Simon Wilkinson [Wed, 4 Nov 2009 23:40:39 +0000 (23:40 +0000)]
Prevent VLRUQ race in ShakeLooseVCaches
When ShakeLooseVCaches is called from afs_Daemon, the xvcache lock
is not held. This means that if the GLOCK is dropped for any reason
(for example, whilst purging the dentry cache), then
ShakeLooseVCaches can be raced, end we can end up attempting to
flush the same vcache twice.
The symptoms of this in Linux are that we oops in clear_inode.
Get the xvcache lock in afs_Daemon(), before calling
ShakeLooseVCaches. Also, remove the conditional GLOCK code from
that function. If we don't have the GLOCK on entry, then we're really
in trouble (and both code paths - afs_Daemon and afs_NewVCache should
get the GLOCK for us, anyway)
Simon Wilkinson [Mon, 26 Oct 2009 18:52:52 +0000 (18:52 +0000)]
Remove hardcoded maximum time
When iterating across the buffer list, afs_newslot used a hardcoded
maximum time to find the oldest. Instead of using this, just use the
accesstime of the first unused buffer that we find as the oldest, and
continue as normal.
Sadly, similar changes were never made to afs/afs_buffer.c, so the
same problems remain in the cache manager.
The issue here is with two processes racing in afs_newslot. Calls to
afs_newslot protect buffers with a zero reference count using
afs_bufferLock. If we release afs_bufferLock, before we increase the
reference count of the vcache, then we can end up with newslot
picking the same buffer for two different purposes.
The GLOCK actually protects us from the worst of this, but this fix
is necessary both for correctness, and for symmetry with the file
server buffer code.
Rainer Toebbicke [Fri, 30 Oct 2009 11:10:21 +0000 (12:10 +0100)]
Correct diskused and files when cloning a volume
Recalculates a volume's disk space used and number of files upon
every clone where it is effortless. Even though tracked mostly
correctly, bugs and accidents leave their traces which only a
salvage would correct.
Jeffrey Altman [Tue, 20 Oct 2009 20:16:47 +0000 (16:16 -0400)]
prevent rx peer timeout from reaching 0.0 seconds
The rx peer timeout is computed from the round trip time
calculation. It traditionally has had a lowerbound of 350ms.
The computation in rxi_ComputeRoundTripTime() was incorrect
and instead used 350ms as an upperbound.
rxi_ComputeRoundTripTime() had a second problem wherein if
the actually RTT is shorter than the resolution of the clock
then the RTT would quickly approach 0.0 seconds. Enforce
a lowerbound of 1ms if the RTT for a given packet appears
to be 0.0 seconds.
Andrew Deason [Thu, 15 Oct 2009 18:15:44 +0000 (13:15 -0500)]
Fix a couple more unlink()s in vol-salvage.c
There are a couple more unlink() calls in vol-salvage.c that were using
relative paths. Fix them to use absolute paths and to log a warning if
the unlink() fails.
Claudio Bisegni [Sun, 18 Oct 2009 18:39:21 +0000 (20:39 +0200)]
OpenAFS Preference Pane 64bit and Symbolic Link features implemented.
Now the OpenAFS preference pane is compiled with 32 and 64 bit snowleopard support, so the preference
windows is no more restarted in 32 bit mode.
The tab for symbolic link creation has been implemented. Now the user can create and delete link.
For create a link both name and destination path must be set. AFSBackgrounder has been updated to
manager in a separate thread the link creation and destroy operation, according to the vaule of
checkbox "Enable Symbolic Link" in "Mounts" tab.
Jeffrey Altman [Mon, 5 Oct 2009 18:34:59 +0000 (14:34 -0400)]
Improve accuracy of Rx RTT calculation by skipping retransmitted packets
Rx RTT calculations are based on Van Jacobson's work using
constants that make computations fast but are not necessarily
the best for modeling Rx protocol exchanges. This patch does
not alter the constants but does improve the comments to show
that the math is correct.
Phil Karn in 1987 demonstrated that Van Jacobson's algorithms
produced inaccurate results when the RTT computed from an
acknowledgement of a retransmitted packet were included. The
resulting RTT would either be too small causing the system to
retransmit too many packets or too long resulting in too few
being sent.
This patch follows Phil Karn's advice which was also adopted
as mandatory for TCP in RFC2988. Retransmitted packets and
delayed acks are skipped and the retransmit time is backed off
(up to a maximum of 3 seconds) until a successful acknowlegement
is received for an initially transmitted packet.
