this is a dodge; we should sign with a real certificate and distribute
signed binaries. until we more formally exist, this allows application
firewall to at least cope better with us.
Andrew Deason [Fri, 18 Dec 2009 18:17:41 +0000 (12:17 -0600)]
Refuse to attach inode partitions with UFS logging
Partitions with the 'logging' UFS mount option are known to cause
corruption when using the inode fileserver backend. So, if we detect
that we are attempting to attach a 'logging' partition, refuse to attach
it.
Marc Dionne [Tue, 5 Jan 2010 00:37:40 +0000 (19:37 -0500)]
Linux: don't oops on writeback if vcache has no stashed credentials
When doing writeback, use current credentials if we can't find
stashed credentials in the vcache entry.
This is normally stashed in afs_open, so it's not clear how we
get to that point, but that's not a reason to trigger an oops.
Michael Meffie [Tue, 29 Dec 2009 18:40:15 +0000 (13:40 -0500)]
viced: allow alternate addresses on the same hash chain again
Revert the logic meant to prevent duplicate entries in the
host address hash table so hosts with multiple addresses can
be stored in the same hash bucket again.
Add a new log message to show when the host cannot be stored
in the hash table because of an address-port pair collision
with a host already in the hash table.
Jeffrey Altman [Wed, 30 Dec 2009 11:32:58 +0000 (11:32 +0000)]
Unix CM: Use xdr_free to free memory allocated by XDR
In src/afs/afs_volume.c VL_GetAddrsU() returns memory allocated by the
xdr package. In 1.4 there was no method of freeing this safely. On the
head there is using the xdr_free() function.
Marc Dionne [Thu, 31 Dec 2009 16:08:32 +0000 (11:08 -0500)]
Build fix: restore centry in ptutils.c
The declaration of centry is needed when supergroups are not
enabled. Restore it within the ifdef so that we don't get
an unused variable warning if supergroups are enabled.
Russ Allbery [Thu, 31 Dec 2009 00:22:37 +0000 (16:22 -0800)]
Remove warnings from supergroups code on x86
Prototype functions where necessary, remove unused variables, fix
mismatches of data types (char * != void *), initialize variables the
compiler can't tell are initialized, compare integers against 0 and
not NULL, and wrap assignments used as conditions in an explicit
comparison.
This removes all warnings that fail --enable-checking on x86 with
--enable-supergroups. 64-bit will still have warnings.
Matt Benjamin [Wed, 23 Dec 2009 00:48:02 +0000 (19:48 -0500)]
freebsd: track RELENG_8
Fixes to re-enable build and load of kernel module on FreeBSD's
RELENG_8. Includes the following changes:
Remove cred pointer argument to vop_getattr and vop_setattr.
Restore VSUID and VGUID defines, but move to osi_machdep.h.
Fixup calls to vinvalbuf, create a macro to avoid too many ifdefs.
Revert incorrect definition of gop_lookupname_user. Avoid
uninitialized use of 'code' variable in vop_access, and track
new a_accmode member name. Remove cred pointer in VFS_STATFS.
Avoid including sys/ioctl.h in kernel mode (formerly had no
effect, it's now an error). Avoid using an empty file as an
object file in shlibafsrpc link. Replace suser() calls with calls
to priv_check, using defined OpenAFS privileges (thanks due to
Ben Kaduk).
Simon Wilkinson [Sun, 27 Dec 2009 11:06:01 +0000 (11:06 +0000)]
Abstract out Linux sillyrename function
In order to keep the dcache happy, the Linux client has its own
sillyrename function. Abstract this out from afs_linux_unlink into a
function of its own (afs_linux_sillyrename) so we can make use of it
from other vnodeops.
Simon Wilkinson [Thu, 24 Dec 2009 18:19:01 +0000 (18:19 +0000)]
Remove HAVE_STRUCT_BUF test
Ever since b1edf891d717ee8e08c0d93738a204cff09cf68f was committed,
we've not needed to test to see if the OS provides struct buf - we
can just declare it as a structure without providing a definition
in all circumstances.
