Derrick Brashear [Thu, 11 Feb 2010 03:12:04 +0000 (22:12 -0500)]
set minimum darwin kernel rx sleep
never be willing to sleep less than 500ms. additional tweaks to the
rx scheduler may be needed however before we always slept for 500; now
we'll sleep longer if no events are pending (but not forever)
Simon Wilkinson [Tue, 9 Feb 2010 19:53:40 +0000 (19:53 +0000)]
Linux: Use current_creds() if stashed creds fail
If we can't use our stashed credentials (because SELinux hates us,
most likely), then fall back to trying the processes current credentials
instead of just oopsing.
Andrew Deason [Thu, 4 Feb 2010 22:26:21 +0000 (16:26 -0600)]
Consolidate code for reading/writing vol headers
The code for reading in and overwriting/replacing volume headers is
duplicated many times throughout the volume package. Consolidate the
code into the functions VReadVolumeHeader, VWriteVolumeHeader,
VCreateVolumeHeader, and VDestroyVolumeHeader. This makes it easy to
change the semantics of how headers are read/written, though this commit
should not change them.
afs_TruncateAllSegments() make sure correct afs_size_t comparison is
used when selecting dcache entries for truncation
Insure that afs_TruncateAllSegments() uses the correct [64-bit]
comparison when deciding whether to truncate chunks:
alen - AFS_CHUNKTOBASE(tdc->f.chunk) for a file > 2GB would fail
to be recognised negative with an "afs_int32 newSize", even with
alen = 0 and big tdc->f.chunk.
this interface works how osi_Wait *should*, except on some platforms Wait
appears to wake up all waiters(!) by using a single wait channel in the
backend. rather than change that and risk problems, introduce an interface
using the same system of events we use for osi_Sleep
Simon Wilkinson [Fri, 5 Feb 2010 12:49:27 +0000 (13:49 +0100)]
Unix CM: Just use Bogus for VenusLogging
The VenusLogging function no longer exists - instead of having a
stub the returns EINVAL, just use the existing Bogus stub (which
returns EINVAL) instead.
Simon Wilkinson [Thu, 4 Feb 2010 17:27:32 +0000 (17:27 +0000)]
Refactor afs_ioctl code
The ioctl code was a nightmare of #ifdefs. This patch reworks it
so that there is a single function for each operating system, which
makes it much easier to see what's going on. Eventually it should be
possible to move these reworked functions out into the osi directories
Simon Wilkinson [Thu, 4 Feb 2010 16:08:26 +0000 (16:08 +0000)]
UKERNEL: End the #define u insanity
UKERNEL redefines the character 'u' to do a function call. This
hurts other kernel developers in all sorts of interesting ways. Remove
the definition, and instead explicitly reference the get_user_struct()
function in those places that we need to.
Simon Wilkinson [Thu, 4 Feb 2010 15:09:34 +0000 (15:09 +0000)]
Add rx security index enum
Add a enumerated type for rx security indexes, initially containing
the values reserved for null, kad, gk, and k5. Start to use this type,
and related names, rather than hard values throughout the code.
Andrew Deason [Mon, 8 Feb 2010 21:03:08 +0000 (15:03 -0600)]
salvager: alias -f to -force
DAFS added the -forceDAFS flag, which made the '-f' flag ambiguous, when
it used to be short for '-force'. Restore the previous meaning of '-f'
to reduce backwards incompatibility.
Simon Wilkinson [Tue, 9 Feb 2010 16:26:57 +0000 (16:26 +0000)]
Initialise ptuser to NULL
Fix fallout from d008089a79ef268bbca91d660a840f32cb416865 - sc wasn't
being initialised when it was declared, and some code paths would fail
to set it. This led to the == NULL check failing, and a new rx
connection being created with an invalid pointer as a security context.
Disaster ensued ...