Claudio Bisegni [Mon, 5 Oct 2009 11:42:27 +0000 (13:42 +0200)]
OSX Launchd Startup Manage with Preference Pane
OpenAFS preference pane has been updated to manage the new launchd startup mode. Has been delete the custom startup and shutdown file now is user the /Library/OpenAFS/Tools/root.client/usr/vice/etc/afs.rc
OpenAFS.postinstall has been modified to remove the old existing /Library/StartupItems/OpenAFS directory
OpenAFS.pre_upgrade has been modified to shutdown daemon, if it is runnig, and remove the old preference pane to permit the one to be installed
make fileserver avoid salvage loop on init failure
if the vlserver or prserver setup can't succeed, it doesn't indicate
a condition which salvaging is required to fix; instead, come up
and retry in the background.
Andrew Deason [Mon, 21 Sep 2009 17:48:30 +0000 (12:48 -0500)]
Unlink correct files in salvager
Fallout from 0ac956b3384842b3c60e72bde78a4baf58a5877f; a couple of
unlink() calls were not updated to use the absolute path. Update them,
and log errors from unlink(), since otherwise it is difficult to tell
that anything is going wrong.
Andrew Deason [Thu, 27 Aug 2009 17:43:03 +0000 (12:43 -0500)]
Fix cache tracking for small fragsizes
The tracked amount of disk cache used by a client can be incorrect when
afs_fsfragsize is tuned to below 1023. Since we round up to the next
nearest afs_fsfragsize+1 then round down to the kb, if afs_fsfragsize+1
< 1kb, we can undershoot the cache usage.
This enforces afs_fsfragsize to always be at least 1023.
theoretically a user thread can race us during shutdown and end up
panicing us if the soclose happens at the wrong time. if we're shutting down
just return. using afs_shuttingdown would have the side effect that we'd lose
the ability to add any graceful behavior.
Claudio Bisegni [Fri, 28 Aug 2009 19:16:52 +0000 (21:16 +0200)]
Fixed the tokens update and update .gitignore for MacOSX packaging file
Fixed the tokens update on preference pane if operation is made with NSStatusItem.
Has been updated the src/packaging/MacOS/.gitingore for CellServDB file and src/libafs/.gitignore has been added afs.x86_darwin_100.plist.
Claudio Bisegni [Wed, 26 Aug 2009 15:18:37 +0000 (17:18 +0200)]
10.6 update(Workaround for kerberos bug) and cleaning of deprecated function form code
For aklog has been added the workaround for kerberos function KLAcquireInitialTickets that in 10.6 return always error.
First is called KLCacheHasValidTickets for check user ticket presence, if there are no ticket KLAcquireNewInitialTickets will be called for get user credential.
Has been removed also many deprecated api.
Simon Wilkinson [Tue, 18 Aug 2009 21:31:38 +0000 (22:31 +0100)]
Make MacOS installer pane permit dashes
The MacOS installer only permits characters in [0-9A-Za-z] in cellnames.
However, OpenAFS itself will also allow dashes, and they're in use by some
sites.
This trivially amends the installer pane to permit dashes.
Claudio Bisegni [Mon, 3 Aug 2009 17:05:46 +0000 (19:05 +0200)]
Removed user perspectivev3 file in xcode project and update the gitconfig
gitconfig in src/platform/DARWIN/AFSPreference has been modified to ignore the perspectivev3 that is created by xcode for window layout.Has been also delete the file created for the user
Claudio Bisegni [Mon, 3 Aug 2009 14:40:05 +0000 (16:40 +0200)]
Cleaned most warning OSX OpenAFS preference and completed the AFSBackgrounder implementation
At startup the preference pane check for the presence in ~/Library/LaunchAgents of the file it.infn.lnf.network.AFSBackgrounder.plist that. The agent could be started in OpenAFS preference pane view.
AFSBackgrounder has replaced the NSMenuExtra, when it doesn't quit well launchd restart it. AFSBackgrounder can be used also for other work, for now, at login it check the user preference for get token.
Has been made some refactoring in code for remove most warning.
The unused think are been delete from project.
Start coding OSX Backgrounder Application, for OpenAFS Preference Pane, that user NSStatusItem
To prevent future compatibility with osx we must use NSStatusItem instead NSMenuExtra that is not documented api.
For this has been created a background only application that will manage all function managed by current NSMenuExtra
Adam Megacz [Mon, 27 Jul 2009 03:32:07 +0000 (20:32 -0700)]
In rxi_SendPacket[List], down hosts if ENETUNREACH or equivalent
This patch causes rxi_SendPacket[List] to "down" a host if
rxi_Sendmsg() returns -ENETUNREACH (or equivalent). Previous behavior
only did this check if defined(KERNEL) becauase non-defined(KERNEL)
implementations did not return meaningful error codes from
rxi_Sendmsg().
