openafs.git
8 years agolinux: update spec requirements
Derrick Brashear [Thu, 29 Mar 2012 14:44:53 +0000]
linux: update spec requirements

don't require things which don't exist on el5. do require them
in el6. require kernel-devel if building modules
don't do anything involving the kernel if not building modules
if we can figure out that we don't have 2.4 based on the version,
avoiding the need to depend on kernel-devel just to build an srpm.

Change-Id: I4bef6a00f50935b8efa057b42cd2147a22c0c1e6
Reviewed-on: http://gerrit.openafs.org/6985
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agolinux: make mockbuild more reliable
Derrick Brashear [Fri, 30 Mar 2012 20:15:52 +0000]
linux: make mockbuild more reliable

previously, a "cached" repo which was assumed to be of the same
releasever and arch of the host was created in /var/tmp,
which would screw up repoquery across a multiple-OS-build.

well, you can tell repoquery what you really mean. so now we do.

Change-Id: I5f477e4eeddb755fcd410a37a2b58e1334da2863
Reviewed-on: http://gerrit.openafs.org/6991
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoSOLARIS: Correct misplaced osi_machdep.h #endif
Andrew Deason [Mon, 2 Apr 2012 21:16:37 +0000]
SOLARIS: Correct misplaced osi_machdep.h #endif

Commit 64778fd7bece52360482f9a51f19b34dac1d2678 removed some '#ifdef
KERNEL' blocks, but for one block in SOLARIS/osi_machdep.h, the wrong
trailing #endif was removed. This effectively makes the last part of
the file Solaris 10+ only, and bypasses the header guard. On systems
before Solaris 10, this causes us to lose the osi_procname definition,
which eventually shows up as an undefined symbol.

So, reinstate the original #endif, and remove the correct #endif
instead.

Change-Id: I28a78dabc2c65abeadc003b95600026c3cb68e37
Reviewed-on: http://gerrit.openafs.org/7042
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoWindows: cm_GetNewSCache must return NULL on failure
Jeffrey Altman [Tue, 3 Apr 2012 13:09:42 +0000]
Windows: cm_GetNewSCache must return NULL on failure

cm_GetNewSCache was leaking a valid cm_scache_t pointer in some
failure cases.  On failure, explicitly set the return value to
NULL.

Change-Id: I074b278f969224aa535abe256ac33a90d0f4e62d
Reviewed-on: http://gerrit.openafs.org/7037
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoRx: give grow mtu its own call ref count type
Jeffrey Altman [Thu, 12 Jan 2012 14:31:43 +0000]
Rx: give grow mtu its own call ref count type

Change-Id: Ibf62408203d615ff87454a9ecb50c38b6db6d45a
Reviewed-on: http://gerrit.openafs.org/6543
Reviewed-by: Simon Wilkinson <simonxwilkinson@gmail.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agorx: conn->callNumber protected by conn_call_lock
Jeffrey Altman [Sun, 29 Jan 2012 18:52:17 +0000]
rx: conn->callNumber protected by conn_call_lock

The conn->callNumber array should be protected by the conn_call_lock
since the conn_call_lock is what protects the binding of calls to
connection channels.

Change-Id: I9f9b4e8f90d1e4ebbc4429af286358807784d84f
Reviewed-on: http://gerrit.openafs.org/6629
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoRx: rxi_FreeCall conn_call_lock vs call->lock deadlock
Jeffrey Altman [Fri, 20 Jan 2012 06:50:01 +0000]
Rx: rxi_FreeCall conn_call_lock vs call->lock deadlock

The conn->conn_call_lock is held before call->lock in the lock
hierarchy which is violated within rxi_FreeCall(). While the
deadlock is rare, it is possible and has been experienced on
both Windows and Linux.

Change the signature of rxi_FreeCall to return 1 if it frees
the call and 0 if it does not.

Due to the lock hierarchy violation use MUTEX_TRYENTER()
to attempt to obtain the conn->conn_call_lock.  If the lock
cannot be obtained set the call state to dally and
return.  If the conn_call_lock can be obtained, behave as
we did before this patchset.

Only increment the callNumber if the original call->state
was dally or hold and the conn_call_lock could be obtained.
We must not increment the callNumber otherwise.  Doing so can
result in call numbers being skipped when the conn->call slot
is reused.

