Andrew Deason [Thu, 17 Mar 2011 21:32:00 +0000 (16:32 -0500)]
libafs: Do not osi_FlushPages for dirs
Directory contents are never mapped or stored in pages, so dealing
with page invalidation on directories is just overhead. So make
osi_FlushPages a no-op when we're given a directory, which can avoid a
lot of locks and other processing (particularly when we are called in
afs_getattr in BOZONLOCK_ENV).
Andrew Deason [Wed, 16 Mar 2011 16:48:08 +0000 (11:48 -0500)]
DAFS: DFlushVolume outside of vol glock
DFlushVolume may traverse a long list of directory objects, and can
even hit the disk, so we should drop the glock for it. This should be
safe in DAFS, since we already transition the volume to an exclusive
state before doing this, and DFlushVolume only deals with structures
internal to the directory package and maintains its own locking.
Simon Wilkinson [Sun, 20 Mar 2011 21:13:09 +0000 (21:13 +0000)]
util: Fix exec_alt
exec_alt was failing its tests on Mac OS X (but passing them on Linux).
It turns out that this is because it was failing to NULL terminate the
string that it creates in construct_alt(), which copies in the
characters from argv0, prefix and suffix, but never copies in a trailing
NULL.
Amend the code so that the trailing NULL from suffix is used to
terminate the string.
Andrew Deason [Wed, 16 Mar 2011 19:44:56 +0000 (14:44 -0500)]
salvager: Fix volume parsing on 64-bit
When an unsigned long is wider than an afs_uint32, comparing the
afs_uint32 vid to ULONG_MAX is always going to be false (which the
compiler can warn us about). Fix this by storing to an unsigned long,
and converting to a volume id after ensuring that the result is not
too large.
Simon Wilkinson [Wed, 16 Mar 2011 21:23:17 +0000 (21:23 +0000)]
util: Remove unnecessary uuid_mem* macros
Once upon a time, in a galaxy far far away, uuid used bcmp and bcpy
operations in kernel space. However, we changed that back in 2001, and
since then the uuid_memcpy and uuid_memcmp macros have been redundant.
Tidy up the code a little by removing them.
Simon Wilkinson [Wed, 16 Mar 2011 18:11:21 +0000 (18:11 +0000)]
dir: Make test utility build again
Make the 'dtest' test utility, which can be used to test the functioning
of the dir package, as well as to manipulate the directories that it
creates, build again.
Simon Wilkinson [Thu, 17 Mar 2011 19:28:23 +0000 (19:28 +0000)]
rpms: Make makesrpm.pl cater for new rpm names
Starting from 1.6.0, our specfile no longer adds a stray '1.' to the
start of the release field. makesrpm.pl was failing to deal with
these new-style names and therefore not actually making an rpm.
Fix this by conditionalising on the OpenAFS version when selecting
which rpm to copy.
Change-Id: I36b32ccc20baa167f46e5095eacb38a8e7d65e27 Cc: Alexander Redinger <aredinger@sinenomine.net>
Reviewed-on: http://gerrit.openafs.org/4258 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@dementia.org>
Simon Wilkinson [Wed, 16 Mar 2011 17:16:31 +0000 (17:16 +0000)]
util: Remove packages.h
packages.h is unused within our tree, and contains nothing of any
use to out of tree callers (it attempts to define bases for error
codes, which has been superceded by our use of comerr)
Andrew Deason [Thu, 17 Mar 2011 15:43:23 +0000 (10:43 -0500)]
viced: Actually print client CPS
Client CPS was not getting output on SIGXCPU like the rest of the
client information, since the conditional in the CPS loop was never
true. Fix this so we traverse the CPS entries correctly.
Simon Wilkinson [Wed, 16 Mar 2011 15:34:54 +0000 (15:34 +0000)]
util: Remove isathing
isathing.c only provided one function - util_isint, whose behaviour
can be far better provided by careful application of strtol.
Simplify our world a little by removing the file.
