Mark Vitale [Mon, 7 Apr 2014 22:56:26 +0000 (18:56 -0400)]
afs: maintain afs_users buckets in sorted order
Modify afs_GetUser() to insert a new unixuser into an afs_users
hash bucket in sorted order, by uid/PAG. This is in support of
other small optimizations in future commits.
Mark Vitale [Thu, 3 Apr 2014 20:37:51 +0000 (16:37 -0400)]
afs: only reset access caches for the matching cell
When an AFS user's tokens change (unlog, aklog) or expire,
afs_ResetAccessCache() is called to reset all the access caches
for that uid/PAG.
However, a user/PAG may have tokens for multiple cells, and they
may expire or be set/reset at different times. Therefore, it is
incorrect to assume that all access caches for a uid/PAG should
be discarded when only one cell's tokens have changed.
Modify afs_ResetAccessCache() to acccept a new argument 'cell',
and only reset the access caches for a uid/PAG if the vcache
resides in the specified cell. If the caller really wants to
reset all a user's access caches, specify cell=-1.
For cache managers that are running with multiple PAGs and multiple
cells, this should improve performance because 1) it avoids
scanning access caches chains for vcaches that are not part of the
current cell and 2) it avoids deleting access caches that may still
good, thus preventing unnecessary FetchStatus calls.
Michael Meffie [Tue, 3 Jun 2014 03:24:45 +0000 (23:24 -0400)]
linux: dont ignore kmod build errors
Errors from the linux kmod build are not propagated, since make is
run as the first command in a pipeline, and the shell returns the
exit code of the last command in the pipeline. Run the make command
in a subshell to detect errors, and exit afterwards. (This method
is more portable than bash specific pipeline processing options.)
Thanks to Mark Vitale for pointing out this build system defect
to me.
Change-Id: If3e204fe31dbdc9e7416d52fae897f792d27d678
Reviewed-on: http://gerrit.openafs.org/11186 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Mark Vitale <mvitale@sinenomine.net> Tested-by: Mark Vitale <mvitale@sinenomine.net> Reviewed-by: D Brashear <shadow@your-file-system.com>
- That commit makes the RPC fail in situations where it did not
before. But even if we cannot calculate the checksum, we can still
return other information about the key, so this is undesirable.
- It masks the previous 'code' value, returned from stat(). The
return code of stat() is now effectively ignored, except for the
purposes of setting st_mtime, whereas previously a failure caused
the RPC to fail. This is a behavior change.
So, effectively revert c04de52da4e89e15b211b4a19a3d9bc4d612b209.
Explicitly cast the return value of ka_KeyCheckSum to void, to make it
clear that we are intentionally ignoring the return value, so
hopefully this will not be flagged as a warning by code analysis tools
such as coverity.
Change-Id: Iac745d7c88ed7c2d97660e6949caa63580eef6e2
Reviewed-on: http://gerrit.openafs.org/11194 Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: D Brashear <shadow@your-file-system.com>
Benjamin Kaduk [Thu, 5 Jun 2014 00:41:57 +0000 (20:41 -0400)]
rx: Do not try to cancel nonexistent events
Unconditionally cancelling the resend event and releasing the
reference it was supposed to have on the call, can cause the
call reference count to go negative.
In particular, the call chain when a new rx_call structure is
allocated would cause its reference count to become negative.
Behave similarly to all the other rxevent_Cancel calls touched
by 20034a815750beff262d49b37fba225c72dd0ab1, and only cancel the
event and drop a reference when the event is present on the call.
Andrew Deason [Wed, 27 Mar 2013 23:12:41 +0000 (18:12 -0500)]
afs: Raise fake free space reporting
We report 'fake' values for free space, free file nodes, etc for the
'AFS' filesystem, since these values are not meaningful for AFS
itself. Currently we report about 9G of free space for most platforms,
and a few different values for a few others. Raise all of these to
2^32-1, so that trying to copy over 9G of data into AFS does not fail
for those applications that check the destination free space with
statfs(2). Note that one such application is KDE 4.8.x.
