This commit fixes a vrequest leak introduced by change
I1c60701d4e4f85aedfea6be58a03468ab34edb96. On master, the corresponding
changes appear in the opposite order.
Change-Id: I1f7a5794f19abb1495bbab6014c3ccde99cf0e1d
Reviewed-on: http://gerrit.openafs.org/11381 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Michael Meffie [Sun, 19 Jan 2014 22:04:08 +0000 (17:04 -0500)]
libafs: separate source and header compile_et rules
Use the new compile_et -emit flag to generate source and header
files separately to support parallel make.
Export afs_trace.h since it is required to build libafs. Before the
compile_et -emit flag was available, The afs_trace.h file was
generated as a side-effect of creating afszcm.cat.
Reviewed-on: http://gerrit.openafs.org/10729 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 4e6b7ab904d38d38da1b80a7342bd815668a8c09)
Change-Id: Ic1474aff86e49d8df0ba151ed0e53932aa96d1ed
Reviewed-on: http://gerrit.openafs.org/11239 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Michael Meffie [Sat, 1 Mar 2014 19:52:48 +0000 (14:52 -0500)]
compile_et macros to generate source and headers separately
Common makefile macros to generate headers and source files
separately using the new compile_et -emit option.
Reviewed-on: http://gerrit.openafs.org/10869 Reviewed-by: D Brashear <shadow@your-file-system.com> Tested-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit be36376b244d1d94b24cb8fce44810fb31b7b5ce)
Change-Id: Ic9cf078f6a013e7529ae8f11b0378173e64ee680
Reviewed-on: http://gerrit.openafs.org/11237 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Michael Meffie [Sun, 19 Jan 2014 04:03:44 +0000 (23:03 -0500)]
libadmin: add missing bubasics dependency
bubasics is a dependency of libadmin. Add it to the top level
makefile.
This missing dependency was found by analyzing the libadmin header
file includes.
Reviewed-on: http://gerrit.openafs.org/10727 Reviewed-by: D Brashear <shadow@your-file-system.com> Tested-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit b8589f1b59e520aae8d412170b663ff3bc214667)
Change-Id: Ie879c29a72bbf194bf48dea73380521dc89c4c38
Reviewed-on: http://gerrit.openafs.org/11236 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Michael Meffie [Sun, 19 Jan 2014 03:40:12 +0000 (22:40 -0500)]
libadmin: rework compilation rules
Change I47b3b184a3284b56c4047e27b58b6cb3a8e16cef will add
dependencies on the header files to the library targets. Before
this can be done, we have to avoid the use of $? in compilation
rules because on AIX and OS X this causes the headers to be added
to the compilation command, making builds fail.
Michael Meffie [Sun, 19 Jan 2014 03:01:59 +0000 (22:01 -0500)]
libadmin: makefile rule for afs_AdminError.h
Add a makefile rule to export the libadmin afs_AdminErrors.h header
file, instead of exporting afs_AdminErrors.h as a side effect of
generating the afs_AdminBosErrors error table.
Add the missing afs_AdminErrors.h dependency to the afs_utilAdmin.o
dependency list.
Reviewed-on: http://gerrit.openafs.org/10369 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 9b1ffeeeb62cd9535dc2fc1522400abb428a0ac2)
Change-Id: Ib526d18227a6c37eac08def5ab88eb1717a848f1
Reviewed-on: http://gerrit.openafs.org/11233 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Michael Meffie [Fri, 22 Nov 2013 17:23:17 +0000 (12:23 -0500)]
config: parallel-safe param.h makefile rule
Generate the param.h.new temporary file in a parallel-safe
way. The rule to generate the three copies of param.h can
run at the the same time under a parallel make, clobbering
the param.h.new temporary file. Instead of creating this file
inline, create a common rule to generate the temporary file
once.
Reviewed-on: http://gerrit.openafs.org/10516 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit c8e83f0e826bc0a56321408b1c7a2afa137bab05)
Change-Id: I8a85c0e288f2231a3bf693319a8f5fcd618464e8
Reviewed-on: http://gerrit.openafs.org/11229 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Michael Meffie [Fri, 22 Nov 2013 16:50:11 +0000 (11:50 -0500)]
libafscp: makefile install rule update
Change the makefile install rules to install the header
file from the libafscp directory, and not the top level
include directory to make the install rules consistent
with the rest of the tree.
