Ben Kaduk [Thu, 1 Apr 2010 02:28:10 +0000 (22:28 -0400)]
Set a storeOps storeproc for the memcache case
Finish fixing the bug from 34ffc9cd that 57d8e454 only partially
fixed -- set a storeOps.storeproc element in rxfs_storeMemOps
as well as in rxfs_storeOps. This eliminates a NULL/uninitialized
memory dereference.
Ben Kaduk [Wed, 31 Mar 2010 15:27:38 +0000 (11:27 -0400)]
Fix build for FBSD80
The change to a dynamically-allocated group list came before
the change to allow the maximum size of that group list to
be set as a tuneable at boot. The 8.0 release happened to
come between them, so we must treat both cases.
(Note that AFS_FBSD81_ENV is not yet defined anywhere; that
will come later.)
Ben Kaduk [Wed, 31 Mar 2010 00:34:02 +0000 (20:34 -0400)]
Make GCPAGs_perproc_func cleaner for FBSD case
Partially rewrite 2cf1f10a to reduce code clutter.
Instead of accessing pproc->p_ucred directly in afs_GCPAGs_perproc_func(),
push this access into a FBSD-specific afs_proc2cred() function.
This is not quite right, since we do not lock the proc mutex, but
in the same way as the old version and with more reasonable preprocessor
conditionals.
This also eliminates a probably-needless call to osi_Panic.
Updated RedHat RPM spec file to include unreferenced files
Added the libkopenafs libraries and headers to the authlib package.
Added the afs_compile_et binary to the devel package
Removed the reference to .../man5/afszcm.cat.* because it is already
caught by the earlier reference to .../man5/afs* glob. This caused a
warning during the package build process.
Russ Allbery [Tue, 30 Mar 2010 05:17:31 +0000 (22:17 -0700)]
Update VCS instructions for Git
Rename README.CVS to README.GIT and update the references from CVS
to GIT. Refer readers to the wiki for the detailed instructions and
information about Gerrit.
Rod Widdowson [Wed, 24 Mar 2010 16:59:15 +0000 (16:59 +0000)]
Render the IP address for the "Ubik: Lost contact with sync-site" log
message in the same way that all other IP addresses are (via
afs_inet_ntoa, rather than stripping the buytes out in a manner which
assumes a specific endianism).
Done more as a way to test my understanding of the GIT/GERRIT
technology with a small non-important checkin.
Change-Id: I177e1288e8e23087aeebb7abe4ed63a7c2b88ccb
Reviewed-on: http://gerrit.openafs.org/1649 Tested-by: Rod Widdowson <rdw@steadingsoftware.com> Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com> Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Ben Kaduk [Tue, 23 Mar 2010 02:35:51 +0000 (22:35 -0400)]
Catch up to dynamically-sized cr_groups in FBSD80
In FreeBSD 8.0 and later, (struct ucred)->cr_groups is a pointer
to a dynamically-allocated array, and NGROUPS is now 1024 by default
(tuneable at boot).
Don't put a gid_t[NGROUPS] on the stack for the FBSD80_ENV case.
Also avoid keeping a function-local ucred structure (in
afs_osi_proc2cred()), by bypassing that function entirely
(though this accesses the process credentials directly, which may
require locking; thread credentials accesses can be safely done
lock-free). Add an osi_Panic() to ensure that it stays that way.
Don't pretend that we have a useful afs_osi_cred to export.
Don't blindly overwrite NGROUPS past cr_groups.
Jeffrey Altman [Sat, 27 Mar 2010 20:13:27 +0000 (16:13 -0400)]
Windows: buffers whose offsets are beyond EOF should be zero filled and locally allocated
When a buffer is being allocated for an offset that exceeds the
file length as known to the file server, that buffer should be zero
filled and it does not require server validation.
Previously all buffers were populated with a FetchData call.
This is wasteful of time and server resources when there is a
valid callback registration because the serverLength is known
to be valid.
LINUX: you dont need to memset() after allocating credentials
If you wanted to create a blank credential, you wouldn't want to make
it uid = 0. Anyone allocating a credential SHOULD properly fill in all
fields making this blanking operation moot. Regardless, this memset()
is before the allocation failure test and would/could panic.
