openafs.git
8 years agotests: rx needs roken
Simon Wilkinson [Sun, 8 Apr 2012 22:31:15 +0000]
tests: rx needs roken

On Linux, the RX library has a dependency on libroken for the rk_socket
function. Add this dependency to the RX tests.

Change-Id: I306e846524232bc136cd969ab1b8664d1c570e2d
Reviewed-on: http://gerrit.openafs.org/7127
Tested-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agocmd: Don't leak memory when constructing help string
Simon Wilkinson [Sat, 31 Mar 2012 19:27:53 +0000]
cmd: Don't leak memory when constructing help string

It's not critical, because we'll be exiting soon afterwards, but just
to be nice, don't leak the name of every command option whilst we're
constructing the help string.

Caught by clang-analyzer

Change-Id: I87fdb2030c6a7c5ad810f2a06820c08cbe2fb18e
Reviewed-on: http://gerrit.openafs.org/7107
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoktime: Don't leak token list
Simon Wilkinson [Sat, 31 Mar 2012 19:23:22 +0000]
ktime: Don't leak token list

ktime_ParsePeriodic generates a malloc'd token list when it parses
the time string passed to it. Make sure that we free this list before
exiting from the function.

Change-Id: I6edacc6504aeec06ede5b5ae36c22f69b0d6cea0
Reviewed-on: http://gerrit.openafs.org/7106
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agobudb: Don't leak memory
Simon Wilkinson [Sat, 31 Mar 2012 19:16:16 +0000]
budb: Don't leak memory

Don't leak the malloc'd path variable everytime we call truncateDatabase

Caught by clang-analyzer

Change-Id: I583d81b136113820dab00a6eb35ca8e1aeec2cd1
Reviewed-on: http://gerrit.openafs.org/7105
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agovol-dump: Don't leak memory
Simon Wilkinson [Sat, 31 Mar 2012 19:13:49 +0000]
vol-dump: Don't leak memory

Don't leak a Volume structure everytime we call HandleVolume

Caught by clang-analyzer

Change-Id: Id8cf79dd2178b8647d88f0765ec4ad9d327a23ae
Reviewed-on: http://gerrit.openafs.org/7104
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agovol-dump: Make static things static
Simon Wilkinson [Sat, 31 Mar 2012 19:11:10 +0000]
vol-dump: Make static things static

vol-dump is a self contained object. Make everything in it static to
make clear that these functions are not being used by other objects in
the tree.

Change-Id: I0345c884167ed322fdf7a6e83b77b0ae261b9d8f
Reviewed-on: http://gerrit.openafs.org/7103
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoauth: Don't leak key on file parse error
Simon Wilkinson [Sat, 31 Mar 2012 18:59:47 +0000]
auth: Don't leak key on file parse error

If we fail for any reason whilst parsing the keyfile from disk, don't
leak the key structure which we allocated to store the results of the
parse.

Change-Id: I21a27723f96af9428465134cfb975c83e10da535
Reviewed-on: http://gerrit.openafs.org/7102
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoopr: Flag assertion error handles as noreturn
Simon Wilkinson [Sat, 31 Mar 2012 18:52:58 +0000]
opr: Flag assertion error handles as noreturn

Flag both of our assertion error handlers as being AFS_NORETURN, so
that static analysers can truncate their decision trees, and avoid
false positives, based on assertion statements.

Change-Id: I511c9c19a714cd3eaa5a886bf9561f577244360e
Reviewed-on: http://gerrit.openafs.org/7101
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agopts: Don't malloc(0) when there's nothing to do
Simon Wilkinson [Sat, 31 Mar 2012 18:42:39 +0000]
pts: Don't malloc(0) when there's nothing to do

If GetNameOrId is called with no work to do, then don't attempt to
malloc a load of 0 length strings. Instead just return an empty array
to the caller.

Change-Id: I245cfde71d65b8a3b6df4217b90dad81e9e60a58
Reviewed-on: http://gerrit.openafs.org/7100
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agobucoord: Don't malloc(0) if there's no work to do
Simon Wilkinson [Sat, 31 Mar 2012 18:37:04 +0000]
bucoord: Don't malloc(0) if there's no work to do

If there's no work to do, then don't attempt to malloc 0 bytes, and
just return success to the user

Change-Id: I060852a247acb8309c75f3670577561b5a9af591
Reviewed-on: http://gerrit.openafs.org/7099
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoauth: Handle empty lists of keys
Simon Wilkinson [Sat, 31 Mar 2012 18:33:33 +0000]
auth: Handle empty lists of keys

Handle the case where a list of keys may be empty - don't attempt
to calloc a 0 length array, and have Put handle the case where the
array being freed has no elements.

Caught by clang-analyzer

Change-Id: I665035cb00a8da411710a71a17ae66545702127f
Reviewed-on: http://gerrit.openafs.org/7098
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoUnix CM: We're disconnected if RW disconnected too
Simon Wilkinson [Sat, 31 Mar 2012 18:23:18 +0000]
Unix CM: We're disconnected if RW disconnected too

At the moment, the Unix CM doesn't support entering a purely RO
disconnected mode (the historical AFS_IS_DISCONNECTED mode). If we
go disconnected, or reconnect we always toggle RW discon at the same
time as we toggle RO. Arguably, the RO disconnected mode should just
be removed, as it is now superceded.

For the moment, make it clear to the compiler that RW disconnected
implies RO disconnected, so that static analysis can make more sensible
decisions about code paths.

Change-Id: I7e2d04d2cf67740c6b6285950874c6a4eaeb0537
Reviewed-on: http://gerrit.openafs.org/7097
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoauth: Make sure we get AF_INET addresses from DNS
Simon Wilkinson [Sat, 31 Mar 2012 16:20:25 +0000]
auth: Make sure we get AF_INET addresses from DNS

The routines which do AFSDB and SRV lookups copy the results of
gethostbyname directly into an afs_int32, and use the size of the
result to limit the copy. If, for any reason, they get a result that
isn't an int, then they will overflow this value.

Check that the result we get from gethostbyname is in the INET
address family, and also limit the size of the copy by the size of the
destination, rather than that of the source.

Caught by clang-analyzer

Change-Id: Icf1426e090bc1ed382212d5de6c291d0816fb2c9
Reviewed-on: http://gerrit.openafs.org/7096
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agovos: Initialise total counters
Simon Wilkinson [Sat, 31 Mar 2012 15:59:16 +0000]
vos: Initialise total counters

When VolumeStats_int calls DisplayFormat, it isn't interested in
the total counters it provides. So, it doesn't both initialising the
variables it passes in to hold these counters - garbage in, garbage out.

However, this shows up as an uninitialises variable warning, so set them
all to 0 to keep clang happy.

Caught by clang-analyzer

Change-Id: Ia3e1eadde6eac6fa924a4ff9ad566c5c50f9ff40
Reviewed-on: http://gerrit.openafs.org/7095
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agovol: Don't return an uninited val from LookupNode
Simon Wilkinson [Sat, 31 Mar 2012 15:51:19 +0000]
vol: Don't return an uninited val from LookupNode

If the SalvageHashTable for a particular node is empty, then LookupNode
can return an uninitialised value to the caller. It isn't clear from a
broader code inspection whether LookupNode can ever be called with an
empty SalvageHashTable, but returning a NULL vsp does seem like the
correct thing to do in this situation.

