Simon Wilkinson [Thu, 30 Sep 2010 12:58:26 +0000 (13:58 +0100)]
Kill AFS_64BIT_ENV
The AFS_64BIT_ENV was being pretty much universally defined. So,
remove the definition, and the conditional code that it controlled.
From this point on, all platforms are assumed to be capable of
handling 64bit values.
Simon Wilkinson [Mon, 4 Oct 2010 19:22:50 +0000 (20:22 +0100)]
Heimdal: Fix 32bit build problems
The earlier inclusion of sha512 from Heimdal broke the build on
32bit platforms, because this file doesn't flag 64bit constants as
being such.
The correct place for this fix is in Heimdal, and it will be replaced
with a fix from Heimdal as soon as one is available. For now though,
this gets our build going again.
Andrew Deason [Sun, 3 Oct 2010 23:27:19 +0000 (18:27 -0500)]
vol: Log ignored dirs that look like partitions
If we see a /vicep*-like directory when we VAttachPartitions, and we
ignore it because it lacks an AlwaysAttach, log that we ignored it.
This may make things less confusing to admins that just try to create
a /vicep* directory and don't know why it doesn't work.
Simon Wilkinson [Mon, 4 Oct 2010 11:33:24 +0000 (12:33 +0100)]
configure: Restore saved CFLAGS
When we test for whether the C compiler can take the
-fno-strength-reduce flag, we add the flag to CFLAGS to do so.
However, we were not restoring the old value of this flag when we
completed the test, and so we were always setting -fno-strength-reduce
in the userspace compile.
Previously, this was harmless, as we always overwrote CFLAGS, but if
we're moving to a world where we honour the user's setting of CFLAGS,
we need to not leak changes in this way.
Andrew Deason [Fri, 10 Sep 2010 20:52:34 +0000 (15:52 -0500)]
vos release: Force full dump on RO_DONTUSE sites
When releasing a volume, currently we perform an incremental dump on
RO_DONTUSE sites if the volume exists on the remote site. Since
RO_DONTUSE implies that we do not expect a site to exist there, delete
the extant volume if we find one and force a full dump.
If we perform an incremental dump, we run the risk of incrementally
dumping to a temporary volume that the administrator is not aware of,
and doesn't have any actual data but has a last update time late
enough that it may be missing some data after the incremental dump. So
to avoid that, force a full dump every time.
sin_family isnt sent over the network and therefore doesnt need
htons(). sin_family is essential the same as domain, and no one
does socket(htons(AF_INET), ...)
Windows: Ensure that cm_NameI errors are acted upon promptly
There are many cases in the SMB server where an error from cm_NameI()
was either ignored or not acted upon until several other operations
are performed that could result in the same error being repeated.
This is a mistake which did not have negative side effects until
additional checks for callback status were added recently.
At present, if a CM_ERROR_ACCESS error is returned and ignored,
subsequent attempts to operate on the same cm_scache_t will result
in additional queries to the file server that will also end in an
abort response. This can trigger the file server to delay responses
to the client.
This patchset ensures that all cm_NameI() errors are acted upon
promptly.
Windows: Fix Parent(path) computation to permit mp and symlink creation
The parent path computation was leaving trailing slashes on the
path names which prevented the creation of mount points and symlinks
when UNC paths were used that contained mount points.
Jeffrey Altman [Sat, 2 Oct 2010 03:47:11 +0000 (23:47 -0400)]
Rx: raise rx_minPeerTimeout to 20ms
At 2ms it is possible for the packet we are sending to be resent
just about immediately as the retryTime computation occurs before
the send takes place and not afterwards. If the network send blocks,
the retryTime may have already expired.
We do not want rx_minPeerTimeout to be too large though because the
value will end up being used as the backoff time period when the
actual RTT for the connection is less than the rx_minPeerTimeout
value. Extensive testing shows 20ms to be an adequate compromise
that avoids the vast majority of unnecessary resends without
unnecessarily slowing down the connection if a packet is in fact
lost.
Rx: When call receive is done, send ack all packet
When all of the packets for a call have been received,
immediately send an ack all packet to the peer. This permits
the peer to free the contents of the transmit queue and cancel
all pending resend events.