Simon Wilkinson [Thu, 24 Dec 2009 15:14:46 +0000 (15:14 +0000)]
Remove --disable-afsdb
Remove the --disable-afsdb option from configure, and the
corresponding AFS_AFSDB_ENV #ifdefs from the code. This means that
the AFSDB code will always be built, but whether it used or not
can still be controlled by runtime options in the cache manager.
Andrew Deason [Wed, 30 Dec 2009 16:44:39 +0000 (11:44 -0500)]
Make DAFS 'bos salvage' work in restricted mode
bosserver currently has code to specifically allow 'bos
salvage'-initiated salvages to run when in restricted mode. This only
specifically tests for running salvager, though, and so fails when 'bos
salvage' is run against a DAFS fileserver and tries to run
'salvageserver -client' instead.
Test for 'salvageserver -client' as well, so we can run 'bos salvage'
for DAFS fileservers in restricted mode.
Simon Wilkinson [Thu, 24 Dec 2009 13:00:53 +0000 (13:00 +0000)]
Turn on bos restricted code
Remove the #ifdef's around the bos restricted mode code. This makes
restricted mode available as part of the standard build, but a server
will not go into restricted mode unless the relevant command line
options are specified, or bos setrestricted is run.
Document bos_setrestricted and bos_getrestricted, and the new
'-restricted' command line option. Add a note to the man pages of
all of the commands whose behaviour is affected by restricted mode.
Add 'setr' and 'getr' aliases for setrestart and getrestart so that
these documented shortcuts continue to work (otherwise they'd be
ambiguous against setrestricted and getrestricted). Note that
setre, setres, and setrest will not work once this patch is applied.
Change-Id: Ie69d21493ea5f78757f0a3d478de43fdaabd3c31
Reviewed-on: http://gerrit.openafs.org/1028 Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Simon Wilkinson [Tue, 29 Dec 2009 17:03:50 +0000 (17:03 +0000)]
Unix: Merge aklog with aklog_main
Historically, aklog was split into aklog.c (which just contained a
wrapper) and aklog_main.c, which did all of the hard work. Now
that we've purged all of the Windows code from aklog_main.c, we
can merge them both into the same file, so do so.
Andrew Deason [Tue, 29 Dec 2009 20:45:51 +0000 (15:45 -0500)]
Return a cell name from afsconf_LookupServer
Previously, afsconf_LookupServer could not meaningfully return a cell
name, since a char* was passed in for realCellName, and
afsconf_GetAfsdbInfo was expecting the value of the pointer to change.
Change afsconf_LookupServer to take a char**, and pass realCellName by
reference, so we can get a cell name back.
Simon Wilkinson [Tue, 29 Dec 2009 21:56:36 +0000 (21:56 +0000)]
Fix ioctl32 inclusion on Sparc 64
ioctl32.h only became available in Linux 2.5.44, so reduce the scope
of the include. It went away again, in Linux 2.6.22. In its short
life, it only ever provided prototypes for registering translation
handlers, and for sys_ioctl.
Only include it where we call those handlers, and when we call them,
to remove compilation errors for Sparc64.
Simon Wilkinson [Tue, 29 Dec 2009 22:58:56 +0000 (22:58 +0000)]
Linux: Replace invalidate_inode_pages
invalidate_inode_pages is now marked as deprecated in the kernel
headers. Use the equivalent call to invalidate_mapping_pages() which
has been available since Linux 2.5
Andrew Deason [Thu, 24 Dec 2009 18:32:14 +0000 (13:32 -0500)]
Move TOP_INCDIR/des dependency to prelude
Make TOP_INCDIR/des a dependency of the 'prelude' target, not all of the
'dest'-ish targets. Without this, things like 'make tviced' fail since
we never create the TOP_INCDIR/des directory, but 'des' needs to copy
headers into there.