Simon Wilkinson [Wed, 16 Mar 2011 15:31:40 +0000 (15:31 +0000)]
kauth: Use strtol for integer argument handling
Use strtol, rather than a combination of util_isint and atoi to
handle integer arguments. This is much cleaner, far more portable,
and removes a dependency on an internal library function that this
file is the only user of.
Simon Wilkinson [Tue, 15 Mar 2011 00:45:45 +0000 (00:45 +0000)]
Linux: Fix return codes from setpag
Linux is a real stickler when it comes to error codes. Functions
which return positive error codes into the kernel tend to have
unfortunate effects. Because all AFS errors tend to be positive,
most of our kernel entry points negate errors before passing them
back to their caller.
This causes problems when internal functions themselves return
negative error codes. This was the case with the keyring functions,
which ended up returning a negative code to setpag(), this handed
that code ultimately up to the ioctl handler, which negated it (so
turning it positive) before throwing it up to the kernel.
The kernel sees this positive value as being a successful return,
and so passes it direct to userland, rather than assigning it to
errno. This led to the setpag() userspace function never being
aware of keyring errors that had occurred in the kernel.
Fix all this by making sure that all errors from the keyring code
are made positive before being passed upwards in the kernel module.
Sadly, this change fixed setpag(), but broke all of the pioctls. The
problem is actually a little more nuanced than we at first thought.
What's happening is yet another case of Linux's special handling of
negative return values. When an ioctl handler returns a negative
return code to the kernel, it does errno = -code, and sets the
return code to -1. If you pass it a postive return code, however,
it just returns that straight to the application.
The pioctl code gets this right. However, the setpag code doesn't,
and so tries to return postive values, which is why ioctl appears
to be returning the error code in the return value, not in the
errno.
Change-Id: I192ff45ad15b72a493a3c9c98546b026761dd95f
Reviewed-on: http://gerrit.openafs.org/4222 Tested-by: BuildBot <buildbot@rampaginggeek.com> Tested-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@dementia.org>
Simon Wilkinson [Sun, 13 Mar 2011 17:13:49 +0000 (17:13 +0000)]
auth: Use the UserListFileName function more
The function UserListFileName exists to abstract the process of
producing a full pathname for the userlist. Modify the rest of
userok.c so that it uses it.
Simon Wilkinson [Sun, 13 Mar 2011 16:54:34 +0000 (16:54 +0000)]
auth: Refactor CellServDB path creation
Move all of the duplicated code that does CellServDB path creation
into a common function. Use asprintf(), rather than strcompose in
this function so we're using fewer fixed length buffers.
Simon Wilkinson [Sat, 5 Mar 2011 23:09:18 +0000 (23:09 +0000)]
auth: Rework afsconf_UpToDate to use CellServDB
Rework the afsconf_UpToDate check so that it uses the modifcation of
the CellServDB, and not the KeyFile to determine whether the
configuration information has been changed under us or not. afsconf
defines the CellServDB as being the single sentinel for a config
directory being changed, and our tools are careful to always touch
the CellServDB when updating anything else there.
Also, rework the _afsconf_Check() code so that it uses afsconf_UpToDate,
rather than including this logic twice.
Simon Wilkinson [Sun, 13 Mar 2011 15:47:36 +0000 (15:47 +0000)]
tests: Fix KeyFile test so it works from harness
The auth/keys test tries to find a file that's distributed as part
of the test suite. However, it currently only looks in the CWD to
find it. Modify the test so that if it's run from the test harness,
it will use the harnesses SOURCE environment variable to locate the
KeyFile
Simon Wilkinson [Sun, 13 Mar 2011 14:45:04 +0000 (14:45 +0000)]
pt_util: Initialise empty database correctly
Commit dc8f18d6f5003712bc9ef989363137a84953df07 broke pt_util's
initialisation of empty databases. This is because Initdb was changed
to call Initdb_check through the ubik_CheckCache wrapper. However, that
wrapper was defined as a no-op in pt_util's ubik-shim.
Modify pt_util's ubik_CheckCache so that it always calls into the
wrapper routine - this mimics the old behaviour.
Add a trival test for pt_util - check that we can build the database,
using the example from the manpage, and then that the built database
matches what we expect.