Consolidate all places that do this, and put the 'fake' value in one
place, AFS_VFS_FAKEFREE, along with the relevant comments.
Related issues reported by Lars Schimmer, Richard Brittain, and
others.
Reviewed-on: http://gerrit.openafs.org/9688 Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Markus Koeberl <markus.koeberl@tugraz.at> Tested-by: Markus Koeberl <markus.koeberl@tugraz.at> Reviewed-by: D Brashear <shadow@your-file-system.com>
(cherry picked from commit e385571ba37fa6d43fecca17e9e5d60a22a414cd)
Change-Id: Id9b5fa92f48bc83b84bb4f50bc0ae25b028694b0
Reviewed-on: http://gerrit.openafs.org/10984 Tested-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: D Brashear <shadow@your-file-system.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Stephan Wiesand [Thu, 10 Apr 2014 15:59:24 +0000 (17:59 +0200)]
fs: Fix improper use of readlink
readlink returns a non-NUL terminated buffer. If we are going to
terminate its response, we need to make sure that there's space to
do so. So the length passed to readlink should be one less than the
real length of the buffer.
Commit 54eb2485b59550ba42569ed3a8d76211a3a35019 removed the
implementation of bnode_Deactivate(), which had been #ifdef'd out
for a long time, but left the prototype in place. Remove the
obsolete declaration in bosprototypes.h as well.
Reviewed-on: http://gerrit.openafs.org/10868 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 01a7c64e472c241798306e7f8137de28efdef37e)
Change-Id: Ic1ca95ef455705a14cf68f0801d73789cc7bd4b5
Reviewed-on: http://gerrit.openafs.org/11192 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Stephan Wiesand [Fri, 14 Mar 2014 13:44:54 +0000 (14:44 +0100)]
bos: Change the remaining use of ktc_to_charptr to char cast
This is a 1.6 only change to complement the preceding commit.
On the master branch, this modification is part of commit a9b8fd81bf14c04d33113e9e4df4e1ca7573e49d which otherwise comprises
changes not foreseen to be applied to 1.6.
Change-Id: I44678c2fb15f136d70f2d38a3996ad3d7d0455d5
Reviewed-on: http://gerrit.openafs.org/10891 Reviewed-by: D Brashear <shadow@your-file-system.com> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Ken Dreyer [Wed, 6 Mar 2013 20:53:29 +0000 (13:53 -0700)]
doc: recommend cleanup steps in "vos convertROtoRW" man page
vos convertROtoRW leaves the older RW copy on the original fileserver,
although it is no longer in the VLDB. Provide the user with some hints
regarding clean up.
Reviewed-on: http://gerrit.openafs.org/9408 Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com> Tested-by: Ken Dreyer <ktdreyer@ktdreyer.com>
(cherry picked from commit 279345c231d0a2d9f6e8c2f76a5347bafd40e70b)
Change-Id: Id273ab86bfe68f89ef629f0c4d839882852e09ab
Reviewed-on: http://gerrit.openafs.org/11126 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de> Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>
Stephan Wiesand [Mon, 2 Jun 2014 14:15:15 +0000 (16:15 +0200)]
fstrace: Don't read uninitialised data on other platforms either
Commit 908105fe8d51551e45692de4e145022138a0356c fixed an off-by-one
error potentially causing a buffer overread in CheckTypes, but only
in the IRIX/AIX version of the function. Apply the same fix to the
code for the other platforms.
Perry Ruiter [Tue, 27 May 2014 08:26:59 +0000 (01:26 -0700)]
config: Move AFS_LRALLOCSIZ to afs_args.h
AFS_LRALLOCSIZ is currently defined in afs/afs.h. Other memory
related definitions such as AFS_SMALLOCSIZ and AFS_MDALLOCSIZ
are defined in config/afs_args.h. Move AFS_LRALLOCSIZ to
config/afs_args.h for consistency.