Also, remove the other redundant INCDIR/LIBDIR deps in the 'dest'-y
targets, and put them in 'prelude'.
Simon Wilkinson [Tue, 22 Dec 2009 21:46:43 +0000 (21:46 +0000)]
Solaris: Don't access lbolt directly
Recent changes in OpenSolaris have removed the 'lbolt' variable.
However, the ddi_get_lbolt accessor (which has been present since
Solaris 10) can be used to get access to the same value. So, use it.
Simon Wilkinson [Tue, 22 Dec 2009 21:42:19 +0000 (21:42 +0000)]
Solaris: Don't directly fiddle with the groups structure
Solaris doesn't let us directly play with the groups structure
anymore. Instead, there is a crsetgroups accessor which can be
used instead. So, use it.
Simon Wilkinson [Tue, 22 Dec 2009 21:38:00 +0000 (21:38 +0000)]
Solaris: Be more flexible about compilers
OpenSolaris doesn't have its C compiler in /opt/SUNWspro/bin/cc,
but we still have to be careful to avoid gcc, as that can't
build the kernel module.
As a short term stop gap, add a PATH_PROG test which looks in
both /opt/SUNWspro/bin and /opt/SunStudioExpress/bin for cc.
We probably should look in more places, and in the long run,
we should probably be taking whatever autoconf gives us
(for userspace, at least)
Simon Wilkinson [Tue, 22 Dec 2009 21:34:23 +0000 (21:34 +0000)]
Look for aclocal in more places
Some operating systems (cough, OpenSolaris, cough) have multiple
versions of aclocal installed, and don't populate the 'aclocal' name.
If 'aclocal' isn't present, then try using 'aclocal-1.10' before we give
up in disgust.
Andrew Deason [Tue, 22 Dec 2009 14:49:21 +0000 (09:49 -0500)]
Fix typo in afs_linux_cred_is_current
987816dfa852750caca8c64c44174a5333ae0e3b introduced a stray 'cred' in
one of the afs_linux_cred_is_current definitions. Remove it so we can
build without STRUCT_TASK_HAS_CRED.
Michael Meffie [Thu, 10 Dec 2009 16:37:34 +0000 (11:37 -0500)]
Consolidate duplicate definitions
Housekeeping change to consolidate some common definitions.
Create a new common header called afs_consts.h. This allows
us to remove the afscp.c dependency on afs.h (so src/tests
will build again.) Rename the max filename definition in the
update server package to MAXFNSIZE to avoid a name conflict
with MAXSIZE. The global defines will be prefixed with
AFS_ in a second patch.
Change-Id: I2b8d555a244cc92d889618de4eec4a99550d7c7f
Reviewed-on: http://gerrit.openafs.org/855 Reviewed-by: Mickey Lane <mlane@sinenomine.net> Tested-by: Mickey Lane <mlane@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Marc Dionne [Sun, 20 Dec 2009 03:22:05 +0000 (22:22 -0500)]
Linux: utsrelease.h is moving
In kernel 2.6.33, utsrelease.h has moved to include/generated.
Adapt the configure code to consider that location, and clean
up that section's indentation.
Simon Wilkinson [Sat, 19 Dec 2009 21:53:54 +0000 (21:53 +0000)]
Fix PAGs for all platforms without Linux keyrings
The changes in 7b272177de4c6f78db7f2315f4e30e85ab7660bb sadly break
all platforms which aren't Linux. This is because the logic in PagInCred
doesn't handle the non-Linux case at all. Fix this so that we call
afs_get_group_pag whenever we're not running on Linux.
The code also doesn't match the comment - Linux kernels which don't
have keyrings should use afs_get_group_pag(), regardless of whether
STRUCT_TASK_HAS_CRED. It's unlikely this bit would ever bite anyone
though, kernels with cred support almost certainly require keyrings.