Change-Id: Ic10bd2004e9b06df319c2f2efaa0b37bcb90c896
Reviewed-on: http://gerrit.openafs.org/6443
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Pass name array to AFSRetrieveFileInformation
Jeffrey Altman [Mon, 2 Apr 2012 21:32:39 +0000]
Windows: Pass name array to AFSRetrieveFileInformation

AFSRetrieveFileInformation does not parse the complete path.
That information is available in the Ccb->NameArray.  If the
object on which AFSRetrieveFileInformation is called is a
relative symlink containing ".." references, the full contents
of the evaluated path is required for context.  Pass the
Ccb->NameArray so that it is available.

Change-Id: Id02d3fb47df74c0a0de849eb10550be76150ce8b
Reviewed-on: http://gerrit.openafs.org/7020
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Use hash when comparing File IDs in redirector
Jeffrey Altman [Mon, 2 Apr 2012 17:39:17 +0000]
Windows: Use hash when comparing File IDs in redirector

AFSIsEqualFid() should use the hash value included in the FileId
as part of the comparison algorithm.

Change-Id: I2723e2e9795ce16869c6a0dc33611078b04a6a28
Reviewed-on: http://gerrit.openafs.org/7017
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows FindACLCache must hold scp write locked
Jeffrey Altman [Mon, 2 Apr 2012 10:57:53 +0000]
Windows FindACLCache must hold scp write locked

In the SMB modules, calls to cm_FindACLCache() were not
holding the cm_scache_t rwlock writed locked as required.

Change-Id: I213912eb8dd570ea918d92602c647e6aed8cfccb
Reviewed-on: http://gerrit.openafs.org/7015
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: fix indentation
Jeffrey Altman [Mon, 2 Apr 2012 10:57:02 +0000]
Windows: fix indentation

Change-Id: Id3cd061badd1c8c4e22843e84999954e5424511d
Reviewed-on: http://gerrit.openafs.org/7014
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Freelance HaveAccessRights
Jeffrey Altman [Sun, 1 Apr 2012 16:40:36 +0000]
Windows: Freelance HaveAccessRights

Change the test in cm_HaveAccessRights related to Freelance
mode.  All objects in the freelance cell and root volume
by definition have access rights.

Change-Id: Ibb96b12c15728bc6b711b3d7f2ad892c55109cbf
Reviewed-on: http://gerrit.openafs.org/7008
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: optimize InitCallback3 processing
Jeffrey Altman [Sun, 1 Apr 2012 16:11:40 +0000]
Windows: optimize InitCallback3 processing

Do not drop and acquire locks if the cm_scache_t does not
have a callback.

Change-Id: I6f84729838e7e4c2d84c0a40f0811ed837b79287
Reviewed-on: http://gerrit.openafs.org/7007
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Record callback issued time
Jeffrey Altman [Fri, 30 Mar 2012 19:13:55 +0000]
Windows: Record callback issued time

Save the time at which a callback was issued.  This can be
used in a later patchset to determine if a callback was issued
after a negative access entry for a {fid,user} pair.

Change-Id: Iab54eb729fd5f2a2daf4855b7e7e75245dc28051
Reviewed-on: http://gerrit.openafs.org/6995
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Implement cm_TGTLifeTime()
Jeffrey Altman [Fri, 30 Mar 2012 18:58:11 +0000]
Windows: Implement cm_TGTLifeTime()

cm_aclent.h defined cm_TGTLifeTime() as a macro that always
returned 0x7fffffff.  Implement cm_TGTLifeTime() as a function
that returns the actual token lifetime.

Change-Id: I8b19626395f536db248ae8324b13e49eda9a1a87
Reviewed-on: http://gerrit.openafs.org/6994
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: add parent FID to cm_GetSCache
Jeffrey Altman [Fri, 30 Mar 2012 16:24:43 +0000]
Windows: add parent FID to cm_GetSCache

When a cm_scache_t object is created in 98% of the time, the
parent FID is known to the cache manager.  Normally the cache
manager will obtain the parent info from the AFSFetchStatus
structure but if the user credentials do not permit status info
to be obtained from the file server the parent info will be unavailable.

Having the parent directory FID is useful for debugging but can
also be used to check the user's access rights on the parent directory.

