Marc Dionne [Mon, 24 Oct 2011 02:45:21 +0000 (22:45 -0400)]
dir: add missing return in DRead
A missing return in the kernel version of DRead causes the code to
think that no entry exists for a dir and proceed to allocate a new
one, if the entry is the third one in the hash chain.
If the existing entry is dirty, its contents are never written back,
and the pending changes to the directory are not seen by the client.
Simon Wilkinson [Sun, 23 Oct 2011 23:07:33 +0000 (19:07 -0400)]
rpm: Turn on debugging
Now that we build with a blank CFLAGS line, we need to make sure and
actually turn on debugging in the build system, so that our debuginfo
files are vaguely useful
Simon Wilkinson [Sun, 23 Oct 2011 20:23:34 +0000 (21:23 +0100)]
rx: Define afs_kmutex_t for LWP too
afs_kmutex_t is used for lock definitions in the kernel, and in
pthreaded builds. LWP doesn't have any equivalent, and all structure
members using this type have to be protected with RX_ENABLE_LOCKS, which
starts to become untidy.
Just make afs_kmutex_t an int for LWP, so that we can simplify our
headers, at the expense of some additional storage on LWP builds (which
are going away at some point, anyway)
Simon Wilkinson [Sun, 23 Oct 2011 15:38:13 +0000 (16:38 +0100)]
dir: Don't leak a buffer on a failed Enumerate
If, for some reasons, Enumerate encounters a hash object with a NULL
buffer pointer, that's no reason to leak the hash object. Make sure
that we DRelease it before failing
Simon Wilkinson [Wed, 12 Oct 2011 13:50:18 +0000 (09:50 -0400)]
rx: ackall handling
If we ACKALL a stream, then we're sending a hard ACK for all of the
packets in the stream. We shouldn't send that hard ACK, and then a
load of soft ACKs for packets that don't actually exist.
Andrew Deason [Fri, 12 Aug 2011 19:50:26 +0000 (14:50 -0500)]
LINUX: Revert group changes on keyring failure
On Linux kernels that support keyrings, when we setpag we try to add
the PAG to the session keyring and to the supplemental group list.
Currently, if we fail to add the PAG to the keyring (which may happen
due to key quotas, or possibly other reasons), we return failure but
the group list is still modified with the new PAG in it.
Therefore, if the keyring-based approach fails, the new PAG may still
be in use, but there are no keyring keys associated with that PAG, so
the PAG may never get destroyed. This can cause a large number of PAGs
to accumulate over time, causing performance problems.
So, change this so that, in the event that keyring installation fails,
we revert the group list back to what it was before we touched it.
Also mark all unixusers with the new PAG as expired, in case one got
created during processing. Thus, the new PAG never gets used.
Andrew Deason [Thu, 20 Oct 2011 21:57:14 +0000 (16:57 -0500)]
viced: Do not swallow errors on StoreData recovery
When we encounter any error in the StoreData fetch/store loop, we
reset the disk usage to ensure it remains correct, even in the face of
unexpected errors. However, when we do so, we use the errorCode from
VAdjustDiskUsage as our return value; if it is 0, we return success,
ignoring the error that got us in this code path in the first place.
Instead, keep track of a temporary errorCode for the disk usage
adjustment, and do not override our return value if there was no error
in the disk usage numbers.
Simon Wilkinson [Sat, 22 Oct 2011 08:43:41 +0000 (09:43 +0100)]
opr: Move queue header out of util
Move the header which is installed as opr/queues.h out of util/ and
into the new, top level, opr/ directory. Similarly move the tests out
of the util/ test suite, and into the opr/ tests
Simon Wilkinson [Tue, 11 Oct 2011 00:01:26 +0000 (19:01 -0500)]
dir: Remove double release in FindBlobs
When DRead() fails, we DRelease the entrybuf, then break. However,
this break takes us to the end of the function, where we promptly
DRelease again, causing a double free
Simon Wilkinson [Wed, 12 Oct 2011 17:04:28 +0000 (13:04 -0400)]
ukernel: add morepackets check in listener
Make the listener loop actually check for more packets needed,
like kernel, pthreads and lwp. Only checking for new packets every
20 seconds isn't sufficient on today's networks!