Reviewed-on: http://gerrit.openafs.org/10514 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 52fe3f52de95b698c93ca5da3c1ed59447817610)
Change-Id: I1ed7e92b8e27f3df8fc76ccaa6bac4199e40c180
Reviewed-on: http://gerrit.openafs.org/11228 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Michael Meffie [Wed, 1 Aug 2012 21:26:33 +0000 (17:26 -0400)]
comerr: compile_et -emit option for parallel make
Add the -emit option to the compile_et command to support parallel make.
The -emit option allows make to generate the header and the source files
independently, instead of building two files at the some time. This
avoids the issue where one command creates two separate files, which is
difficult to handle correctly for parallel makes.
Reviewed-on: http://gerrit.openafs.org/7921 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 9df43aacab0f311c15837b230761a11750f8b9cb)
Change-Id: Id560fcec356a4b36c0e311440f74a97a670c07d1
Reviewed-on: http://gerrit.openafs.org/11227 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Marc Dionne [Tue, 29 Apr 2014 16:48:03 +0000 (12:48 -0400)]
libafs: Speed up afs_CheckTokenCache
On systems with a large number of PAGs and files in use, the
periodic daemon job that checks for expired credentials and
cleans up the axs cache can run for a very long time. This
can lead to kernel soft lockups and eventually hang processes
and file access because of unavailable locks.
Rework the scanning logic in afs_CheckTokenCache to make the
scanning more efficient in most real world cases. On a test
system accessing ~4000 files from processes in 1000 PAGs, this
has been observed to reduce the runtime of afs_CheckTokenCache
from a problematic ~70s down to about 0.7s.
Additionally, this changes the conditions in which an axscache is
discarded. uid+cell (rather than just uid) must now match, and
if no matching unixuser is found, it will also be discarded.
Adapted from code from Jeffrey Altman who provided the original
loop algorithm and code.
Reviewed-on: http://gerrit.openafs.org/11123 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit de74227d9c925206cd6d46496ec4682569d3105b)
Change-Id: I72e501cf1cb3e312d17a518666d2d638f1d52ead
Reviewed-on: http://gerrit.openafs.org/11307 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: D Brashear <shadow@your-file-system.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Wed, 30 Jul 2014 16:12:39 +0000 (11:12 -0500)]
ptserver: Fix RemoveFromSGEntry hentry memcpy
In this function, hentry is the "previous" continuation entry that we
looked at, and centry is the "current" continuation entry. We keep
track of the previous continuation entry in case we need to update its
'next' pointer, which we do if we free one of the continuation entries
because it is empty after the removal.
So, this memcpy is supposed to copy the current entry to the previous
one, but the arguments are flipped, so we just copy zeroes to centry
(since hentry is initialized to zeroes early on in the function), and
hentry never gets set to anything besides zeroes.
The effect of this is that whenever a ptdb entry has more than one
continuation entry, and we free up any of them after the first one via
RemoveFromSGEntry, the previous continuation entry becomes blanked
(though the 'next' pointer should still be correct). This means the
membership information for that group is not recorded correctly, as it
loses a chunk of the IDs that it is a member of. The reverse mapping
should still be intact (the parent groups have a pointer to the
sub-group), but the group probably doesn't function correctly.
The reason this happened is because of the confusing conversion from
bcopy to memcpy. Most of the instances of bcopy/bcmp/bzero/etc were
converted (correctly) back in commit c5c521af, but the supergroups
implementation was added afterwards, in 8ab7a909, and contained a
bcopy reference. This bcopy was converted to memcpy in 58d5f38b, but
the argument order was not corrected, causing this bug.
To fix this, just flip the first two arguments of the memcpy. Just get
rid of the casts here, too, to match the code in the non-supergroups
RemoveFromEntry and elsewhere.
Reviewed-on: http://gerrit.openafs.org/11340 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 2d89d447c8b00a40d3fc559813fe31c177da164b)
Change-Id: I78b80cb7b043c9d1562b543906a593a985020b43
Reviewed-on: http://gerrit.openafs.org/11352 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Michael Meffie [Mon, 14 Apr 2014 20:07:53 +0000 (16:07 -0400)]
libafs: api to create and free vrequests
Add a pair of functions to allocate and free struct vrequests, which
are to be used to avoid having struct vrequests on the stack.