Change-Id: I262345bc686392a4edef4c627182a8a67a392aa2
Reviewed-on: http://gerrit.openafs.org/6993
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoviced: AFSDisk, AFSFetchVolumeStatus Int31 PartSize
Jeffrey Altman [Tue, 3 Apr 2012 02:35:41 +0000]
viced: AFSDisk, AFSFetchVolumeStatus Int31 PartSize

The AFSDisk and AFSFetchVolumeStatus structures use signed
32-bit integers for representation partition size and
available blocks.  RoundInt64ToInt31() should be used instead
of RoundInt64ToInt32() when assigning their values.

Change-Id: I3834141fce2d54ce8bdfac3dc566074583bb305e
Reviewed-on: http://gerrit.openafs.org/7022
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agorx: handle clock reversals for call timeouts
Jeffrey Altman [Fri, 23 Mar 2012 17:41:10 +0000]
rx: handle clock reversals for call timeouts

If the clock is set backwards, call timeouts will not trigger
until the clock regains its original value plus the timeout period.
In rxi_CheckCall(), look for a backward clock shift and if one is
noticed, fail the call with RX_CALL_TIMEOUT.

Change-Id: I7ca5abee165fc21d72d3881670f9522d315b4982
Reviewed-on: http://gerrit.openafs.org/6943
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoviced: Do error translation for InlineBulkStatus
Simon Wilkinson [Sat, 31 Mar 2012 23:21:04 +0000]
viced: Do error translation for InlineBulkStatus

When a host has requested universal errors, error code conversion
is performed in the CallPostamble. However, the InlineBulkStatus
errorcodes are passed as part of the data set, not as RX errors,
so this translation is not performed.

Fix this so that we also translate error codes that are part of
the InlineBulkStatus response.

Change-Id: Ia23232d948990bdf9b7c4e5e0bcd8be087289a03
Reviewed-on: http://gerrit.openafs.org/6992
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: avoid deadlock with Trend Micro
Jeffrey Altman [Fri, 30 Mar 2012 03:49:43 +0000]
Windows: avoid deadlock with Trend Micro

Trend Micro's anti-virus driver attempts to open the file in
response to CcPurgeCacheSection().  While processing
AFSSetDispositionInfo() the Fcb->NPFcb->Resource is held which is
also required if a status verification is required during the
CreateFile operation.  That results in a deadlock.

Avoid the deadlock by setting the PENDING_DELETE flag prior to
calling CcPurgeCacheSection().

Change-Id: I40d93d70e120525343afb917d473ad79a1f36e29
Reviewed-on: http://gerrit.openafs.org/6988
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Use ulFilter in AFSInvalidateObject
Jeffrey Altman [Fri, 30 Mar 2012 03:39:17 +0000]
Windows: Use ulFilter in AFSInvalidateObject

ulFilter was assigned appropriate values but it was not passed
to AFSFsRtlNotifyFullReportChange as a parameter.

Change-Id: Ie362b2b762e599a7cb040640539a098fdf80a259
Reviewed-on: http://gerrit.openafs.org/6987
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: ObjectInformation.ObjectReferenceCount comparison
Jeffrey Altman [Tue, 27 Mar 2012 04:16:30 +0000]
Windows: ObjectInformation.ObjectReferenceCount comparison

If there is an undercount of the ObjectReferenceCount, consider it
the same as if the object count is zero for comparison purposes.

Change-Id: Ia4ec2d1194f00cb530e7a50ed9db9c71cc4c5313
Reviewed-on: http://gerrit.openafs.org/6970
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Add Name Array Processing Trace Subsystem
Jeffrey Altman [Tue, 27 Mar 2012 18:18:14 +0000]
Windows: Add Name Array Processing Trace Subsystem

Change-Id: Ief4026e9bb3045046a031b56ceb584f2daf1cf43
Reviewed-on: http://gerrit.openafs.org/6973
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: AFSInvalidateObject can overwrite input param
Jeffrey Altman [Mon, 26 Mar 2012 15:10:36 +0000]
Windows: AFSInvalidateObject can overwrite input param

AFSInvalidateObject() must not be called with an AFSObjectInformationCB
pointer variable that it is not safe to overwrite as the function sets
the input value to NULL if the invalidation is going to be performed
asynchronously in a worker thread.

