Michael Meffie [Thu, 7 Jun 2012 16:58:54 +0000 (12:58 -0400)]
libafs: use afs_ResetVCache in flush volume data
Remove some code duplication by using afs_ResetVCache
in the flush volume data pioctl. Adds a flag to
ResetVCache to avoid unneeded calls to purge dnlc
when reseting all the vcaches in a volume.
Adds freeing of vcache link data in the flush volume
data pioctl.
Andrew Deason [Mon, 1 Nov 2010 20:34:26 +0000 (15:34 -0500)]
Cleanup VOffline log message for non-DAFS
Commit fd592c7674d4aa44dda90998b54d7b56947f6ed8 fixed the 'Volume X
(Y) is now offline' message for DAFS, but the same problem persists
for non-DAFS. Fix the non-DAFS case.
Andrew Deason [Thu, 3 Feb 2011 22:11:38 +0000 (16:11 -0600)]
volser: Do not reset copyDate in ReClone
When we ReClone in the volserver, do not reset the clone's copyDate to
the current time. If we retain the copyDate between ReClone
operations, then we can know when the clone was first created (and
thus makes local RO clones more consistent with remote RO sites).
Simon Wilkinson [Thu, 19 May 2011 17:19:29 +0000 (18:19 +0100)]
vlserver: Use correct base value when replacing
When we're removing existing address entries the code calculates
a base and index value for each entry that we're removing an address
from. However, it then _uses_ a previously calculated base value,
with the new index. This works fine if the old base and the new base
match, but if they don't, chaos will ensue.
Andrew Deason [Fri, 21 May 2010 20:54:33 +0000 (15:54 -0500)]
vlserver: Access cache via vl_ctx
The vlserver application-level ubik cache (which consists of
HostAddress, ex_addr, and cheader) is currently being accessed via
global variables everywhere. Instead, access these via the new vl_ctx
struct that is passed to functions during a transaction, so we have
the ability to modify the cache without making all changes visible as
we change it.
Andrew Deason [Fri, 21 May 2010 16:12:50 +0000 (11:12 -0500)]
vlserver: Add a struct for trans-specific data
Instead of passing a ubik_trans pointer to many functions inside the
vlserver, pass a vlserver-defined vl_ctx struct, so we can add new
things to keep track of in a transaction that are not part of ubik.
Andrew Deason [Wed, 12 Dec 2012 22:14:55 +0000 (16:14 -0600)]
LINUX: Avoid multiple d_invalidate loops
Currently, in afs_linux_lookup, we put an artificial limit on how many
times we loop through all dentry aliases, trying ti d_invalidate all
of them. Instead of using an arbitrary limit, we can just go through
all of them once, by using d_prune_aliases. This should be faster, and
removes some of the logic required here.
Note that this does remove our check for DCACHE_DISCONNECTED in each
alias' d_flags. This should not be a problem, since we will still use
any remaining DCACHE_DISCONNECTED dentry via d_splice_alias if one
still exists.
Reviewed-on: http://gerrit.openafs.org/8751 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 370aaaeafa43f804b0a5286d92b4ec5f1ccb62be)
Change-Id: I1aa70afe8268852c676f241e0189bc010ad757aa
Reviewed-on: http://gerrit.openafs.org/9288 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de> Tested-by: BuildBot <buildbot@rampaginggeek.com>
Andrew Deason [Thu, 4 Oct 2012 20:49:56 +0000 (15:49 -0500)]
DAFS: VRS_r with VOL_SALVAGE_NO_OFFLINE in attach2
One caller of VRequestSalvage_r in attach2 was not passing the
VOL_SALVAGE_NO_OFFLINE flag. This really should be passed for every
place that manually sets vp->nUsers = 0, since then the VPutVolume_r
handlers will never fire.
Anders Kaseorg [Tue, 23 Jul 2013 18:37:26 +0000 (14:37 -0400)]
volume_inline.h: Down with assert, again
Commit 34767c6a0f914960c9a1efabe69dd9c312a2b400 replaced all assert
calls in this file with osi_Assert, but shortly thereafter, commit db6ee95864a8fc5f33b7e95c19c8ff5058d37e92 added VTimedWaitStateChange_r
with two new assert calls. These are precarious in a public header;
fix them to osi_Assert like the ones in VWaitStateChange_r.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Reviewed-on: http://gerrit.openafs.org/10094 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 30fa9480dd99ed93fa642dd8ce9746760fb42180)
Change-Id: Id0bc0e75de000cf3e4133aaf31f52d9a565c8d9f
Reviewed-on: http://gerrit.openafs.org/10095 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Mark Vitale <mvitale@sinenomine.net> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Thu, 1 Nov 2012 16:51:42 +0000 (11:51 -0500)]
afs: Handle easy GetValidDSlot errors
Many callers of GetValidDSlot currently assume they will always get
back a valid dcache, and will panic on getting NULL. However, for many
of these callers, handling the NULL case is quite easy, since the
failure to get a dcache can just result in an error directly, or
obtaining the dcache is best-effort or just an optimization.