Simon Wilkinson [Sat, 19 Dec 2009 20:21:36 +0000 (20:21 +0000)]
Linux: Simplify keyring compatibility code
This introduces a few inline functions in osi_compat.h, to reduce the
number of #ifdefs in the main chunk of code. In particular, we gain
* afs_linux_key_alloc : to handle all the different key_alloc
signatures
* afs_linux_search_keyring : to handle our two different mechanisms
for searching a keyring
* afs_linux_cred_is_current : will return true if we're using native
credentials, and the passed creds are also
those of the current task
Simon Wilkinson [Sat, 19 Dec 2009 15:40:49 +0000 (15:40 +0000)]
Linux: Don't panic when keys aren't found
This fixes two potential problems in our session keyring lookup code,
which can lead to panics in situations where we're using the new struct
cred based code.
The first is that if there is no session kerying installed for the
current task, we'll attempt to do a lookup on a NULL kerying and oops.
The second is that if the keyring_search returns EPERM, then we can end
up unmasking that error code, and return NULL, rather than an error.
Change-Id: If0e2804408ec17b00f352980cee6a8e56704d93f
Reviewed-on: http://gerrit.openafs.org/1004 Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Tested-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@dementia.org>
Simon Wilkinson [Sat, 19 Dec 2009 14:48:32 +0000 (14:48 +0000)]
Linux: Flush vcaches when a mount fails
GetVCache (well, really NewVCache) creates a new vcache, with an attached
inode, and links it into the VLRU queue, regardless of whether it is
successful in populating that vcache or not. The attached inode, on Linux,
contains a reference to the super block of the filesystem. If the created
vcache is for the root, however, and populating that vcache failes, then mount
fails, and the super block is disposed of. This leaves us with a vcache in
the VLRU queue which contains a reference to a non-existent inode.
When ShakeLooseVCaches comes along a few minutes later, it attempts to discard
this inode. However, doing so fails because the inode no longer has a valid
super block.
Avoid this trauma by ensuring all vcaches are disposed of before the super
block goes away, in the event of a mount failure.
Change-Id: I68864f1ea401d24adba76164905a17de6ab3e6ce
Reviewed-on: http://gerrit.openafs.org/1003 Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com> Tested-by: Marc Dionne <marc.c.dionne@gmail.com> Reviewed-by: Derrick Brashear <shadow@dementia.org>
Andrew Deason [Thu, 17 Dec 2009 20:59:44 +0000 (14:59 -0600)]
Do not trust FetchData length from fileservers
Currently the Unix CM implicitly trusts that the length from a FetchData
request from a fileserver will always be less than the requested length.
If the fileserver sends more data than requested, we can use up more
cache space than we intended, possibly exceeding the cacheinfo cache
limits.
Add a check for this, and return EIO to the caller if the fileserver
responds with too much data.
Andrew Deason [Fri, 18 Dec 2009 18:21:35 +0000 (12:21 -0600)]
platform target depends on cmd and vol
The 'platform' target depends on cmd and vol, since on solaris
non-namei, we build fs_conv_sol26.c, which depends on some volume
structures, and uses libcmd. So, have Makefile.in accurately reflect
that dependency so we can build.
Andrew Deason [Fri, 16 Oct 2009 22:12:35 +0000 (17:12 -0500)]
Add the 'vos endtrans' command
Add a command to vos to explicitly end volume transactions. These can
happen if (for example) we segfault or the user ctrl-C's in 'vos'
before/after a volume operation, but before we AFSVolEndTrans.
Andrew Deason [Fri, 6 Nov 2009 20:03:52 +0000 (14:03 -0600)]
Expand ProgramType enumeration
The ProgramType values volumeUtility and salvager are overloaded. Expand
the ProgramType enum to include more specific program types, and adjust
conditionals to match.
Also, instead of determining all behavior by checking programType, add
some flags to be passed in to VInitVolumePackage to determine e.g.
whether or not we can use the FSSYNC channel. This makes it easier to
see the intent of some conditionals, and reduces the number of times a
caller must lie about what program it is.