Jeff Altman <jaltman@openafs.org> supplied the logic for the
AFS_NT40_ENV case; I was not able to test this (I do not own a
Windows license) and took him on his word.
Reviewed-on: http://gerrit.openafs.org/59 Reviewed-by: Adam Megacz <megacz@gmail.com> Tested-by: Adam Megacz <megacz@gmail.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit 1ddc7fa920213f9b5455e632bbddf05b866af647)
Change-Id: I1c5bdf8f3216f82f32fcf22f1c47a3a43130e071
Reviewed-on: http://gerrit.openafs.org/945
Adam Megacz [Sun, 19 Jul 2009 18:00:41 +0000 (11:00 -0700)]
Use -errno or WSAGetLastError() as return value from rxi_Sendmsg()
This patch causes the pthread and lwp implementations of rxi_Sendmsg()
to use -errno or WSAGetLastError() as the return value if it is
positive. This is required in order to communicate more meaningful
error conditions to rxi_SendPacket[List], which should "down" a host
immediately when it observes ENETUNREACH.
Jeff Altman <jaltman@openafs.org> supplied the logic for the
AFS_NT40_ENV case; I was not able to test this (I do not own a
Windows license) and took him on his word.
Reviewed-on: http://gerrit.openafs.org/58 Tested-by: Derrick Brashear <shadow@dementia.org> Reviewed-by: Adam Megacz <megacz@gmail.com> Tested-by: Adam Megacz <megacz@gmail.com> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit 119c756d96c4a7f9e01e4ff6bb20156f1abf761b)
Change-Id: I31f97e4cef4b32abb69c783d19b1adfd897889fa
Reviewed-on: http://gerrit.openafs.org/943
Running bos -noauth should not require client CellServDB configuration
When setting up a new cell, the admin is instructed to use "bos -noauth"
to configure the servers and only afterwards create the client configuration.
This leads to a catch-22 since currently bos -noauth fails if there is no
client configuration even though it is not required.
This change avoids the call to afsconf_Open() which is only required
if tokens are being acquired.
This patch completes the implementation of an install time prompeter
for information about the local AFS cell, which is then used to populate
the ThisCell file. It removes the need for manual editing of
configuration files as part of the installation.
(Build system modified by Simon Wilkinson from Toby's original patch)
the function rx_ReadProc32 (src/rx/rx_rdwr.c) checks the pointer
call->currentPacket before the function rxi_FreePacket is called. This
test was missing in the function rx_ReadProc.
Michael Meffie [Wed, 15 Jul 2009 16:46:56 +0000 (12:46 -0400)]
Fix assert message to avoid printing garbage
Fix an off by one error in assert() to avoid printing garbage
characters to the log. Remove the newline character generated by
ctime() to match the format generated by the other logging functions.
Search for the Linux version in the correct header
src/config/linux-version already had support for handling either versioned
or unversioned kernel source directories, but the grep for UTS_RELEASE
was unconditionally done against the versioned source tree, ignoring the
previous determination of where the header file was.
Instead, check instead the header file location that we'd previously
determined.
This patch has been tested in the Debian OpenAFS 1.4.11~pre3+dfsg-1
package.
if the socket buffer size specified by the configuration is too large
to be applied, do not drop down immediately to 32766 bytes. Instead
try increasingly smaller values trying to find the largest one that
works. use the same value for the send buf size as well.
(cherry picked from commit 5b0e23567e1ed64f448bb3253ad90d39cad31271)
not ready for release, but, add a tool which installer can run to ask for a cell
name
AUTHOR
LICENSE IPL10
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
LICENSE IPL10
Jeffrey Altman [Thu, 19 Nov 2009 23:11:06 +0000 (18:11 -0500)]
viced: set volume sync data in bulk status rpcs
The bulkstatus and inlinebulkstatus rpcs have a bug
that prevents the volume sync data from being set.
Currently the data is being set within the for loop
only when i == nfiles. The conditional of the loop
is i < nfiles so the SetVolumeSync call is never
performed. This patch changes the test for performing
SetVolumeSync to i == 0.
lightly modified from what Bren Mills submitted; the second unlock call after mfail may be entirely useless.
(cherry picked from commit b87935a4c5f26357e29f1db46eff8b1cf9185f3b)
Andrew Deason [Mon, 26 Oct 2009 19:09:41 +0000 (14:09 -0500)]
Correct duplicate special inodes while salvaging
Right now when the salvager encounters duplicate special inodes for a
volume, it refuses to salvage the volume, presumably because it does not
know which inodes to use when recreating the volume header.