This commit just handles the "easy" cases; some other callers require
more complex handling.
Andrew Deason [Wed, 31 Oct 2012 20:04:55 +0000 (15:04 -0500)]
afs: Make last_error always useful
Currently we record last_error as the last getuerror() we got when
failing to read in a slot in UFSGetDSlot. For kernels that do not have
getuerror(), this variable is currently useless, and we do not record
anywhere what the last error received was (besides logging it via
afs_warn).
So, for non-uerror, just record what 'code' we got, so we at least
have something.
Andrew Deason [Thu, 22 Mar 2012 22:54:12 +0000 (17:54 -0500)]
salvager: Trust inode-based special data over OGM
Currently the salvaging code looks for special inodes, and infers the
volume id and inode type from the OGM data in each special inode file.
However, we can already derive this information from the inode number
itself for the special inode, so if they disagree, use the values
based off of the inode number and correct the OGM data.
The inode number should be more likely to be correct, since that is
how we look up the special inode from the header when attaching the
volume. It is also impossible to get special inode files with the same
name, so this ensures we don't get duplicates. And for people that go
snooping around /vicepX/AFSIDat even though we tell them not to, it
seems more likely that they go around 'chmod'ing or 'chown'ing rather
than 'mv'ing.
This change avoids an abort in the salvaging code when the OGM data is
wrong. If we trust the OGM data when it is incorrect, we assume the
special inode file is for a different volume. So when we go to
recreate one of the special files for the volume we're actually
working with, the IH_CREATE fails (from EEXIST) and so we abort.
Andrew Deason [Fri, 23 Mar 2012 18:02:22 +0000 (13:02 -0500)]
namei: Abstract out OGM functions a bit more
Add GetWinOGM and SetWinOGM for getting and setting the
Windows-equivalent of the Unix OGM data. Make those and CheckOGM use
GetFileTime/SetFileTime so we can operate just via an FD_t, without
needing the full pathname. Modify the NT namei_icreate to use
SetWinOGM.
Andrew Deason [Wed, 31 Jul 2013 20:58:41 +0000 (15:58 -0500)]
budb: Do not use garbage cellinfo
If the -servers option is given, we never initialize cellinfo or the
clones array. So, don't give the cellinfo structure or the clones
array to ubik in that case, or we may crash or do other weird things.
This issue appears to have been introduced in commit fc4ab52e.
Michael Meffie [Mon, 10 Dec 2012 23:00:25 +0000 (18:00 -0500)]
xstat: length check cm call info
Define the cm xstat function call counters with an xmacro to avoid
duplicating the list of cm function names. This obviates the need
to update xstat_cm_test.c when new function names are added to the
cm xstat collection id 0.
Check the number of returned records when printing the function call
counts to avoid over-running when a newer xstat_cm_test client
receives data from an older cm.
Reviewed-on: http://gerrit.openafs.org/8741 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 09c0484fd8878797957f7ff5936c542a0f6332c4)
Change-Id: I622a4f16cbb102962199f26e5431b04ea381d5fe
Reviewed-on: http://gerrit.openafs.org/9065 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Tue, 2 Oct 2012 19:38:20 +0000 (14:38 -0500)]
afs: Avoid tracking file locks for RO volumes
Advisory file locks for RO volumes don't make a lot of sense, since
there are no possible writes to worry about. The fileserver already
does not track these, so don't even bother processing them in the
client.
Simon Wilkinson [Tue, 19 Feb 2013 17:53:11 +0000 (17:53 +0000)]
libafscp: Actually return callback from FindCallback
Fix FindCallback so that it actually returns the callback that it
found. This requires changing the function prototype so that the
third parameter is passed by reference, and updating the single
call site.
Mark Vitale [Fri, 21 Dec 2012 22:56:14 +0000 (17:56 -0500)]
dafs: preattach should wait for exclusive states
In rare circumstances an FSYNC_VOL_ON operation may fail silently,
leaving the volume in its previous state. The only clue is a FileLog
message "volume <nnnn> not in quiescent state".
This is caused by a race condition in the volume package: an
FSYNC_VOL_ON operation is attempting to preattach a volume
(in VPreAttachVolumeByVp_r()) at the same time a fileserver RPC
(e.g. FetchStatus) is detaching the volume (in VReleaseVolumeHandles_r())
at the conclusion of attach2() logic.
The fix calls VWaitExclusiveState_r() before calling
VPreAttachVolumeByVp_r().