Simon Wilkinson [Wed, 12 Oct 2011 13:47:14 +0000 (09:47 -0400)]
rx: Don't clear the receive queue when out of packets
We can end up discarding a receive queue that's been soft acked,
effectively taking back soft acks we sent. Whilst the RX
documentation says that a client can drop soft acked packets at
will, our RX implementation assumes that if the final packet in
a call has been soft acked, we won't clear the queue. If a client
clears the queue in this situation, the call will hang.
What *should* happen is that we should take necessary locks,
confirm that we have not soft-acked all of the packets in a flow,
and then discard, or, if we're just going to discard, error the
call.
Andrew Deason [Thu, 14 Apr 2011 20:36:50 +0000 (15:36 -0500)]
auth: Get correct viceid in legacy GetToken
When ktc_GetTokenEx needs to get tokens via the legacy ktc_GetToken
interface, it was not extracting the viceid. Make it set the viceid so
the caller gets the correct id.
Normally this would require parsing the given client name. To reduce
the amount of times we store and extract the viced from the "AFS ID
%d" string, create a helper GetToken function that can store the
viceid directly, without storing it in a string.
Andrew Deason [Thu, 14 Apr 2011 20:05:37 +0000 (15:05 -0500)]
auth: Force correct evenness on rxkad tokens
Rxkad tokens historically have forced odd lifetimes when the given
viceid is actually an AFS ID, and even lifetimes when it is not. Force
this when the new token-handling functions are used (so the viceid is
correctly interpreted by users of the old token format), by creating
rxkad tokens with token_importRxkadViceId.
Slightly reworked by Simon Wilkinson to provide a generic token
destructor function.
Simon Wilkinson [Mon, 10 Oct 2011 22:19:13 +0000 (17:19 -0500)]
docs: Refer to dafs binaries by their real names
(Most of) the dafs binaries are called da(something). Update the
example in the dafileserver documentation so that we call the binaries
by the names that they are actually installed with on the system.
Simon Wilkinson [Mon, 10 Oct 2011 21:09:40 +0000 (22:09 +0100)]
ptserver: Don't check for noauth before rebuilding
The ptserver database building scripts would check to see if the server
was running from a bosserver with the noauth flag set before performing
a database rebuild.
This means that you can't start ptserver normally, and then configure
the database using pts -localauth, which is the preferred method for
configuring new cells.
Remove the check for noauth. This is slightly risky, as it means that a
corrupt database could be completely erased upon restart. However, we
already check that the dbheader (65k) is entirely blank - which will
protect us against any single page corruption errors.
Ben Kaduk [Sun, 23 Oct 2011 15:22:07 +0000 (11:22 -0400)]
FBSD: typo fix
Gerrit/5572 added conditionals on __FreeBSD_version >= 900044, which
is (approximately) when a bunch of kernel API renames happened.
(There has since been a dedicated version bump to 900045 a month
or two post-facto, but 900044 should be fine for now.)
However, 900044 is not 90004.
Rod Widdowson [Wed, 12 Oct 2011 10:04:33 +0000 (11:04 +0100)]
Windows AFSRDR: Log before decrementing refcount
The library support package keeps count of the number of times
the library code is active. When this goes to zero this means
that unload of the library can continue.
Although I cannot see it in the code it seems reasonable to assume
that at that stage the device object might go away so (and if it
doesn't do now it may in the future). This potentially renders it
unsafe to do anything after InflightLibraryEvent has been signalled.
This patch moves the logging up to above the decrement of the refcount.
Hartmut Reuter [Wed, 5 Oct 2011 14:06:05 +0000 (10:06 -0400)]
vol_split: avoid using stale open directory vnodes
we could in case of multiple splits end up using a stale open
vnode for a directory; attempt to close and thus force-reopen
any fdhandles backing ihandles.
Ben Kaduk [Sat, 8 Oct 2011 21:16:26 +0000 (17:16 -0400)]
FBSD: deal with kernel API rename
Upstream decided to rename the kernel functions that implement
syscalls to have a sys_prefix (including afs3_syscall!).
We use a couple of them, so we need to conditionalize accordingly.