Change-Id: Ia182a874a5e1bf28a2cd94898f67d81e5588d58c
Reviewed-on: http://gerrit.openafs.org/1080 Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk> Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Jeffrey Altman [Thu, 25 Mar 2010 05:23:23 +0000 (01:23 -0400)]
Windows: afslogon.dll vs windows 7
In Windows 7 the GINA is no longer used. As a result, when a
non-Heimdal realm is used for logon, the LogonDomain field
is no longer populated during the NPLogonNotify call. Instead
we must obtain the Kerberos realm from the UPN specified in
the Username field.
Jeffrey Altman [Thu, 25 Mar 2010 04:40:29 +0000 (00:40 -0400)]
Windows: aklog must reset viceId to 0 before pr_CreateUser call
If the viceId is not reset to 0, the ptserver believes the
client is attempting to request the anonymous id value
and fails the registration request with permission denied.
Booker Bense [Fri, 5 Mar 2010 15:11:41 +0000 (10:11 -0500)]
Updating UserGuide with Kerberos v5 authentication
This patchset contains updates to the OpenAFS UserGuide that
explains how to authentication OpenAFS using kinit/aklog
and uses language describing Kerberos outside the context
of the kaserver. References to applications such as telnet
have been replaced with more modern equivalents such as ssh.
Asanka Herath [Fri, 19 Mar 2010 01:13:35 +0000 (21:13 -0400)]
Windows: Monitor requests and gather diagnostics before a timeout
This patch monitors SMB requests that are being serviced and
automatically enables logging if a request takes longer than one
minute to complete. If the requst hasn't completed by the two minute
mark, the code generates a minidump. Once a minimump is generated, no
more minidumps will be produced for another 5 minutes.
SMB monitoring can be enabled/disabled using the new registry
parameter 'SMBRequestMonitor.'
Asanka Herath [Sat, 20 Mar 2010 20:46:05 +0000 (16:46 -0400)]
Windows: Make default mode bits configurable
Mode bits aren't directly exposed by the Win32 API. We were leaving
them to default to 0777 when creating new files and directories.
This patch introduces two configuration parameters;
'UnixModeFileDefault' and 'UnixModeDirDefault' which are DWORD
registry entries that are used to set the initial mode bits.
If the values are set to 0, then the behavior is identical to what we
had before.
Claudio Bisegni [Mon, 22 Mar 2010 22:35:22 +0000 (23:35 +0100)]
Develop Kerberos renew system for ticket
- In Preference pane has been added a tab called "Option" where are
showned the option for kerberos renew
- In AfsBackgrounder has been implemented the NSTimer that will call
the krb5 renew action according to user preference value
Andrew Deason [Tue, 9 Mar 2010 20:48:36 +0000 (14:48 -0600)]
vos: correct syncvldb -verbose server byte order
'vos syncvldb -verbose' outputs the before/after VLDB entries for
altered entries, but the 'after' output shows server addresses in NBO.
EnumerateEntry expects server IPs to be in NBO, so correct one location
where they were passed in HBO.
Andrew Deason [Wed, 10 Mar 2010 20:15:58 +0000 (14:15 -0600)]
vos: Avoid LWP stack overflow error on SIGINT
vsproc's method of longjmp'ing out of a signal handler can thoroughly
confuse LWP. At the very least, the information on our stack becomes
incorrect, since we're no longer using the stack supplied by LWP. At the
very least, we seem to (almost) always fail the sanity check checking
for stack overflow. To prevent the test from happening, NULL the stack
pointer before the longjmp so we can attempt recovery.
Andrew Deason [Wed, 10 Mar 2010 17:58:04 +0000 (11:58 -0600)]
vos: Use IOMGR_SoftSig for signals
When vsprocs tries to longjmp from the signal handler, use IOMGR_SoftSig
first, so sleeping processes are woken back up. Without this, IOMGR can
bail out since it finds no processes READY when we attempt to do
anything with RX.
Andrew Deason [Wed, 10 Mar 2010 00:07:18 +0000 (18:07 -0600)]
vos: Mark longjmp-used variables as 'volatile'
vsprocs tries to do error recovery by calling longjmp from a signal
handler. Although this is quite error-prone since we call a ton of
non-async-signal-safe functions, make it a bit more likely to work by
marking variables that are used after the longjmp as volatile. This
reduces how often (depending on the platform) these values will be
completely worthless after a longjmp since they were cached in a
register or similar.
Russ Allbery [Mon, 22 Mar 2010 22:00:39 +0000 (15:00 -0700)]
Fix strict aliasing problems or add -fno-strict-aliasing
Create a new CFLAGS_NOSTRICT Autoconf substitution variable which
is set to -fno-strict-aliasing if we're using gcc to compile. Add
@CFLAGS_NOSTRICT@ to the C compiler flags for source files that have
significant strict-aliasing issues.