Change-Id: Ib66859381d29311fda3e08984dcb740eadafb340
Reviewed-on: http://gerrit.openafs.org/8814 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 1f891b622e9b32a068082087eae9d787057f7f00)
Reviewed-on: http://gerrit.openafs.org/9070 Reviewed-by: Mark Vitale <mvitale@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Change-Id: I8570370905fa4c3bbdd72f5535329cfab5bebf1a
Reviewed-on: http://gerrit.openafs.org/10121 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: Jonathan A. Kollasch <jakllsch@kollasch.net> Reviewed-by: Jonathan A. Kollasch <jakllsch@kollasch.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Thu, 27 Jan 2011 19:13:21 +0000 (13:13 -0600)]
afscp: Fix -s option for writes
When writing to AFS with afscp, the -s option was sleeping before any
StoreData RPCs actually got issued to the fileserver. Move the sleep
to after we have done one rx_Read/rx_Write, so we sleep after starting
to contact the fileserver, to make sleeping while writing more
consistent with sleeping while reading.
Andrew Deason [Wed, 10 Nov 2010 21:35:17 +0000 (15:35 -0600)]
afscp: Add -s option
Add an -s option to afscp, to specify an amount of time to sleep in
the middle of a read or write operation. This can be helpful in
simulating a slow client.
Michael Laß [Sun, 14 Jul 2013 19:31:27 +0000 (21:31 +0200)]
Use -nofork when starting bosserver via systemd
Systemd does not expect the started process to fork unless
"Type=forking" is given. Use -nofork to run BOS in foreground and allow
systemd to track its state.
Reviewed-on: http://gerrit.openafs.org/10087 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Mark Vitale <mvitale@sinenomine.net> Tested-by: Michael Laß <lass@mail.uni-paderborn.de> Tested-by: Ken Dreyer <ktdreyer@ktdreyer.com> Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
(cherry picked from commit e2d458c11956af6fe721f7151487cb19f07ac16f)
Change-Id: I2b66ca126dbda6c2c616d74b571908c57d1e86e4
Reviewed-on: http://gerrit.openafs.org/10093 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Fri, 8 Feb 2013 23:24:28 +0000 (17:24 -0600)]
afs: Avoid SetupVolume panic
Currently SetupVolume panics if it cannot successfully read a
volumeinfo entry from disk. Try to return an error instead, so we
don't panic the machine.
Reviewed-on: http://gerrit.openafs.org/9094 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 6f7ae535bbac2a5376358801b7f2c9e072f2d141)
Change-Id: Ib8ea06192bfcd6c2111444db325abc4a90190bbc
Reviewed-on: http://gerrit.openafs.org/9131 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Fri, 8 Feb 2013 23:26:32 +0000 (17:26 -0600)]
afs: Move SetupVolume tv initialization after loop
The fields in tv are not used by the loop looking for the given volume
on disk. If we wait until after that loop to initialize the fields in
tv, it is easier to handle errors encountered in the loop.
This should incur no functional change.
Reviewed-on: http://gerrit.openafs.org/9093 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 8f95dc9eb92cb31f9d29eb87daac747f53b5a1cc)
Change-Id: I65f3b647017aebacf28026a648c75b2d279c768e
Reviewed-on: http://gerrit.openafs.org/9130 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Wed, 2 Jan 2013 19:09:06 +0000 (14:09 -0500)]
afs: Check dv against localhero aincr
For operations that modify directories, we call afs_LocalHero to
determine if we can perform the directory modification in our local
cache, and avoid fetching the dir blob from the fileserver. Currently,
afs_LocalHero assumes that the DV received from the fileserver is
correct, and will update the cache DV as long as we have a valid
callback on the file.
If for any reason the client cache falls out of sync with what's on
the fileserver, this can cause the client to incorrectly believe its
cache is up to date. Since, the cached data will be marked with the
newest DV, even if the DV on the server has jumped to be larger than
we expected.
While the client cache should never fall out of sync with the
fileserver, in the past this has been possible due to other bugs
(fileserver idle dead processing and client VNOSERVICE handling).
Assuming that the given DV is correct is also just unnecesarily
fragile, since we can always check if it is correct, so just check it,
and add some comments helping explain what's going on here. Note that
regular file writes effectively already check this.
Note that this change makes use of the 'aincr' argument to
afs_LocalHero, which was previously unused. aincr appears to have been
used for a purpose similar to this before OpenAFS 1.0, but was
removed, possibly accidentally.
It is possible this change negatively affects, or even breaks
(unlikely), functionality with the AFS<->DFS translator. Although
nothing of the sort has been seen, it is difficult to know one way or
the other, due to the lack of available DFS translators.
Marc Dionne [Mon, 8 Jul 2013 14:53:00 +0000 (10:53 -0400)]
Linux 3.11: Convert from readdir to iterate file operation
Convert the readdir function so that it can be used as the new
"iterate" file operation. This new operation is passed a context
that contains a pointer to the filldir function and the offset.
The context is passed into the new dir_emit function that will
call the function specified by the context.