OpenBSD: don't use AFS_GLOBAL_SUNLOCK on single processor system
Put back the header directives that only turns on AFS_GLOBAL_SUNLOCK
when compiling for multiprocessors system. When enabled on a single
processor OpenBSD system, it is possible to put the entire system
into a lengthy (minutes) lock state when performing multiple AFS
activities. The system behaves MUCH better when AFS_GLOBAL_SUNLOCK
is not set (no problems encopuntered). This whole locking mechanism
needs a bit more examination on OpenBSD before this is useful in
single processor mode.
A shutdown or unmount of AFS on OpenBSD will invariably result in a kernel
panic. This is because the afs_unmount() routine does not (can not?) force
vnode releases if the vnode is still busy. However, it continues on
nonetheless and dies a horrible death a little later.
This update causes a return from afs_unmount() with EBUSY if all the vnodes
weren't released. This results in error messages on shutdown but the overall
process continues more reliably and reboots, for example, work.
There is likely a better solution to this but at least this is no worse than
a system crash and it doesn't require console (or power button) intervention
so it should do until I have the chance to explore further.
Starting with OpenBSD 4.2, the interface list returned by sysctl using
NET_RT_IFLIST contains multiple versions of the data. This really
messes up the rx_getAllAddr_internal() routine that returns a list of
valid interfaces for the system (to the point where none are returned).
This change adds a routine that cleans up the data returned by sysctl
so it returns only a single (the most current) version of the data.
That stops afsd (among others) from being cranky when it starts up.
The internal malloc memory types for IPv6 (M_IP6OPT, ...) conflict
with the type numbers used to designate AFS memory (M_AFSFID, etc.).
This change moves the AFS memory type to a new number that does not
conflict. This is not a serious issue but can create real confusion
when trying to debug or track memory issues, among other things.
When determining the volume type of a volume, vsu_GetVolumeID() checks
to see if the volume name ends in '.backup' or '.readonly' by backing
up the appropriate number of characters from the end of the name. It
does not, however, check to see if it skips past the beginning of the
volume name. This can result in a segmentation fault (which it has for
me on many occasions during a vos release) depending on where memory
is allocated or how/if memory is protected.
This patch corrects this behaviour by checking the volume name string
length prior to doing the string comparison.
Add config param header and sysname number for OpenBSD 4.6.
As well, add an additional parameter to a call to ifa_ifwithnet()
when looking up the MTU for an interface to indicate that the call
should use the default routing table. With the advent of OpenBSD
4.6, the system has started to make provisions for multiple routing
tables which included a change to the calling sequence for this
routine.
Jeffrey Altman [Fri, 5 Feb 2010 18:45:48 +0000 (13:45 -0500)]
Windows: Remove use of AFS_AFSDB_ENV from kauth/user_nt.c
AFS_AFSDB_ENV was removed from the rest of the source tree.
Now remove it from kauth/user_nt.c so that DNS lookups can
be performed from the ka_ authentication routines.
Marc Dionne [Thu, 4 Feb 2010 02:34:24 +0000 (21:34 -0500)]
Don't clear afs_stats_cmperf too early during shutdown
Commit 21cbf7fee0a089d94f62baa7df2422e7bc8293f7 activated some
previously unused cleanup code. Part of this clears afs_stats_cmperf,
but these stats are used later to check for leaks of chunks allocated
with afs_AllocSmallSpace and afs_AllocLargeSpace. The result is a
message about unfreed blocks in the syslog with negative counts.
Since the structure is already cleared later in the shutdown process,
just remove this instance.
Simon Wilkinson [Wed, 3 Feb 2010 00:37:20 +0000 (00:37 +0000)]
Fix fs storebehind on files with 2 or more servers
fs storebehind didn't allocate a large enough buffer for its call
to VIOCWHERIS. This meant that when it was called on a file with
more than one server (one in a readonly volume), it would error
out with E2BIG, rather than a more appropriate message.
Fix this, by using the generic 'space' buffer for the VIOCWHERIS
call.