In AFSEnumerateDirectory(), the following call took place:

  AFSInvalidateObject( &pDirNode->ObjectInformation,
                       AFS_INVALIDATE_DATA_VERSION);

which requires a worker thread to process.  As a result, the
ObjectInformation pointer was being set to NULL which detached the
AFSObjectInformationCB from the AFSDirectoryCB.  That in turn produced
an execption in AFSLocateName() which resulted in a resource not being
freed that in turn produced a deadlock.

Change-Id: Id30e84cf96b69156d648e3b452e7e03390559c43
Reviewed-on: http://gerrit.openafs.org/6962
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agowindows: ObjectInformationCB.ObjectReferenceCount
Jeffrey Altman [Mon, 26 Mar 2012 01:29:40 +0000]
windows: ObjectInformationCB.ObjectReferenceCount

The ObjectInformationCB.ObjectReferenceCount is protected by
the VolumeCB->ObjectInfoTree.TreeLock.   When the TreeLock is
dropped the reference count can change.  Hold the TreeLock across
both ObjectReferenceCount == 0 tests and the associated tear down
or repeat the ObjectReferenceCount == 0 test after the TreeLock
is reacquired.

Change-Id: I069c22ae8f3a93fad3ef9a662df5b4903b317897
Reviewed-on: http://gerrit.openafs.org/6959
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoremove athena env conditionals
Michael Meffie [Mon, 26 Mar 2012 18:22:09 +0000]
remove athena env conditionals

Remove the conditionals AFS_ATHENA_STDENV, AFS_ATHENA_ENV
and AFS_KERBREALM_ENV.

Change-Id: If58743acd7d71dd3ed05e76316ff3efd475ca123
Reviewed-on: http://gerrit.openafs.org/6963
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Fix VNOSERVICE EventLog parameters
Jeffrey Altman [Tue, 27 Mar 2012 04:00:30 +0000]
Windows: Fix VNOSERVICE EventLog parameters

Add missing volume and cell.

Change-Id: If1efeb0defb3812e3f41572fb7d46f5e867be70c
Reviewed-on: http://gerrit.openafs.org/6969
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: CreateProcessNotify verify changes
Jeffrey Altman [Tue, 27 Mar 2012 00:49:03 +0000]
Windows: CreateProcessNotify verify changes

PsSetCreateProcessNotifyRoutineEx will fail with STATUS_ACCESS_DENIED
if the driver does not have the IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
bit set in the image header.

Do not include the ParentProcessId in the AFSProceSSDestroy
parameter list.  It isn't available to use and isn't used for
anything in any case.

Assign AFSProcessCB blocks to processes that were created before
AFSRedirector registered the CreateProcessNotify callback and
access the file system.

Change-Id: I4b78cd94949cfdea6b36f601a851c0e2f53a7dbf
Reviewed-on: http://gerrit.openafs.org/6967
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agomacos: iterate mdfound packagemakers when spaces are present
Derrick Brashear [Tue, 27 Mar 2012 16:09:38 +0000]
macos: iterate mdfound packagemakers when spaces are present

even if we get more than one match, and even if there's a space,
work anyway

Change-Id: I8e71af0cb02fda7ea0fcf1c2f7a0404eca4bc073
Reviewed-on: http://gerrit.openafs.org/6971
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agomacos: find packagemaker instead of assuming path
Derrick Brashear [Tue, 27 Mar 2012 00:33:26 +0000]
macos: find packagemaker instead of assuming path

in xcode 4.3, packagemaker is unbundled. make no assumptions
about where it can be found; instead, let spotlight tell us

Change-Id: I5e3431ce40ad6e9114e98c9bf047a4312d42284d
Reviewed-on: http://gerrit.openafs.org/6966
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoafs: Slight adjustments in afs_GetDCache
Andrew Deason [Thu, 22 Mar 2012 15:52:47 +0000]
afs: Slight adjustments in afs_GetDCache

maxGoodSize is only used in one block, so move the decl to that block.
Adjust some of the comments to more accurately reflect what's going
on.

