer
Marc Dionne [Sat, 16 Jan 2010 21:29:10 +0000 (16:29 -0500)]
up.c: remove unused variable pageSize
Variable pageSize is declared and set to the system page size
using getpagesize(), but the value is not used anywhere.
getpagesize() doesn't necessarily have a prototype declared in
unistd.h with recent glibc, which can generate a new warning and
trip up an enabled-checking build.
Instead of trying to put in a workaround, just remove the unused variable.
Marc Dionne [Sat, 16 Jan 2010 23:57:24 +0000 (18:57 -0500)]
uss: Fix IP address parsing and cleanup warnings
In uss_vol_GetServer(), the IP address octets are scanned into "char"
variables, and later cast to afs_int32 to build the address.
sscanf gives warnings because it's expecting an int pointer, and
testing shows that this code doesn't work as expected - the first
3 octets are always parsed as 0.
Use afs_int32 variables instead, which works, eliminates warnings and
simplifies the code.
Note that this code does not seem to be reachable currently.
It was probably meant to be used by planned additional uss commands.
Asanka Herath [Fri, 15 Jan 2010 20:39:12 +0000 (15:39 -0500)]
Windows: Query the MTU value from the registry
The syscfg_GetIFInfo() call uses the interface info returned by
GetAdaptersAddresses(). Also manually query the MTU value in the
registry for any interfaces bound to the same adapter and use the
smallest such MTU as the value returned by syscfg_GetIFInfo().
Simon Wilkinson [Sat, 16 Jan 2010 15:35:34 +0000 (15:35 +0000)]
Don't double free call structure
If the rx_Read() of the number of bytes in the FetchData64 response
fails, then it sets code, and disposes of the call structure. However,
the length safety check that was added in c7b92a3018044f7aca4d9a77644e5c06ef64d1e9 executes regardless of whether
code is set, and the call has already been freed. So we end up calling
rx_Error with a NULL call structure, and panic.
Simon Wilkinson [Sat, 16 Jan 2010 02:15:36 +0000 (02:15 +0000)]
Linux: Add missing prototype
6e65ffbb6c520bf1c28356206410363d8eb36d78 added osi_get_group_pag.
On most platforms this is static, but on Linux it's provided by
the OSI layer. Add a prototype so the compiler doesn't go boom.
Simon Wilkinson [Sat, 16 Jan 2010 02:09:34 +0000 (02:09 +0000)]
Unix CM: Fix negative file length case, again
As originally noted in f6f9ee5402f1718f330a00ec89fb34b05c3cd360
some fileservers return a negative length, typically when a client
is attempting to fetch data that is past the extents of the file,
the CM needs to retain this negative length, and handle it correctly.
c7b92a3018044f7aca4d9a77644e5c06ef64d1e9 added safety checks for
the fileserver returning a length larger than that asked for by
the client. Sadly, this check does a comparison between a
signed, and an unsigned, variable. This leads to it incorrectly
classifying negative responses as being too large.
Jeffrey Altman [Fri, 15 Jan 2010 14:06:05 +0000 (09:06 -0500)]
Rx: Correct AFS_NT40_ENV rx_GetIFInfo max MTU assignments
On UNIX, the rx library values for rx_maxReceiveSize and
rx_MyMaxSendSize are sent by the cache manager directly.
In Windows, they are set by rx_GetIFInfo() which had two
errors.
(1) The comparison of rx_maxReceiveSize and maxsize were
reversed which prevented rx_maxReceiveSize from ever
being set to the interface MTU.
(2) rx_MyMaxSendSize was never assigned a value.
As a result, two problems occurred.
(1) The remote peer was never told about the local MTU.
(2) The local peer ignores the MTU.
From 1.3.60 to 1.5.33, OpenAFS for Windows installers
provided a registry default RxMaxMTU of 1260. This caused
the cache manager to call rx_SetMaxMTU() which in turn set
both rx_maxReceiveSize and rx_MyMaxSendSize in effect
masking these errors.
Jeffrey Altman [Fri, 15 Jan 2010 14:18:50 +0000 (09:18 -0500)]
Rx: Do not drop call lock in rx_WriteProc* and rx_ReadProc*
rx_WriteProc and rx_ReadProc has special fast logic that
handles the most frequent case. This code was called
without obtaining the call lock. However, each of these functions
must obtain the call lock for the queue_IsNotEmpty() test and
must re-obtain the call lock if the rxi_XXX variant is required.
Dropping the lock and re-obtaining it is more expensive than
holding it across the memcpy. Therefore, we shouldn't drop the
lock until we are done.
Marc Dionne [Thu, 14 Jan 2010 23:56:49 +0000 (18:56 -0500)]
src/pam warning fixes
The second parameter to pam_conv() should be a const pointer on
recent systems. Make it so to eliminate a couple of warnings.
A configure test is added to deal with some systems where pam_conv()
might not be const.