Change-Id: Ie1e286c24be6a2def404a54355a2fa4b2c42330d
Reviewed-on: http://gerrit.openafs.org/11174 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: D Brashear <shadow@your-file-system.com>
Simon Wilkinson [Mon, 4 Mar 2013 16:34:20 +0000 (16:34 +0000)]
butc: Init volheader before using it for hton
When converting a volume header from host to network order, make
sure that any unused fields in the structure are zero'd, so we don't
end up filling them with stack garbage in the network version of
the structure.
Simon Wilkinson [Sat, 2 Mar 2013 13:01:14 +0000 (13:01 +0000)]
auth: Don't overflow buffer in CompFindUser
The fullname buffer in CompFindUser is theoretically big enough
to take the data usually supplied to it. However, play it safe by
using strlcat and strlcpy to catch buffer overflows.
Simon Wilkinson [Sat, 2 Mar 2013 12:38:49 +0000 (12:38 +0000)]
audit: Fix overflow in file backend
If the filename passed to open_file was larger than MAXPATHLEN-5,
then we'd overflow the oldName buffer when creating the backup
filename. Fix the overflow by using a malloc'd buffer instead.
Simon Wilkinson [Sat, 2 Mar 2013 12:15:22 +0000 (12:15 +0000)]
aklog: Protect against overflows from cmdline
The cell, realm and path arrays are populated based on the user's
command line, and xlog_path is populated from their passwd map
entry. Protect against all of these overflowing, by making suitable
use of strlcpy and strlcat.
Simon Wilkinson [Sat, 2 Mar 2013 12:04:46 +0000 (12:04 +0000)]
aklog: Fix overflows in auth_to_path
In the auth_to_path routine, don't use strcpy and strcat when
working with the fixed length pathtocheck buffer. Instead, use
strlcpy and strlcat to ensure that all string operations fit within
the buffer limits.
Simon Wilkinson [Sat, 2 Mar 2013 10:27:47 +0000 (10:27 +0000)]
util: Avoid overflow in GetNameByINet
We copy the results of gethostbyaddr into a fixed length buffer
without checking whether they fit. Add a length check, and use
strlcpy to do the copy to make sure we can't overflow.
Simon Wilkinson [Sat, 2 Mar 2013 09:35:01 +0000 (09:35 +0000)]
kauth: Don't overflow stack when building username
knfs constructs the userName by combining the clientName.name
and clientName.instance arrays, along with a dot separator. Make
sure that the userName array is big enough to hold these, and
use strlcpy and strlcat just to make sure.
Simon Wilkinson [Sat, 2 Mar 2013 11:49:13 +0000 (11:49 +0000)]
fstrace: Don't read uninitialised data
The pftix variable points to the next free element in the
printfTypes array, so when we iterate through that array to
read that data back, we should stop when our iterator equals
pftix, not when it is greater than it.
Simon Wilkinson [Sat, 2 Mar 2013 11:44:02 +0000 (11:44 +0000)]
readpwd: Make sure user supplies a passwdfile
If the user supplies enough command line arguments, but doesn't
provide a passwdfile, then we can end up trying to open whatever
garbage is on the stack.
Once we've finished parsing the command line arguments, make sure
that a filename was supplied.
Simon Wilkinson [Sat, 2 Mar 2013 11:44:02 +0000 (11:44 +0000)]
readgroup: Make sure user supplies a groupfile
If the user supplies enough command line arguments, but doesn't
provide a groupfile, then we can end up trying to open whatever
garbage is on the stack.
Once we've finished parsing the command line arguments, make sure
that a filename was supplied.
Simon Wilkinson [Sat, 2 Mar 2013 11:36:31 +0000 (11:36 +0000)]
libadmin: Don't pass garbage to pts_UserCreate
The libadmin pts_UserCreate function uses the value passed to
it in newUserId to control whether the user is being created
with a user supplied ID or not.