Change-Id: Ifee3a6f98158a314cef6d241c53a0f881f4f2d2b
Reviewed-on: http://gerrit.openafs.org/6936
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoafs: Do not limit fetches based on vcache length
Andrew Deason [Fri, 2 Mar 2012 23:22:12 +0000]
afs: Do not limit fetches based on vcache length

Currently, when we go to the fileserver to fetch some data, we try to
make sure that we do not ask for data beyond the end of the file. For
example, if our chunk size is 1M, and we need to get the first chunk
for a file that is 4 bytes long, we will only ask the fileserver for 4
bytes.

This can cause issues when the file is being extended at the same time
as when we are trying to read the file. Consider the following
example. There is a file named X that has contents "abcd" at dv 1, and
we issue a FetchData64 request for X, only requesting 4 bytes. Right
before the fileserver gets the FetchData64 request, another client
writes the contents "12345" to file X.

The client will then fetch the contents "1234" for that file, at dv 2,
and store that as the contents of the first chunk for file X. On
subsequent reads for file X, applications will now get "1234<NUL>" as
the contents, since the size of the file will be updated to 5, but the
cache manager thinks that "1234" is the correct contents for the first
chunk of X at dv 2. The cache manager will continue to think so until
the cache entry is evicted or invalidated for whatever reason.

To avoid this scenario, always request a full chunk of data if we have
any data to fetch and the file has not been locally truncated. We can
still avoid the fetch at all if it looks like we're fetching beyond
end-of-file, since we know that at least at some point that was
correct information about the file. If this results in us trying to
fetch beyond end-of-file, the fileserver will respond with the correct
length anyway.

We still need to restrict the fetch request length based on
avc->f.truncPos, since the dcache data after avc->f.truncPos needs to
stay empty, since we don't track truncated data any other way. If we
also avoided this restriction, extending a file via truncation after
reducing a file's length via truncation could cause the old file data
to appear again, instead of filling the new file range with NULs.

Note that on at least Linux, with this fix an application can still
read the contents "1234" on the first read in the above example, and
"12345" on subsequent reads. This is just due to when we give the VFS
updates about file metadata, and could be remedied by updating file
metadata immediately from the FetchStatus information from the
FetchData64 call. However, just reading the contents "1234" in the
above example seems like a somewhat plausible outcome; at the very
least, it is an improvement.

Change-Id: I158593502ac96ba2c856a0b5997355a53d4173aa
Reviewed-on: http://gerrit.openafs.org/6882
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoafs: Set DWriting when truncating a dcache entry
Andrew Deason [Thu, 22 Mar 2012 15:42:38 +0000]
afs: Set DWriting when truncating a dcache entry

When we truncate a file, we truncate the contents of the relevant
dcache entry chunks, and prevent future FetchData operations from
fetching data beyond the truncation offset. If we never write anything
to that chunk, we never set DWriting, and so on disk it looks like
that dcache entry has valid data for the specified DV. However, since
the data is truncated, this is not true.

If a process holds a file open, truncates it without writing to it,
and then the client crashes (or we have trouble contacting the
fileserver when we close the file), the dcache entry will appear valid
on disk. So the next time we read the dcache entry, we will use the
incorrect cache contents as if they were accurate for the specified
DV.

To avoid this, set DWriting when we truncate a chunk. Normally we only
clear DWriting when we actually send data to the fileserver, so to
clear DWriting in this case, add an additional line to clear it in
afs_StoreAllSegments, after the StoreMini has completed.

Change-Id: Ifc3bfc21712ab37b1f2865ce59fa45bf03811dd8
Reviewed-on: http://gerrit.openafs.org/6937
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoafs: Log a message on invalid FetchStatus receipt
Andrew Deason [Fri, 2 Mar 2012 23:18:25 +0000]
afs: Log a message on invalid FetchStatus receipt

If we get an invalid AFSFetchStatus structure from a server, log a
message to indicate as such. This serves as a warning to urge people
to fix their fileservers, and to explain what is doing.

Change-Id: I33845f6228f96f693dcbfddcee38dae583f1b092
Reviewed-on: http://gerrit.openafs.org/6881
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoafs: Sanity-check some AFSFetchStatus structures
Andrew Deason [Fri, 2 Mar 2012 23:06:48 +0000]
afs: Sanity-check some AFSFetchStatus structures

We currently do not do any sanity checking on the AFSFetchStatus
structures returned from fileservers. Add some sanity checking for
BulkStatus and FetchStatus calls, so we do not screw up our cache if a
fileserver gives us bogus data.