Unfortunately, __FreeBSD_version was not bumped with the change,
so we use something close to it and hope it's close enough.
Jeffrey Altman [Sat, 8 Oct 2011 08:01:07 +0000 (10:01 +0200)]
Correct Heimdal conversion of libadmin/adminutil
Patchset 4251e386aa25bb3fc02fa255e92327fffc8b954d converts to
using Heimdal. The conversion undid the introduction of the
abstraction function fetch_krb5_error_message() which is
implemented in src/util. Restore the use of fetch_krb5_error_message()
and modify src/util/krb5_nt.c to use the Kerberos Compat SDK
interface.
Andrew Deason [Tue, 12 Apr 2011 22:47:51 +0000 (17:47 -0500)]
tsm41: Add options for uidpag and localuid
Add runtime options to aklog_dynamic_auth. Commit 3a541eb11d1bc7bd05b85635315214218d3b5d6f changed the behavior of
aklog_dynamic_auth to be more friendly to the CDE screenlocker, but
forced the use of UID-based PAGs.
Since some users like to use real PAGs and don't care about the CDE
screenlocker, made this behavior a runtime decision instead.
Jeffrey Altman [Sat, 1 Oct 2011 18:05:31 +0000 (14:05 -0400)]
Windows: Explorer Shell Extension enhancements
Redesign the AFS Volume Tab to report:
. Volume name
. Volume ID
. Cell
. Server
. Availability
. Quota
. Partition Info
. Replica Server List
Properly handle multiple selections to report the volume info
of the parent object and not the actively selected object.
When a mount point is selected, display the volume information
for the target volume.
Remove file server from AFS tab.
Modify the AFS tab to better handle multiple selections including
mount points.
Extend many gui2fs functions to implement a poor man's "follow"
option. This really should be done with the pioctl 'literal'
capability but this is an improvement. The pioctl modifications
will require a major redesign of gui2fs.c and all of the dialogs.
Andrew Deason [Thu, 29 Sep 2011 17:14:15 +0000 (12:14 -0500)]
Remove a few extra trailing backslashes
In a few different places, moving libutil before libafshcrypto_lwp
caused a variable definition to have a trailing \ on the last line of
the definition. This can confuse make (at least, the HP-UX make) to
think the next following definition is also part of the current
definition. Remove the trailing "\"s.
Andrew Deason [Wed, 28 Sep 2011 20:02:48 +0000 (15:02 -0500)]
vol: Only check "logging" on vice partitions
We don't care about non-vicepX partitions, so move part of the UFS
"logging" check into VCheckPartition. This API should probably redone
so the "am I a vicepX partition" check is done completely separately,
but for now, this will do.
Rod Widdowson [Thu, 29 Sep 2011 14:34:48 +0000 (15:34 +0100)]
FSSYNC-Client: Consistent use of partition name
Over time the FSSYNC code has collected examples where the partition
path is passed rather than the partition name. In Unix this is the
same (/vicepX), but on windows the path is the DOS device (C:).
This checkin changes FSSYNC client code to always use the partition
name.
This checkin does not address FSSYNC server or SALVSYNC.
Andrew Deason [Thu, 29 Sep 2011 19:49:53 +0000 (14:49 -0500)]
DAFS: Do not serialize state for invalid hosts
When we serialize host information for DAFS during shutdown, we have
no guarantee that the host is in a valid state when we look at it.
This can result in a host being saved to disk when we are waiting for
the host to respond to an RPC, and so the information about the host
is invalid. For example, we can save a host that has the
HWHO_INPROGRESS flag set, and when it is restored later, this can
cause odd behavior since the flag is set but no thread is actually
waiting for the host to respond.
So instead, during state serialization, try to determine if a host may
be in an invalid state, and simply skip the host if it may.
Andrew Deason [Thu, 29 Sep 2011 21:04:54 +0000 (16:04 -0500)]
DAFS: Skip hosts with invalid flags on restore
Host entries with HWHO_INPROGRESS set or ALTADDR unset do not have
valid state, since those flags indicate that the fileserver was in the
middle of identifying the host when the host struct was serialized.
Skip entries from the on-disk host data that have such invalid flags
set when restoring state, so we do not load invalid data.