Rx: protect rx_conn and rx_call refCount field with rx_refcnt_mutex
Add a new global mutex rx_refcnt_mutex to protect the conn->refCount
and call->refCount in place of relying upon the conn->conn_data_lock
and the call->lock.
This will relieve some lock contention with rx_ReceivePacket().
Jeffrey Altman [Sat, 2 Oct 2010 04:49:38 +0000 (00:49 -0400)]
Windows: Pass Volume Root Fid to cm_Analyze after RXAFS_GetVolumeStatus
RXAFS_GetVolumeStatus can return VNOVOL, VMOVED, etc. In order to
process them and update volume state a fid must be passed to cm_Analyze().
Use the volume root fid.
Andrew Deason [Thu, 11 Mar 2010 16:39:56 +0000 (10:39 -0600)]
Provide an abstract work queue object
Add some routines for specifying chunks of work to be done. The idea
is to be able to pass these to different threads, and specify
dependencies between them, wait on them completing, etc.
This adds the afs_wq* family of functions. Originally written by Tom
Keiser.
Andrew Deason [Tue, 14 Sep 2010 14:45:10 +0000 (10:45 -0400)]
DAFS: Raise LogLevel for per-chain vol stats
Only report detailed per-chain volume statistics on shutdown/SIGXCPU
if LogLevel is 125 (or 25 for smaller per-chain stats). If a
fileserver is configured with a large -vhashsize, printing out stats
for each chain can take awhile and use up a nontrivial amount of disk
space for logging, so only print out these stats if we're asked for
them.
configure: --with-linux-kernel-packaging should default to disabled
the test for this build feature is reversed. by default, the value for
with_linux_kernel_packaging will not be defined which makes the existing
test pick MPS='SP' instead of LINUX_WHICH_MODULES. based on the configure
help messages, this would appear to be an opt-in not an opt-out.
...
Optional Packages:
...
--with-linux-kernel-packaging
use standard naming conventions to aid Linux kernel
build packaging (disables MPS, sets the kernel
module name to openafs.ko, and installs kernel
modules into the standard Linux location)
...
Simon Wilkinson [Tue, 28 Sep 2010 23:21:43 +0000 (00:21 +0100)]
rx: Don't have different args for rxi_FreeCall
rxi_FreeCall changes its number of arguments depending on whether
locks are enabled or not. That's a little bit nasty to read, so just
change it so that it always takes two arguments, and ignores the
second when it doesn't need it.
Simon Wilkinson [Tue, 28 Sep 2010 23:11:53 +0000 (00:11 +0100)]
rx: Make statistics interface use Atomics
Make the rx_statistics statistics gathering infrastructure use
atomics for all of its counters. This significantly reduces
lock contention. However, it also (potentially) changes the format
of the rx_stats variable which has been used by callers in the past.
To simplify this process, and to aid with future changes, we remove
direct access to rx_stats. Instead, two additional API functions
rx_GetStatistics and rx_FreeStatistics are provided. These give the
caller access to an 'normal' rx_statistics structure.
Tom Keiser has suggested that we should explore using thread-local
statistics structures, and just aggregating them when we are asked
to report. This is a fine idea, and is equally possible with the
new interface that this patch introduces.
Simon Wilkinson [Tue, 28 Sep 2010 22:48:50 +0000 (23:48 +0100)]
rx: Add rx_NewThreadId function
The fileserver and the fsync server were locking an internal RX
mutex, and incrementing an internal counter in order to obtain fake
pthread thread IDs. Instead of letting them muck around in the
internals of RX, provide an API that can be called to obtain a
ThreadId counter, and use that API throughout the code.
Simon Wilkinson [Tue, 28 Sep 2010 22:37:54 +0000 (23:37 +0100)]
rx: Add atomic operations code
Add support for an atomic type, and atomic operators for RX. This
builds on work which has already been done for Windows, where
InterlockedOperations are used for statistics gathering.
A new opaque type, rx_atomic_t is introduced so that normal arithmetic
operations will fail on atomic data.