Simon Wilkinson [Fri, 4 Mar 2011 22:57:15 +0000 (22:57 +0000)]
ubik: Allow servers to have more than 3 seclayers
ubik has traditionally used the afsconf_ServerAuth function to
fill in a single field in a pre-allocated list of security classes.
This meant that we could never have a class with an index higher
than 2 (rxkad). Setting the function to call, and the rock to that
function was also accomplished by playing with global variables.
Rework this so that a new function is used to set the security
classes, which can allocate an arbitrary sized array of classes.
Move the setting of this function, and of the authentication check
function into ubik_SetServerSecurityProcs()
Simon Wilkinson [Fri, 4 Mar 2011 22:37:10 +0000 (22:37 +0000)]
afsconf: Rework security flags
BuildServerSecurityObjects takes a set of flags, which makes it
hard to use it as a callback function. Rework this so that the
security flags are part of the afsconf directory structure, and
so BuildServerSecurityObjects only takes a rock, and its return
parameters.
Update all of the callers for this new function, and add tests
for it to the test suite.
Simon Wilkinson [Fri, 4 Mar 2011 12:12:24 +0000 (12:12 +0000)]
ubik: Remove dependency on auth
When commit 8a09c220f4c5f881ea45be585b07b793038924d5 added support
for token error recovery to ubik, it introduced a dependency on
afsconf. This breaks the abstraction layer that had been in place, by
requiring that the SecurityRock be an afsconf_dir (if you use a
different rock, ubik will segfault)
This change reinstates the abstraction layer, by requiring Ubik
users who want token error checking to specify a procedure that can
be used to check whether tokens are up to date. Instead of yet
another global variable, we replace the existing CRXSecurity*
variables with a single function that can be used to set security proc,
token checking proc, and rock.
Andrew Deason [Thu, 10 Mar 2011 20:55:50 +0000 (14:55 -0600)]
salvager: Do not abort on large volume IDs
The salvager was parsing volume IDs just using atoi() and checking if
the result was negative. Since the result is a signed int, this fails
on any volume ID larger than 2^31-1. Change the parser to use strtoul
instead of atoi, and change the check.
While we're here, make a similar change to the DAFS salvageserver,
too.
Simon Wilkinson [Sun, 6 Mar 2011 17:22:14 +0000 (17:22 +0000)]
Don't use KERN_OPTMZ or KERN_DBG on Linux 2.6
With 2.6 Linux kernels, we just use the standard Kernel build system.
As this system pays no attention to our settings of KERN_OPTMZ or
KERN_DBG, don't bother setting values for these for 2.6 kernels.
Simon Wilkinson [Sun, 6 Mar 2011 17:15:05 +0000 (17:15 +0000)]
Remove -D_LARGEFILE64_SOURCE on Linux
Since 129b6954a6f491c6f3c3e417055bdc68d4726408, we've defined
GNU_SOURCE on all Linux builds. This definition automatically sets
_LARGEFILE64_SOURCE for us, so we don't need to explicitly set it
in the platform specific configuration.
Simon Wilkinson [Thu, 10 Mar 2011 00:20:26 +0000 (00:20 +0000)]
Remove redundant entries from MT_CFLAGS
Don't include XCFLAGS in MT_CFLAGS, as this is now done elsewhere in
the build process. Don't multiply specify -DAFS_PTHREAD_ENV, as all
pthreaded build rules must defined this, and just doing so in one
place is much cleaner.
Simon Wilkinson [Thu, 10 Mar 2011 10:41:57 +0000 (10:41 +0000)]
hcrypto: don't redefine key_type
Linux's keyring code uses "struct key_type", which is also used
internally by the hcrypto code. As, on some Linux variants,
afs/sysincludes.h ends up including the keyring definitions, we
need to rename our internal key_type definition to something
that doesn't clash.
This change didn't receive sufficient review before it was pushed.
It breaks builds on IRIX, and produces kernel modules that don't
load on a number of other Linux-based systems.
A correct fix for the underlying problem (that both Linux and
hcrypto want to use the "struct key_type" identifier) will follow
this patch.