Initialise this value in the caller, so we don't end up creating
users with corrupt ids.
Simon Wilkinson [Sat, 2 Mar 2013 11:36:31 +0000 (11:36 +0000)]
libadmin: Don't pass garbage to pts_GroupCreate
The libadmin pts_GroupCreate function uses the value passed to
it in newGroupId to control whether the group is being created
with a user supplied ID or not.
Initialise this value in the caller, so we don't end up creating
groups with corrupt ids.
Simon Wilkinson [Sat, 2 Mar 2013 10:15:10 +0000 (10:15 +0000)]
rmtsys: Don't overflow pathname buffer
When we're constructing a homedirectory path to look for the
.AFSSERVER file in, we copy the HOME environment variable into a
static buffer, with a risk of overflowing that buffer.
Instead of using a static buffer, just allocate one with asprintf.
Simon Wilkinson [Sat, 2 Mar 2013 09:59:20 +0000 (09:59 +0000)]
auth: Don't overflow hostName array
afsconf_cell's hostName structure is a fixed length. Don't overflow
it by writing whatever comes back from gethostbyaddr into it. Use
strlcpy to catch an overflow, and if one occurs, just use
"UNKNOWNHOST", rather than a truncated host name.
Simon Wilkinson [Sat, 2 Mar 2013 09:47:53 +0000 (09:47 +0000)]
libadmin: Don't overflow volume name
The maximum volume name length in the VLDB RPCs is VL_MAXNAMELEN
(65), not 64 as used as a hardcoded value in vsprocs. Switch to
using the defined value, and also use strlcat to check that we
don't overflow this.
Simon Wilkinson [Sat, 2 Mar 2013 09:47:53 +0000 (09:47 +0000)]
volser: Don't overflow volume name
The maximum volume name length in the VLDB RPCs is VL_MAXNAMELEN
(65), not 64 as used as a hardcoded value in vsprocs. Switch to
using the defined value, and also use strlcat to check that we
don't overflow this.
Simon Wilkinson [Sat, 2 Mar 2013 09:26:05 +0000 (09:26 +0000)]
auth: Don't overflow cell string
If the kernel gives us bogus data back from the VIOCGETTOK pioctl,
we might overflow the cell string when copying in to it. Use
strlcpy to avoid this (unlikely) occurrence.
Simon Wilkinson [Fri, 1 Mar 2013 11:35:05 +0000 (11:35 +0000)]
rxgen: Don't overflow PackageIndex
PackageIndex++ returns the pre-index value of PackageIndex, so the
error statement isn't run when PackageIndex == MAX_PACKAGES. This
means we go on to overflow all of the arrays that are MAX_PACKAGES
in size.
Caught by coverity (#985583, #985584, #985585, #985586,
#985587, #985588, #985589)
Simon Wilkinson [Fri, 1 Mar 2013 11:09:04 +0000 (11:09 +0000)]
bucoord: Remove theoretical overflow of ubik array
The ubik connections array is NULL terminated, so we have to
ensure that there is enough space for the trailing NULL. As the
array is MAXSERVERS elements long, this means that we can only
store MAXSERVERS-1 connections in it.
This problem will never be encountered by the correct code, as
the number of hosts returned from afsconf_Open is capped at
MAXHOSTSPERCELL (currently 8). MAXSERVERS is currently 20. However,
fix the bug in case we increase MAXHOSTSPERCELL at some point in
the future.
Simon Wilkinson [Thu, 28 Feb 2013 22:07:12 +0000 (22:07 +0000)]
libadmin: Don't free garbage
Make sure that we initialise the nbulkentries structure to 0 before
we start work, so that if the failure handler is called, it doesn't
try to free garbage.
If an array is n elements long, accessing element array[n] is an
overflow. Fix various places where we apply loop bounds incorrectly
using the NUM_CM_STAT_ENTRIES constant.