An implementation using native atomic methods is provided for Darwin,
Solaris and Windows. A native kernel implementation is used for Linux.
Where OpenAFS is built with a sufficiently modern gcc, gcc's atomic
primitives will be used. Sadly, gcc's builtin operations are not
available for i386, they will only be used with builds the set
-march=i486 (or later).
Otherwise, we fall back to a single mutex which protects all atomic
operations.
Simon Wilkinson [Sun, 26 Sep 2010 14:48:54 +0000 (15:48 +0100)]
RX: Tidy reader data locking
Data which is accessed only by the reader thread doesn't need to be
protected by call->lock
Remove the call->lock protection where it isn't required, which makes
certain read/write calls lock free.
Stop rx_ResetCall from manipulating reader thread data. This data will
be zero'd and cleared when the reader thread calls rx_EndCall, and
doesn't need to be reset by the Listener thread.
The change which made rx_ResetCall reset reader thread information
was originally part of 559ea99b. It caused race conditions that were
fixed by adding additional lock protection in d0cc6e, 4dadd2 and 423ab97e. This commit reverts portions of all of those changes. It
is safe to not clear the iovc in ResetCall because any NewCall must
be balanced by a corresponding EndCall in the reader thread, and
EndCall does the appropriate freeing of reader elements.
Ben Kaduk [Wed, 29 Sep 2010 00:03:25 +0000 (20:03 -0400)]
More FBSD syscall tweaking
We're now properly registered in syscalls.master for HEAD
(i.e. proto-9.0) and RELENG_8 (proto-8.2), which means that
afs3_syscall is prototyped in sys/sysproto.h . Accordingly,
don't declare it in afs_prototypes.h for those cases.
Also add FBSD82_ENV checks for the new syscall-registration code,
and cast afs3_syscall to sy_call_t* for the sysent structure.
Simon Wilkinson [Mon, 27 Sep 2010 22:50:23 +0000 (23:50 +0100)]
rx: Limit window size to max acks
The RX ack packet can only acknowledge 255 packets at once. In the
current implementation, this limits our maximum window size to 255,
as we can't acknowledge any packets we receive outside of that window
size.
Contains DKMS robustness fixes, improvements to the defaults for the
module build, and cleanup of the openafs-client init script. Updates
the build system for the new demand-attach binary naming and for the
changes to supported configure options. Fixes some issues with
afs-newcell. Forces disabling of the Linux syscall probing in kernel
module builds, since no supported Debian kernel allows this and it
causes problems. Update debhelper to V8, which allows simplification
of debian/rules and debian/module/rules.
Michael Meffie [Thu, 23 Sep 2010 14:15:57 +0000 (10:15 -0400)]
scout: display fetch and store counts as unsigned
Fetches and stores are already defined as unsigned, so format
them as unsigned values when displaying in scout. This fixes
the bug where scout shows those counts as negative values on
busy servers which have been running for a while.
Simon Wilkinson [Thu, 23 Sep 2010 16:41:47 +0000 (17:41 +0100)]
rx: Big windows make us sad
The commit which took our Window size to 128 caused rxperf to run
40 times slower than before. All of the recent rx improvements have
reduced this to being around 2x slower than before, but we're still
not ready for large window sizes.
As 1.6 is nearing release, reset back to the old, fast, window size
of 32. We can revist this as further performance improvements and
restructuring happen on master.
Matt Smith [Thu, 16 Sep 2010 20:44:04 +0000 (15:44 -0500)]
Updates to the Cache Manager to include NetBSD5 support
LKM currently builds and will mount when forced with the entry point
manually defined. Contents of /afs can be discovered, but when listing
the directory, the system call will not return.
Simon Wilkinson [Wed, 22 Sep 2010 08:03:27 +0000 (09:03 +0100)]
Add an LWP version of the hcrypto library
hcrypto uses a single pthread mutex, which is only required when
we're running in a pthreaded world (in a cooperative threading world
such as LWP, there's no way that two processes can both access the
Fortuna PRNG at the same time)
So, build an LWP version of hcrypto which just disables the mutexes.