The new dir_emit function returns true on success, so we must be
careful about how we check for failure since this is different
behaviour from what filldir currently does.
Andrew Deason [Wed, 10 Jul 2013 17:52:28 +0000 (12:52 -0500)]
Reload rxkad.keytab on CellServDB modification
Make the reloading of rxkad.keytab keys occur in the same way that
KeyFile keys are reloaded. That is, we only try to reload them if the
CellServDB mtime has changed. This is intended to have exactly the
same reloading behavior as KeyFile reloads.
I would have triggered this from afsconf_Check, but that approach
has annoyances. (Calling ticket5_keytab functions directly from
cellconfig pulls in libkrb5 dependencies for everything that uses
cellconfig, and we'd have to trigger an afsconf_Check call by calling
some other cellconfig function.)
Andrew Deason [Mon, 10 Jun 2013 22:49:12 +0000 (17:49 -0500)]
Avoid calling afsconf_GetLatestKey directly
Don't call afsconf_GetLatestKey to determine whether we can print our
own local tokens, since we may have keytab 'local' keys, but no DES
keys. Just try to construct them and see if it fails, using
afsconf_PickClientSecObj or afsconf_ClientAuth{,Secure} as
appropriate.
Andrew Deason [Mon, 10 Jun 2013 22:15:27 +0000 (17:15 -0500)]
auth: Do not always fallback to noauth
Make afsconf_PickClientSecObj error out if we can't construct
localauth tokens (unless the caller explicitly requested rxnull
fallback). afsconf_ClientAuth{,Secure} still falls back, as always.
Ben Kaduk [Tue, 14 May 2013 23:37:59 +0000 (19:37 -0400)]
Clean up akimpersonate and use for server-to-server
Since a6d7cacfd, aklog has been able to print a krb5 ticket to
itself for an arbitrary client principal, allowing a user with
access to the cell's krb5 key to get tokens as an arbitrary user.
Now that it is possible to use native krb5 tickets with non-DES
enctypes for authentication, and akimpersonate is available from libauth,
use printed native krb5 tickets for server-to-server communication (as well
as the -localauth versions of the client utilities).
Remove the early call to afsconf_GetLatestKey() in
afsconf_PickClientSecObj() so that we do not end up picking an old DES
key before we try to find a better key to use.
Before doing so, refactor the akimpersonate code to be more usable
and readable, and eliminate some dead code. For example, we always printed
addressless tickets, so that code could be removed. Other code had excessive
stack usage for a library routine, which is eliminated. Use a start time
of 0 instead of 300 so that the printed ticket will always be
detected as infinite-lifetime.
In order to ensure usability on all platforms (in particular Solaris),
provide a couple more compat shims to implement routines which are not
always available from the krb5 library, in particular encode_krb5_ticket
and encode_krb5_enc_tkt_part. Thanks to Andrew Deason for implementing
these compatability routines.
Give it its own source file and header, install the header at
depinstall time, and have aklog get the akimpersonate functionality
from libauth.
Keep the linux box copyright from aklog_main.c (but strip the trailing
whitespace), as that block was added with the akimpersonate code.
Remove all calls to afs_com_err() as is fitting for library code,
to let it build. Do not bother removing curly braces which are
no longer needed; a future cleanup commit will catch that.
Derive DES/fcrypt session key from other key types
If a kerberos 5 ticket has a session key with a non-DES enctype,
use the NIST SP800-108 KDF in counter mode with HMAC_MD5 as the PRF to
construct a DES key to be used by rxkad.
To satisfy the requirements of the KDF, DES3 keys are first compressed into a
168 bit form by reversing the RFC3961 random-to-key algorithm
New optional rxkad functionality for decypting krb5 tokens
An additional, optional mechanism for decrypting krb5-format tokens
is provided that uses the krb5 api with a key from a keytab
instead of using libdes and the AFS KeyFile.
The AIX compat stub for krb5_c_decrypt is contributed by Andrew Deason.
Add rxkad server hook function to decrypt more types of tokens
Allow tokens to be encrypted with algorithms other than DES.
The security object owner must provide an implementation
by calling rxkad_SetAltDecryptProc.
Make sure plainsiz is initialized before calling the alternate decrypt
proc.
OpenBSD 5.3: Replace use of copyinstr for setting mount point name.
As a result of a realignment of kernel memory in OpenBSD 5.3,
the copyinstr() routine no longer works for copying the mount
point name into the internal mount table structure. It also
fails silently, so it's not noticed until someone looks at
the mount table and discovers that the mount point name for
AFS is missing.
This patch replaces the use of copyinstr() with strlcpy() for
copying the mount point name in OpenBSD 5.3.
Note that this is consistent with how other similar device
support has addressed the same issue in OpenBSD 5.3.