If an array is n elements long, accessing element array[n] is an
overflow. Fix various places where we apply loop bounds incorrectly
using the NUM_FS_STAT_ENTRIES constant.
Simon Wilkinson [Thu, 28 Feb 2013 17:07:31 +0000 (17:07 +0000)]
afsmonitor: Add missing items to fsOpNames array
The Lookup and Residency fs stats counters were missing from the
fsOpNames array. Add them in - Lookup has been missing since the
IBM release, Residency was missed when the MR-AFS code was merged.
This is still rather fragile, as there's no guarantee that
AFS_STATS_NUM_FS_RPC_OPS matches the number of elements in this
array. However, this is now correct until someone breaks it again...
in order to remove new lines from cmdbuf. Coverity thinks there's
a danger of strlen(cmdbuf) being 0, and thus the strlen being negative.
That shouldn't happen, but if fgets hits EOF midway through a line, we
might get a string that doesn't have a trailing '\n', and end up
removing the wrong character. Tidy this up by checking that the string
isn't 0 length, and that the character we're zapping is a newline.
Simon Wilkinson [Wed, 27 Feb 2013 10:28:05 +0000 (10:28 +0000)]
Unix CM: Don't free cell, then release lock on it
If afs_NewCell fails, then we can end up releasing a lock on a
section of memory that we have already freed. As this only happens
if the memory we're operating on is newly allocated and not yet
visible to anyone else, it is safe to release the lock before
starting to tidy things up.
Simon Wilkinson [Wed, 27 Feb 2013 10:11:21 +0000 (10:11 +0000)]
libafscp: Can't unlock something we've freed
When we call _StatCleanup on a stored statent structure, it
deletes the mutex, and frees the structure itself. This means it
can't be called with a locked structure as the mutex deletion
will fail, and then we'll try to reference freed memory when we
later unlock that mutex.
Fix this by unlocking the mutex before calling _StatCleanup. This
is safe because the only reference to the structure visible to other
threads must have been deleted by the time we reach this point.
Michael Meffie [Tue, 30 Apr 2013 15:30:15 +0000 (11:30 -0400)]
pt_util: fix group line check for input files
Fix the check for requiring group lines before any membership lines. Do
not clear flag indicating the presence of a group after reading each
line. (This error was caught by the pt_util-t unit test.)
Simon Wilkinson [Wed, 27 Feb 2013 09:23:07 +0000 (09:23 +0000)]
pt_util: Protect against corrupt input files
If we have an input file which contains a group membership line
(with a leading space) before any group definitions occur, pt_util
would use stack garbage as the group to create these members in.
Avoid this by requiring the presence of a group line before any
membership lines.
Simon Wilkinson [Tue, 26 Feb 2013 22:27:25 +0000 (22:27 +0000)]
auth: Fix buffer overflow in afsconf_Open
If we fallback to the .AFSCONF file in the user's homedirectory,
the results of getenv("HOME") are copied into a fixed length string,
without checking for overflows.
Instead of risking this, just use asprintf to dynamically construct
a string, and free it when we are done.
Simon Wilkinson [Tue, 26 Feb 2013 21:30:20 +0000 (21:30 +0000)]
bos_util: Fix buffer overflow
Get rid of a buffer overflow in the bos_util utility, by just
printing the key from the 'tbuffer' string, rather than copying
it into 'x' which is too small for it.
Simon Wilkinson [Tue, 26 Feb 2013 21:28:52 +0000 (21:28 +0000)]
volser: Fix bad readlink usage
readlink fills the buffer passed to it with a non-terminated string.
It can legitimately fill the whole of this buffer. So, if we require
a string to be NUL terminated, we must give readlink one less than
the string length so that the termination character can be safely
appended.
Simon Wilkinson [Tue, 26 Feb 2013 12:30:00 +0000 (12:30 +0000)]
ptserver: Zero ubik header before writing to it
When using pt_util's ubik shim, if we're creating a new ubik label
make sure to zero the whole structure before writing it out to disk.