Simon Wilkinson [Thu, 15 Apr 2010 16:35:37 +0000 (17:35 +0100)]
Move des/stats.h to rxkad directory
The structures defined in des/stats.h are rxkad specific, and so
should be handled by an rxkad header file, rather than by something
in the eventually-to-be-removed DES directory.
The structure shouldn't be initialised in libutil. Move initialisation
to rxkad_common, where it is already initialised in the pthread case.
The two commands are documented identically for right now, so just link
the dafssync-debug man page to the fssync-debug man page. Remove the
incorrect statement in the man page that fssync-debug only works with
demand-attach.
Update bos create man page for new naming of demand-attach binaries
The demand-attach fileserver binaries now have a "da" prefix. Adjust
the documentation in the man page for bos create accordingly, and add
the new binaries to SEE ALSO.
Simon Wilkinson [Thu, 23 Sep 2010 07:58:21 +0000 (08:58 +0100)]
libuafs: Don't #define user
libuafs used to #define user to usr_user, so that any references to
'struct user' would become 'struct usr_user'. However, none of the
kernel code uses struct user, and this #define conflicts with the
definitions in sys/user.h on Linux.
So, just remove it.
Thanks to Russ Allbery for the original problem report.
Simon Wilkinson [Wed, 1 Sep 2010 13:38:58 +0000 (14:38 +0100)]
rxgen: Handle complex structures
Servers built using rxgen will break if they take complex
structures as RPC arguments. A complex structure, in this case, is
one which contains an array.
For example an RPC which takes as an argument:
struct MyData {
opaque somebytes<>;
}
... will cause memory corruption on the server whenever it is called.
This is becase the server stubs emitted by rxgen do not zero out the
contents of the MyData structure, leaving it with whatever garbage may
be on the stack. When XDR comes to populate the somebytes opaque
array, it sees that MyData.somebytes.somebytes_val is non-zero, and
assumes that this is a pre-allocated block into which it can record
the data from the wire. However, it's really just stack garbage, and
so we overwrite memory.
As a fix, this patch creates a new list of 'complex' structures, which
are identified as structures which contain arrays. When a server stub
is created for a function that takes a complex structure, the structure
is set to zero before use, and marked to be freed afterwards.
I suspect that there may be a wider class of complex structures than are
caught by this routine, but this is a start...
The previous value, 350ms, is historical. Now that networks are
so much faster, an artificially high timeout value when backed off
results in an extremely long delay before communication can resume.
Rx: Do not hold call lock across memcpy in rx_ReadProc/rx_WriteProc
1.4.x does not hold the call lock across memcpy operations in
rx_ReadProc, rx_ReadProc32, rx_WriteProc, rx_WriteProc32. The
claim is that the call curpos, curlen, and nLeft fields which
refer to the current packet being processed will not be touched
by any other thread. Therefore it is safe to drop the call lock
to permit another thread to add packets to the call while the memcpy
is performed in parallel.
This patchset continues to hold the call lock longer than the
original implementation but does drop it for the length of time
it takes to copy data from the packet buffer to the application
buffer.
If a volume lookup returns VL_NOENT or VL_BADNAME, cache the negative
response for five minutes. This prevents volume lookup storms caused
by the same volume lookup being performed repeated during a short
time period. This can happen if mount points to volumes that do not
exist are present in a directory that is being evaluated by Windows
Explorer or Common Control File Dialogs.
This functionality is implemented by storing the most recent update
time for the volume group as part of the cm_volume_t. A non-existing
volume group is identified with a new CM_VOLUMEFLAG_NOEXIST flag.
The presence of the lastUpdateTime value also permits volume location
information to expire at lastUpdateTime + lifetime instead of expiring
all volume information simultaneously each lifetime period.
AFS users not otherwise familiar with Kerberos may not realize that
one sets KRB5CCNAME to use an alternative ticket cache. Mention the
variable in the aklog man page, although defer to the Kerberos
documentation for most details.