Caught by clang-analyzer

Change-Id: Ibee79e6acf7d3bdbc2995ef924338ade4de77d08
Reviewed-on: http://gerrit.openafs.org/7094
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agofs: Fix bad frees
Simon Wilkinson [Sat, 31 Mar 2012 11:01:46 +0000]
fs: Fix bad frees

On an error GetLastComponent was freeing completely the wrong thing.
Fix this so it frees the memory it has allocated, and not some random
stack pointer.

Caught by clang-analyzer

Change-Id: I8b65f7ab36647b876fae5cbe59d82fd8d38ce0b7
Reviewed-on: http://gerrit.openafs.org/7093
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agocmd: Use strl* rather than strn* to avoid overrun
Simon Wilkinson [Sat, 31 Mar 2012 10:58:01 +0000]
cmd: Use strl* rather than strn* to avoid overrun

The NName function was using strncat(a, b, sizeof(a)), which doesn't
work as you would expect if 'a' already contains data. To avoid the
potential buffer overflow, switch to just using strlcat.

Caught by clang-analyzer

Change-Id: Idd2c630c07a93b27e8d629339589aa6686290eae
Reviewed-on: http://gerrit.openafs.org/7092
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoautoconf: One CC to rule them all
Simon Wilkinson [Fri, 30 Mar 2012 19:36:56 +0000]
autoconf: One CC to rule them all

(well, in userspace at least)

We have 3 different ways of specifying the C compiler - CC, CCOBJ and
MT_CC. On most platforms these are set to identical values by the
configure script. However, this causes problems for a user who wants
to override the default complier choice by doing
    make CC=my-favorite-compiler
as this doesn't catch all of the ways we specify the compiler [1]

So, change the specification of CCOBJ and MT_CC so that, by default,
they reference CC, rather than copying its value. This means that on
platforms where CC is the appropriate compiler to use in all situations,
a user need only change CC to modify their compiler choice.

[1] - it might be argued that the correct place to substitue the
      compiler is in configure's environment, which does currently work.
      However, this doesn't work with special things, like static
      analysers, that can build the source tree, but not the configure
      tests.

Change-Id: Ib95e2ac00b36f33c3cb2491feacd6c898f8f61dc
Reviewed-on: http://gerrit.openafs.org/7091
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoafs: Handle reading past the end of a file
Simon Wilkinson [Fri, 30 Mar 2012 18:41:17 +0000]
afs: Handle reading past the end of a file

... except that this change doesn't actually handle this, it just
stops clang from throwing an error about the bogus code that's already
in there. This needs fixed properly ...

Change-Id: Ifbf190a86037fced8104ed0843dd1e7aa0b999a7
Reviewed-on: http://gerrit.openafs.org/7090
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoxdr: Len can never be negative
Simon Wilkinson [Fri, 30 Mar 2012 18:40:30 +0000]
xdr: Len can never be negative

The len parameter to xdr_len is unsigned, so can never be negative.
Don't bother testing to see if it is negative, so that clang likes us
again.

Change-Id: Iad5f8b1b2d20ec55846bc1ef7b7499a30956e17f
Reviewed-on: http://gerrit.openafs.org/7089
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agorx: Remove needless braces
Simon Wilkinson [Fri, 30 Mar 2012 18:39:51 +0000]
rx: Remove needless braces

Doing if ((a==b)) is unecessary. It's also potentially dangerous, as
that's the syntax required to do assignment within an if statement.
clang now issues warnings (errors in -Werror mode) when it encounters
these.

Remove pointless braces from the Unix CM to make clang happy.

Change-Id: I031db80c3f85c0e4c4db365b1c36b5d4b4a7cb48
Reviewed-on: http://gerrit.openafs.org/7088
Tested-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agorx: Handle negative returns on packet reads
Simon Wilkinson [Fri, 30 Mar 2012 18:37:36 +0000]
rx: Handle negative returns on packet reads

rxi_RecvMsg returns an int, because it can return a negative value upon
error. Don't store its return value as an unsigned int, because this may
hide the potential errors.

Modify the error handling loop so that errors get to where they are
intended.

Change-Id: I212e5881f83a2a95c177c23dbc2da2583155f1aa
Reviewed-on: http://gerrit.openafs.org/7087
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agovenus: Make clang happy with strlcpy use
Simon Wilkinson [Fri, 30 Mar 2012 18:35:51 +0000]
venus: Make clang happy with strlcpy use

clang now expects that strlcpy will always be used to prevent overflow
of the destination string, and gives a warning if the size parameter is
based solely on the length of the source string.

Modify the BreakUpPath function so that it takes the size of the
destination string as an argument, and uses this to limit the amount of
data pasted into it.

Change-Id: I86f68dd2013ca8bc4c88ade78d27c4d416a9ae94
Reviewed-on: http://gerrit.openafs.org/7086
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoviced: Remove pointless braces
Simon Wilkinson [Fri, 30 Mar 2012 18:34:53 +0000]
viced: Remove pointless braces

Doing if ((a==b)) is unecessary. It's also potentially dangerous, as
that's the syntax required to do assignment within an if statement.
clang now issues warnings (errors in -Werror mode) when it encounters
these.

Remove pointless braces from viced to make clang happy.

Change-Id: Iee8c1d60cc2296fefd0e7f82127821dcefb931ec
Reviewed-on: http://gerrit.openafs.org/7085
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agovlserver: unsigned values are always >0
Simon Wilkinson [Fri, 30 Mar 2012 18:33:55 +0000]
vlserver: unsigned values are always >0

Maxvolidbump is defined as an unisgned int, and thus can never be less
than 0. Remove the pointless check, as it just makes clang sad.

Change-Id: I78a2c8f6fcaee17196e37183256e6935cdca183b
Reviewed-on: http://gerrit.openafs.org/7084
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agovol: Call memset with the correct size
Simon Wilkinson [Fri, 30 Mar 2012 18:31:10 +0000]
vol: Call memset with the correct size

Call memset with the size of the structure we're initialising to 0,
and not the size of the pointer to that structure.

Caught by clang's new warnings.

Change-Id: I8cded7bed4e289e9603778e06873f94fd3924aa8
Reviewed-on: http://gerrit.openafs.org/7083
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agorxgen: Tidy up server side freeing
Simon Wilkinson [Thu, 5 Jan 2012 10:51:06 +0000]
rxgen: Tidy up server side freeing

The way in which rxgen handles freeing of objects allocated by the RPC
stub has evolved over the years. Originally, there appears to have been
a "somefrees" parameter which was used to track whether objects required
freeing or not. However, this parameter has fallen in to disuse, as
support for typedefs and unions were added, and which parameters
require freed is now tracked within the description structures
themselves. So, get rid of somefrees, as it is now just confusing.