Otherwise we get a shorts worth of stack garbage in the resulting
file.
Simon Wilkinson [Tue, 26 Feb 2013 12:26:36 +0000 (12:26 +0000)]
ptserver: Rename ubik.c as ptubik.c
Coverity gets confused between ubik/ubik.c and ptserver/ubik.c,
and produces a load of false positives. Rename the ptserver ubik
shim (which is only used by pt_util) in order to reduce this
confusion.
Reviewed-on: http://gerrit.openafs.org/9273 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit daed548f70a2187c679232e4f79d703389419c4e)
Change-Id: I834fab3b65859cb73ece3fc52d9272d0b7d452ed
Reviewed-on: http://gerrit.openafs.org/11012 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Andrew Deason <adeason@sinenomine.net> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Simon Wilkinson [Thu, 21 Feb 2013 20:36:19 +0000 (20:36 +0000)]
libadmin: Fix a lot of dead assignments in vsprocs
Tidy up a lot of places where we initialise a variable, then
immediately assign a proper value to it, or store a return value
that we don't actually care about.
Marc Dionne [Tue, 29 Apr 2014 16:48:03 +0000 (12:48 -0400)]
libafs: Speed up afs_CheckTokenCache
On systems with a large number of PAGs and files in use, the
periodic daemon job that checks for expired credentials and
cleans up the axs cache can run for a very long time. This
can lead to kernel soft lockups and eventually hang processes
and file access because of unavailable locks.
Rework the scanning logic in afs_CheckTokenCache to make the
scanning more efficient in most real world cases. On a test
system accessing ~4000 files from processes in 1000 PAGs, this
has been observed to reduce the runtime of afs_CheckTokenCache
from a problematic ~70s down to about 0.7s.
Additionally, this changes the conditions in which an axscache is
discarded. uid+cell (rather than just uid) must now match, and
if no matching unixuser is found, it will also be discarded.
Adapted from code from Jeffrey Altman who provided the original
loop algorithm and code.
Change-Id: I65b275b4244b3b6ab65453623bb8729530a9e1a6
Reviewed-on: http://gerrit.openafs.org/11123 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: D Brashear <shadow@your-file-system.com>
Ben Kaduk [Fri, 4 Jan 2013 21:16:04 +0000 (16:16 -0500)]
Dummy Makefile for rxgk
Include a libtool export symbol list for the shared library, which
only has the client RPC calls and the NewFooSecurityObject primitives
for now, since that's all that's stubbed out.
Also connect the rxgk directory up to be buildable from the root, but
nothing depends on it yet so it will not be built.
Looking ahead, build a libafsrpc_rxgk.la object.
Change-Id: I12ddefbdaa1ad4845649e3a32efdeaaa21b5e9b7
Reviewed-on: http://gerrit.openafs.org/10563 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: D Brashear <shadow@your-file-system.com>
Ben Kaduk [Fri, 6 Dec 2013 20:24:58 +0000 (15:24 -0500)]
Add rxgk boilerplate
Just the skeleton of what needs to be there. The actual import is split
over multiple commits, to make the reviewer's burden more manageable.
Error table, protocol description, and stubs for the security object
routines, with header to declare them.
The public header rxgk.h currently only contains a few typedefs and the
NewSecurityObject prototypes, and includes the RPC interface and com_err
code headers.
Change-Id: I7893f78119bb4aef12112cc1e51e1ec69de326c2
Reviewed-on: http://gerrit.openafs.org/10562 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: D Brashear <shadow@your-file-system.com>
Ben Kaduk [Fri, 6 Dec 2013 19:56:25 +0000 (14:56 -0500)]
Add some configure bits for GSS-API
rxgk will require gss_pseudo_random and might want a couple other
krb5-specific bits. We'll also need substvars to tell whether or
not we can try building these things.
