Dan Hyde [Tue, 2 Feb 2010 15:37:47 +0000 (10:37 -0500)]
VOL_LOCK needed when traversing DiskPartitionList
VLockPartition sets VOL_LOCK, opens (perhaps creating) the lock file
for a partition, and flock's it. VUnlockPartition, sets VOL_LOCK, and
closes the lock file fd.
VLockPartition is called from the salvager. Nothing ever calls
VUnlockPartition.
VPFullUnlock is called every 30 seconds, does NOT set VOL_LOCK, and
happily closes any lock file fd it finds, breaking any lock set with
flock.
Other routines use the VOL_LOCK when traversing DiskPartitionList.
Change-Id: I28aa02488a6b53dc9f9aa9b2053c71d29222bdaf
Reviewed-on: http://gerrit.openafs.org/1213 Reviewed-by: Dan Hyde <drh@umich.edu> Tested-by: Dan Hyde <drh@umich.edu>
(cherry picked from commit 105481d3348a93d33695fb705f9fa5c8af210e7e) Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-on: http://gerrit.openafs.org/1595
(cherry picked from commit 3c1d60a19ccdc23ecd9eb0ca79bd72816abcd82e)
Marc Dionne [Wed, 27 Jan 2010 00:48:24 +0000 (19:48 -0500)]
Linux: don't count pag keys against root's keyring quotas
Keys associated with PAGs are created with root ownership for
security reasons, which means that they count agains root's
keyring quotas. The default configuration used by most distros
restricts root to the same quotas as a regular user, so a single
user can potentially fill up the quota and prevent new pags from
getting created system-wide.
This can also be an issue for busy multi-user systems where the
default maximum number of keys (200 currently) can easily be reached.
Reviewed-on: http://gerrit.openafs.org/1167 Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit a3812f211a56c0d6e0a7ff8a97f157707d3d8c28)
Russ Allbery [Tue, 4 May 2010 21:27:36 +0000 (14:27 -0700)]
Preserve AFS mount point and cache directory in cacheinfo
* Preserve the AFS mount point and cache directorys set in
/etc/openafs/cacheinfo if the file already exists rather than
overwriting them with the defaults. Thanks, Liam Healy.
(Closes: #580077)
Marc Dionne [Wed, 24 Mar 2010 23:29:28 +0000 (19:29 -0400)]
Print rxdebug statistics as unsigned values
bytesSent and bytesReceived are unsigned. Print them as such
to avoid printing negative numbers for large values. This is
already the case in the master branch.
Dan Hyde [Wed, 13 Jan 2010 19:38:47 +0000 (14:38 -0500)]
volmonitor keep vtrans lock
VolMonitor must maintain the VTRANS lock the whole time it is walking
the allTrans list. Failure to do so can cause core dumps trying to
access memory that has already been free'd.
Two versions of this change were coded and tested. The other version
used the VTRANS lock only around a THOLD, but needed a TRELE, too.
Timing tests were run counting the number of vos status, vos listvol,
and vos backupsys operations that could be performed during a fixed
number of vos status operations. The THOLD/TRELE version caused other
vos operations to run about 5% slower.
FIXES 126110
Change-Id: I7e749d30c955867faacafa978d7d643dee648ca3
Reviewed-on: http://gerrit.openafs.org/1098 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit d4f6ece19b05f2233e53f2d3c59f92316ec5ec3a)
Change-Id: Ic12bb6687a9c34e85abc2023c02264de6ae27614
Reviewed-on: http://gerrit.openafs.org/1588 Reviewed-by: Dan Hyde <drh@umich.edu> Tested-by: Dan Hyde <drh@umich.edu>
(cherry picked from commit 190ef2cb29577f2fcf1853149cf210fdf0736ae3)
Andrew Deason [Wed, 3 Feb 2010 19:02:23 +0000 (13:02 -0600)]
Create missing root directory when ORPH_ATTACH
When we are salvaging with ORPH_ATTACH, orphans are normally attached to
a volume's root directory. If the volume is missing a root directory,
however, nothing is attached, and the volume can appear empty or
unusable.
So, to make it possible to get a useful volume out of a volume that lost
(only) its root directory, create a new root dir, and attach orphans to
that root.