Anders Kaseorg [Tue, 7 May 2013 04:27:33 +0000 (00:27 -0400)]
Linux: osi_TryEvictVCache: Don’t skip the first dentry if D_ALIAS_IS_HLIST
An hlist doesn’t begin with a sentinel like a list does, so the old
code would skip the first dentry or crash with a NULL dereference if
there wasn’t one. Use the kernel’s list_for_each_entry or
hlist_for_each_entry macros instead of trying to do it manually.
Should fix a crash observed by Alex Chernyakhovsky on kernel 3.6 and
newer.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Reviewed-on: http://gerrit.openafs.org/9857 Reviewed-by: Alex Chernyakhovsky <achernya@mit.edu> Tested-by: Alex Chernyakhovsky <achernya@mit.edu> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit ad6e31d5fea221bf5eefcd35a416667bc7c1f9be)
Change-Id: Id8b31246067b5a718af91c8c206d5abd5210c558
Reviewed-on: http://gerrit.openafs.org/9898 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Thu, 28 Mar 2013 18:03:40 +0000 (13:03 -0500)]
afsio: Pass KRB5_LDFLAGS along with KRB5_LIBS
We need this in case e.g. the krb5 library we're using is in an
alternate location, so we can pass -L. aklog already does this, so do
it for afsio, too.
This is a 1.6-only change. On master, this problem went away when the
krb5 ldflags/cflags/etc were standardized in commit 6f9443e702745d1e371eb72ad7fcba5cac47f3db.
Thanks to MÃ¥ns Nilsson for reporting this.
Change-Id: I79aeb1f4de123b7550b64c1890a2773a44ff8d1e
Reviewed-on: http://gerrit.openafs.org/9692 Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Ken Dreyer [Wed, 1 May 2013 03:59:32 +0000 (21:59 -0600)]
doc: quote list items in POD
Recent versions of Pod::Simple complain if we use integers or other
special characters in an =item list. We have a couple bulleted lists
that happen to have integers or other special characters as the list
values. Quote the items with C<> so that Pod::Simple can correctly parse
them again.
Andrew Deason [Tue, 30 Apr 2013 19:37:54 +0000 (14:37 -0500)]
afs: Do not invalidate all dcaches on startup
Commit 20b0c65a289e2b55fb6922c8f60e873f1f4c6f97 changed
afs_UFSGetDSlot to always treat a dslot entry as invalid if
'datavalid' was 0. This was to force the invalidation of the given
dslot if we were reading in a dslot from the free or discard list,
since the data in that dslot is not valid.
However, 'datavalid' is also 0 when we read in dcache entries from
disk on startup. So, this means that we invalidated all cache entries
when the client started up, effectively making our persistent cache
worthless.
Fix this by only forcing this invalidation when we are reading from a
free or discarded dcache, and not during the initial cache scan. That
is, when 'indexvalid' is 1, and 'datavalid' is 0.
The parameters for these Get*DSlot variants should maybe be changed to
be a little more clear, but for now, this is a targeted fix for this
specific issue.
FIXES 131655
Reviewed-on: http://gerrit.openafs.org/9833 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 479c34614f33859131258e330e7a3f8494e0bc80)
Change-Id: I72b7ad41658c51b81aa9844327372724a0f3151e
Reviewed-on: http://gerrit.openafs.org/9837 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Tested-by: Stephan Wiesand <stephan.wiesand@desy.de> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Fri, 29 Mar 2013 18:40:41 +0000 (13:40 -0500)]
Make ihandle sync behavior runtime-configurable
The actual behavior of FDH_SYNC has changed a bit over the years, and
some people want one behavior, and some want another. Make it possible
to make this choice at runtime with the new -sync option, instead of
making this decision by running with different patches.
Note that FDH_SYNC is not a macro anymore, nor is it an inline
function. While it could be a macro, it would look a bit complex, and
there are some oddities with trying to use vol_io_params inside the
FDH_SYNC expansion (vol_io_params is not declared for LWP, for
example). And having it be an inline function causes problems with
some odd linking dependencies. For example, vlib.a contains volume.o,
but does not contain a definition for DFlushVolume (dir/buffer.c),
which is referenced in volume.o. 'vos' uses vlib.a, but does not
bring in anything that defines DFlushVolume. Currently this appears to
not cause a problem because 'vos' uses nothing from volume.o, so the
dependencies of volume.o don't matter. Adding an inline FDH_SYNC for
platforms that don't support 'static inline' would add a dependency to
volume.o (via vol_io_params), which causes an error for the lack of a
DFlushVolume.
Those are possibly just some problems, and may not be all. So instead,
make it so we don't have to deal with that and just have a normal
function. While FDH_SYNC may be called in a performance-critical
section, the overhead of a real function call is nowhere near the
delay of an actual fsync(), so presumably any overhead doesn't matter.