Reviewed-on: http://gerrit.openafs.org/11074 Reviewed-by: D Brashear <shadow@your-file-system.com> Tested-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 76ad941902c650a4a716168d3cbe68f62aef109f)
Change-Id: I08932256af58aeba31b2d5c11008658c419cf008
Reviewed-on: http://gerrit.openafs.org/11164 Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Gergely Madarasz <madaraszg@gmail.com> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Perry Ruiter [Sat, 22 Mar 2014 07:52:32 +0000 (00:52 -0700)]
afs: Define afs_warnall routine
In a Linux environment afs_warn and afs_warnuser both go to
the same spot, resulting in duplicated messages if both are
invoked back to back. Define a new function afs_warnall
for use when identical messages are directed to both warn
and warnuser. In a Linux environment it will do the right
thing and present only one copy of the message.
Reviewed-on: http://gerrit.openafs.org/10943 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit a70f8e1a7e3fcbc13c9a60f8a7409dd01d014afb)
Change-Id: I264633cd4a30cfb7f7264e56512f318cfb23ef3e
Reviewed-on: http://gerrit.openafs.org/11182 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Perry Ruiter [Sat, 22 Mar 2014 06:31:21 +0000 (23:31 -0700)]
afs: restructure afs_warn and afs_warnuser
Restructure afs_warn.c to provide an afs_vwarn and afs_vwarnuser
that accepts a va_list rather than a variadic parameter
specification. afs_warn and afs_warnuser continue to be
variadic functions but now call afs_vwarn and afs_vwarnuser.
This is a preparatory change. A subsequent update will
further exploit afs_vwarn and afs_vwarnuser.
Reviewed-on: http://gerrit.openafs.org/10942 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit c3d4c109305b2db8a63b754c1894ad37326dc340)
Change-Id: Ica9c3c8a0ae2c5b680b2e11bc85c747cfd11d30a
Reviewed-on: http://gerrit.openafs.org/11181 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Michael Meffie [Sat, 21 May 2011 16:38:03 +0000 (12:38 -0400)]
volinfo: fix volume aux totals output
Do not print the volumes aux totals prematurely when running
volinfo with the -headers flag on an namei fileserver. Instead
print the aux totals only once after the link table size is found.
AFSFetchStatus is rather large and is in the stack twice. Allocating with
osi_AllocSmallSpace will save about 160 bytes of stack.
Reviewed-on: http://gerrit.openafs.org/10964 Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Tested-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 972585c24b5c193a982570ff9264a1971760f48f)
Change-Id: I5ee4441cd1c09646051e148a67147a2663768d44
Reviewed-on: http://gerrit.openafs.org/11162 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Change-Id: I6074ff7d8cdb6b3360ad4064b524d22ab6afe61c
Reviewed-on: http://gerrit.openafs.org/11220 Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de> Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>
Perry Ruiter [Tue, 27 May 2014 08:26:59 +0000 (01:26 -0700)]
config: Move AFS_LRALLOCSIZ to afs_args.h
AFS_LRALLOCSIZ is currently defined in afs/afs.h. Other memory
related definitions such as AFS_SMALLOCSIZ and AFS_MDALLOCSIZ
are defined in config/afs_args.h. Move AFS_LRALLOCSIZ to
config/afs_args.h for consistency.
Reviewed-on: http://gerrit.openafs.org/11174 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 02565591855f5a5ddb7dd6e308d9f535c2fd64b8)
Change-Id: I691a7d6025a1b4353f479049d09c54297b80989c
Reviewed-on: http://gerrit.openafs.org/11209 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Perry Ruiter [Tue, 27 May 2014 08:16:26 +0000 (01:16 -0700)]
Delete several unused memory management constants
Change 412854593cf368006c18e6c0dc607a9ecd76a0e0, removed from
the code base the last usage of:
AFS_SALLOC_LOW_WATER (defined in afs/afs.h)
AFS_MALLOC_LOW_WATER (defined in config/afs_args.h)
AFS_MDALLOCSIZ (defined in config/afs_args.h)
This patch deletes these constants.