Fix minor strict-aliasing issues elsewhere in the tree by using memcpy
to copy the data into a properly typed variable.
Andrew Deason [Mon, 15 Mar 2010 17:41:11 +0000 (12:41 -0500)]
Use AC_USE_SYSTEM_EXTENSIONS
Instead of defining various symbols like _XOPEN_SOURCE, _BSD_SOURCE, and
the like, just use autoconf's AC_USE_SYSTEM_EXTENSIONS to define all of
the appropriate symbols for us. Deal with some fallout by removing some
of the existing defines.
Simon Wilkinson [Thu, 18 Feb 2010 00:04:22 +0000 (00:04 +0000)]
XDR: Stop the madness
We currently attempt to align our XDR implementation with what may
be provided by the host system. This leads to a huge amount of parameter
fudging, and general pain and misfortune. However, the only place that
we still actually use the system XDR is for UKERNEL builds.
Change this so that we use our XDR everywhere. Fix all of our type and
function definitions so that they're standard. Remove the warning
inhibitions.
Russ Allbery [Mon, 22 Mar 2010 19:56:09 +0000 (12:56 -0700)]
Use sigset_t and sigfillset instead of memset
Rather than using an arbitrary array memset to ones as our signal
mask, use the POSIX sigfillset function and eliminate the static
variable. Fixes strict aliasing errors with --enable-checking and
gcc 4.4.3 on Linux x86.
Change-Id: Ic3e0499d03657d94f60808ed12e090dc62cce6fc
Reviewed-on: http://gerrit.openafs.org/1616 Tested-by: Russ Allbery <rra@stanford.edu> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Tested-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Russ Allbery [Mon, 22 Mar 2010 19:42:48 +0000 (12:42 -0700)]
Move non-executable stack assembly code to end of file
The non-executable stack annotation used for Linux works by adding
an additional section to the generated object. The annotation added
in 9bfd03d723a9cf17673f40513a7adde1d503bcbc was added to the beginning
of each assembly file. This caused build failures on Linux s390
because the remainder of the assembly code was then put in that
section, which was discarded during linking.
Add the annotation to the end of each assembly file instead, following
the instructions at:
Andrew Deason [Wed, 3 Feb 2010 19:02:23 +0000 (13:02 -0600)]
Create missing root directory when ORPH_ATTACH
When we are salvaging with ORPH_ATTACH, orphans are normally attached to
a volume's root directory. If the volume is missing a root directory,
however, nothing is attached, and the volume can appear empty or
unusable.
So, to make it possible to get a useful volume out of a volume that lost
(only) its root directory, create a new root dir, and attach orphans to
that root.
Simon Wilkinson [Wed, 17 Mar 2010 11:56:12 +0000 (11:56 +0000)]
Don't count root session keyrings against quota
AFS PAM modules can call setpag() as root, regardless of the UID
being authenticated. This leads to the session keyring being created
using roots quota - on some systems (RHEL5) this quota is both small,
and of a fixed size.
Modify our keyring allocation code so that when a keyring is created
by root, we don't do any quota checks.
Derrick Brashear [Thu, 18 Mar 2010 19:27:35 +0000 (15:27 -0400)]
macos fsevents hinting
add support for faking it. no exported interface exists, sadly.
currently does only authentication events, and is best-effort only,
however for people who get tokens after viewing directories in finder,
this is a drastic improvement.
Jeffrey Altman [Sat, 6 Mar 2010 22:32:57 +0000 (17:32 -0500)]
afsadminutil: translate krb5 error messages on Windows
util_AdminErrorCodeTranslate() is used to translate error
code messages within the libadmin library set and is used
by translate_et. This has in the past not translated
krb5 error codes.
This patchset conditionally adds support for using
krb5_get_error_message() or error_message() on the Windows
platform if KFW is installed. This is accomplished by
adding new functions to afsutil.lib:
initialize_krb5()
fetch_krb5_error_message()
which are used within util_AdminErrorCodeTranslate()
only if AFS_KRB5_ERROR_ENV is defined.
Support for Unix is not provided at the present time
because doing this "right" will lead to a dependence on
kerberos libraries from this library, which we might want
to avoid.