The generated code to free a set of RPC arguments currently looks
something like:

fail:
        z_xdrs->x_op = XDR_FREE;
        if (!xdr_string(z_xdrs, &Name, AFSNAMEMAX)) goto fail1;
        if (!xdr_string(z_xdrs, &OfflineMsg, AFSOPAQUEMAX)) goto fail1;
        if (!xdr_string(z_xdrs, &Motd, AFSOPAQUEMAX)) goto fail1;
        if (rx_enable_stats) {
            rx_RecordCallStatistics(z_call, RXAFS_STATINDEX,
                19, RXAFS_NO_OF_STAT_FUNCS, 0);
        }

        return z_result;
fail1:
        if (rx_enable_stats) {
            rx_RecordCallStatistics(z_call, RXAFS_STATINDEX,
                19, RXAFS_NO_OF_STAT_FUNCS, 0);
        }

        return RXGEN_SS_XDRFREE;

Which isn't very efficient, or easy to modify. So, change the code
generator to produce code that looks like:

fail:
        z_xdrs->x_op = XDR_FREE;
        if ((!xdr_string(z_xdrs, &Name, AFSNAMEMAX))
            || (!xdr_string(z_xdrs, &OfflineMsg, AFSOPAQUEMAX))
            || (!xdr_string(z_xdrs, &Motd, AFSOPAQUEMAX)))
                z_result = RXGEN_SS_XDRFREE;

        if (rx_enable_stats) {
            rx_RecordCallStatistics(z_call, RXAFS_STATINDEX,
                19, RXAFS_NO_OF_STAT_FUNCS, 0);
        }

        return z_result;

This does the same thing, but is easier to read and is more consistent
with the way that we structure marshalling and unmarshalling.

Change-Id: I8b56f320c05c5d4270daf409d57514cbe8d076f5
Reviewed-on: http://gerrit.openafs.org/7005
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agofileserver: Fix NeverAttach support
Simon Wilkinson [Sun, 8 Apr 2012 12:58:25 +0000]
fileserver: Fix NeverAttach support

Commit 35becabed870d4bfe49abaa499d99a3ffb0a2d31 added support for
the /vicepXX/NeverAttach. However this code only appears to work on
Linux. It fails build testing on (at least) Mac OS X, FreeBSD, and AIX.
Modify the code so that the NeverAttach call uses the same variable to
locate the path of the partition as the AlwaysAttach call does.

Change-Id: Ic87e112f362ac6d23376fb0a263d021c29c0b06e
Reviewed-on: http://gerrit.openafs.org/7125
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoDOC: Factored common text out of the vos_backup and vos_dump man pages
Jason Edgecombe [Sun, 8 Apr 2012 16:10:58 +0000]
DOC: Factored common text out of the vos_backup and vos_dump man pages

Change-Id: I84bd722834297778ab2e719996b2f8528d8706d6
Reviewed-on: http://gerrit.openafs.org/7126
Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Tested-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agovol: Remove unneeded braces
Simon Wilkinson [Fri, 30 Mar 2012 18:30:18 +0000]
vol: Remove unneeded braces

Doing if ((a==b)) is unecessary. It's also potentially dangerous, as
that's the syntax required to do assignment within an if statement.
clang now issues warnings (errors in -Werror mode) when it encounters
these.

Remove pointless braces from vol to make clang happy.

Change-Id: I805c52fd76de4d028741ae4382b747917581d2f2
Reviewed-on: http://gerrit.openafs.org/7082
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agovice & vol: Cast FDH_SYNC results to void
Simon Wilkinson [Fri, 30 Mar 2012 18:27:30 +0000]
vice & vol: Cast FDH_SYNC results to void

FDH_SYNC is a macro which returns a result. This leads to clang
complaining about an unused expression when the macro is expanded.
Avoid this by just casting the macro result to (void) when we aren't
interested in it.

Change-Id: I99eaac7432211d6b0cab10c3e1af0c6d4e2092a8
Reviewed-on: http://gerrit.openafs.org/7081
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agoptserver: Remove redundant braces
Simon Wilkinson [Fri, 30 Mar 2012 18:24:23 +0000]
ptserver: Remove redundant braces

Doing if ((a==b)) is unecessary. It's also potentially dangerous, as
that's the syntax required to do assignment within an if statement.
clang now issues warnings (errors in -Werror mode) when it encounters
these.

Remove pointless braces from ptserver to make clang happy.

Change-Id: I1bf1698b1d12f8228e0456d3d2dff4439879cfba
Reviewed-on: http://gerrit.openafs.org/7080
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agopam: Don't check if unsigned is < 0
Simon Wilkinson [Fri, 30 Mar 2012 18:23:24 +0000]
pam: Don't check if unsigned is < 0

uid_t is unsigned, so checking to see if it is less than 0 is a bit
redundant.

Remove the checks to silence a warning from clang.

Change-Id: I5ae429247d328b3320063b4c035f6e5bb101620b
Reviewed-on: http://gerrit.openafs.org/7079
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agopam: Use &, not && for bitwise operations
Simon Wilkinson [Fri, 30 Mar 2012 18:21:41 +0000]
pam: Use &, not && for bitwise operations

All of the LOG_MASK() checks are performing bitwise operations, and so
should be using '&', not && (which will always be true, providing
logmask is non-zero)

Caught by clang's new error messages

Change-Id: Idce9229b7351adc6c15279c94e1cc1e7fc45596e
Reviewed-on: http://gerrit.openafs.org/7078
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agotools: Use native 64 bit integer
Simon Wilkinson [Sat, 7 Apr 2012 11:44:17 +0000]
tools: Use native 64 bit integer

Modify the tools directory to use a native 64 bit integer type, rather
than rolling its own.

Change-Id: Ib2545b43aa3bf34e8917a4ae7ae4ee3f4be6d1c0
Reviewed-on: http://gerrit.openafs.org/7118
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoubik: utst needs opr for assert in util
Derrick Brashear [Sat, 7 Apr 2012 12:12:48 +0000]
ubik: utst needs opr for assert in util

add libopr after libafsutil so assert can be satisfied

Change-Id: I77494dc529f21246ae84f6522a578b14a803b6a9
Reviewed-on: http://gerrit.openafs.org/7116
Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoFileserver: Add the /vicepXX/NeverAttach flag to skip mounting a partition
Jason Edgecombe [Sat, 7 Apr 2012 00:58:13 +0000]
Fileserver: Add the /vicepXX/NeverAttach flag to skip mounting a partition

FIXES 130561

LICENSE MIT

Change-Id: Ib465a978d08238d83c4c0a03813f5ec240f9bd9b
Reviewed-on: http://gerrit.openafs.org/7108
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Jason Edgecombe <jason@rampaginggeek.com>

8 years agotools: Add roken.h to afsdump
Simon Wilkinson [Sat, 7 Apr 2012 12:26:25 +0000]
tools: Add roken.h to afsdump

On AIX, building afsdump currently produces the following warnings:

"afsdump_scan.c", line 34.10: 1506-296 (S) #include file <sys/fcntl.h> not found.
"afsdump_scan.c", line 275.32: 1506-045 (S) Undeclared identifier O_RDWR.
"afsdump_scan.c", line 275.41: 1506-045 (S) Undeclared identifier O_CREAT.
"afsdump_scan.c", line 275.51: 1506-045 (S) Undeclared identifier O_TRUNC.
"afsdump_scan.c", line 305.29: 1506-045 (S) Undeclared identifier O_RDONLY.

Rather than including more platform specific goo, just add a roken.h
include to the various files to pull in the necessary headers.

Change-Id: I46db92511c804cfc9b5d67b97cd3596480d306d6
Reviewed-on: http://gerrit.openafs.org/7117
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agotools: Rename u_int64 to solve AIX problem
Simon Wilkinson [Sat, 7 Apr 2012 11:36:54 +0000]
tools: Rename u_int64 to solve AIX problem

AIX's system headers define u_int64. Rename our local 64 bit integer
representation as dt_uint64 to avoid this collision.