Andrew Deason [Thu, 29 Sep 2011 20:22:35 +0000 (15:22 -0500)]
DAFS: Add explicit 'valid' field for index maps
The CB, FE, and host serialization structures were just using the
relevant indices to determine whether or not an entry mapping and old
index to a new index was populated with actual data. For host
structures, this really isn't sufficient, since our index can be 0,
and the structure is calloc'd, so the index in the structure could
also be 0.
Add a flag explicitly stating whether or not the structure has been
filled in, to make this unambiguous.
Marc Dionne [Thu, 29 Sep 2011 01:15:32 +0000 (21:15 -0400)]
rx: add post RPC procedure capability
Add the ability to specify a procedure that will be called after
the end of each RPC for a service. This is similar to the
existing afterProc, except that it gets called after the RPC
has ended (after EndCall).
rx_SetPostProc and rx_GetPostProc are provided to set and retrieve
a postProc for a specified service.
Unlike the afs_set_acl_dlg the PropACL sheet only uses a single
ComboList to maintain both the positive and negative ACEs but
uses two CStringArrays to separately store the positive and
negative ACEs. Two entries in each array are used to store
an ACE. The %2==0 entry is the pts name and the %2==1 entry is
the permission list. This needs to be taken into account when
manipulating the negative entries since the array count for the
normal entries is twice the number of ACEs.
Negative entries were prefixed with '=' instead of '-'.
The Remove button was not hooked up and was not enabled or disabled
under all appropriate conditions.
Rod Widdowson [Wed, 28 Sep 2011 15:46:00 +0000 (16:46 +0100)]
Windows: Remove spurious use of CRTL
Checkins b71a2daa and 5247fa38a moved us from using a FILE*
to using an FDi_t. However, lurking inside the dump code we
see a use of _filelength() which is a MS-Crtl API.
This checkin replaces this call with one to the WIN32 API
GetFileSizeEx.
Rod Widdowson [Wed, 28 Sep 2011 16:34:54 +0000 (17:34 +0100)]
Windows: Fix comment about DiskPartition64
There is significant confusion between the partition name (/vicepX)
and the containing volume (C:) in the windows code. A review of
the uses in FSYNCH found a downright wrong comment (as checked in
the debugger).
Ben Kaduk [Tue, 27 Sep 2011 00:21:49 +0000 (20:21 -0400)]
FBSD: allow exclusion of kernel symbols
Gerrit/5503 added support for kernel module symbols in the
bsd.kmod.mk world; however, the inclusion of symbols is conditoinal
on the DEBUG_FLAGS make variable being *set*, as opposed to nonempty.
So we must use an intermediate variable to store the AC_SUBST
result and conditionalize assignment to DEBUG_FLAGS on whether
or not it is empty.
Michael Meffie [Thu, 22 Sep 2011 13:13:18 +0000 (09:13 -0400)]
bozo: report bosserver -rxbind address
Create a file on bosserver startup called bosserver.rxbind in the
server local directory which contains an address local scripts may
use to contact the bosserver.
When bosserver is started with the -rxbind option, write the address
selected from the intersection of the interfaces, NetInfo, and
NetRestrict configuration to the bosserver.rxbind file, otherwise
write the loopback address 127.0.0.1.
Update the RedHat init script to use the new bosserver.rxbind file.
Simon Wilkinson [Sun, 10 Jul 2011 12:46:11 +0000 (13:46 +0100)]
Clean up assertion
The AFS code has multiple different assertion implementations in
userspace. This patchset is the start of bringing some sanity to them.
In rx, we have osi_Assert, a user/kernel assertion macro. This is only
available to libraries which have RX dependencies
In util, we redefine the standard 'assert()' macro to provide a
cross-platform assertion solution.
Because util has an RX dependency, neither of these provide an
assertion solution for libraries which should be independent of rx.
So, pull the assertion code out of util, and put it into opr, as a new
opr_Assert() macro. Implement the userspace osi_Assert in terms of this
macro, leaving the kernel variant untouched.
Update callers to the new macro and header file names.
Simon Wilkinson [Sun, 11 Sep 2011 20:44:23 +0000 (21:44 +0100)]
Move abort() into opr
We need our own abort function, because the behaviour of the Windows
abort() implementation isn't sufficiently flexible for us.