Reviewed-on: http://gerrit.openafs.org/11173 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 85f3d0941b37c71047f59e1b1f4f92557d232fb8)
Change-Id: Ie9178db145bde21021251a17adb4bbb1bd77f14d
Reviewed-on: http://gerrit.openafs.org/11208 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Michael Meffie [Tue, 3 Jun 2014 03:24:45 +0000 (23:24 -0400)]
linux: dont ignore kmod build errors
Errors from the linux kmod build are not propagated, since make is
run as the first command in a pipeline, and the shell returns the
exit code of the last command in the pipeline. Run the make command
in a subshell to detect errors, and exit afterwards. (This method
is more portable than bash specific pipeline processing options.)
Thanks to Mark Vitale for pointing out this build system defect
to me.
Reviewed-on: http://gerrit.openafs.org/11186 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Mark Vitale <mvitale@sinenomine.net> Tested-by: Mark Vitale <mvitale@sinenomine.net> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 48789d47b613e40734e7b0caac58572a80f8b318)
Change-Id: Idbdfad2a50901041aedaed35b8f01d713a66620d
Reviewed-on: http://gerrit.openafs.org/11205 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Anders Kaseorg <andersk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Stephan Wiesand [Fri, 30 May 2014 13:05:28 +0000 (15:05 +0200)]
libadmin: Remove redundant memset call
Commit bf78bf2c115659b78c34d3bc9d1934bcff21c8cc added initialisation
of the nbulkentries structure to 0, to avoid freeing garbage due to a
goto fail_... before the structure is initialised. As pointed out by
Andrew Deason, there already is an equivalent memset call later in the
code which is now redundant. Remove it.
Michael Meffie [Mon, 13 Jan 2014 20:28:17 +0000 (15:28 -0500)]
xstat: use ephemeral ports for xstat_fs_test and scout
Instead of trying to bind to port 7101, and then retrying if
the port is in already in use, let the os find an available
port for scout and xstat_fs_test.
This fixes a bug where scout and xstat_fs_test do not call
rx_Finalize() before retrying rx_Init() with a different port
number, causing the program to crash later when more than
one copy of xstat_fs_test and/or scout are running at the same
time.
Reviewed-on: http://gerrit.openafs.org/10707 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit cda5e665ebee3da5615dba71b7a11ffff1229c6d)
Change-Id: I00c2d9e7d48e80dc1bc062a85788ad2de65709c7
Reviewed-on: http://gerrit.openafs.org/11155 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Anders Kaseorg [Sun, 4 May 2014 09:30:25 +0000 (05:30 -0400)]
Fix buffer length validation in ktc_GetToken and knfs
The signed int tktLen is checked against a maximum size, then passed
as the unsigned size_t argument to memcpy. So we need to make sure it
isn’t negative.
This doesn’t appear to be exploitable: tktLen comes from the kernel,
which should have previously validated the length within the SETTOK
pioctl.
This bug was found with STACK <http://css.csail.mit.edu/stack/>.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Reviewed-on: http://gerrit.openafs.org/11109 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 9c10c202f1f2e516dde8b70c3a3b69a73d163070)
Change-Id: Id8dacdc00fd686d4f2ff234ffd6c8f5346d9e7b0
Reviewed-on: http://gerrit.openafs.org/11112 Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Anders Kaseorg <andersk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
- That commit makes the RPC fail in situations where it did not
before. But even if we cannot calculate the checksum, we can still
return other information about the key, so this is undesirable.
- It masks the previous 'code' value, returned from stat(). The
return code of stat() is now effectively ignored, except for the
purposes of setting st_mtime, whereas previously a failure caused
the RPC to fail. This is a behavior change.
So, effectively revert c04de52da4e89e15b211b4a19a3d9bc4d612b209.
Explicitly cast the return value of ka_KeyCheckSum to void, to make it
clear that we are intentionally ignoring the return value, so
hopefully this will not be flagged as a warning by code analysis tools
such as coverity.