Change-Id: I997e3ff89df369a5f0643921a846a759bf8fa90b
Reviewed-on: http://gerrit.openafs.org/7115
Tested-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agolibafscp: Use strdup, rather than rolling our own
Simon Wilkinson [Fri, 30 Mar 2012 18:18:47 +0000]
libafscp: Use strdup, rather than rolling our own

   A = malloc(strlen(B)+ 1);
   memset(A, 0, strlen(B) + 1);
   strlcpy(A, B, strlen(B) + 1);
can be more simply written as
   A = strdup(B);

Doing so also avoids a warning from clang that strlcpy isn't checking
for A overflowing.

Change-Id: I0e21f86eda7bdc0ce869e651c5ceb23d7494e1e2
Reviewed-on: http://gerrit.openafs.org/7077
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agolibadmin: Clear structures according to their size.
Simon Wilkinson [Fri, 30 Mar 2012 18:16:50 +0000]
libadmin: Clear structures according to their size.

memset(a, 0, sizeof(a)) is rarely correct, unless a is an error. Use the
size of the destination structure, rather than the size of a pointer to it
when deciding how much memory to clear.

Caught by clang's new error messages

Change-Id: Ia6c566534efae2f67f1b9bd22198d352238a987c
Reviewed-on: http://gerrit.openafs.org/7076
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agolibadmin: read returns an ssize_t, not a size_t
Simon Wilkinson [Fri, 30 Mar 2012 18:14:38 +0000]
libadmin: read returns an ssize_t, not a size_t

size_t is unsigned, and therefore can never be less than 0. Using it as
a return code from read() means that we never catch read errors. read()
is defined as returning ssize_t, so just use this to capture its return
code.

Caught by clang's new error messages

Change-Id: Ibf61119dec2c64fd4b1e16e6ef02178e427116f0
Reviewed-on: http://gerrit.openafs.org/7075
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agoUnix CM: Purge needless brackets
Simon Wilkinson [Fri, 30 Mar 2012 18:12:37 +0000]
Unix CM: Purge needless brackets

Doing if ((a==b)) is unecessary. It's also potentially dangerous, as
that's the syntax required to do assignment within an if statement.
clang now issues warnings (errors in -Werror mode) when it encounters
these.

Remove pointless braces from the Unix CM to make clang happy.

Change-Id: I0f1558b42a487e1de722b77f8423500365a20eee
Reviewed-on: http://gerrit.openafs.org/7074
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agoDARWIN: Make crfree() an inline function
Simon Wilkinson [Fri, 30 Mar 2012 18:09:36 +0000]
DARWIN: Make crfree() an inline function

On Darwin 100, we have
   #define crfree(X) kauth_cred_unref(&X)
which expands in one place to
   kauth_cred_unref(&(afs_ucred_t *)avc->linkData)

clang warns about this in -Werror mode, because arguments to the
address-of operator must be lvalues.

To fix this make crfree an inline function, which will then let us do
the indirection required.

Change-Id: Ic5adb63dcdc11e04c1e428c32e85f33a987fcf42
Reviewed-on: http://gerrit.openafs.org/7073
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agoutil: LogCommandLine has to have a command line
Simon Wilkinson [Sun, 7 Aug 2011 18:41:51 +0000]
util: LogCommandLine has to have a command line

Add an assert() to LogCommandLine to catch the case where it is
called without a command line to log.

Change-Id: Ia1be28b3a1d1d4e144626976f0f82b9675809c0a
Reviewed-on: http://gerrit.openafs.org/7072
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agoSalvager: Don't use garbage vnodes when Testing
Simon Wilkinson [Tue, 15 Jun 2010 18:20:50 +0000]
Salvager: Don't use garbage vnodes when Testing

If Testing is true, and the salvage wants to repair the '.' file,
then it will end up using a garbage value as the location of the
repaired file (vnodeNumber gets set to fid.Vnode, but fid.Vnode is
uninitialised)

Fix this by making it behave as if no repair is necessary when running
in Testing mode. It's unclear that this is entirely the correct answer,
but it's definitely better than the current behaviour.

Caught by clang-analyzer

Change-Id: I1bddd889b3350cf31fe6384573e49e82159c7095
Reviewed-on: http://gerrit.openafs.org/7071
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agoWindows: Disk Full errors instead of Quota Exceeded
Jeffrey Altman [Sat, 7 Apr 2012 02:30:41 +0000]
Windows: Disk Full errors instead of Quota Exceeded

The AFS Redirector does not support the Windows quota interface
therefore return STATUS_DISK_FULL for all over quota conditions.

Change-Id: Idd8755b26ab65e423330eeb6cb0e1806dd6306c9
Reviewed-on: http://gerrit.openafs.org/7111
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: AFSCheckCellName one level of indirection
Jeffrey Altman [Sat, 7 Apr 2012 02:18:59 +0000]
Windows: AFSCheckCellName one level of indirection

The parameter 'CellName' is a UNICODE_STRING *.  No need to
take the pointer of it to pass to AFSDbgLogMsg().

Change-Id: Id49f95058541a1a0ddaa0db9cb2c5ef0e5a32c64
Reviewed-on: http://gerrit.openafs.org/7109
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: CleanACLEnt requires cm_scache write locked
Jeffrey Altman [Thu, 5 Apr 2012 11:38:47 +0000]
Windows: CleanACLEnt requires cm_scache write locked

Therefore, cm_FindACLCache() must be called with the cm_scache_t
write-locked and therefore cm_HaveAccessRights() must obtain a
write-lock and not a read-lock on 'aclScp'.

Change-Id: I884cd5a70a793d893999bf750264e76d436f40a2
Reviewed-on: http://gerrit.openafs.org/7049
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Name Array store mount point and volume root
Jeffrey Altman [Mon, 2 Apr 2012 22:10:07 +0000]
Windows: Name Array store mount point and volume root

Modify the Name Array processing to store both the mount point
object and the volume root directory object in the array.  This
is necessary for proper operation of
AFSPopulateNameArrayFromRelatedArray when the DirectoryCB parameter
is a mount point object.

Modify AFSBackupEntry to remove two entries if a volume root
directory entry is being removed.

Remove AFSReplaceCurrentElement() as it is no longer used.

Change-Id: Iaa0a4effc3448351d04bcdd72be9ee726ffe4e9a
Reviewed-on: http://gerrit.openafs.org/7021
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: do not call time() in a loop
Jeffrey Altman [Mon, 2 Apr 2012 11:10:17 +0000]
Windows: do not call time() in a loop

When checking for ACL Entry expiration, obtain the current time
once per call to cm_FindACLCache() instead of once per ACL entry.

Change-Id: I4da9e290a43315bd226f6c1b5dc12abe45ed19f5
Reviewed-on: http://gerrit.openafs.org/7016
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Add per object per user EACCES caching
Jeffrey Altman [Sun, 1 Apr 2012 05:17:21 +0000]
Windows: Add per object per user EACCES caching

If a cache manager is told by a file server that the user does
not have permission to fetch status for an object, the cache
manager must avoid requesting a fetch status a second time for
that object for the same user.  Doing so risks triggering the
rx call abort throttling which can have a significant impact on
end user usability of the Explorer Shell and other applications.

The cache manager cannot make a decision on whether or not to
issue an RXAFS_FetchStatus RPC based upon the type of the object
because the type is unknown to the cache manager.  A file server
will succeed a FetchStatus request when the parent directory ACL
grants lookup permission if the object in question is the directory
or is a symlink/mountpoint.  Only file objects require read/write
permissions to obtain status information.

The rx call abort throttling is broken is many ways and must be
avoided.  Call aborts are tracked by call channel and occur whenever
ten call aborts are issued on the same call channel in a row
regardless of the amount of time that has elapsed.