Russ Allbery [Fri, 26 Mar 2010 19:25:01 +0000 (12:25 -0700)]
Don't add CellServDB records if AFSDB is in use
* If the user configures openafs-client to use AFSDB records for VLDB
server location, don't prompt the user for VLDB servers for the local
cell even if they're not present in CellServDB and don't try to add an
entry for the local cell to CellServDB. (Closes: #575299)
Russ Allbery [Mon, 22 Mar 2010 22:41:38 +0000 (15:41 -0700)]
Build with -fno-strict-aliasing
* Build with -fno-strict-aliasing. The upstream development branch has
a better fix that selectively enables this for specific files with
known problems, but be conservative for the stable release.
Russ Allbery [Mon, 22 Mar 2010 19:42:48 +0000 (12:42 -0700)]
Move non-executable stack assembly code to end of file
The non-executable stack annotation used for Linux works by adding
an additional section to the generated object. The annotation added
in 9bfd03d723a9cf17673f40513a7adde1d503bcbc was added to the beginning
of each assembly file. This caused build failures on Linux s390
because the remainder of the assembly code was then put in that
section, which was discarded during linking.
Add the annotation to the end of each assembly file instead, following
the instructions at:
Dan Hyde [Wed, 6 Jan 2010 15:49:39 +0000 (10:49 -0500)]
volmonitor copy link before calling free
Copy tt->next before TRELE(tt) calls free(tt).
We have a core file from a VTRANS_OBJ_LOCK(tt) assert failure, with tt
pointing into glibc's malloc data structures.
(cherry picked from commit 81ca1e19600681a2c5696610130b9a39809bb1c1)
Change-Id: I5ba81f9e3a76f52578ab3b9dec394b6d95b03934
Reviewed-on: http://gerrit.openafs.org/1586 Reviewed-by: Dan Hyde <drh@umich.edu> Tested-by: Dan Hyde <drh@umich.edu> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit 0583af324ca2cbc556722b9e84d85cad49cfc622)
Andrew Deason [Tue, 16 Feb 2010 17:08:38 +0000 (11:08 -0600)]
h_TossStuff_r: make sure host does not go away
When h_TossStuff_r h_NBLock_r's a host, it is not only possible for
someone else to grab a hold on the host, but in theory it's also
possible for someone to hold a host, release it, and for the host to be
deleted again (assuming some callers hold HOSTDELETED hosts, which they
should not be doing).
To make this safety check a bit more robust, hold the host in
h_TossStuff_r before h_NBLock_r'ing, to ensure that it does not go away
while we're waiting for H_LOCK.
Reviewed-on: http://gerrit.openafs.org/1330 Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit 380bd77c328d8d83a007cd97f6564fcb5b990a73)
Change-Id: I19d001dba8b0c96b694aefdba2475f0103d33e44
Reviewed-on: http://gerrit.openafs.org/1368 Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit b78eeb0cca48c65d4466052d207fa22f08a8fa70)
Andrew Deason [Mon, 15 Feb 2010 16:55:33 +0000 (10:55 -0600)]
h_TossStuff_r: check held-ness after lock
h_TossStuff_r checks if a host is held or locked by another thread
before trying to delete the host. Unfortunately, it checks if it is
locked before checking if it is held, and the lock check drops H_LOCK.
Thus, another thread could hold the host while we don't have H_LOCK, and
we could delete a host that is being held.
Although it is a bug if any thread holds a host that is being deleted,
some instances of this still exist, so make the check more robust.
Reverse the order of the tests, so we detect if someone held the host
while the lock check dropped H_LOCK.
Also log when this happens, as it indicates a bug occurring.
Andrew Deason [Mon, 15 Feb 2010 22:22:56 +0000 (16:22 -0600)]
Allow GetSomeSpace_r to select an optimal host
Previously GetSomeSpace_r would never find an 'ideal' host for which to
clear callbacks, since lih0_r and lih1_r required a non-NULL rock to do
anything. Remove the requirement for the passed-in host rock to be
non-NULL, and make lih*_r more threadsafe, by passing in a parameter
struct for the rock.
Also attempt to make the GSS_r code a bit more clear with some
descriptive variable names and such.
Russ Allbery [Mon, 8 Mar 2010 23:45:17 +0000 (15:45 -0800)]
Require $remote_fs before stopping as well
This isn't strictly necessary, but it avoids the Lintian warning and we
can clean it up after finding a better approach for what /usr/bin/fs
currently does.