Simon Wilkinson [Wed, 3 Feb 2010 00:31:32 +0000 (00:31 +0000)]
Fix pioctl input and output handling
Pioctl input and output handling was being handled in an adhoc
manner, with little or no detection of input and output buffer
overflow. Whilst overflow is difficult to provoke on a real system,
due to the size of the buffers being allocated for output, the code
was difficult to read, and fragile to maintain.
This patch adds an XDR like abstraction for marshalling and
unmarshalling pioctl data. Whilst the real XDR can't be used and
maintain backwards compatibility, this gives a similar elegance.
Input and output pointers are replaced with instances of
struct afs_pdata, which store both a pointer to the current position
in the data stream, and a note of where the stream ends.
All access to a data stream is now performed through a set of helper
functions, which handle the reading and writing of integers, strings,
and arbitrary blocks of bytes. An 'inline' function is provided for
those cases where direct access to the stream is required.
Simon Wilkinson [Sat, 30 Jan 2010 22:28:47 +0000 (22:28 +0000)]
Add xdr_len, to work out required buffer size
Currently, code which uses xdr_mem needs to take a guess at the
buffer size required, allocate that guess, and error out if the
data being encoded actually exceeds the guess.
This adds a new XDR mechanism - xdr_len, which can return
(using xdr_getpos) the length of the buffer required to XDR
encode a given structure.
Simon Wilkinson [Sat, 30 Jan 2010 21:56:57 +0000 (21:56 +0000)]
Add xdr_mem to the Unix build
A number of forthcoming attractions require xdrmem, which is
currently not part of the Unix build. Fix it so that it builds
without warnings, and add it to the standard RX build.
Simon Wilkinson [Fri, 29 Jan 2010 17:52:17 +0000 (17:52 +0000)]
Add interface to select client security objects
Add a pair of interfaces to support the selection of a security
object by the client. The idea of these interfaces is to abstract
out the job of selecting an interface from the client code itself,
and into a common library. This reduces duplicated code, and makes
it easier to add new security objects in the future.
Simon Wilkinson [Sat, 7 Nov 2009 22:31:08 +0000 (22:31 +0000)]
Add printf format checks to afs_com_err()
Add gcc printf format checks to the afs_com_err() functions
Deal with the fallout, in particular change callers which pass
an empty format string to pass NULL instead - the com_err functions
already permit this alternate use.
There's a couple of real bugs here - in one case, we attempt to
print a NULL pointer, rather than a security index, and in the other
we supply a NULL format string, rather than the string we meant to
print.
Simon Wilkinson [Fri, 29 Jan 2010 15:12:42 +0000 (15:12 +0000)]
Don't pass tokens around the backup system
The backup system has a global ktc_token, which is used
to work out when its credentials are about to expire. This leads to
an unfortunate dependency throughout the code on the format of this
token.
Replace this with a global time_t which stores the expiry time, and
copy the required field from the token into this when we get the
token. This limits the exposure of the token, and simplifies the code.
Simon Wilkinson [Thu, 28 Jan 2010 23:50:54 +0000 (23:50 +0000)]
Common interface for server security objects
Add an interface for creating arrays of server security objects.
This collects all of the various daemon code for initialising
security objects into one place, reducing duplication and making
it easier to add new objects in the future.
Simon Wilkinson [Tue, 2 Feb 2010 15:59:12 +0000 (15:59 +0000)]
Add a set of strings for the InstallationCheck
InstallationCheck needs a strings dictionary to turn its errors
into human readable content. Add such a dictionary, and use the
correct product name and version for each Mac OS X release.
Andrew Deason [Mon, 25 Jan 2010 23:05:09 +0000 (17:05 -0600)]
Use -A and -u in pthreaded ubik rxgen
Use -A for rxgen in tvlserver and tptserver to generate ANSI code, so we
don't generate warnings. Also use -u in tubik rxgen, so we generate the
ubik_* functions that new code uses.
Simon Wilkinson [Fri, 29 Jan 2010 14:17:46 +0000 (14:17 +0000)]
Remove internal vldbClientInit prototype
vldbClientInit is used by other modules in the backup suite, and is
already prototyped in bucoord_prototypes.h. So, remove it from the
internal header.