The EACCES cache works by storing EACCES events by the FID and User
for which the event occurred, when it occurred and the FID of the
parent directory.  By definition, the parent FID of a volume root
directory is itself.

Entries are removed from the cache under the following circumstances:

 1. When the parent FID's callback expires or is replaced.

 2. When the parent FID's cm_scache object is recycled.

 3. When the user's tokens expire or are replaced.

Entries are not removed when the FID's cm_scache object is recycled.

This patchset also implements correct behavior if the VLF_DFSFILESET
flag is set on a volume.

Change-Id: I69507601f9872c9544e52a1d5e01064fa42efb81
Reviewed-on: http://gerrit.openafs.org/6996
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Fail recursive path evaluation with access denied
Jeffrey Altman [Mon, 2 Apr 2012 17:41:27 +0000]
Windows: Fail recursive path evaluation with access denied

Matching the behavior of the AFS SMB server, the afs redirector
should return STATUS_ACCESS_DENIED if File ID recursion is detected
in the Name Array for any given path.

Change-Id: Ie846b42a228c634f1c38a8103332c7bb72803d1f
Reviewed-on: http://gerrit.openafs.org/7018
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Check Avail Space on extending SetEndOfFile
Jeffrey Altman [Fri, 6 Apr 2012 03:14:18 +0000]
Windows: Check Avail Space on extending SetEndOfFile

When cm_SetLength() is called with an extending file length,
check the available free space in the volume to see if the
new length will fit.  If not, return CM_ERROR_SPACE.

This permits applications to discover that there is insufficient
space prior to writing all of the data into the windows page
cache at which point it will be too late.

There is still the possibility of a race that can result in
data loss if two applications are writing into the same volume
at the same time and there is insufficient room.

Change-Id: Ieef2c48f5b6edc8d101b6527af3a3f87fe55f6ca
Reviewed-on: http://gerrit.openafs.org/7057
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoviced: Do not offline volume on successful IH_DEC
Andrew Deason [Thu, 5 Apr 2012 22:55:17 +0000]
viced: Do not offline volume on successful IH_DEC

If we fail to CoW a file due to ENOSPC, we try to IH_DEC the new file
copy, and if IH_DEC fails, we take the volume offline for salvaging.
But IH_DEC returns 0 on success, not on error. So take the salvaging
path when we get non-zero.

Change-Id: I4f0276fd4f077ca42087e92af8ba77b4e5347422
Reviewed-on: http://gerrit.openafs.org/7054
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Redirector must query volume size when asked
Jeffrey Altman [Thu, 5 Apr 2012 18:40:18 +0000]
Windows: Redirector must query volume size when asked

The volume size and free space cannot be obtained at volume
initialization and then re-used for all FileFsSizeInformation
and FileFsFullSizeInformation queries.  Doing so prevents Windows
from being able to see changes in the available free space.

The maximum size of the volume is not the size of the partition
and the available space on the partition unless there is no quota
applied to the volume.  If there is a quota, then the free space
is the smaller of the available quota and the available partition
space.

Add a new ioctl request to permit the redirector to query the
current Volume Size Information details.

Change-Id: I3414f314d7780fd12489e0d278b71bcadc1a72e6
Reviewed-on: http://gerrit.openafs.org/7052
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: cm_AddACLCache lock ordering
Jeffrey Altman [Thu, 5 Apr 2012 21:00:28 +0000]
Windows: cm_AddACLCache lock ordering

cm_aclLock must be obtained after cm_user_t mx and cm_cellLock.

cm_user_t mx must be obtained before cm_cellLock.

Change-Id: Iaf9fcf17c7ea50f2f5a83aefa759b7077ef28be6
Reviewed-on: http://gerrit.openafs.org/7051
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agorx: fix bad merge 95c38dff3740d7e24971ceb5875c06e7abfce102
Jeffrey Altman [Thu, 5 Apr 2012 21:16:15 +0000]
rx: fix bad merge 95c38dff3740d7e24971ceb5875c06e7abfce102

An extra

  CALL_HOLD(call, RX_CALL_REFCOUNT_BEGIN)

was added in rx_NewCall().  Revert it.

Change-Id: Ief1493ae9ec69ace5afd534a97fbf43f55872153
Reviewed-on: http://gerrit.openafs.org/7050
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: AFSVerifyEntry purge file data on DV change
Jeffrey Altman [Thu, 5 Apr 2012 04:11:11 +0000]
Windows: AFSVerifyEntry purge file data on DV change

If the data version change is detected during AFSVerifyEntry(),
treat it the same as if the AFS_OBJECT_FLAGS_VERIFY_DATA flag
had been previous set.  Purge the old data from the Windows
file cache.  Be sure to set the new metadata after the purge
so that if the file length was truncated the old data beyond
the truncation point will still be purged.

Change-Id: I80c33f303c6499f22955e9874b2f4c50d666a3cb
Reviewed-on: http://gerrit.openafs.org/7048
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoxstat_cm_test: Print all call info stats
Andrew Deason [Tue, 3 Apr 2012 23:13:17 +0000]
xstat_cm_test: Print all call info stats

For CM xstat collecton 0 (function call statistics), there are many
more stats given to us on the wire than we currently print. Change
this so we print out everything in the afs_CMCallStats struct.

Change-Id: I959571731fe8bf2a714e4cb3b47c52c39c516621
Reviewed-on: http://gerrit.openafs.org/7047
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agorx: Get rid of some uneccessary temporary vars
Simon Wilkinson [Sun, 8 Jan 2012 11:49:53 +0000]
rx: Get rid of some uneccessary temporary vars

rx_ReadProc and rx_ReadProc32 originally used temporary variables
(which were, at one time, declared as "register") to hand optimise
a couple of routines. With the removal of register throughout our
code, this is no longer helpful.

Change-Id: Id21a931408489b985b726af620a687b838303a86
Reviewed-on: http://gerrit.openafs.org/6997
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoWindows: Redirector Dir Enumeration Bug
Jeffrey Altman [Mon, 2 Apr 2012 03:09:32 +0000]
Windows: Redirector Dir Enumeration Bug

An enumerated directory was not validated properly if
AFSValidateEntry() was called with PurgeData == FALSE even
when a data version change was detected.  Now it does.

FIXES 130636

Change-Id: Ic5d2fd62b40fb16652fc09d459caf43905566d37
Reviewed-on: http://gerrit.openafs.org/7012
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agotools: move useful tools from test dir to tools dir
Derrick Brashear [Tue, 3 Apr 2012 17:51:38 +0000]
tools: move useful tools from test dir to tools dir

move the dump utilities out of tests

Change-Id: I21d0550e09fde3b1feb078bde4e9b4dc7ca3614e
Reviewed-on: http://gerrit.openafs.org/7043
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agolinux: update spec requirements
Derrick Brashear [Thu, 29 Mar 2012 14:44:53 +0000]
linux: update spec requirements

don't require things which don't exist on el5. do require them
in el6. require kernel-devel if building modules
don't do anything involving the kernel if not building modules
if we can figure out that we don't have 2.4 based on the version,
avoiding the need to depend on kernel-devel just to build an srpm.

Change-Id: I4bef6a00f50935b8efa057b42cd2147a22c0c1e6
Reviewed-on: http://gerrit.openafs.org/6985
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agolinux: make mockbuild more reliable
Derrick Brashear [Fri, 30 Mar 2012 20:15:52 +0000]
linux: make mockbuild more reliable

previously, a "cached" repo which was assumed to be of the same
releasever and arch of the host was created in /var/tmp,
which would screw up repoquery across a multiple-OS-build.

well, you can tell repoquery what you really mean. so now we do.