Simon Wilkinson [Fri, 20 Nov 2009 15:08:25 +0000 (15:08 +0000)]
Linux: Use splice to speed up cache storeback
This patch adds a new cache store function for Linux, which uses
splice() and direct access to the page cache, rather than doing
data copies to a temporary buffer between rx and afs. It removes
one copy, and some context switching, from the write codepath.
One side-effect here is that it will delay storebehinds from
returning control to the user. Instead of returning once the first
4k has been successfully transfered, we will wait until a cache
chunk has been transmitted. This is currently unavoidable, as we
can't take the GLOCK within a splice actor.
Simon Wilkinson [Fri, 20 Nov 2009 15:03:37 +0000 (15:03 +0000)]
Rework cache store back
This patch reworks the code to store data from the cache to the server,
such that the entire store loop can be replaced. The idea here is that a
platform which wishes to provide a different store loop, in particular
one which doesn't rely upon multiple data copies, may do so simply by
plugging in a new function.
Marc Dionne [Thu, 10 Dec 2009 00:06:18 +0000 (19:06 -0500)]
Linux: deal with ctl_name removal
The binary sysctl interface will be removed in kernel 2.6.33 and
ctl_name will be dropped from the ctl_table structure.
Make the code that uses ctl_name conditional on a configure test.
Jeffrey Altman [Sat, 5 Dec 2009 15:51:27 +0000 (10:51 -0500)]
Windows: cm_BPlusEnumAlloc should not fail for zero entries
If cm_BPlusEnumAlloc returns NULL, the caller assumes a
memory allocation error. If the enumeration consists of
zero entries, allocate a structure that stores zero entries.
Jeffrey Altman [Sat, 5 Dec 2009 15:53:03 +0000 (10:53 -0500)]
Windows: cm_BPlusDirBuildTree can fail
It is possible that cm_BPlusDirBuildTree can fail. For example,
the server could be marked down after a callback is obtained
but before all of the directory data buffers have been fetched.
cm_BeginDirOp must check for the failure, destroy the tree,
and return the failure code to the caller. Otherwise, a tree
with no entries may be created and marked with the current
data version.
Andrew Deason [Sun, 6 Dec 2009 20:56:20 +0000 (14:56 -0600)]
Make HandleClientContext take an afs_ucred_t
5d5d18071608d9782a5d936f79215048af641410 missed one occurrence of
AFS_UCRED. Make HandleClientContext take an afs_ucred_t instead of
AFS_UCRED, so afs_pioctl.c builds again.
Simon Wilkinson [Sun, 6 Dec 2009 14:25:08 +0000 (14:25 +0000)]
Remove AFS_USEBUFFERS
The AFS_USEBUFFERS code has been disabled for all supported platforms
since the initial OpenAFS code drop. Simplify the buffers code by
removing it entirely.
Change-Id: Iab6b2d54361eca1a1446b4804b3d6533d75f2831
Reviewed-on: http://gerrit.openafs.org/894 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Derrick Brashear <shadow@dementia.org>
revised version of a patch i've had for months to actually be clean.
allow state of all packets to be dumped so you can see what's on what
queues where.
Rainer Toebbicke [Thu, 19 Nov 2009 13:07:07 +0000 (14:07 +0100)]
Calculate midnight (for volume stats) based on standard functions
The "tz" structure used with gettimeofday is not blessed by common
standards and not widely supported, on Solaris for example it does not
return anything useful.
Calculate midnight based on standard functions (localtime/mktime).
Jeffrey Altman [Mon, 17 Aug 2009 16:30:44 +0000 (12:30 -0400)]
Use xdr_alloc and xdr_free within ptuser
If the memory allocation routines for libafsauthent and libafsrpc
differ, callers of the ptuser routines in libafsauthent will crash.
Use xdr_alloc and xdr_free in ptuser to ensure that the memory
allocation routines are always consistent.