Change-Id: Id18eb3f554605875696095eb40c25ec54df1f74b
Reviewed-on: http://gerrit.openafs.org/10561 Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: D Brashear <shadow@your-file-system.com> Tested-by: BuildBot <buildbot@rampaginggeek.com>
Marc Dionne [Mon, 5 May 2014 17:33:10 +0000 (13:33 -0400)]
Linux: Drop PageReclaim AOP_WRITEPAGE_ACTIVATE case
The exit case here seems to have been added to avoid recursion into
the writeback code and eventual deadlock (see RT #15239). One issue
is that the PageReclaim check can trigger in code paths that don't
deal with the AOP_WRITEPAGE_ACTIVATE code correctly, leading to EIO
errors when multiple threads are doing large mmap writes and memory
pressure is sufficient to trigger reclaim.
The check could be improved to check wbc.for_reclaim which seems to
indicate more reliably when it is safe to return ACTIVATE, but given
that the CPageWrite flag already provides more targeted recursion
prevention, it seems safer to just drop this special case.
Note that many kernel filesystems used to have a similar check mainly
to prevent excessive stack usage, but as more recent kernels have
moved away from doing any writeback during direct reclaim this is a
case that should no longer occur. Partly as a result of this there
are very few users of AOP_WRITEPAGE_ACTIVATE left in the kernel,
which may be a motivation to find a better mechanism for OpenAFS
eventually.
This has been shown to help avoid EIO errors with multiple processes
doing intensive mmap writing.
Thanks to Yadav Yadavendra for identifying the issue and providing
extensive analysis and testing.
Michael Meffie [Tue, 18 Feb 2014 18:59:59 +0000 (13:59 -0500)]
volser: log message for cross-device link errors
Add a log entry to the volume server to help diagnose those pesky
'Invalid cross-link device' errors returned by vos, which occur when
a clone volume is located in a different partition than the parent
read-write volume, or when a read-only volume is on the incorrect
partition on the server.
With this change, a new log entry is added when the volume server
fails to create a clone or a read-write volume because a volume with
the target volume id already exists on a different partition. For a
clone volume, this would be a different partition than the
read-write volume. For a read-only volume, this would be a different
partition than indicated in the vldb.
Examples:
Volume foobar is on /vicepb, but foobar.backup is incorrectly on
partition /vicepa.
$ vos backup foobar
Failed to clone the volume 536870934
: Invalid cross-device link
VolserLog:
VCreateVolume: volume 536870936 for parent 536870934 found on /vicepa; unable to create volume on /vicepb.
1 Volser: Clone: Couldn't create new volume 536870936 for parent 536870934; clone aborted
...
The vldb indicates a read-only volume should be on /vicepa on a
remote site, but the actual volume is on /vicepb.
$ vos release xyzzy
Failed to create the ro volume: : Input/output error
The volume 536870921 could not be released to the following 1 sites:
mantis /vicepa
VOLSER: release could not be completed
...
VolserLog on mantis:
VCreateVolume: volume 536870922 for parent 536870921 found on /vicepb; unable to create volume on /vicepa.
...
Change-Id: Iaa471c46059d598a5095d59580e3b0b8ac6e1992
Reviewed-on: http://gerrit.openafs.org/10849 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Perry Ruiter <pruiter@sinenomine.net> Reviewed-by: D Brashear <shadow@your-file-system.com>
Marc Dionne [Wed, 28 May 2014 13:53:58 +0000 (09:53 -0400)]
vol: Fix gcc 4.9 warnings
gcc 4.9 complains here because the trailing 0 in these macros
has no effect, the value having already been set to NULL.
Just remove the offending 0s, nothing uses the return value
anyway, even if there were platforms where 0 != NULL.