Reviewed-on: http://gerrit.openafs.org/11194 Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit 1673764ea091a3f02a64a3d853c3e14f758cdda7)
Change-Id: Ibb05f0afc68db5fa66e1dc55f7dae190d8057232
Reviewed-on: http://gerrit.openafs.org/11206 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Stephan Wiesand [Mon, 2 Jun 2014 14:15:15 +0000 (16:15 +0200)]
fstrace: Don't read uninitialised data on other platforms either
Commit 908105fe8d51551e45692de4e145022138a0356c fixed an off-by-one
error potentially causing a buffer overread in CheckTypes, but only
in the IRIX/AIX version of the function. Apply the same fix to the
code for the other platforms.
Spotted by Andrew Deason.
Reviewed-on: http://gerrit.openafs.org/11185 Reviewed-by: D Brashear <shadow@your-file-system.com> Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 3ab546395536a3c93613dfd53363d380e2c05081)
Change-Id: Iea700be24803d8156f07d1cf0617ba7aa2aa03d5
Reviewed-on: http://gerrit.openafs.org/11196 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Marc Dionne [Wed, 28 May 2014 13:53:58 +0000 (09:53 -0400)]
vol: Fix gcc 4.9 warnings
gcc 4.9 complains here because the trailing 0 in these macros
has no effect, the value having already been set to NULL.
Just remove the offending 0s, nothing uses the return value
anyway, even if there were platforms where 0 != NULL.
Reviewed-on: http://gerrit.openafs.org/11176 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit c0683441a0121433d772bfb36e1e9a1c020a5dcb)
Change-Id: Ia63f56d3254b87e7d56752ec11729d82e0293792
Reviewed-on: http://gerrit.openafs.org/11204 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
This does not change the current (normal) behaviour, but allows
logrotation via "copy and truncate" as offered by logrotate.
Otherwise the processes will remember the offset of the last write
and a truncated file is filled with '\0' until the current offset.
The mrafsStyleLogs are untouched, since they can be rotated by a
kill -HUP and are deprecated anyway.
Reviewed-on: http://gerrit.openafs.org/11092 Reviewed-by: Nathaniel Filardo <nwfilardo@gmail.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: D Brashear <shadow@your-file-system.com> Tested-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit b71a041364d28d6a56905a770cd20d1497ee26ec)
Change-Id: Idc148f4d6b9302d25cbf32763d08ee24eaf7378b
Reviewed-on: http://gerrit.openafs.org/11193 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
"Briefly, 'host' structures are allocated without clearing all of the
contents to '0'. Only part of the structure is cleared, according to the
HOST_TO_ZERO macro. Unfortunately I put the new tmay_ fields right below
the 'index' field for some reason, so this means they aren't zeroed and
can contain garbage. This means we can easily segfault in the fileserver
when we try to access the pointers in there.
"We access uninitialized memory for every 'host' that is allocated. So
the chance of us corrupting memory is the chance that a particular
pointer-sized area of memory from 'malloc' is not already NULL.
"That seems pretty likely, but it's not so frequent as to have the
fileserver effectively "constantly" crashing at the site that noticed.
So it has not been a fire drill, but it has been noticeable (we heard
about it I think yesterday, and got details today when it happened
again). The noticing incident was a segfault, but an abort or sigbus are
probably also likely.
"Of course, the chances of noticing go way up with more clients. I expect
the chances dramatically increase if you have more than 512 client hosts
hit the box, since the first block of 512 are allocated before we really
do anything. For the next 512, it seems much more likely that 'malloc'
will give us back non-zeroed data. But this is just theory.
"With the incident I know about, the crash happened semi-quickly after
the server started (a few minutes). But it seems likely to occur after
the server has been up for a long time, if/when you cross the next line
of 512 hosts.
"I am also concerned that this can easily be corrupting memory without
being noticed via a crash (or it takes a while to crash), since we are
potentially free'ing invalid pointers, or stomping over someone else's
memory, etc etc."
The amount of space allocated for use by the pioctl call to
obtain the ACL for the source directory in the "up" command
is not large enough and the call fails when access lists get
sufficiently large.
This change increases the size of the space provided to
pioctl to the maximum possible. This allows for much larger
access lists and is consistent with a similar call in the
"fs listacl" command).