Andrew Deason [Mon, 26 Oct 2009 19:09:41 +0000 (14:09 -0500)]
Correct duplicate special inodes while salvaging
Right now when the salvager encounters duplicate special inodes for a
volume, it refuses to salvage the volume, presumably because it does not
know which inodes to use when recreating the volume header.
However, this can cause the confusing state where the fileserver and
various volume utilities have no problem with a volume, but the salvager
refuses to salvage it and marks the volume as needing salvage. When
salvaging, if we already have a volume header, and we encounter
duplicate special inodes, it is likely that the special inode referenced
by the volume header is the correct one.
So, instead of erroring out, keep track of which inodes are referenced
in the volume header, and if there are any duplicates, either ignore or
delete the unreferenced ones, depending on the -orphans setting. Also be
a little more verbose when logging errors in this area.
Change-Id: I15e34e8f2bccdc666bb59e3730fdf8bf51624259
Reviewed-on: http://gerrit.openafs.org/736 Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com> Reviewed-by: Steve Simmons <scs@umich.edu> Reviewed-by: Derrick Brashear <shadow@dementia.org>
Marc Dionne [Thu, 19 Nov 2009 23:29:08 +0000 (18:29 -0500)]
Warning fixes - key handling
Various warning fixes related mostly to the different types used
to handle keys. This should clear most of the remaining warnings
in this area. The technique of inline converter helpers is
extended to cover a few more cases.
README.WARNINGS is adjusted to reflect the current status.
Fixes:
- bos: define and use an inline converter from a ktc key to a bozo key
- bos.c and bos_utils.c should no longer have warnings - adjust Makefile
- define a ktc key to char * converter and use it in a few places
- define kas key to bozo key ptr converter and use it in a few places (afs_bosAdmin)
- cast a few arguments to ka_StringToKey which expects non-const pointers
Change-Id: I1c19869ac232d78209126d4eeeb11af8bcb95815
Reviewed-on: http://gerrit.openafs.org/860 Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Andrew Deason [Sun, 29 Nov 2009 03:25:27 +0000 (22:25 -0500)]
Add server prefix to utst_int.xg
When compiling src/ubik/utst_int.ss.c, a warning would be produced since
the server stubs are defined as accepting an rx_connection instead of an
rx_call, and since the server and client RPC stubs have the same name.
Give a server prefix so we can distinguish between the two, and fix the
server stubs and squash the warning, similar to bd011aeee7f5dad5c61fd81a90b296c46a0b9058.
Andrew Deason [Fri, 20 Nov 2009 20:15:28 +0000 (14:15 -0600)]
Add safety checks on all hostList traversals
Currently, h_Enumerate checks that it doesn't enumerate over more than
hostCount hosts, in case the hostList has a cycle or is otherwise
corrupt. Add similar checks to all places in the code that loop over
hostList, to prevent the code from getting in an infinite loop under
H_LOCK in the case of a hostList cycle.
Also, ShutDownAndCore instead of assert'ing, so we try and detach
volumes first, possibly reducing salvaging time when we restart after
core'ing.
Jeffrey Altman [Tue, 24 Nov 2009 23:08:55 +0000 (18:08 -0500)]
Windows: Fix test for setting FILE_ATTR_READONLY
When checking whether or not to enforce the unix mode
bits as if they were the Windows FILE_ATTR_READONLY flag
the mask 0200 is used. Make sure that the same mask is
used when publishing the FILE_ATTR_READONLY flag to the
smb client.
Jeffrey Altman [Thu, 19 Nov 2009 23:53:56 +0000 (18:53 -0500)]
Windows: disable readonly volume versioning due to file server bug
Change I17e3980184ec68e38c5186e1c9637ac6e38451fe corrects a file
server bug that results in invalid volume sync data being sent
to clients during bulk status rpcs. Unless this is fixed in the
file servers it is not safe to use the volume versioning functionality.