If we do get an invalid AFSFetchStatus structure, act as if the server
gave us a VBUSY error code, so we will retry the request. For OpenAFS
fileservers prior to 1.6.1 that yield this situation, VBUSY is likely
the error code the fileserver should have responded anyway.

Change-Id: Ie16a5210149b21dd5945380f5d7b6a4d9ee01a72
Reviewed-on: http://gerrit.openafs.org/6880
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoFinish removing sunos 4.x references and build cruft
Chas Williams (CONTRACTOR) [Mon, 19 Mar 2012 17:07:41 +0000]
Finish removing sunos 4.x references and build cruft

Also, fix afsxbsa.h to always include <time.h> since this should get
struct tm on any fairly modern operating system.

Change-Id: Idfb39f12d28a2a0aa470c8549e4149d0b2ccde9e
Change-Id: Ia1c563e5954c533f18bd56155f2ae1825813efe3
Reviewed-on: http://gerrit.openafs.org/6923
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoviced: Do not ignore all InlineBulkStatus errors
Andrew Deason [Fri, 2 Mar 2012 20:55:04 +0000]
viced: Do not ignore all InlineBulkStatus errors

InlineBulkStatus currently returns 0 unconditionally, no matter what
errors are encountered. If we encounter an error early enough, from
CallPreamble for example, we do not fill in the OutStats nor CallBacks
structures at all. Since we return success anyway, this results in the
client getting AFSFetchStatus structures full of zeroes (or garbage,
before commit 726e1e13ff93e2cc1ac21964dc8d906869e64406).

Since current OpenAFS clients do not perform any sanity checks on the
information received, this can result in cache corruption of files
being seen incorrectly as empty, and, before commit 726e1e, more
arbitrary corruption.

So instead, return an error if we encounter an error before we iterate
over the given FIDs. We still of course do not return an error for any
errors encountered during the actual metadata retrieval, as those are
reflected in the individual per-fid status structures.

Change-Id: Icfab4516e510be5f0063ddf9c69f11ab3d511b35
Reviewed-on: http://gerrit.openafs.org/6871
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoWindows: Assign AuthGroup during Process Create
Jeffrey Altman [Tue, 20 Mar 2012 02:38:06 +0000]
Windows: Assign AuthGroup during Process Create

As the process is being created, assign the AuthGroup so that
the must up to date information is used to assign AuthGroup
inheritance from Impersonation states and to prevent the parent
process from being destroyed before the AuthGroup is determined.

Change-Id: I176360a589d7f2bcf4b1ededad069424e3ce5393
Reviewed-on: http://gerrit.openafs.org/6927
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Refactor AFSProcessSupport
Jeffrey Altman [Tue, 20 Mar 2012 01:10:31 +0000]
Windows: Refactor AFSProcessSupport

Breakup AFSProcessNotify() into AFSProcessCreate() and
AFSProcessDestroy().

Correct inconsistencies with ETHREAD vs ThreadId HANDLE.

Add AFSProcessNotifyEx() and use PsSetCreateProcessNotifyRoutineEx()
to register it on Vista SP1 and above.

Change-Id: I2be85c3e8229883b4e239e1fdba9a65fc704daaa
Reviewed-on: http://gerrit.openafs.org/6926
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agodoc: correct implicit ACL permissions volume owner
Jeffrey Altman [Sun, 25 Mar 2012 13:56:48 +0000]
doc: correct implicit ACL permissions volume owner

OpenAFS changed the behavior of implicit administrator permission
for directory ownership.  In OpenAFS only the volume root directory
owner has implicit administrator permissions and they apply to all
directories in the volume not just those with matching ownership.