Change-Id: I5f477e4eeddb755fcd410a37a2b58e1334da2863
Reviewed-on: http://gerrit.openafs.org/6991
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoSOLARIS: Correct misplaced osi_machdep.h #endif
Andrew Deason [Mon, 2 Apr 2012 21:16:37 +0000]
SOLARIS: Correct misplaced osi_machdep.h #endif

Commit 64778fd7bece52360482f9a51f19b34dac1d2678 removed some '#ifdef
KERNEL' blocks, but for one block in SOLARIS/osi_machdep.h, the wrong
trailing #endif was removed. This effectively makes the last part of
the file Solaris 10+ only, and bypasses the header guard. On systems
before Solaris 10, this causes us to lose the osi_procname definition,
which eventually shows up as an undefined symbol.

So, reinstate the original #endif, and remove the correct #endif
instead.

Change-Id: I28a78dabc2c65abeadc003b95600026c3cb68e37
Reviewed-on: http://gerrit.openafs.org/7042
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoWindows: cm_GetNewSCache must return NULL on failure
Jeffrey Altman [Tue, 3 Apr 2012 13:09:42 +0000]
Windows: cm_GetNewSCache must return NULL on failure

cm_GetNewSCache was leaking a valid cm_scache_t pointer in some
failure cases.  On failure, explicitly set the return value to
NULL.

Change-Id: I074b278f969224aa535abe256ac33a90d0f4e62d
Reviewed-on: http://gerrit.openafs.org/7037
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoRx: give grow mtu its own call ref count type
Jeffrey Altman [Thu, 12 Jan 2012 14:31:43 +0000]
Rx: give grow mtu its own call ref count type

Change-Id: Ibf62408203d615ff87454a9ecb50c38b6db6d45a
Reviewed-on: http://gerrit.openafs.org/6543
Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agorx: conn->callNumber protected by conn_call_lock
Jeffrey Altman [Sun, 29 Jan 2012 18:52:17 +0000]
rx: conn->callNumber protected by conn_call_lock

The conn->callNumber array should be protected by the conn_call_lock
since the conn_call_lock is what protects the binding of calls to
connection channels.

Change-Id: I9f9b4e8f90d1e4ebbc4429af286358807784d84f
Reviewed-on: http://gerrit.openafs.org/6629
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoRx: rxi_FreeCall conn_call_lock vs call->lock deadlock
Jeffrey Altman [Fri, 20 Jan 2012 06:50:01 +0000]
Rx: rxi_FreeCall conn_call_lock vs call->lock deadlock

The conn->conn_call_lock is held before call->lock in the lock
hierarchy which is violated within rxi_FreeCall(). While the
deadlock is rare, it is possible and has been experienced on
both Windows and Linux.

Change the signature of rxi_FreeCall to return 1 if it frees
the call and 0 if it does not.

Due to the lock hierarchy violation use MUTEX_TRYENTER()
to attempt to obtain the conn->conn_call_lock.  If the lock
cannot be obtained set the call state to dally and
return.  If the conn_call_lock can be obtained, behave as
we did before this patchset.

Only increment the callNumber if the original call->state
was dally or hold and the conn_call_lock could be obtained.
We must not increment the callNumber otherwise.  Doing so can
result in call numbers being skipped when the conn->call slot
is reused.

Change-Id: Ic10bd2004e9b06df319c2f2efaa0b37bcb90c896
Reviewed-on: http://gerrit.openafs.org/6443
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Pass name array to AFSRetrieveFileInformation
Jeffrey Altman [Mon, 2 Apr 2012 21:32:39 +0000]
Windows: Pass name array to AFSRetrieveFileInformation

AFSRetrieveFileInformation does not parse the complete path.
That information is available in the Ccb->NameArray.  If the
object on which AFSRetrieveFileInformation is called is a
relative symlink containing ".." references, the full contents
of the evaluated path is required for context.  Pass the
Ccb->NameArray so that it is available.

Change-Id: Id02d3fb47df74c0a0de849eb10550be76150ce8b
Reviewed-on: http://gerrit.openafs.org/7020
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Use hash when comparing File IDs in redirector
Jeffrey Altman [Mon, 2 Apr 2012 17:39:17 +0000]
Windows: Use hash when comparing File IDs in redirector

AFSIsEqualFid() should use the hash value included in the FileId
as part of the comparison algorithm.

Change-Id: I2723e2e9795ce16869c6a0dc33611078b04a6a28
Reviewed-on: http://gerrit.openafs.org/7017
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows FindACLCache must hold scp write locked
Jeffrey Altman [Mon, 2 Apr 2012 10:57:53 +0000]
Windows FindACLCache must hold scp write locked

In the SMB modules, calls to cm_FindACLCache() were not
holding the cm_scache_t rwlock writed locked as required.

Change-Id: I213912eb8dd570ea918d92602c647e6aed8cfccb
Reviewed-on: http://gerrit.openafs.org/7015
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: fix indentation
Jeffrey Altman [Mon, 2 Apr 2012 10:57:02 +0000]
Windows: fix indentation

Change-Id: Id3cd061badd1c8c4e22843e84999954e5424511d
Reviewed-on: http://gerrit.openafs.org/7014
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Freelance HaveAccessRights
Jeffrey Altman [Sun, 1 Apr 2012 16:40:36 +0000]
Windows: Freelance HaveAccessRights

Change the test in cm_HaveAccessRights related to Freelance
mode.  All objects in the freelance cell and root volume
by definition have access rights.

Change-Id: Ibb96b12c15728bc6b711b3d7f2ad892c55109cbf
Reviewed-on: http://gerrit.openafs.org/7008
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: optimize InitCallback3 processing
Jeffrey Altman [Sun, 1 Apr 2012 16:11:40 +0000]
Windows: optimize InitCallback3 processing

Do not drop and acquire locks if the cm_scache_t does not
have a callback.

Change-Id: I6f84729838e7e4c2d84c0a40f0811ed837b79287
Reviewed-on: http://gerrit.openafs.org/7007
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Record callback issued time
Jeffrey Altman [Fri, 30 Mar 2012 19:13:55 +0000]
Windows: Record callback issued time

Save the time at which a callback was issued.  This can be
used in a later patchset to determine if a callback was issued
after a negative access entry for a {fid,user} pair.

Change-Id: Iab54eb729fd5f2a2daf4855b7e7e75245dc28051
Reviewed-on: http://gerrit.openafs.org/6995
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Implement cm_TGTLifeTime()
Jeffrey Altman [Fri, 30 Mar 2012 18:58:11 +0000]
Windows: Implement cm_TGTLifeTime()

cm_aclent.h defined cm_TGTLifeTime() as a macro that always
returned 0x7fffffff.  Implement cm_TGTLifeTime() as a function
that returns the actual token lifetime.

Change-Id: I8b19626395f536db248ae8324b13e49eda9a1a87
Reviewed-on: http://gerrit.openafs.org/6994
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: add parent FID to cm_GetSCache
Jeffrey Altman [Fri, 30 Mar 2012 16:24:43 +0000]
Windows: add parent FID to cm_GetSCache

When a cm_scache_t object is created in 98% of the time, the
parent FID is known to the cache manager.  Normally the cache
manager will obtain the parent info from the AFSFetchStatus
structure but if the user credentials do not permit status info
to be obtained from the file server the parent info will be unavailable.