Because we're replacing an operating system function, reather than
implementing a missing function, this doesn't belong in roken.
So, provide an alternative opr_abort() implementation in our portable
runtime layer, which is a synonym for abort() on Unix, and implements
the required DebugBreak() functionality on Windows.
Remove lwp_abort() which was just creating another, unnecessary, layer
of abstraction.
Michael Meffie [Wed, 24 Nov 2010 01:21:50 +0000 (20:21 -0500)]
bozo: bosserver -pidfiles option
Add an option to bosserver to create pidfiles for long running
processes for simple, fs, and dafs bnode types, as well as the
bosserver process. The pidfiles are located in the server local
directory by default, or in the path specifed by the -pidfiles
command-line option.
Ben Kaduk [Sat, 24 Sep 2011 22:05:09 +0000 (18:05 -0400)]
FBSD: bsd.kmod.mk fallout for debug symbols
Now that we no longer control the installation of libafs.ko,
debug symbols are always getting stripped.
If the user requested kernel debug symbols, define DEBUG_FLAGS
for the libafs build and install, so that bsd.kmod.mk will
install the .symbols file alongside the kernel module.
Rod Widdowson [Fri, 23 Sep 2011 15:37:43 +0000 (16:37 +0100)]
Fix buffer leak in dir/buffers.c
Checkin 0284e65f97861e888d95576f22a93cd681813c39 accidently
threw in a trailing semicolon after an if statement.
Since the next line was a break this had several unfortunate
side effects, the most obvious being that we leaked a buffer
in certain cases.
Marc Dionne [Thu, 22 Sep 2011 23:09:52 +0000 (19:09 -0400)]
viced: fix incorrect error message
The error message was obviously copied from another location in the
code (after the pr_Initialize call) and is misleading. Adapt it for
vl_Initialize failure.
Marc Dionne [Thu, 22 Sep 2011 00:31:33 +0000 (20:31 -0400)]
fs: fix setserverprefs where long is larger than afs_int32
Make the fscanf and scanf format specifiers match the type of the
target variable. This prevents trying to store a long int into an
afs_int32 variable which may be smaller, and overwriting neighbouring
data on the stack.
The effect on a 64-bit Linux system was that the high bits of "rank"
would overwrite the first 4 bytes of the scanned host name, causing
setserverprefs to fail with:
: couldn't resolve name.
When building the AFS redirector with WDK7600 the Microsoft Auto
Code Review process is started by default. This is a problem for
buildbot. Disable OACR by default if the _RunOacr environment
variable is not set to TRUE.
Terry Long [Wed, 21 Sep 2011 01:21:12 +0000 (21:21 -0400)]
Fix AFSPreference compile error on Mac OS 10.7
Lion llvm/clang complains about main returning void instead of int.
Fixed main to return int in DARWIN/AFSPreference/afshlp.m.
Resubmitted patch to origin/master.
Michael Meffie [Tue, 20 Sep 2011 20:21:50 +0000 (16:21 -0400)]
salvager: fix filesystem path truncation
Fix filesystem path truncation for vice partitions beyond /vicepz.
Commit 3d7388b7 moved the filesystem path to a fixed size buffer,
however the path of the filesystem to be salvaged is truncated for
partitions with two character ids (e.g. /vicepaa), in which case
the salvager will salvager the wrong partition, or abort if the
truncated path is not present.
Michael Meffie [Fri, 16 Sep 2011 15:23:18 +0000 (11:23 -0400)]
solaris: libafs depends on fs/ufs
The solaris afs module depends on symbols exported by fs/ufs.
Set this dependency in the afs module so the kernel loader
will automatically load the fs/ufs driver if is not already
loaded, such on zfs only systems.
Andrew Deason [Mon, 19 Sep 2011 15:05:59 +0000 (11:05 -0400)]
ntohs ubik header size
The 'size' field in the ubik header is only 16-bits wide, so we should
be using ntohs to read it, not ntohl. The database checking utilities
for the prdb and kadb were still using ntohl (vldb was fixed by 591f9b6de9ab3dc5c17ad41af0241527f7f04b31).
projects / packages / o / openafs.git / log