Change-Id: I8ca0a8874fe17cf7fc575107bd76efb5dc472b10
Reviewed-on: http://gerrit.openafs.org/6951
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agosoftsig: not used on windows
Jeffrey Altman [Sat, 24 Mar 2012 13:23:50 +0000]
softsig: not used on windows

Do not install afs/softsig.h on Windows from src/util

Do not include it in src/viced/viced.c

Change-Id: I8b6dcb1508dcda7da297a0c9a6bfeaf037c40c88
Reviewed-on: http://gerrit.openafs.org/6950
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agotests: Add opr to the command test libraries
Simon Wilkinson [Thu, 22 Mar 2012 14:48:16 +0000]
tests: Add opr to the command test libraries

The cmd/command-t test needs libopr, so give it to it

Change-Id: I74ca08efffb0c0f6245498c9dc0dcf5287915bbd
Reviewed-on: http://gerrit.openafs.org/6949
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agolibafsrpc: Export connection accessor fuctions
Simon Wilkinson [Thu, 22 Mar 2012 14:39:27 +0000]
libafsrpc: Export connection accessor fuctions

Add various connection accessor functions to the export map file for
libafsrpc so they can be used from within RX security layers.

Change-Id: I0b5c75d987aadd6942dcb87fb1b98586bcc9e553
Reviewed-on: http://gerrit.openafs.org/6948
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoopr: should be built as shared
Chas Williams (CONTRACTOR) [Mon, 19 Mar 2012 20:47:28 +0000]
opr: should be built as shared

Since this library could be use anywhere (including a shared library)
it should be built as position independent code.

Change-Id: I9e9c8b5c08e73ce43c04341b1106126f7774c405
Reviewed-on: http://gerrit.openafs.org/6925
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoWindows: Client handling of VNOSERVICE
Jeffrey Altman [Thu, 22 Mar 2012 19:55:47 +0000]
Windows: Client handling of VNOSERVICE

VNOSERVICE should not be grouped together with the volume status
error codes.  It is used to indicate that the RPC was not serviced.
The file server issues it when its idle dead timeout period is reached
while receiving rx call data.  The client's existing status information
is still valid and the client can retry the call.

Change-Id: I51e447824366381e740361576c96559f1c4f3fd3
Reviewed-on: http://gerrit.openafs.org/6938
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: AFSRedir Debug for STATUS_NOT_A_DIRECTORY
Jeffrey Altman [Wed, 21 Mar 2012 14:11:31 +0000]
Windows: AFSRedir Debug for STATUS_NOT_A_DIRECTORY

Add additional logging to handle the case where the afsd_service
returns STATUS_NOT_A_DIRECTORY for eval by id/name.

Change-Id: Ib510fcea6102a92e5e810af5923f06dffbba1ed9
Reviewed-on: http://gerrit.openafs.org/6930
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoLinux 3.4: Switch to d_make_root
Marc Dionne [Thu, 22 Mar 2012 02:19:04 +0000]
Linux 3.4: Switch to d_make_root

If d_make_root is available, use it instead of d_alloc_root.
The helper was introduced in 3.3, and d_alloc_root gets removed
in 3.4.

Change-Id: I39aaa6fd14d04c05ad9cb5b610e7f12f70fe0c94
Reviewed-on: http://gerrit.openafs.org/6931
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agodoc: remove references to AFS's NTP daemon
Ken Dreyer [Wed, 14 Mar 2012 02:06:43 +0000]
doc: remove references to AFS's NTP daemon

AFS's own ntpd and runntp are obsolete. Remove them from the
documentation, and recommend the OS vendor-supplied NTP instead.

Change-Id: If0cd837aa407eb49049881790e618ccd75ca6e5b
Reviewed-on: http://gerrit.openafs.org/6903
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agobuild on solaris 10 again
Michael Meffie [Mon, 19 Mar 2012 23:27:33 +0000]
build on solaris 10 again

Use min and max instead of the non-standard MIN and MAX macros.

Commit 64b00c3a1a87739621f58c777fc3cc54fb15a0af removed inclusion of
rx_packet.h, which included definitions of MIN and MAX on various platforms.

Change-Id: I3d3c75af375704b8baddd72aec3aecf3c4fd43d7
Reviewed-on: http://gerrit.openafs.org/6924
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoWindows: invalidate correct objects during dir verification
Jeffrey Altman [Fri, 16 Mar 2012 05:09:42 +0000]
Windows: invalidate correct objects during dir verification

When processing a directory verification, if a change of data
version is detected or if the FileID of a FileName changes,
be sure to invalidate and verify the directory entry.  Setting
the verify flag on the parent after updating the directory
entry's metadata does not result in the correct behavior.