Stephan Wiesand [Wed, 7 May 2014 13:20:51 +0000 (15:20 +0200)]
redhat: Use the right path to depmod
As of Fedora 17 and RHEL 7, depmod has moved from /sbin to /usr/sbin.
The full path to depmod is used in package scripts and as a dependency.
This hasn't caused problems in most cases because on an installed
system a link /sbin -> /usr/sbin is present and during ordinary package
installations yum/rpm correctly then figure out that /sbin/depmod is
actually provided. But in other situations, the dependency check is not
that clever and (incorrectly) fails.
Add a macro to the spec defining the full path to depmod, use the macro
rather than plain /sbin/depmod throughout the spec, and also pass it to
kmodtool when required to generate the kmod package scripts and
requirements.
FIXES 131860
Reviewed-on: http://gerrit.openafs.org/11128 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit c20c01185ed748b2bc823369a8f28cf004b7d1c9)
Change-Id: Ib9e0bfe586de668ddba6fb82ff1ea2a081277150
Reviewed-on: http://gerrit.openafs.org/11171 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Simon Wilkinson [Sat, 2 Mar 2013 11:09:08 +0000 (11:09 +0000)]
libadmin: Don't double check for required param
The server, process and stat_type parameters are declared as
required when the command syntax is set up - so they must be
present when the command handler is called. So, don't bother
checking for them.
Andrew Deason [Tue, 15 Apr 2014 17:30:19 +0000 (12:30 -0500)]
doc: Clarify some BosConfig.new text
It is not always clear to users whether BosConfig.new is noticed
during an automatic restart, or if it requires stopping and starting
the bosserver. Slightly reword the relevant text and add a small note
that a "general restart" does cause BosConfig.new to be noticed, so
this is explicitly clear.
Reviewed-on: http://gerrit.openafs.org/11076 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 3946b50a7ecdfd34681ab471863929b2f82aff4b)
Change-Id: Ia630aec6ef5259fc3c3fd531fdf8fda8a4152c54
Reviewed-on: http://gerrit.openafs.org/11216 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Wed, 27 Mar 2013 23:12:41 +0000 (18:12 -0500)]
afs: Raise fake free space reporting
We report 'fake' values for free space, free file nodes, etc for the
'AFS' filesystem, since these values are not meaningful for AFS
itself. Currently we report about 9G of free space for most platforms,
and a few different values for a few others. Raise all of these to
2^32-1, so that trying to copy over 9G of data into AFS does not fail
for those applications that check the destination free space with
statfs(2). Note that one such application is KDE 4.8.x.
Consolidate all places that do this, and put the 'fake' value in one
place, AFS_VFS_FAKEFREE, along with the relevant comments.
Related issues reported by Lars Schimmer, Richard Brittain, and
others.
Reviewed-on: http://gerrit.openafs.org/9688 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Markus Koeberl <markus.koeberl@tugraz.at> Tested-by: Markus Koeberl <markus.koeberl@tugraz.at> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit e385571ba37fa6d43fecca17e9e5d60a22a414cd)
Change-Id: Id9b5fa92f48bc83b84bb4f50bc0ae25b028694b0
Reviewed-on: http://gerrit.openafs.org/10984 Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: D Brashear <shadow@your-file-system.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Stephan Wiesand [Thu, 10 Apr 2014 15:59:24 +0000 (17:59 +0200)]
fs: Fix improper use of readlink
readlink returns a non-NUL terminated buffer. If we are going to
terminate its response, we need to make sure that there's space to
do so. So the length passed to readlink should be one less than the
real length of the buffer.
Commit 54eb2485b59550ba42569ed3a8d76211a3a35019 removed the
implementation of bnode_Deactivate(), which had been #ifdef'd out
for a long time, but left the prototype in place. Remove the
obsolete declaration in bosprototypes.h as well.
Reviewed-on: http://gerrit.openafs.org/10868 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 01a7c64e472c241798306e7f8137de28efdef37e)
Change-Id: Ic1ca95ef455705a14cf68f0801d73789cc7bd4b5
Reviewed-on: http://gerrit.openafs.org/11192 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Stephan Wiesand [Fri, 14 Mar 2014 13:44:54 +0000 (14:44 +0100)]
bos: Change the remaining use of ktc_to_charptr to char cast
This is a 1.6 only change to complement the preceding commit.