Having the parent directory FID is useful for debugging but can
also be used to check the user's access rights on the parent directory.

Change-Id: I262345bc686392a4edef4c627182a8a67a392aa2
Reviewed-on: http://gerrit.openafs.org/6993
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoviced: AFSDisk, AFSFetchVolumeStatus Int31 PartSize
Jeffrey Altman [Tue, 3 Apr 2012 02:35:41 +0000]
viced: AFSDisk, AFSFetchVolumeStatus Int31 PartSize

The AFSDisk and AFSFetchVolumeStatus structures use signed
32-bit integers for representation partition size and
available blocks.  RoundInt64ToInt31() should be used instead
of RoundInt64ToInt32() when assigning their values.

Change-Id: I3834141fce2d54ce8bdfac3dc566074583bb305e
Reviewed-on: http://gerrit.openafs.org/7022
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agorx: handle clock reversals for call timeouts
Jeffrey Altman [Fri, 23 Mar 2012 17:41:10 +0000]
rx: handle clock reversals for call timeouts

If the clock is set backwards, call timeouts will not trigger
until the clock regains its original value plus the timeout period.
In rxi_CheckCall(), look for a backward clock shift and if one is
noticed, fail the call with RX_CALL_TIMEOUT.

Change-Id: I7ca5abee165fc21d72d3881670f9522d315b4982
Reviewed-on: http://gerrit.openafs.org/6943
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoviced: Do error translation for InlineBulkStatus
Simon Wilkinson [Sat, 31 Mar 2012 23:21:04 +0000]
viced: Do error translation for InlineBulkStatus

When a host has requested universal errors, error code conversion
is performed in the CallPostamble. However, the InlineBulkStatus
errorcodes are passed as part of the data set, not as RX errors,
so this translation is not performed.

Fix this so that we also translate error codes that are part of
the InlineBulkStatus response.

Change-Id: Ia23232d948990bdf9b7c4e5e0bcd8be087289a03
Reviewed-on: http://gerrit.openafs.org/6992
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: avoid deadlock with Trend Micro
Jeffrey Altman [Fri, 30 Mar 2012 03:49:43 +0000]
Windows: avoid deadlock with Trend Micro

Trend Micro's anti-virus driver attempts to open the file in
response to CcPurgeCacheSection().  While processing
AFSSetDispositionInfo() the Fcb->NPFcb->Resource is held which is
also required if a status verification is required during the
CreateFile operation.  That results in a deadlock.

Avoid the deadlock by setting the PENDING_DELETE flag prior to
calling CcPurgeCacheSection().

Change-Id: I40d93d70e120525343afb917d473ad79a1f36e29
Reviewed-on: http://gerrit.openafs.org/6988
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Use ulFilter in AFSInvalidateObject
Jeffrey Altman [Fri, 30 Mar 2012 03:39:17 +0000]
Windows: Use ulFilter in AFSInvalidateObject

ulFilter was assigned appropriate values but it was not passed
to AFSFsRtlNotifyFullReportChange as a parameter.

Change-Id: Ie362b2b762e599a7cb040640539a098fdf80a259
Reviewed-on: http://gerrit.openafs.org/6987
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: ObjectInformation.ObjectReferenceCount comparison
Jeffrey Altman [Tue, 27 Mar 2012 04:16:30 +0000]
Windows: ObjectInformation.ObjectReferenceCount comparison

If there is an undercount of the ObjectReferenceCount, consider it
the same as if the object count is zero for comparison purposes.

Change-Id: Ia4ec2d1194f00cb530e7a50ed9db9c71cc4c5313
Reviewed-on: http://gerrit.openafs.org/6970
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Add Name Array Processing Trace Subsystem
Jeffrey Altman [Tue, 27 Mar 2012 18:18:14 +0000]
Windows: Add Name Array Processing Trace Subsystem

Change-Id: Ief4026e9bb3045046a031b56ceb584f2daf1cf43
Reviewed-on: http://gerrit.openafs.org/6973
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: AFSInvalidateObject can overwrite input param
Jeffrey Altman [Mon, 26 Mar 2012 15:10:36 +0000]
Windows: AFSInvalidateObject can overwrite input param

AFSInvalidateObject() must not be called with an AFSObjectInformationCB
pointer variable that it is not safe to overwrite as the function sets
the input value to NULL if the invalidation is going to be performed
asynchronously in a worker thread.

In AFSEnumerateDirectory(), the following call took place:

  AFSInvalidateObject( &pDirNode->ObjectInformation,
                       AFS_INVALIDATE_DATA_VERSION);

which requires a worker thread to process.  As a result, the
ObjectInformation pointer was being set to NULL which detached the
AFSObjectInformationCB from the AFSDirectoryCB.  That in turn produced
an execption in AFSLocateName() which resulted in a resource not being
freed that in turn produced a deadlock.

Change-Id: Id30e84cf96b69156d648e3b452e7e03390559c43
Reviewed-on: http://gerrit.openafs.org/6962
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agowindows: ObjectInformationCB.ObjectReferenceCount
Jeffrey Altman [Mon, 26 Mar 2012 01:29:40 +0000]
windows: ObjectInformationCB.ObjectReferenceCount

The ObjectInformationCB.ObjectReferenceCount is protected by
the VolumeCB->ObjectInfoTree.TreeLock.   When the TreeLock is
dropped the reference count can change.  Hold the TreeLock across
both ObjectReferenceCount == 0 tests and the associated tear down
or repeat the ObjectReferenceCount == 0 test after the TreeLock
is reacquired.

Change-Id: I069c22ae8f3a93fad3ef9a662df5b4903b317897
Reviewed-on: http://gerrit.openafs.org/6959
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoremove athena env conditionals
Michael Meffie [Mon, 26 Mar 2012 18:22:09 +0000]
remove athena env conditionals

Remove the conditionals AFS_ATHENA_STDENV, AFS_ATHENA_ENV
and AFS_KERBREALM_ENV.

Change-Id: If58743acd7d71dd3ed05e76316ff3efd475ca123
Reviewed-on: http://gerrit.openafs.org/6963
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Fix VNOSERVICE EventLog parameters
Jeffrey Altman [Tue, 27 Mar 2012 04:00:30 +0000]
Windows: Fix VNOSERVICE EventLog parameters

Add missing volume and cell.

Change-Id: If1efeb0defb3812e3f41572fb7d46f5e867be70c
Reviewed-on: http://gerrit.openafs.org/6969
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: CreateProcessNotify verify changes
Jeffrey Altman [Tue, 27 Mar 2012 00:49:03 +0000]
Windows: CreateProcessNotify verify changes

PsSetCreateProcessNotifyRoutineEx will fail with STATUS_ACCESS_DENIED
if the driver does not have the IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
bit set in the image header.

Do not include the ParentProcessId in the AFSProceSSDestroy
parameter list.  It isn't available to use and isn't used for
anything in any case.

Assign AFSProcessCB blocks to processes that were created before
AFSRedirector registered the CreateProcessNotify callback and
access the file system.