However, this can cause the confusing state where the fileserver and
various volume utilities have no problem with a volume, but the salvager
refuses to salvage it and marks the volume as needing salvage. When
salvaging, if we already have a volume header, and we encounter
duplicate special inodes, it is likely that the special inode referenced
by the volume header is the correct one.
So, instead of erroring out, keep track of which inodes are referenced
in the volume header, and if there are any duplicates, either ignore or
delete the unreferenced ones, depending on the -orphans setting. Also be
a little more verbose when logging errors in this area.
Reviewed-on: http://gerrit.openafs.org/736 Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com> Reviewed-by: Steve Simmons <scs@umich.edu> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit d393aabca577917b107afdd42efb40cc2fdac50c)
This patch changes the common error reporting type from CE_PANIC
to CE_WARN and adds appropriate cleanup processing so that we do not
leak resources if an error occurs.
Rainer Toebbicke [Fri, 27 Nov 2009 14:03:25 +0000 (15:03 +0100)]
Avoid IHandle leak when failing to attach volume
When a volume fails to attach, ensure it's volume handles
get released before all traces of it are erased. Failure to do so
might cause problems once the volume is salvaged and re-attached.
VReleaseVolumeHandles_r is moved to FreeVolume and no longer called separately.
Jeffrey Altman [Fri, 23 Oct 2009 14:54:35 +0000 (09:54 -0500)]
Check for (hostFlags & HOSTDELETED) after h_Lock_r
Many callers of h_Lock_r do not check if the HOSTDELETED flag is set,
even though it could have been set while waiting for the host lock. Add
checks for it everywhere we call h_Lock_r and we care if the host has
been deleted.
Dan Hyde [Thu, 29 Oct 2009 16:07:47 +0000 (12:07 -0400)]
Add array bounds checking in h_Enumerate
When hostList is not properly NULL-terminated, the current code does
not protect from buffer overflow. The following patch prevents buffer
overflow, prints a message, and asserts.
On our Linux hosts, we never reached the original assert, as there is
a problem handling the segfault the buffer overflow causes.
FIXES 125506
Reviewed-on: http://gerrit.openafs.org/757 Reviewed-by: Dan Hyde <drh@umich.edu> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit 93d48b1735b88b3051357307bdbebf5da9872d69)
Michael Meffie [Wed, 18 Nov 2009 15:07:14 +0000 (10:07 -0500)]
volser transaction object race conditions
Fix the transaction object races between VolMonitor and the
volume operation procedures which can cause the volume
server to crash.
Add a per transaction object mutex to safely set the
transaction call pointer and name. Fix VolMonitor to safely
traverse the transaction list and to access the call pointer
and last proc name while copying info to send to the vos
client. Fix the sleep thread to safely access the last proc
name.
FIXES 125479
Change-Id: I6dffa31a84d98249712dd17aad353f99151b4fd5
Reviewed-on: http://gerrit.openafs.org/619 Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com> Reviewed-by: Tom Keiser <tkeiser@sinenomine.net> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@dementia.org>
Andrew Deason [Wed, 11 Nov 2009 17:23:49 +0000 (11:23 -0600)]
Make ktc_curpag also detect ONEGROUP PAG gids
ktc_curpag falls back to looking at the group list if the VIOC_GETPAG
pioctl fails. If we're in AFS_LINUX26_ONEGROUP_ENV in the kernel,
though, ktc_curpag still looks for two groups, instead of the one
combined group. Add a check for the big one group in the fallback if
we're on LINUX26.
Reviewed-on: http://gerrit.openafs.org/815 Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit c53abbb3e8d14643f3f82999cbe24fb12d358ce0)
Andrew Deason [Wed, 11 Nov 2009 16:51:19 +0000 (10:51 -0600)]
Do not check *aoutSize in PGetPAG
*aoutSize is always zero in pioctls, since afs_HandlePioctl handles
checking the output buffer size, and sets outSize to 0 before calling
the pioctl. So, PGetPAG was always returning E2BIG; remove the check to
make it work.
Marc Dionne [Sat, 31 Oct 2009 12:54:52 +0000 (08:54 -0400)]
Fix memory allocation warnings at shutdown
At shutdown we check for unfreed memory allocated with AllocSmallSpace
and AllocLargeSpace and complain in the syslog if there are dangling
pieces. This patch takes care of a few cases that always showed up
as warnings, even after a simple start-stop of the client.