Derrick Brashear [Thu, 17 Feb 2011 05:04:06 +0000 (00:04 -0500)]
linux: defer vcache evictions when sleep would be needed
because we're only willing to loop 100 times worth of "sleeps",
on a machine with heavy vcache demands we can end up just growing
the list huge. in the first pass, just clean up as many entries which
do not require sleeping as needed. if we need more entries, make
a second pass.
Jeffrey Altman [Wed, 9 Mar 2011 12:51:02 +0000 (07:51 -0500)]
Windows: handle rx busy call channel
Register an error code for rx busy call channel detection.
Force a retry whenever CM_RX_BUSY_CALL_CHANNEL is received
by cm_Analyze(). Log the event to both the internal trace
log and the Windows Event Log along with the server address.
Andrew Deason [Mon, 7 Mar 2011 17:08:26 +0000 (11:08 -0600)]
RX: Avoid timing out non-kernel busy channels
When we encounter a "busy" call channel (indicated by receiving
RX_PACKET_TYPE_BUSY packets), we can error out a call with
RX_CALL_TIMEOUT to try and get the application code to retry the call.
However, many RX applications are not aware of this, and will just
fail with an error upon receiving a single busy packet.
So instead, make this behavior optional, and only do it if the
application tells us what specific error it expects to receive when a
busy call channel is detected. Enable this behavior for the Unix cache
manager, as it can cope with receiving an RX_CALL_TIMEOUT error in
this scenario.
Andrew Deason [Wed, 16 Feb 2011 03:23:06 +0000 (21:23 -0600)]
aklog: Do not include XCFLAGS twice
In aklog, we set MODULE_CFLAGS to XCFLAGS and some other things.
However, when using AFS_LDRULE or AFS_CCRULE, CFLAGS will contain
MT_CFLAGS, which contains XCFLAGS. The end result is that the contents
of XCFLAGS appear twice in the compilation invocation, breaking some
platforms like HP-UX where the order of XCFLAGS relative to other
things is a bit fragile.
Fix this by removing XCFLAGS from the MODULE_CFLAGS definition.
Jeffrey Altman [Sat, 5 Mar 2011 19:34:05 +0000 (14:34 -0500)]
vol: FILE* to FD_t except logging and special ops
Replace all use of FILE* with FD_t. Switch from afs_open to OS_OPEN.
In the process:
afs_flush and afs_fsync -> OS_SYNC
afs_stat which is used to obtain the file size -> OS_SIZE
afs_close or close -> OS_CLOSE
Etc. While cleaning up, use afs_stat_st macro when declaring
a struct stat because the structure and function are not guaranteed
to be the same name on all platforms.
These changes permit Windows to build the vol package without
the use of the C runtime library.
Jeffrey Altman [Sat, 5 Mar 2011 19:25:34 +0000 (14:25 -0500)]
vol: consolide afs_xxxx macros in ihandle.h
Various definitions of afs_open, afs_stat, etc. were
scattered across the .c sources within the vol package.
Consolidate them all in ihandle.h which is included in
all of the files and contains the OS_xxxx macros which
will substitute for many afs_xxxx calls in future patchsets.
Simon Wilkinson [Fri, 11 Feb 2011 11:53:26 +0000 (11:53 +0000)]
Clarify the role of XCFLAGS and simplify MT_CFLAGS
Tidy up the build system by making it clear that XCFLAGS is included
for every build type. Also clean up MT_CFLAGS so that it doesn't
statically include XCFLAGS, and remove the common AFS_PTHREAD_ENV
define that's needed by every architecture.
This fixes the problem that we had where directories built with the
pthread or shared build rules weren't being compiled with checking
enabled, as well as hopefully making the tangle of defines easier to
understand.
Marc Dionne [Sat, 29 Jan 2011 17:48:02 +0000 (12:48 -0500)]
ubik: cleanup DB lock usage in SDISK_SendFile
Some failure paths can return from SDISK_SendFile with the
database lock still held. Other failure paths will cause
setlabel to be called without holding the lock.
Rework the failure paths so we always release the DB lock before
returning, and always hold it when calling setlabel.