Russ Allbery [Mon, 8 Mar 2010 22:18:05 +0000 (14:18 -0800)]
Initial changelog for 1.4.12~pre4
Add upstream change list since the deltas that I pulled up. Switch
the download area over to the candidate releases. (1.4.12 will
probably be released before this package is uploaded, but we'll pull
1.4.12~pre4 first to get the packaging updated.)
1.5 deals with this differently. for now, don't build fc_test (rx needs
libsys so it can deal with network config from userspace; the sys/rxkad
dependancies are circular if so. so, no)
OpenBSD 4.7 (currently in beta) removes the (dummy) VREF() macro from the
system header files. For at least as far back as OpenBSD 3.6, all this
macro does is expand to a call to a system routine by the same name in
lower case. This patch therefore replaces the single OpenBSD use of
VREF() with a direct call to the routine to which it expanded.
Claudio Bisegni [Mon, 1 Mar 2010 19:41:48 +0000 (20:41 +0100)]
OSXPreferencePane
checkAfsStatusForStartup method modification for search /afs volume for determinate if afs is on has been transfered into checkAfsStatus. checkAfsStatusForStartup method is used to check when afs start axitn system startup. Anyway these are only workaround we must use osx api or afs api to make this job.
A prior update (ChangeID: Ie6af2d3fd9c5166dd2d884c22d287c180b24fab1)
stops compile_et from being (p)installed into a separate directory.
Unfortunately, there's a second rule in the Makefile exhibiting the
same behaviour that was missed (the decision of which rule is used is
determined by whether a 'make install' or 'make dest' is requested).
This patch fixes the second ruleset as well.
Derrick Brashear [Wed, 24 Feb 2010 16:20:51 +0000 (11:20 -0500)]
remove dropbox attribute leak fix
change 6ec18461649d3e4f44b2476f886bcc480c456500, avoid leaking stat info,
appears to have side effects on at least macos, crashing the system
coreservicesd. revoke the change until the exact behavior we want is
better understood.
Anders Kaseorg [Sun, 21 Feb 2010 01:28:42 +0000 (20:28 -0500)]
Linux: Fix conversion of whole-file locks
An overflow bug in commit 49b7bbdd3b45df694fadbef48f9ed99d9bfe07b9
caused whole-file locks to be treated as byte-range locks, which fail
to be propagated to other machines.
Fix this by setting l_len = 0 for locks that range to the end of the
file.
Anders Kaseorg [Sat, 20 Feb 2010 18:28:59 +0000 (13:28 -0500)]
Linux: Use kbuild to check for UML
<linux/autoconf.h> is automatically included by kbuild; you aren’t
supposed to include it directly. That breaks in 2.6.33 because
<linux/autoconf.h> is moving to <generated/autoconf.h>.
Andrew Deason [Fri, 12 Feb 2010 23:44:31 +0000 (17:44 -0600)]
Check for HOSTDELETED before h_Hold_r
A few places h_Hold_r a host and later drop and reacquire H_LOCK without
checking if the hostFlags contains HOSTDELETED. This can cause a race
with h_TossStuff_r where we later reference a host that is about to be
freed or already has been freed.
Add checks for HOSTDELETED in these places, and skip over the deleted
hosts.
Andrew Deason [Fri, 12 Feb 2010 22:30:44 +0000 (16:30 -0600)]
Correct the h_Enumerate_r hostList safety check
Ide1e5aca7c2c4a4af3f62bc07821db694f2f9999 added safety checks for a few
traversals through hostList, including the traversal in h_Enumerate_r.
Unfortunately, h_Enumerate_r may not hold H_LOCK over its entire
traversal (h_Release_r can drop and reacquire it), so the value of
hostCount is not guaranteed to stay the same.
A host may be deleted during the loop, or right near the end, decreasing
hostCount to below our current running 'count' of hosts, triggering the
panic unnecessarily. So instead, remember the value of hostCount.
Derrick Brashear [Sun, 21 Feb 2010 22:15:26 +0000 (17:15 -0500)]
idledead client dont interrupt writes
allowing failover is nonsensical, there's nothing to fail to. keep trying to
write. if we want to change this, we need to handle it better than just this.