Andrew Deason [Fri, 19 Mar 2010 14:31:04 +0000 (09:31 -0500)]
volume_inline.h does not need sys/file.h
src/vol/volume_inline.h does not need sys/file.h; at one point, it was
using macros from sys/file.h for locking constants, but now we use the
lwp/lock.h constants. So, include that instead. Also, only include it
for DAFS, since we only use the constants in the DAFS case. Thanks,
Jeffrey Altman.
Dan Hyde [Tue, 2 Feb 2010 15:37:47 +0000 (10:37 -0500)]
VOL_LOCK needed when traversing DiskPartitionList
VLockPartition sets VOL_LOCK, opens (perhaps creating) the lock file
for a partition, and flock's it. VUnlockPartition, sets VOL_LOCK, and
closes the lock file fd.
VLockPartition is called from the salvager. Nothing ever calls
VUnlockPartition.
VPFullUnlock is called every 30 seconds, does NOT set VOL_LOCK, and
happily closes any lock file fd it finds, breaking any lock set with
flock.
Other routines use the VOL_LOCK when traversing DiskPartitionList.
Change-Id: I683547f574b1f760e72014f5d44ce3987f07b5df
Reviewed-on: http://gerrit.openafs.org/1213 Reviewed-by: Dan Hyde <drh@umich.edu> Tested-by: Dan Hyde <drh@umich.edu> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Ben Kaduk [Wed, 17 Mar 2010 05:55:41 +0000 (01:55 -0400)]
Catch up with FBSD80's removal of thread argument to VFS calls
FreeBSD SVN rev 191990 removed the thread argument to
filesystem-dependent VFS calls. Curthread is always assumed.
There is a __FreeBSD_version bump that we could check if
we felt like being precise, but FBSD80_ENV is probably good enough.
Derrick Brashear [Mon, 15 Mar 2010 17:15:34 +0000 (13:15 -0400)]
aix vnode hold simplification
instead of special-casing aix's AFS_FAST_xxx *and* calling
VREFCOUNT_INC for AIX, make it all consistent; side effect, remove
now-superfluous AIX ifdef'd code
Derrick Brashear [Wed, 17 Mar 2010 17:23:30 +0000 (13:23 -0400)]
kill apsl afssettings and fstab
replace both
afssettings with something patterned from webdav's (BSD-licensed)
mount program with general plist reading code. the lists of
valid oid objects of course have to be the same. eject old
darwins. add the new one.
Andrew Deason [Fri, 19 Feb 2010 23:13:01 +0000 (17:13 -0600)]
DAFS: Replace partition locks with volume locks
In DAFS, replace uses of the VLockPartition_r partition-level locks with
the approprivate VLockVolume*NB volume-level locks (and sometimes
FSYNC_VerifyCheckout). This allows for greater parallelization of
volserver attachment / volume creation, for volume operations to occur
during salvages, and for multiple salvages on a single partition to
occur simultaneously.
More architectural details of volume-level locks can be found in the
changes to doc/arch/dafs-overview.txt.
Andrew Deason [Fri, 19 Feb 2010 23:02:08 +0000 (17:02 -0600)]
Add code for locking individual volumes on disk
This adds the necessary APIs and associated changes to lock (on disk) an
individual volume on a particular partition. Nothing yet calls these new
functions.
Ben Kaduk [Tue, 16 Mar 2010 21:07:04 +0000 (17:07 -0400)]
Avoid panic on shutdown with memcache and INVARIANTS
When running with memcache, the filesystem cache is not initialized,
so the file-local struct vnode *volumeVnode is never set to non-NULL.
However, shutdown_cache() unconditionally calls vrele(volumeVnode),
which triggers a KASSERT that the argument to vrele() is non-NULL.
For certain kernel configurations, this results in a panic.
Change this so that vrele() is only conditionally called if the
volumeVnode is non-NULL.
Ben Kaduk [Thu, 11 Mar 2010 05:13:12 +0000 (00:13 -0500)]
Allocate and free backing store for event mutices
Actually get memory for the event mutex. With this and a locking
tweak, afsd actually starts (with memcache; the UFS cache still
has some locking issues).
Note that struct mtx is small enough that we may want to just
include it inline in afs_event_t and avoid having to do a separate
allocation/free step. However, Derrick wants to merge the FBSD and
DARWIN versions of this file, so stick with the more compatible
version for now.
I find that without the memset(), mtx_init() will (sometimes?) complain
that the mutex is already initialized. The glock should ensure
serialization here, though, so that we only allocate and initialize
one mutex per event.