This patchset disables the functionality by default and permits
it to be turned on via a registry value. If the client is deployed
in an environment in which all of the file servers have been fixed,
then it will be safe to turn this feature on.
Jeffrey Altman [Thu, 19 Nov 2009 23:21:39 +0000 (18:21 -0500)]
Windows: cm_TryBulkStatus processing changes
move the logging of success or failure in order to
try to avoid the VS8 compiler optimizing them out.
merge the bulk status information if the current
cm_scache_t object is flagged with an access denied
failure on the last request or if it is a readonly
volume. This permits us to return something valid
to the directory enumeration that generated the
cm_TryBulkStatus call.
Jeffrey Altman [Thu, 19 Nov 2009 19:18:18 +0000 (14:18 -0500)]
Windows: modify src/rxkad/NTMakefile to avoid file copies
Permit src/rxkad/domestic/* files to be compiled / installed
in place. This permits the tree to build after the
application of change I0796fabcf83ffcd74e533624c64e138a160dd632.
Jeffrey Altman [Thu, 19 Nov 2009 23:11:06 +0000 (18:11 -0500)]
viced: set volume sync data in bulk status rpcs
The bulkstatus and inlinebulkstatus rpcs have a bug
that prevents the volume sync data from being set.
Currently the data is being set within the for loop
only when i == nfiles. The conditional of the loop
is i < nfiles so the SetVolumeSync call is never
performed. This patch changes the test for performing
SetVolumeSync to i == 0.
Marc Dionne [Sun, 25 Oct 2009 02:10:46 +0000 (22:10 -0400)]
Linux: Keyrings PAG handling changes
We can take advantage of the fact that PagInCred now receives
a kernel credentials structure as an argument (including any session
keyring) to make some improvements in the handling of PAGs
when keyrings are in use.
These changes are effective only if keyrings are in use and we
have a recent enough kernel where we can use the kernel
credentials structure.
1 - Search the session keyring of the passed credentials instead of
the current process' to determine the PAG, if any. This was always
not really correct, and now we're able to do the right thing.
In some situations such as background writeback and pre-fetching,
this means that we'll now do it with the right credentials, even when
in a PAG.
2 - Don't use groups at all to determine PAG membership. Doing so
can lead to some inconsistent situations such as the one described
in RT 125198, where a process gets access through a soon to be
deleted PAG. Make PagInCred look exclusively at the keyrings.
Groups are still updated to try to reflect the current PAG for now,
if the passed credentials belong to the current process.
Note that a process can no longer get a PAG's privileges simply by
adding the corresponding groups to its group list.
Marc Dionne [Sun, 22 Nov 2009 19:17:19 +0000 (14:17 -0500)]
Remove "unused" warnings from lex generated files
Some (f)lex generated source files produce warnings because of unused
labels or variables.
Since there is limited control of the source itself, just be more
permissive in this particular case with -Wno-unused.
UFSOpen shares a prototype with MemCacheOpen because of the
afs_cacheOps structure. This is why a void * is used.
Revert until a more complete fix can be submitted that adresses
the memcache case as well.
Simon Wilkinson [Wed, 18 Nov 2009 20:07:04 +0000 (20:07 +0000)]
Remove inode hinting for dcaches
The VNOP read code has always contained incomplete support for inode
hinting. In theory this would let us attach open cache files to dcache
structures, so that we don't have the overhead of opening the file
with every read that we do.
However, this has been ifdef'd off ever since the first release, and
is fundamentally broken - it relied upon structure elements that just
don't exist, and has no mechanism for throttling the number of inode
hints that are maintained. Inode hinting also required that we store
an inode number within the osi_file structure (so hint validity could
be checked), which causes a problem on some modern OS's.
Simplify all of this, by just removing the partial hinting support.
If we want to revisit this in the future, then the code is in git,
but if we _do_ feel we want to keep open cache files around, it's
probably better to start from scratch!
projects / packages / o / openafs.git / log