Reviewed-on: http://gerrit.openafs.org/9694 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit eb5190eb4a7cd95166866a89e0a8f3a69bbc6e8f)
Change-Id: I7a6c99d00eff3400423440db91a350053ed099ea
Reviewed-on: http://gerrit.openafs.org/9695 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Wed, 17 Apr 2013 23:04:58 +0000 (18:04 -0500)]
LINUX: Sometimes let dentry_open handle refcounts
When Linux changed dentry_open to use a 'path' argument, they also
changed it so dentry_open handles incrementing the relevant ref
counts. So now, sometimes we need to inc the dentry and vfsmount
refcounts ourselves, and sometimes we need to leave them alone.
To accommodate this, change afs_dentry_open to also handle refcounting
itself, and 'get' the given dentry and vfsmount if necessary.
Also note that currently, afs_linux_raw_open can call afs_dentry_open
twice in the case of an error, but it does not dget(dp). This means
that dp could be undercounted, since dentry_open on older kernels will
dec the refcount on the given dentry in the case of an error. This
change should also fix this so dp is not undercounted in that case.
FIXES 131613
Reviewed-on: http://gerrit.openafs.org/9801 Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net>
(cherry picked from commit e31240732cbe449fedea5095037ac08d1d513fa9)
Change-Id: I082063d324d99c3d02ed372a1c20462f13bb4a26
Reviewed-on: http://gerrit.openafs.org/9803 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
OpenBSD: Add config headers for new(er) OS versions.
The OS-specific config header files have not kept up with the
newer releases of OpenBSD. This patch corrects that by adding
header files for OpenBSD versions from 4.9 to 5.3 (the newest
version currently under development).
Reviewed-on: http://gerrit.openafs.org/8927 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 20a54b02521b40b07e4ec87df55a1e9a2549c881)
Change-Id: I9ee66dbba300d5a68bc294a14dd9463441143371
Reviewed-on: http://gerrit.openafs.org/9661 Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de> Tested-by: BuildBot <buildbot@rampaginggeek.com>
Andrew Deason [Tue, 20 Nov 2012 21:00:15 +0000 (15:00 -0600)]
ubik: Do not count votes from error'd connections
If the given connection has a connection-wide error on it, the vote we
got from that site is probably not valid, and we could easily be
interpreting an error code as a vote time. So instead, treat the host
as if we got a network error from it.
Andrew Deason [Tue, 20 Nov 2012 20:18:47 +0000 (14:18 -0600)]
ubik: Try to detect VOTE_Beacon errors
Currently the way ubik dbsites vote for each other is via the "return
value" of the Beacon VOTE RPC. Since this is really an Rx abort, this
can easily collide with actual errors on the wire, such as rxkad
errors.
Try to detect these by detecting vote times that are very different
than the current timestamp (more than an hour in the future or past),
and treat it like a network error.
If we do not do this, a single site reporting an error can cause us to
never reach quorum, since we calculate our sync site expiration based
on the oldest 'yes' vote, which for most known Rx aborts will be far
in the past.
Jeffrey Altman [Fri, 15 Mar 2013 03:27:25 +0000 (23:27 -0400)]
vol: remove duplicate stmp declaration
Patchset 38cf31463e3f3c675de727c1e793e117a90e6d20 added a definition of
afs_ino_str_t stmp which should have replaced the b64_string_t stmp
declaration that was already present.
Andrew Deason [Wed, 3 Apr 2013 21:39:07 +0000 (16:39 -0500)]
vos: Restore some VNOVOL error messages
Many places in vos/vsprocs have code to delete a volume. Commit f4e73067cdef990262c69c38ac98761620a63f25 tried to refactor them by
consolidating the common "delete" code into DoVolDelete. However, not
all of the removed code had exactly the same behavior, and some of
these variants were not handled by DoVolDelete.
One such variation is that DoVolDelete always printed an error message
if the target volume did not exist. But for some call sites this
condition is not an error, and prior to the refactoring they did not
print such an error message. Commit 1092cbe34fc8519826b3fa0565505b7bd81bc922 tried to correct this by
suppressing the error message if the target volume does not exist.
However, this means that all DoVolDelete calls do not print such an
error, where some should and some should not print an error. This
means that in some edge cases when we encounter an unexpected VNOVOL
error, we now skip printing the specific error we got and instead go
right to cleanup/recovery/exit. For a few other cases, we used to
print an error and continue (because it is a non-fatal error or a
warning), but now we print nothing when we encounter a VNOVOL error.
Fix this by specifically printing an error for the VNOVOL error for
DoVolDelete call sites that used to print such an error. Do this for
all such sites except ones where we obviously print an error
immediately afterwards anyway.
This is just a quick targeted fix. A future more robust fix should
involve altering DoVolDelete to handle all of the different behaviors
expected by its various callers.