Change-Id: I13133285f153f86e0aa1e95b24715e01d576075d
Reviewed-on: http://gerrit.openafs.org/2761 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com> Reviewed-by: Russ Allbery <rra@stanford.edu>
Windows: Export additional RX debugging variables from afsrpc.dll
Export
rxi_nRecvFrags @2008 DATA
rxi_nSendFrags @2009 DATA
rx_initReceiveWindow @2010 DATA
rx_initSendWindow @2011 DATA
rx_intentionallyDroppedPacketsPer100 @2012 DATA
rx_intentionallyDroppedOnReadPer100 @2013 DATA
so they can be referenced from pthreaded builds of src/rx/test tools.
Exported variables must be present in both FREE and CHECKED builds.
Rx: PrintTheseStats should not be dependent on RXDEBUG
When RXDEBUG is not defined, PrintTheseStats generates an error
even though the statistics are in fact available. The global
variable rx_packetTypes was not being defined without RXDEBUG.
Make rx_packetTypes defined always and permit statistics to
always be printed.
The global dataPacketsReSent statistic should be the sum of all
peer->reSends and dataPacketsSent should not include the count of
resent packets. Prior to this patchset, dataPacketsSent included
the resent packets and dataPacketsReSent was computed as the number
of requests for Ack instead of the number of packets resent.
If a packet is missing, the peer timeout is backed off to provide
a new starting point for timeout computation. The backoff state
must be stored in the peer object to ensure that multiple failures
do not result in more than one backoff before a successfully received
packet is available for recomputation.
Rx: only compute peer bytes sent and received if rx_stats_active
Computing the bytes sent and received is an expensive operation.
If rx statistics collection has been disabled we should not collect
the peer data. The most expensive operation is the rx_FindPeer()
call that is performed during rxi_ReadPacket(). rxi_ReadPacket()
is processed by the rx listener thread which must be as fast as
possible.
rxi_ReceiveAckPacket can acquire and drop the conn_data_lock several
times and acquires and drops the peer_lock unnecessarily. This patchset
adds a variable to track whether the conn_data_lock is held in order
to avoid the need to drop it and reacquire it based upon conditional
operations. It also relocates the peer->maxPacketSize computations
in order to consolidate the work performed under the peer_lock.
rxperf made assumptions that it was built against LWP, used buffer
sizes for read/write that were too small, made use of non-portable
types, and set signal handlers that are unsupported.
Simon Wilkinson [Sat, 11 Sep 2010 22:17:24 +0000 (23:17 +0100)]
viced: Don't fall back to tokens
I can't think of any circumstances in which it is appropriate for
the fileserver to fallback to using tokens from the kernel, rather than
those generated from keys on disk. So, remove that fallback.
Simon Wilkinson [Sat, 11 Sep 2010 07:21:10 +0000 (08:21 +0100)]
ubik: Remove unused error codes
The error codes in ubik.p.h have been replaced by ones defined by
com_err. Remove the redundant, #if 0, definitions of these, as they're
just confusing when grepping the code.
Change-Id: I18b827a6e0532a602f904bb6c1e34c3f63c2e08d
Reviewed-on: http://gerrit.openafs.org/2757 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> Tested-by: Derrick Brashear <shadow@dementia.org>
Simon Wilkinson [Sat, 11 Sep 2010 19:49:55 +0000 (20:49 +0100)]
ptserver: Merge WhoIsThis and WhoIsThisWithName
The functions WhoIsThis and WhoIsThisWithName are pretty much identical,
with WhoIsThisWithName just having additional logic for foreign user
registration. Merge them together, so that there's only one copy of
the code for determining who a user is.
Simon Wilkinson [Mon, 13 Sep 2010 07:54:55 +0000 (08:54 +0100)]
userok: Don't double check for expiry
rxkad_GetServerInfo returns an error if you attempt to get server
information using a connection whose tokens have already expired.
The additional check for expiry in the userOK routines is therefore
not required - they'll never be reached, because GetServerInfo will
already have errored out.
Simon Wilkinson [Sat, 11 Sep 2010 15:39:23 +0000 (16:39 +0100)]
auth: Restructure userok
Restructure the userok logic in auth to split it into smaller functions,
and abstract out common code. This will make it easier to add support
for other security layers in future commits.
projects / packages / o / openafs.git / log