Simon Wilkinson [Fri, 29 Jan 2010 14:13:47 +0000 (14:13 +0000)]
Fix USS to use volser prototypes
Fix the uss_vol.c file to use the volser prototypes. This clears up the
list of the warnings in this file, so drop the warning supression from
the Makefile, and remove the entry from README.WARNINGS
Simon Wilkinson [Tue, 2 Feb 2010 13:14:28 +0000 (13:14 +0000)]
xdr_proc_t really is different on linux26_i386
i386 Linux uses a register based calling convention within the
kernel, but uses the stack for va_args based functions. This means
that the hack of prototyping xdrproc_t as a va_args function doesn't
work, as you end up with arguments being in the wrong place.
Restore the Linux only xdrproc_t prototype that 167e1aa21f5bbea1272b239dc6518a7bdbfc3ee6 removed, add a warning to
explain why its there, and modify xdr_free() so that it works
without error.
Simon Wilkinson [Tue, 2 Feb 2010 00:03:04 +0000 (00:03 +0000)]
Linux: Fix breakage in llseek error handling
Commit 7a5cee30cc5f0e6d5780387633ce2b46608fd5fb changed the way
that errors from llseek are dealt with. Unfortunately, it is missing
some all important bracing, and so we end up going down the error
path, even when the llseek succeeds.
My fault. Sorry.
Change-Id: I03061ba0663b610a8fb73a08d257f6d786795076
Reviewed-on: http://gerrit.openafs.org/1194 Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Tested-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Simon Wilkinson [Fri, 29 Jan 2010 17:47:12 +0000 (17:47 +0000)]
Darwin: Don't use ARCHFLAGS to determine arch
The Darwin build uses ARCHFLAGS to control the architectures it
builds binaries for. However, this causes problems for standalone
builds which just do ./configure && make. So, if ARCHFLAGS is
undefined, ask gcc which architecture it thinks that it is
building for, and use that.
Jeffrey Altman [Tue, 26 Jan 2010 15:23:03 +0000 (10:23 -0500)]
Windows: drop cm_Freelance_Lock before call to cm_FreelanceAddMount
The cm_Freelance_Lock must not be held before calling
cm_FreelanceAddMount(). cm_InitLocalMountPoints() was violating
this requirement. It is safe to drop the lock because the only
time the lock would be dropped is if the "Freelance" registry
key does not exist. This should only be true during the initial
startup of the application the first time afsd_service.exe
executes on the machine. At this point in time there is only
one thread that is executing that could be initializing the
Freelance mount point list.
Marc Dionne [Wed, 27 Jan 2010 00:48:24 +0000 (19:48 -0500)]
Linux: don't count pag keys against root's keyring quotas
Keys associated with PAGs are created with root ownership for
security reasons, which means that they count agains root's
keyring quotas. The default configuration used by most distros
restricts root to the same quotas as a regular user, so a single
user can potentially fill up the quota and prevent new pags from
getting created system-wide.
This can also be an issue for busy multi-user systems where the
default maximum number of keys (200 currently) can easily be reached.
Simon Wilkinson [Wed, 27 Jan 2010 02:30:09 +0000 (02:30 +0000)]
XDR memory management fixes
Change the xdr_free function so that it matches in signature and
behaviour the xdr_free that is available in other xdr packages, and
update all callers.
Don't use xdr_alloc where the data we're allocating isn't freed by
xdr. The only place where xdr_alloc is required is in server stubs
when filling OUT parameters.
Derrick Brashear [Mon, 25 Jan 2010 17:36:25 +0000 (12:36 -0500)]
darwin80 if changes cleanup
fix the indirection here to be correct.
ifnet_list_get needs a pointer to a pointer for the ifnet structure
Change-Id: I81bd7c383c63cc1e312fcfd482d7162d50f6f1d3
Reviewed-on: http://gerrit.openafs.org/1158 Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
projects / packages / o / openafs.git / log