Change-Id: Ic9a79d51419726c0c823a9228c21c13dea918dc8
Reviewed-on: http://gerrit.openafs.org/11176 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: D Brashear <shadow@your-file-system.com>
Stephan Wiesand [Fri, 30 May 2014 13:05:28 +0000 (15:05 +0200)]
libadmin: Remove redundant memset call
Commit bf78bf2c115659b78c34d3bc9d1934bcff21c8cc added initialisation
of the nbulkentries structure to 0, to avoid freeing garbage due to a
goto fail_... before the structure is initialised. As pointed out by
Andrew Deason, there already is an equivalent memset call later in the
code which is now redundant. Remove it.
Perry Ruiter [Fri, 30 May 2014 21:28:53 +0000 (14:28 -0700)]
audit: Delete va_copy kludge
When I developed fix c3d4c109305b2db8a63b754c1894ad37326dc340 I used
va_copy. I was nervous because it required C99, but I had no
problem with any of the buildbots, nor did any reviewer comment.
audit/audit.c contains a local hack to simulate va_copy in the
pre C99 days. There are no uses of va_copy in audit.c but
presumably at some point there was. Delete the local va_copy.
Change-Id: I5e30c7e3052aeffe56e366888c5a3db3a705fd00
Reviewed-on: http://gerrit.openafs.org/11184 Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: D Brashear <shadow@your-file-system.com>
Perry Ruiter [Tue, 27 May 2014 08:16:26 +0000 (01:16 -0700)]
Delete several unused memory management constants
Change 412854593cf368006c18e6c0dc607a9ecd76a0e0, removed from
the code base the last usage of:
AFS_SALLOC_LOW_WATER (defined in afs/afs.h)
AFS_MALLOC_LOW_WATER (defined in config/afs_args.h)
AFS_MDALLOCSIZ (defined in config/afs_args.h)
This patch deletes these constants.
Change-Id: I1333aed508875e9b13dc3f36f3ff0d5eadfb2cfd
Reviewed-on: http://gerrit.openafs.org/11173 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: Michael Meffie <mmeffie@sinenomine.net> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Ben Kaduk [Wed, 8 May 2013 16:51:31 +0000 (12:51 -0400)]
Suppress nonliteral format string warning/error
Clang doesn't like a nonliteral format string, and some kernel
builds (e.g., freebsd) are done with -Werror. Use the standard
workaround for FreeBSD and UKERNEL builds by calling vsnprintf()
into a fixed buffer.
Remove the !defined(AFS_LINUX26_ENV) check, as it duplicates a
conditional around the entirety of osi_Panic().
Michael Meffie [Sun, 19 Jan 2014 22:04:08 +0000 (17:04 -0500)]
libafs: separate source and header compile_et rules
Use the new compile_et -emit flag to generate source and header
files separately to support parallel make.
Export afs_trace.h since it is required to build libafs. Before the
compile_et -emit flag was available, The afs_trace.h file was
generated as a side-effect of creating afszcm.cat.
Change-Id: I4e93691dda34ddc8600d6a818503e0c9e75e618a
Reviewed-on: http://gerrit.openafs.org/10729 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Benjamin Kaduk <kaduk@mit.edu> Reviewed-by: Chas Williams - CONTRACTOR <chas@cmf.nrl.navy.mil> Reviewed-by: D Brashear <shadow@your-file-system.com>
Michael Meffie [Sun, 30 Mar 2014 09:53:16 +0000 (11:53 +0200)]
doxygen: make dox
Add an optional make target (make dox) and doxygen configuration to
generate doxygen output files. Auto-detect when the doxygen and
graphviz dot tools are available. When dot is present, configure
doxygen to create dependency graphs.
Since the graph generation can take a very long time, a new
configure option has been added to override the dot tool
auto-detection. To disable the graph generation (even if dot is
installed), run configure with the option: --without-dot
When graph generation is desired, but graphviz dot is not present in
the PATH, specify the path to dot with the configure option
--with-dot=<path-to-dot>.
The configure summary has been updated to show when doxygen document
and graph generation is configured.
Thank you Jason Edgecombe for providing the doxygen configuration
for OpenAFS.
projects / packages / o / openafs.git / log