On the master branch, this modification is part of commit a9b8fd81bf14c04d33113e9e4df4e1ca7573e49d which otherwise comprises
changes not foreseen to be applied to 1.6.
Change-Id: I44678c2fb15f136d70f2d38a3996ad3d7d0455d5
Reviewed-on: http://gerrit.openafs.org/10891 Reviewed-by: D Brashear <shadow@your-file-system.com> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Ken Dreyer [Wed, 6 Mar 2013 20:53:29 +0000 (13:53 -0700)]
doc: recommend cleanup steps in "vos convertROtoRW" man page
vos convertROtoRW leaves the older RW copy on the original fileserver,
although it is no longer in the VLDB. Provide the user with some hints
regarding clean up.
Reviewed-on: http://gerrit.openafs.org/9408 Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com> Tested-by: Ken Dreyer <ktdreyer@ktdreyer.com>
(cherry picked from commit 279345c231d0a2d9f6e8c2f76a5347bafd40e70b)
Change-Id: Id273ab86bfe68f89ef629f0c4d839882852e09ab
Reviewed-on: http://gerrit.openafs.org/11126 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de> Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>
Simon Wilkinson [Mon, 4 Mar 2013 16:34:20 +0000 (16:34 +0000)]
butc: Init volheader before using it for hton
When converting a volume header from host to network order, make
sure that any unused fields in the structure are zero'd, so we don't
end up filling them with stack garbage in the network version of
the structure.
Simon Wilkinson [Sat, 2 Mar 2013 13:01:14 +0000 (13:01 +0000)]
auth: Don't overflow buffer in CompFindUser
The fullname buffer in CompFindUser is theoretically big enough
to take the data usually supplied to it. However, play it safe by
using strlcat and strlcpy to catch buffer overflows.
Simon Wilkinson [Sat, 2 Mar 2013 12:38:49 +0000 (12:38 +0000)]
audit: Fix overflow in file backend
If the filename passed to open_file was larger than MAXPATHLEN-5,
then we'd overflow the oldName buffer when creating the backup
filename. Fix the overflow by using a malloc'd buffer instead.
Simon Wilkinson [Sat, 2 Mar 2013 12:15:22 +0000 (12:15 +0000)]
aklog: Protect against overflows from cmdline
The cell, realm and path arrays are populated based on the user's
command line, and xlog_path is populated from their passwd map
entry. Protect against all of these overflowing, by making suitable
use of strlcpy and strlcat.
Simon Wilkinson [Sat, 2 Mar 2013 12:04:46 +0000 (12:04 +0000)]
aklog: Fix overflows in auth_to_path
In the auth_to_path routine, don't use strcpy and strcat when
working with the fixed length pathtocheck buffer. Instead, use
strlcpy and strlcat to ensure that all string operations fit within
the buffer limits.
Simon Wilkinson [Sat, 2 Mar 2013 10:27:47 +0000 (10:27 +0000)]
util: Avoid overflow in GetNameByINet
We copy the results of gethostbyaddr into a fixed length buffer
without checking whether they fit. Add a length check, and use
strlcpy to do the copy to make sure we can't overflow.
Simon Wilkinson [Sat, 2 Mar 2013 09:35:01 +0000 (09:35 +0000)]
kauth: Don't overflow stack when building username
knfs constructs the userName by combining the clientName.name
and clientName.instance arrays, along with a dot separator. Make
sure that the userName array is big enough to hold these, and
use strlcpy and strlcat just to make sure.
Simon Wilkinson [Sat, 2 Mar 2013 11:49:13 +0000 (11:49 +0000)]
fstrace: Don't read uninitialised data
The pftix variable points to the next free element in the
printfTypes array, so when we iterate through that array to
read that data back, we should stop when our iterator equals
pftix, not when it is greater than it.
Simon Wilkinson [Sat, 2 Mar 2013 11:44:02 +0000 (11:44 +0000)]
readpwd: Make sure user supplies a passwdfile
If the user supplies enough command line arguments, but doesn't
provide a passwdfile, then we can end up trying to open whatever
garbage is on the stack.
Once we've finished parsing the command line arguments, make sure
that a filename was supplied.
projects / packages / o / openafs.git / log