- The cacheInode file needs to be closed before the checks, since it
uses a large piece for its struct file.
- The ICL logging code allocates 6 small pieces that are never freed.
Add a shutdown_icl() function that releases everything. While we're
at it, correct one place where we allocated with afs_osi_Alloc but
freed with osi_FreeSmallSpace, confusing our accounting.
Marc Dionne [Sat, 31 Oct 2009 17:27:18 +0000 (13:27 -0400)]
Linux: Fix write_begin configure test for recent RHEL kernels
Recent RHEL kernels now define simple_write_begin, which was used as
a test for the write_begin address_space op. This makes the test
succeed when it shouldn't, and breaks the build.
Rewrite the test to actually check the address_space operation.
Always use kbuild for all Linux kernel configure probes
Some Linux kernel probes for the existence of header files were done
with file existence checks (test -f). This breaks if the kernel build
system is stacking multiple directories of headers together with
compile-time -I include path options, as is the case for the current
Debian Linux header packages. Instead, always use kbuild to check
whether a kernel header is available.
Similarly, use AC_TRY_KBUILD instead of AC_TRY_COMPILE when checking
for an SELinux kernel, since AC_TRY_COMPILE doesn't call into kbuild
and won't get the correct kernel header paths.
This is part of the fix for Debian Bug#521745 and has been included in
the Debian package since 1.4.10+dfsg1-1.
Marc Dionne [Wed, 28 Oct 2009 21:54:32 +0000 (17:54 -0400)]
Linux - Fix disk cache access for selinux/AppArmor constrained processes
Preserve the credentials used for cache initialisation and use then
whenever disk cache files are opened. This takes advantage of the
credentials separation work from David Howells available in kernels
2.6.29 and above.
Access to cache files was done under the security context of the
user process, causing processes constrained by selinux or AppArmor to
fail to access AFS cache files and causing the cache manager to panic.
Besides the RT tickets, should also fix the following Ubuntu bugs:
415766 429260 457779 459299
The current kernel module build infrastructure relies on the ability to
create symlinks from known directory names used in the AFS code to the
actual locations of the kernel header files. This breaks if there is no
single kernel header tree and instead multiple trees are layered together
by kbuild using compile-time -I include paths.
Attempt to detect this case by seeing if linux/types.h is in the kernel
header directory where we expect it. If not, rather than creating
symlinks for h, sys, and netinet, create directories and populate them
with single-line headers that just include the corresponding linux/*.h
header. The list of headers for which to do this is generated dynamically
by analyzing the AFS kernel source code and looking for relevant #include
directives.
This patch has been part of the Debian OpenAFS package since
1.4.10+dfsg1-1. The check for whether we have layered kernel header trees
may be specific to Debian and may require modification later if other
Linux distributions do something similar.
Simon Wilkinson [Wed, 28 Oct 2009 11:12:18 +0000 (11:12 +0000)]
Make afsd.pod reflect reality
9d396c4916fdac64fcface30e6637ca6e2911203 (from 2005) introduced
autotuning for afsd, and changed some of the defaults which aren't
autotuned. Update the afsd man page to reflect the autotuning, and
the new defaults.
Andrew Deason [Wed, 28 Oct 2009 16:06:47 +0000 (11:06 -0500)]
Avoid using released hosts
Since h_Release_r has the possibility of freeing a host, we should not
be using a host after it has been released. A few places can still use a
released host, potentially causing heap corruption, double frees, and
generally weird behavior.
So either move calls of h_Release_r until after we finish using a host,
or make sure to set the pointer to NULL after it has been released.
Reviewed-on: http://gerrit.openafs.org/747 Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Dan Hyde <drh@umich.edu> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit 416e2f11c35f5d55f91090b30b4db1a9bf6d6e07)
Andrew Deason [Mon, 26 Oct 2009 19:04:48 +0000 (14:04 -0500)]
Dec old special inodes in inode convertROtoRW
The convertROtoRW code for the inode fileserver makes copies of the
volume's special inodes, but leaves the old (RO) inodes around. If the
RO is created again, this will result in duplicate special inodes for
the same volume, which freaks out the salvager (and possibly other
things).
So IH_DEC the old RO special inodes after converting, so they go away.
Reviewed-on: http://gerrit.openafs.org/735 Tested-by: Andrew Deason <adeason@sinenomine.net> Tested-by: Derrick Brashear <shadow@dementia.org> Reviewed-by: Derrick Brashear <shadow@dementia.org>
(cherry picked from commit dbe3b7b8eeb4a010f82248befc6167b3b5ed9606)
projects / packages / o / openafs.git / log