Reviewed-on: http://gerrit.openafs.org/9704 Reviewed-by: Mark Vitale <mvitale@sinenomine.net> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 0a063815cc27ed065bcc9e4a91fb3a7b280818bb)
Change-Id: Ia333b2257b9fdc39f7bcc9ba8ed3c98254d2e76a
Reviewed-on: http://gerrit.openafs.org/9770 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Mark Vitale <mvitale@sinenomine.net> Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Mark Vitale [Thu, 7 Mar 2013 14:34:55 +0000 (09:34 -0500)]
vos: noise messages when attempting to delete non-existent volume
With vos refactor commit f4e73067cdef990262c69c38ac98761620a63f25,
some formerly conditional volume deletes are now unconditional.
This regresses 'vos move' output with harmless "error" messages
when AFSVolTransCreate() returns VNOVOL:
"Failed to start transaction on <volume>"
"Volume not attached, does not exist, or not online"
Modify DoVolDelete() to return early (and silently) with VNOVOL
in this case, allowing the caller to handle this appropriately.
Marc Dionne [Sat, 22 Dec 2012 12:54:54 +0000 (07:54 -0500)]
Rework set_header_word macros
Rework the set_header_word macros so that all compilers are
happy:
- the use of offsetof() is avoided, as it has an issue on IRIX
when the result is not constant
- the assignment within the macro is explicitely sequenced before
the function call to avoid a gcc sequence-point warning
Reviewed-on: http://gerrit.openafs.org/8816 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 7f96084969d3082842a9575ee8ff7da8c52a0796)
Change-Id: Iefdf7f6dbb60ffc569b67b3c89893fb43527eb02
Reviewed-on: http://gerrit.openafs.org/8818 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Wed, 19 Dec 2012 00:49:49 +0000 (18:49 -0600)]
viced: Sanity check file link count during CoW
A few ihandle bugs in the past have caused the CopyOnWrite code to
open cached file handles for files which have been deleted. When we
CoW, both of the files we're dealing with had better actually be on
disk, so bail out and flag an error if either of them appear unlinked.
Andrew Deason [Fri, 21 Dec 2012 18:30:24 +0000 (12:30 -0600)]
ihandle: Add FDH_ISUNLINKED
Add the FDH_ISUNLINKED functionality to ihandle. This lets the caller
know if the file for the underlying file descriptor has been deleted
out from under us. This is useful for sanity checks in some callers.
Reviewed-on: http://gerrit.openafs.org/8838 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 9cf9a0e978ece2b0afb8ba5947455f307a424cab)
Change-Id: If5cde825a2e7413c47409c69f15507d6df1934c3
Reviewed-on: http://gerrit.openafs.org/9507 Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de> Tested-by: BuildBot <buildbot@rampaginggeek.com>
Andrew Deason [Fri, 14 Dec 2012 21:05:53 +0000 (15:05 -0600)]
volser: Check vnode length on dump
Commit aadf69eabb1962496fa93745ab560a5b48cacd61 adds length checks on
vnodes during fileserver read/write operations. Do the same thing when
we dump volume data from the volserver, to ensure that we don't
transmit incorrect data e.g. to other RO sites when releasing.
Andrew Deason [Wed, 28 Nov 2012 21:12:12 +0000 (15:12 -0600)]
afs: Apply VLRU safety check for Linux too
This invariant should apply to all platforms, not just those with
dynamic vcaches. Since this prevents an infinite loop if the list os
corrupt or something, having this around everywhere seems useful. So,
drop the check for afsd_dynamic_vcaches.
Simon Wilkinson [Mon, 3 Jan 2011 10:40:56 +0000 (10:40 +0000)]
autoconf: Tidy up header includes
Tidy up our list of header includes so it's easier to see what
we're testing for. The list is now one-per-line, in alphabetically
sorted order.
Note that this won't affect our use of the default include set, as
autoconf will already have tested for all of those before it starts
this CHECK_HEADERS run.
Simon Wilkinson [Wed, 3 Apr 2013 11:09:03 +0000 (07:09 -0400)]
fix garbage counters in supergroup prdb_check
This is a backport of one hunk of commit 9efc255ab8de7ad90c7d599fea7bd1956bfd48c2, where a calloc fixes an
incorrectly sized memset. The original memset clears the size of the
pointer, not the sizeof the structure.
Change-Id: I40250e0346345fe9b4b43d14e76ea5fb23c8c04b
Reviewed-on: http://gerrit.openafs.org/9701 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Andrew Deason [Tue, 26 Mar 2013 18:27:33 +0000 (13:27 -0500)]
aklog: Only try to use krb5-weak.conf if it exists
The logic we use for using krb5-weak.conf to allow 'weak crypto'
requires us to know where the default krb5.conf is. The default
krb5.conf local can vary significantly depending on the platform, and
we don't have a good way of figuring out what it is, so we guess. We
may guess wrong.