Also remove an unnecessary cast while here.
afs_MarinerLogFetch(), a void routine, attempts to return a value.
While gcc (amongst others) merely issues a warning about this, the
Sun Studio C compiler gets cranky (at least on x86) and treats it as
a hard error, thereby aborting the build. Since there actually is no
value to return, this update simply removes the attempt.
Andrew Deason [Tue, 9 Feb 2010 19:03:06 +0000 (13:03 -0600)]
vlserver: make rxinfo threadsafe
The vlserver has a function 'rxinfo' used for printing out information
about an RX call for logging purposes, which used a static string.
Change it to use a caller-passed buffer, so it is safe to use in
multiple threads.
Jeffrey Altman [Sat, 13 Mar 2010 16:47:51 +0000 (11:47 -0500)]
Windows: warnings removal for afskfw.c
Use StrSafe string manipulation functions in place of most
instances of strcpy, strcat, sprintf, etc. With the use
of StringCbCopy, StringCbCat, StringCbPrintf, etc. there
is no longer a need to manually assign a NUL to the end
of a C string buffer as was required with strncpy or
strncat.
There is one strcpy instance remaining due to the inability
to know what the length of the destination buffer. The API
needs to be altered to make the destlen available and that is
not an appropriate change for this patchset. A deprecated
warning is a reminder to revisit this in the future.
Several int to unsigned int type changes to avoid signed
vs unsigned warnings.
Shuffle the order of header files to avoid macro
redefinition warnings.
Jeffrey Altman [Sat, 6 Mar 2010 22:30:17 +0000 (17:30 -0500)]
Windows: afskfw - conditionalize use of krb5_get_error_message for KFW 3.1 and earlier
KFW 3.1 is supported by OpenAFS but does not contain krb5_get_error_message
or krb5_free_error_message. As a result it must be loaded at run-time
and conditionally used.
Jeffrey Altman [Sat, 6 Mar 2010 22:32:22 +0000 (17:32 -0500)]
Windows: netidmgr - conditionalize use of krb5_get_error_message for KFW 3.1 and earlier
KFW 3.1 is supported by OpenAFS but does not contain krb5_get_error_message
or krb5_free_error_message. As a result it must be loaded at run-time
and conditionally used.
Derrick Brashear [Thu, 11 Mar 2010 17:10:38 +0000 (12:10 -0500)]
macos dropbox fix for finder
sadly this can mean we lie and say delete will work when it will fail, but
finder looks for KAUTH_VNODE_DELETE_CHILD along with
KAUTH_VNODE_ADD_SUBDIRECTORY and KAUTH_VNODE_ADD_FILE, not as one-offs.
Andrew Deason [Wed, 10 Mar 2010 16:16:04 +0000 (10:16 -0600)]
Squash pthreaded vos warnings
Trying to build vos in src/tvolser can produce a warning, at least on
amd64_linux26, since we cast to an int of the wrong size in SendFile and
ReceiveFile. Use intptr_t like we do everywhere else instead.
Simon Wilkinson [Wed, 10 Mar 2010 15:40:50 +0000 (15:40 +0000)]
Don't always use the local cell for db clients
Commit d008089a79ef268bbca91d660a840f32cb416865 broke things so that
we were always trying to use the local cell, rather than the one specified
by the user. Fix this so that the command line cell is used, unles -localauth
is specified, which restores the existing behaviour.
Andrew Deason [Tue, 9 Mar 2010 17:43:42 +0000 (11:43 -0600)]
vldb_check: do not ntohl u_chars
vldb_check was ntohl'ing fields like serverNumber when reading in a VL
entry. Since this is a u_char, ntohl'ing will just always result in 0,
not the actual value. Remove the ntohls so we read in VL data correctly.
Andrew Deason [Fri, 19 Feb 2010 23:04:29 +0000 (17:04 -0600)]
Add FSYNC_VerifyCheckout
Add the function FSYNC_VerifyCheckout, which can be used to verify that
a previous checkout of a volume is still known by the fileserver, and
hasn't been forgotten about (by e.g. the fileserver restarting).
Andrew Deason [Tue, 23 Feb 2010 21:43:11 +0000 (15:43 -0600)]
Add DAFS documentation overview for developers
Add some developer documentation for DAFS. This isn't comprehensive or
extremely detailed, but is intended to provide a larger-picture overview
of some of the pieces of DAFS. More detailed docs are intended to exist
in source comments (doxygen and such), and should already be there for
the most part.
projects / packages / o / openafs.git / log