Cast a few assignments to cell_ptr in afs_auth.c and afs_setcred.c
since the argv parameter is const.
Dan Hyde [Wed, 13 Jan 2010 19:38:47 +0000 (14:38 -0500)]
volmonitor keep vtrans lock
VolMonitor must maintain the VTRANS lock the whole time it is walking
the allTrans list. Failure to do so can cause core dumps trying to
access memory that has already been free'd.
Two versions of this change were coded and tested. The other version
used the VTRANS lock only around a THOLD, but needed a TRELE, too.
Timing tests were run counting the number of vos status, vos listvol,
and vos backupsys operations that could be performed during a fixed
number of vos status operations. The THOLD/TRELE version caused other
vos operations to run about 5% slower.
Simon Wilkinson [Tue, 17 Nov 2009 20:46:17 +0000 (20:46 +0000)]
Kernel is always defined
When we build the kernel module, either in the real or the ukernel
case, KERNEL is defined. So, remove the #ifdefs around our locking
primitives, so that things are a little bit clearer.
afsd: decprecate -mem_alloc_sleep flag (and related code)
On most platforms, afs_osi_Alloc_NoSleep() is already afs_osi_Alloc().
I have tested this on Solaris (the major exception) and haven't seen
any problems.
Andrew Deason [Mon, 11 Jan 2010 19:36:32 +0000 (13:36 -0600)]
Always check VInitVolumePackage2 return code
Some programs were not checking the return code of VInitVolumePackage2.
Although some programs do not care so much if we fail to properly init
the volume package (SYNC debug tools), at the very least log/print an
error, so it doesn't silently fail.
Other programs are changed to exit when VInitVolumePackage2 fail, so
e.g. salvages don't accidentally cause corruption on 'logging'-mounted
UFS partitions.
In any case, ensure the return code is always checked anywhere it is
called.
Simon Wilkinson [Sat, 19 Dec 2009 23:58:54 +0000 (23:58 +0000)]
Linux: Rework PAG to group conversions
The change to using a single group for PAGs on Linux led to a load
of special cases throughout the code. This patch moves the OS
dependent parts of this into the LINUX/ platform directory, and
rearranges that file so that there is a clear distinction between
the one and two group sections of the code.
Jeffrey Altman [Mon, 11 Jan 2010 19:21:11 +0000 (14:21 -0500)]
Windows: Protect buffers in smb_WriteData from simultaneous writes
smb_WriteData does not properly use CM_SCACHESYNC_WRITE to
protect buffers from simultaneous writes. Instead of simply
testing CM_SCACHESYNC_WRITE at the top of the while loop,
the flag must remain set until the entire write completes.
cm_SyncOp is now called once and cm_SyncOpDone is only called
upon final success or error.
In addition, as 'count' is unsigned, the test for count < 0
is replaced with count != 0.
Jeffrey Altman [Mon, 11 Jan 2010 18:51:42 +0000 (13:51 -0500)]
Windows: buf_Recycle should clean up flags and reset version
The CM_BUF_EOF and CM_BUF_ERROR buffer flags and the
buffer dataVersion should be reset within buf_Recycle()
instead of by the caller of buf_Recycle().
Jeffrey Altman [Sat, 9 Jan 2010 05:26:37 +0000 (00:26 -0500)]
Windows: do not leak scp->dirlock if cm_BPlusDirBuildTree fails
In cm_BeginDirOp, the scp->dirlock would be leaked if
cm_BPlusDirBuildTree() failed. This would either result in
a panic later on if lock order validation is active; or as
an inability to process subsequent requests on the directory.
Simon Wilkinson [Sun, 22 Nov 2009 23:31:00 +0000 (23:31 +0000)]
Use dget_parent to handle getting inode of parent
We can't safely do dp->d_parent->d_inode to access the parent inode
of a given dentry. Instead, use dget_parent() to get safely get a
reference on the parent dcache, and access the inode using that
reference. Dispose of this reference with dput() as appropriate.
Matt Benjamin [Tue, 5 Jan 2010 02:31:27 +0000 (21:31 -0500)]
freebsd: CM changes targeting RELENG_8
Force all vnodes onto the fs mount queue when allocated. This fixes
a long-standing vnode recycling problem. Don't call vgone() on a vnode
whose refcount is 0. Always destroy vnodes in VOP_RECLAIM. This is work
in progress towards fixing old reclaim bug mentioned in Rees comment.
Hold vnode returned from gop_lookupname_user in afs_pioctl_syscall,
to avoid it going inactive before we're finished. Also unlock it if
necessary. Don't use custom vop_lock impl when AFS_FBSD80_ENV. Remove
duplicate conditional code in vnode pretty-print (old cruft). Also don't
format fid members as hex. Revert vn_lock exclusve in osi_VM_StoreAllSegments
(fixes deadlock introduced by me in a 2009 changeset). Remove unused
variables in osi_VM_StoreAllSegments.
projects / packages / o / openafs.git / log