Simon Wilkinson [Tue, 9 Feb 2010 19:53:40 +0000 (19:53 +0000)]
Linux: Use current_creds() if stashed creds fail
If we can't use our stashed credentials (because SELinux hates us,
most likely), then fall back to trying the processes current credentials
instead of just oopsing.
afs_TruncateAllSegments() make sure correct afs_size_t comparison is
used when selecting dcache entries for truncation
Insure that afs_TruncateAllSegments() uses the correct [64-bit]
comparison when deciding whether to truncate chunks:
alen - AFS_CHUNKTOBASE(tdc->f.chunk) for a file > 2GB would fail
to be recognised negative with an "afs_int32 newSize", even with
alen = 0 and big tdc->f.chunk.
OpenBSD: don't use AFS_GLOBAL_SUNLOCK on single processor system
Put back the header directives that only turns on AFS_GLOBAL_SUNLOCK
when compiling for multiprocessors system. When enabled on a single
processor OpenBSD system, it is possible to put the entire system
into a lengthy (minutes) lock state when performing multiple AFS
activities. The system behaves MUCH better when AFS_GLOBAL_SUNLOCK
is not set (no problems encopuntered). This whole locking mechanism
needs a bit more examination on OpenBSD before this is useful in
single processor mode.
A shutdown or unmount of AFS on OpenBSD will invariably result in a kernel
panic. This is because the afs_unmount() routine does not (can not?) force
vnode releases if the vnode is still busy. However, it continues on
nonetheless and dies a horrible death a little later.
This update causes a return from afs_unmount() with EBUSY if all the vnodes
weren't released. This results in error messages on shutdown but the overall
process continues more reliably and reboots, for example, work.
There is likely a better solution to this but at least this is no worse than
a system crash and it doesn't require console (or power button) intervention
so it should do until I have the chance to explore further.
Starting with OpenBSD 4.2, the interface list returned by sysctl using
NET_RT_IFLIST contains multiple versions of the data. This really
messes up the rx_getAllAddr_internal() routine that returns a list of
valid interfaces for the system (to the point where none are returned).
This change adds a routine that cleans up the data returned by sysctl
so it returns only a single (the most current) version of the data.
That stops afsd (among others) from being cranky when it starts up.
The internal malloc memory types for IPv6 (M_IP6OPT, ...) conflict
with the type numbers used to designate AFS memory (M_AFSFID, etc.).
This change moves the AFS memory type to a new number that does not
conflict. This is not a serious issue but can create real confusion
when trying to debug or track memory issues, among other things.
When determining the volume type of a volume, vsu_GetVolumeID() checks
to see if the volume name ends in '.backup' or '.readonly' by backing
up the appropriate number of characters from the end of the name. It
does not, however, check to see if it skips past the beginning of the
volume name. This can result in a segmentation fault (which it has for
me on many occasions during a vos release) depending on where memory
is allocated or how/if memory is protected.
This patch corrects this behaviour by checking the volume name string
length prior to doing the string comparison.
Add config param header and sysname number for OpenBSD 4.6.
As well, add an additional parameter to a call to ifa_ifwithnet()
when looking up the MTU for an interface to indicate that the call
should use the default routing table. With the advent of OpenBSD
4.6, the system has started to make provisions for multiple routing
tables which included a change to the calling sequence for this
routine.
Code optimization can not be turned of using the configuration script
(--disable-optimize, etc.) because the compiler directive is associated
with the wrong makefile variable. This fixes it.
Simon Wilkinson [Tue, 2 Feb 2010 15:59:12 +0000 (15:59 +0000)]
Add a set of strings for the InstallationCheck
InstallationCheck needs a strings dictionary to turn its errors
into human readable content. Add such a dictionary, and use the
correct product name and version for each Mac OS X release.
Derrick Brashear [Sun, 17 Jan 2010 06:10:28 +0000 (01:10 -0500)]
create debugging kext package for MacOS
this creates and installs a debugging kext package for macos. it also
always installs the decode-panic script (which can be used even without
the debug kext)
Current versions of both MIT Kerberos and Heimdal disable DES enctypes
by default, but DES enctypes are still required for AFS service tickets.
Probe for either krb5_allow_weak_crypto() (MIT Kerberos 1.8) or
krb5_enctype_enable() (Heimdal) and, if found, call them to enable DES
enctypes. If neither is found, assume that the Kerberos libraries are
old enough that DES is enabled by default.