Change-Id: I4b78cd94949cfdea6b36f601a851c0e2f53a7dbf
Reviewed-on: http://gerrit.openafs.org/6967
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agomacos: iterate mdfound packagemakers when spaces are present
Derrick Brashear [Tue, 27 Mar 2012 16:09:38 +0000]
macos: iterate mdfound packagemakers when spaces are present

even if we get more than one match, and even if there's a space,
work anyway

Change-Id: I8e71af0cb02fda7ea0fcf1c2f7a0404eca4bc073
Reviewed-on: http://gerrit.openafs.org/6971
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agomacos: find packagemaker instead of assuming path
Derrick Brashear [Tue, 27 Mar 2012 00:33:26 +0000]
macos: find packagemaker instead of assuming path

in xcode 4.3, packagemaker is unbundled. make no assumptions
about where it can be found; instead, let spotlight tell us

Change-Id: I5e3431ce40ad6e9114e98c9bf047a4312d42284d
Reviewed-on: http://gerrit.openafs.org/6966
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoafs: Slight adjustments in afs_GetDCache
Andrew Deason [Thu, 22 Mar 2012 15:52:47 +0000]
afs: Slight adjustments in afs_GetDCache

maxGoodSize is only used in one block, so move the decl to that block.
Adjust some of the comments to more accurately reflect what's going
on.

Change-Id: Ifee3a6f98158a314cef6d241c53a0f881f4f2d2b
Reviewed-on: http://gerrit.openafs.org/6936
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoafs: Do not limit fetches based on vcache length
Andrew Deason [Fri, 2 Mar 2012 23:22:12 +0000]
afs: Do not limit fetches based on vcache length

Currently, when we go to the fileserver to fetch some data, we try to
make sure that we do not ask for data beyond the end of the file. For
example, if our chunk size is 1M, and we need to get the first chunk
for a file that is 4 bytes long, we will only ask the fileserver for 4
bytes.

This can cause issues when the file is being extended at the same time
as when we are trying to read the file. Consider the following
example. There is a file named X that has contents "abcd" at dv 1, and
we issue a FetchData64 request for X, only requesting 4 bytes. Right
before the fileserver gets the FetchData64 request, another client
writes the contents "12345" to file X.

The client will then fetch the contents "1234" for that file, at dv 2,
and store that as the contents of the first chunk for file X. On
subsequent reads for file X, applications will now get "1234<NUL>" as
the contents, since the size of the file will be updated to 5, but the
cache manager thinks that "1234" is the correct contents for the first
chunk of X at dv 2. The cache manager will continue to think so until
the cache entry is evicted or invalidated for whatever reason.

To avoid this scenario, always request a full chunk of data if we have
any data to fetch and the file has not been locally truncated. We can
still avoid the fetch at all if it looks like we're fetching beyond
end-of-file, since we know that at least at some point that was
correct information about the file. If this results in us trying to
fetch beyond end-of-file, the fileserver will respond with the correct
length anyway.

We still need to restrict the fetch request length based on
avc->f.truncPos, since the dcache data after avc->f.truncPos needs to
stay empty, since we don't track truncated data any other way. If we
also avoided this restriction, extending a file via truncation after
reducing a file's length via truncation could cause the old file data
to appear again, instead of filling the new file range with NULs.

Note that on at least Linux, with this fix an application can still
read the contents "1234" on the first read in the above example, and
"12345" on subsequent reads. This is just due to when we give the VFS
updates about file metadata, and could be remedied by updating file
metadata immediately from the FetchStatus information from the
FetchData64 call. However, just reading the contents "1234" in the
above example seems like a somewhat plausible outcome; at the very
least, it is an improvement.

Change-Id: I158593502ac96ba2c856a0b5997355a53d4173aa
Reviewed-on: http://gerrit.openafs.org/6882
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoafs: Set DWriting when truncating a dcache entry
Andrew Deason [Thu, 22 Mar 2012 15:42:38 +0000]
afs: Set DWriting when truncating a dcache entry

When we truncate a file, we truncate the contents of the relevant
dcache entry chunks, and prevent future FetchData operations from
fetching data beyond the truncation offset. If we never write anything
to that chunk, we never set DWriting, and so on disk it looks like
that dcache entry has valid data for the specified DV. However, since
the data is truncated, this is not true.

If a process holds a file open, truncates it without writing to it,
and then the client crashes (or we have trouble contacting the
fileserver when we close the file), the dcache entry will appear valid
on disk. So the next time we read the dcache entry, we will use the
incorrect cache contents as if they were accurate for the specified
DV.

To avoid this, set DWriting when we truncate a chunk. Normally we only
clear DWriting when we actually send data to the fileserver, so to
clear DWriting in this case, add an additional line to clear it in
afs_StoreAllSegments, after the StoreMini has completed.

Change-Id: Ifc3bfc21712ab37b1f2865ce59fa45bf03811dd8
Reviewed-on: http://gerrit.openafs.org/6937
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoafs: Log a message on invalid FetchStatus receipt
Andrew Deason [Fri, 2 Mar 2012 23:18:25 +0000]
afs: Log a message on invalid FetchStatus receipt

If we get an invalid AFSFetchStatus structure from a server, log a
message to indicate as such. This serves as a warning to urge people
to fix their fileservers, and to explain what is doing.

Change-Id: I33845f6228f96f693dcbfddcee38dae583f1b092
Reviewed-on: http://gerrit.openafs.org/6881
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoafs: Sanity-check some AFSFetchStatus structures
Andrew Deason [Fri, 2 Mar 2012 23:06:48 +0000]
afs: Sanity-check some AFSFetchStatus structures

We currently do not do any sanity checking on the AFSFetchStatus
structures returned from fileservers. Add some sanity checking for
BulkStatus and FetchStatus calls, so we do not screw up our cache if a
fileserver gives us bogus data.

If we do get an invalid AFSFetchStatus structure, act as if the server
gave us a VBUSY error code, so we will retry the request. For OpenAFS
fileservers prior to 1.6.1 that yield this situation, VBUSY is likely
the error code the fileserver should have responded anyway.

Change-Id: Ie16a5210149b21dd5945380f5d7b6a4d9ee01a72
Reviewed-on: http://gerrit.openafs.org/6880
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoFinish removing sunos 4.x references and build cruft
Chas Williams (CONTRACTOR) [Mon, 19 Mar 2012 17:07:41 +0000]
Finish removing sunos 4.x references and build cruft

Also, fix afsxbsa.h to always include <time.h> since this should get
struct tm on any fairly modern operating system.

Change-Id: Idfb39f12d28a2a0aa470c8549e4149d0b2ccde9e
Change-Id: Ia1c563e5954c533f18bd56155f2ae1825813efe3
Reviewed-on: http://gerrit.openafs.org/6923
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoviced: Do not ignore all InlineBulkStatus errors
Andrew Deason [Fri, 2 Mar 2012 20:55:04 +0000]
viced: Do not ignore all InlineBulkStatus errors

InlineBulkStatus currently returns 0 unconditionally, no matter what
errors are encountered. If we encounter an error early enough, from
CallPreamble for example, we do not fill in the OutStats nor CallBacks
structures at all. Since we return success anyway, this results in the
client getting AFSFetchStatus structures full of zeroes (or garbage,
before commit 726e1e13ff93e2cc1ac21964dc8d906869e64406).

Since current OpenAFS clients do not perform any sanity checks on the
information received, this can result in cache corruption of files
being seen incorrectly as empty, and, before commit 726e1e, more
arbitrary corruption.

So instead, return an error if we encounter an error before we iterate
over the given FIDs. We still of course do not return an error for any
errors encountered during the actual metadata retrieval, as those are
reflected in the individual per-fid status structures.

Change-Id: Icfab4516e510be5f0063ddf9c69f11ab3d511b35
Reviewed-on: http://gerrit.openafs.org/6871
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>