Commit 335ccb40 introduced positional I/O support for the fileserver,
but didn't handle the largefile versions of preadv and pwritev. As a
result, the fileserver cannot handle files of more than 2Gb in size.
Fix this by using preadv64 and pwritev64 where O_LARGEFILE is defined,
in the same way as for all other I/O primitives.
Simon Wilkinson [Sun, 6 Mar 2011 16:06:36 +0000 (16:06 +0000)]
Disable vectored positional IO if no 64bit support
In order to support vectored positional I/O, and large files, we
need there to be an implementation of preadv64 and pwritev64. If
this isn't present, then just disable HAVE_PIOV.
Jeffrey Altman [Sat, 5 Mar 2011 15:06:50 +0000 (10:06 -0500)]
volser: restore diskPartition[64] lock_fd comment
The diskPartition[64] wire structures contain an int to represent
the file descriptor. This field is too small to represent the
Windows file descriptor which is a 64-bit HANDLE. A comment had
been added by Rod Widdowson. Restore it.
The conversion to uvldbentry produced too many negative side
effects. Revisit support for multi-homed servers when vos
is executed from a machine that can only see a random subset
of the addresses assigned to the server in the future.
Andrew Deason [Fri, 4 Mar 2011 17:35:06 +0000 (11:35 -0600)]
viced: Set HWHO_INPROGRESS in CheckHost_r
When we are probing a host in CheckHost_r, set the HWHO_INPROGRESS
flag on the host, so other threads know that the host is locked while
we are waiting for a probe response, and the h_threadquota mechanism
can work correctly.
Jeffrey Altman [Wed, 2 Mar 2011 19:06:48 +0000 (14:06 -0500)]
Windows: avoid use of cm_buf for MPs and Symlinks
In the Windows cache manager, the symlink and mount point
target strings are stored in the cm_scache_t mountPointString
and are not accessed out of the cm_buf_t for offset zero
except when populating the mountPointString. As a result,
every mountpoint and symlink object that is read into the cache
wastes a cm_buf_t which could otherwise be used to store
additional file or directory data.
Add cm_GetData() function which is similar to cm_GetBuffer()
except that it reads data from the file server into an arbitray
memory location instead of a cm_buf_t object. Use cm_GetData()
to read directly into the cm_scache_t object.
In addition, further optimize the communication with the
file server by using cm_GetData() to perform a RXAFS_FetchData
RPC to obtain both the target string and the status information
instead of RXAFS_FetchStatus which only returns the status
information in cases where there are no outstanding callback
registrations on the object. RXAFS_FetchStatus is still used
when a callback is active in order to obtain access permissions
for new users.
Andrew Deason [Fri, 25 Feb 2011 22:58:30 +0000 (16:58 -0600)]
vol: Check for blank vnode in VAllocVnode_r
When we alloc a vnode in VAllocVnode_r, we look up that vnode in the
vnode cache, to see if a vnode struct already exists for it. If it
doesn't, we check the vnode index to ensure that the vnode actually is
not in use (among other things). However, we do not perform the same
check for a vnode already in the cache. Add this check, to make sure
that we don't allocate an already-used vnode number, even if the
bitmap is screwed up.
Andrew Deason [Fri, 25 Feb 2011 22:01:32 +0000 (16:01 -0600)]
DAFS: VnLock after VnWaitQuiescent in VAllocVnode
In VAllocVnode, we write-lock the newly-allocated vnode. In DAFS,
however, we need to VnWaitQuiescent_r before VnLock'ing, since VnLock
in DAFS just sets the writer tid/pid. So, in VAllocVnode, move the
VnLock call to after we wait for quiescence, so we don't stomp over
the vnode when someone else has it write-locked.
Andrew Deason [Fri, 25 Feb 2011 20:43:09 +0000 (14:43 -0600)]
DAFS: Wait for exclusive ops in VFreeBitMapEntry_r
VAllocBitmapEntry_r puts the volume in an exclusive state and drops
VOL_LOCK when traversing the volume bitmap and updating the bitmap.