To limit the cases where we guess wrong, only try to do this
workaround if the krb5-weak.conf file actually exists.
Andrew Deason [Tue, 26 Mar 2013 18:14:30 +0000 (13:14 -0500)]
aklog: Search for /etc/krb5/krb5.conf
aklog tweaks the KRB5_CONFIG environment var when performing one of
our 'weak crypto' workarounds. We assume that the default krb5.conf is
/etc/krb5.conf, but for Solaris 11 libkrb5, krb5.conf is in
/etc/krb5/krb5.conf. Although this file could be anywhere, try
/etc/krb5/krb5.conf too, so we at least work on stock Solaris.
Andrew Deason [Thu, 22 Dec 2011 03:00:12 +0000 (22:00 -0500)]
afsd: Parse cacheinfo during argument parsing
Currently we parse cacheinfo in afsd_run, when the client is
initialized and started. Parsing cacheinfo can change
afsd_cacheMountDir, however, which may be of interest to afsd.o users;
in particular, libuafs exposes this via uafs_MountDir(). This means
that if a mount dir is not explicitly specified in the libcmd
arguments to afsd, a libuafs-using program will see the mountpoint as
the empty string if it is queried after afsd_parse but before
afsd_run. For afsd.fuse, this causes the cryptic error message:
fuse: bad mount point `': No such file or directory
since the mountpoint is the empty string if it is not specified
explicitly on the command line.
To fix this, move cacheinfo parsing to effectively near the end of
afsd_parse, so the mountpoint is calculated in afsd_parse().
Simon Wilkinson [Wed, 27 Feb 2013 10:34:59 +0000 (10:34 +0000)]
ubik: Avoid unlinking garbage
If SDISK_SendFail fails before the pathname to the temporary file
has been constructed, then the failure handler will unlink stack
garbage, with variable results.
Initialise the string, and check to see if it has contents before
calling unlink
Marc Dionne [Sat, 29 Jan 2011 17:48:02 +0000 (12:48 -0500)]
ubik: cleanup DB lock usage in SDISK_SendFile
Some failure paths can return from SDISK_SendFile with the
database lock still held. Other failure paths will cause
setlabel to be called without holding the lock.
Rework the failure paths so we always release the DB lock before
returning, and always hold it when calling setlabel.
Andrew Deason [Fri, 18 May 2012 21:55:09 +0000 (17:55 -0400)]
afs: Do not avoid DNLC if fakestat is set
Currently in afs_lookup we avoid putting an entry in the DNLC if
'force_eval' is unset, in order to avoid populating the DNLC with
mountpoint symlinks (we want the target of the mountpoint to be in
there instead, the root dir). However, if -fakestat or -fakestat-all
are enabled, 'force_eval' is always false, since we only set it to
true under certain circumstances when evaluating mountpoints.
To fix this, populate the dnlc for non-mountpoints, even if force_eval
is unset.
Andrew Deason [Mon, 18 Jun 2012 22:01:24 +0000 (17:01 -0500)]
cacheout: Perform authenticated RXAFS_FlushCPS
Fileservers may now require RXAFS_FlushCPS calls to be made with
administrator tokens. So, try to make the call with admin tokens, and
provide the usual -noauth and -localauth options.
Andrew Deason [Fri, 28 Dec 2012 18:16:49 +0000 (13:16 -0500)]
viced: initInterfaceAddr_r regardless of ICBS code
Currently we only call initInterfaceAddr_r for a host if a call to
RXAFS_InitCallBackState3 succeeds. However, this leaves the host
without a host->interface structure, which indicates that the host
does not support UUIDs, and is represented by just a single host,port
pair.
But this is not correct; the host probably does have the relevant UUID
associated with it, but it is just not responding. So, with the
current code, we create a uuid-less host structure for a host that
probably has a uuid; that host structure will probably never be used,
and will just get deleted later.
So instead, always call initInterfaceAdd_r. Do it before the ICBS
call, so the host will be findable via UUID as early as possible. If
the ICBS call fails, the host will be marked as 'down' later on.
Andrew Deason [Wed, 29 Aug 2012 19:14:39 +0000 (14:14 -0500)]
LINUX: Detect non-vectorized aio functions
In kernels before 027445c3, the functions generic_file_aio_read and
generic_file_aio_write, as well as the fs operations aio_read and
aio_write, do not deal with iovecs but rather just use a single
buffer. Detect this, so our aio_read and aio_write implementations
have the correct signatures.
This removes several warnings on such kernels.
Reviewed-on: http://gerrit.openafs.org/8020 Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementix.org>
(cherry picked from commit e5ba359f64b5d8d874a31a50694398c17f27cfa1)
Change-Id: I8d8ee81c2bcff2dc85c2ff3e70452a0af5639921
Reviewed-on: http://gerrit.openafs.org/9493 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@your-file-system.com> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
projects / packages / o / openafs.git / log