Russ Allbery [Fri, 22 Jan 2010 19:04:10 +0000 (11:04 -0800)]
Enable weak enctypes for aklog if supported by Kerberos
Current versions of both MIT Kerberos and Heimdal disable DES enctypes
by default, but DES enctypes are still required for AFS service tickets.
Probe for either krb5_allow_weak_crypto() (MIT Kerberos 1.8) or
krb5_enctype_enable() (Heimdal) and, if found, call them to enable DES
enctypes. If neither is found, assume that the Kerberos libraries are
old enough that DES is enabled by default.
Russ Allbery [Wed, 20 Jan 2010 04:31:39 +0000 (20:31 -0800)]
Try to start the client after syslog
* List $syslog in Should-Start for the openafs-client init script, since
otherwise if loading the module causes a kernel panic, it won't be
logged to disk.
Russ Allbery [Wed, 20 Jan 2010 01:59:26 +0000 (17:59 -0800)]
Require $remote_fs be started before us
* Update init script to require $remote_fs be started first. This won't
be the case in the long run, but for now some important boot-time
options need /usr/bin/fs to set them.
Simon Wilkinson [Sat, 16 Jan 2010 15:52:58 +0000 (15:52 +0000)]
Don't double free call structure
If the rx_Read() of the number of bytes in the FetchData64 response
fails, then it sets code, and disposes of the call structure. However,
the length safety check that was added in c7b92a3018044f7aca4d9a77644e5c06ef64d1e9 executes regardless of whether
code is set, and the call has already been freed. So we end up calling
rx_Error with a NULL call structure, and panic.
Simon Wilkinson [Thu, 14 Jan 2010 16:57:15 +0000 (16:57 +0000)]
Don't install compile_et into its own directory
When pinstall sees that the basenames of its two arguments differ,
it assumes that its installing into a path, and creates the missing
directory. This meant that we got /usr/bin/afs_compile_et/compile_et
which wasn't the desired result.
Marc Dionne [Fri, 9 Oct 2009 01:53:03 +0000 (21:53 -0400)]
Linux: kmem_cache_create fix and cleanup
Fix the kmem_cache constructor function to match the current
expected prototype, and cleanup related code. This has been wrong
for a while, but since we were just passing extra parameters the
only effect was to generate a warning.
- Add a new configure test to detect the new constructor function
signature
- Define the older versions of the constructor in osi_compat.h,
making them call the current version
- Move a few compatibility #defines to osi_compat.h
Derrick Brashear [Thu, 31 Dec 2009 12:50:56 +0000 (07:50 -0500)]
viced host always hash on add
currently the openafs 1.4 code doesn't always add a host/port pair to the
hash when an interface address is being added. make the code match what exists
on the head
Change-Id: Ibf56a397b936abd1b0646c63c5dda88a59819538
Reviewed-on: http://gerrit.openafs.org/1053 Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com> Tested-by: Alistair Ferguson <alistair.ferguson@mac.com> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Tested-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Russ Allbery [Wed, 6 Jan 2010 01:03:32 +0000 (17:03 -0800)]
Add README.source and a script to do a Git-aware merge of upstream
* Add README.source explaining maintenance procedures and a
debian/import-upstream script to do a Git-aware merge of a new
upstream release that will allow us to cherry-pick upstream patches
and do proper merges.
Note that I'm not planning on re-importing the upstream 1.4.11 release
using this new method, so this technique will not be effective in the
master branch until upstream releases 1.4.12.
Michael Meffie [Wed, 23 Dec 2009 21:38:57 +0000 (16:38 -0500)]
viced: add then remove when changing addresses
When changing a host address, be sure to add the new interface
before removing the old to avoid having the host marked as
deleted if we removed the only valid address. This change was
pulled out of commit ca613599a2537756462a420ae1a632747a433226
viced-host-uuid-and-addr-hashing-corrections-20090530 by
Jeffrey Altman.
Simon Wilkinson [Wed, 23 Dec 2009 13:29:54 +0000 (13:29 +0000)]
Shout less about system call hooks when using keyrings
When keyrings are in use, the user doesn't really care whether or
not we manage to hook the system call table, and the current message
has proved confusing, as it seems to indicate something has gone wrong.
Tone down the warning that's produced when keyrings are in use. This is
1.4.x only, as we're going to completely disable system call probes when
keyrings are in use in 1.5.x
projects / packages / o / openafs.git / log