So, VFreeBitMapEntry_r must ensure the volume is not in an exclusive
state, to make sure that VAllocBitmapEntry_r is not updating the
bitmap at the same time. Do so, by waiting for the volume to come out
of exclusive state at the beginning of VFreeBitMapEntry_r.
Andrew Deason [Wed, 2 Mar 2011 20:11:43 +0000 (14:11 -0600)]
vol-salvage: VOL_DONE deleted volumes
When the salvager deletes a volume (because it is an invalid RO clone,
or because there is no data associated with the volume), we should
inform the fileserver that the volume is gone. Otherwise, the volume
in the fileserver can get put into an error state (in DAFS) when it
tries to attach the volume, preventing anything from creating or using
that volume.
Andrew Deason [Wed, 2 Mar 2011 21:39:51 +0000 (15:39 -0600)]
DAFS: Clear salvage stats on VOL_DONE
When we VOL_DONE a volume, the volume has been deleted, so the salvage
stats/information are no longer relevant. Clear them out, so we don't
think the volume is still salvaging.
Andrew Deason [Wed, 2 Mar 2011 21:02:40 +0000 (15:02 -0600)]
DAFS: Allow LEAVE_OFF for DELETED volumes
When a volume is VOL_STATE_DELETED, it effectively does not exist to
other programs over FSSYNC. So, do not prevent someone from issuing a
FSYNC_VOL_LEAVE_OFF for a VOL_STATE_DELETED volume.
Andrew Deason [Wed, 2 Mar 2011 20:10:33 +0000 (14:10 -0600)]
vol-salvage: calloc volume summary structs
Calloc volume summary structs instead of malloc'ing them, in
vol-salvage.c. This way, new fields added to struct VolumeSummary will
be known to be zeroed by default, without needing to update all of the
allocating callers.
Andrew Deason [Thu, 3 Mar 2011 22:02:47 +0000 (16:02 -0600)]
viced: Check vnode length on read and write
When reading or writing a file vnode, check that the length of the
vnode in the vnode index matches the size of the on-disk file
containing the data for the file. If it does not match, take the
volume offline (and for DAFS, demand-salvage it).
Andrew Deason [Wed, 2 Mar 2011 19:12:25 +0000 (13:12 -0600)]
Give a default reason in *sync-debug
If no -reason is given for fssync-debug calls, we currently just
transmit garbage to the fileserver or salvageserver. Instead, give a
default (the *_WHATEVER constant), so we do something consistent.
Simon Wilkinson [Tue, 1 Mar 2011 14:01:46 +0000 (14:01 +0000)]
ptuser/hpr: Don't check for a KeyFile
ptuser and viced's hpr were checking for a KeyFile before calling
ClientAuthSecure. If a KeyFile doesn't exist, then they would display
a warning message, and use an rxnull connection.
However, ClientAuthSecure will return a rxnull connection if it can't
find a KeyFile. So, simplify all of this to just use ClientAuthSecure,
which knows better than we do what keys are usable and which aren't.
Simon Wilkinson [Tue, 1 Mar 2011 13:59:19 +0000 (13:59 +0000)]
ptserver: Always set up Ubik security
ptserver was checking for the existence of a suitable KeyFile before
setting up Ubik's security classes. This is uneccessary, because the
behaviour of the afsconf_* functions when a KeyFile doesn't exist
is the same as Ubik's default mechanisms.
So, simplify (and future proof) the code by removing the KeyFile check.
libafscp provides the ability to accomplish many of the functions of an AFS
client without a running afsd cache manager. It is being introduced into
the OpenAFS source tree in order to improve the capabilities of several
utilities but may have additional benefits for testing clients and servers
and for use on platforms which do not have afsd support.
Simon Wilkinson [Tue, 1 Mar 2011 00:11:01 +0000 (00:11 +0000)]
volser: Rename putshort and putint32
dumpstuff.c defines macros for putshort and putint32. However, the
name 'putshort' conflicts with a macro defined on Linux in resolv.h
(which is included by roken.h)
Just rename putshort to afs_putshort and putint32 to afs_putint32 to
solve this problem
projects / packages / o / openafs.git / log