Change-Id: Ib24bd71b82964e150a6ce730071106c9cbea0d23
Reviewed-on: http://gerrit.openafs.org/6914
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoosx: deal with more kerberos damage
Derrick Brashear [Thu, 15 Mar 2012 15:51:39 +0000]
osx: deal with more kerberos damage

the number of things which can return success without succeeding is
truly sad.

Change-Id: Iab3a6ef72afc8075462dfd98548ad7aa3051d40f
Reviewed-on: http://gerrit.openafs.org/6911
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agoafs: Never #define away afsd_dynamic_vcaches
Andrew Deason [Wed, 7 Mar 2012 22:36:57 +0000]
afs: Never #define away afsd_dynamic_vcaches

Some versions of the Solaris Studio compiler on SPARC (at least 12.2
and possibly others, but not 12.3) get a little confused by code like
this:

    extern int foo;
    int
    somefunc(void) {
        if (0) return foo;
        return 0;
    }

When optimization is turned off, this results in an undefined symbol
reference to 'foo' (which is normal), but the resulting object file
lacks a relocation entry for the symbol 'foo', so the symbol remains
undefined after linking. In the OpenAFS tree, this occurs in
afs_daemons.c which references afs_vcount and afs_cacheStats in this
manner due to afsd_dynamic_vcaches being defined as '0' on Solaris.
The end result is that the libafs kernel module is not loadable, since
it complains about afs_vcount and afs_cacheStats being undefined, even
though the symbol definitions are also in the module.

While this is a bug in Solaris Studio and has since been fixed, it is
simple to work around this so we are usable with more compilers. If we
just always declare afsd_dynamic_vcaches as a regular variable, it
works around this issue and keeps the code a tiny bit simpler. So, do
that.

Change-Id: I3f8fc6aafd52487d729289e393fc59dac84d36ea
Reviewed-on: http://gerrit.openafs.org/6888
Tested-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agorx: hold call->lock across RXS_PreparePacket
Simon Wilkinson [Wed, 14 Mar 2012 14:56:06 +0000]
rx: hold call->lock across RXS_PreparePacket

RX Security Classes have a right to assume that when RXS_PreparePacket
is called that they have exclusive access to the rx_call structure.
Commit e445faa68c5ec6e47d3fd9d7318ade71d98703a9 unintentionally
failed to acquire the call->lock prior to RXS_PreparePacket being
called.

Change-Id: I5a9dfb2818fa17ba6fc1ab6f76ec5cde602c6f16
Reviewed-on: http://gerrit.openafs.org/6904
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Drop resource across AFSCleanupFcb
Jeffrey Altman [Mon, 12 Mar 2012 19:53:47 +0000]
Windows: Drop resource across AFSCleanupFcb

Avoid additional deadlocks involving
VolumeCB->ObjectInfoTree.TreeLock.

Change-Id: Ibfeb8f230c54e95d3a0b7b9d84c63cb7f4b9ce2d
Reviewed-on: http://gerrit.openafs.org/6893
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Wait for memory allocation if necessary
Jeffrey Altman [Wed, 7 Mar 2012 14:54:54 +0000]
Windows: Wait for memory allocation if necessary

The kernel has a limited pool of memory.  If there is no memory
available to satisfy a request, that request will fail initially
with a STATUS_OUT_OF_RESOURCES error which in most cases is exposed
to the user-mode application as STATUS_ACCESS_DENIED.  This can
produce inconsistent results.

This patchset introduces an Event object, MemoryAvailableEvent,
which is signalled when the redirector deallocates memory.  This
should in many cases permit requests to succeed where they otherwise
would have failed immediately.

The WaitingForMemoryCount field tracks the number of threads that
are waiting for memory to become available.  A subsequent patch
could use this value to accelerate the tear down of cached data.

To avoid deadlocks, blocking threads will only wait for a maximum
of 30 seconds at a time.  As long as the redirector continues to
free memory, the thread can re-queue itself.  However, if a timeout
occurs, the allocation request will fail.

Change-Id: I0aa549be3852b31b68d7b42ecab4ca982c75f6ba
Reviewed-on: http://gerrit.openafs.org/6886
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Correct Data Version change synchronization
Jeffrey Altman [Tue, 6 Mar 2012 05:14:28 +0000]
Windows: Correct Data Version change synchronization

The data version must be checked and set while the ObjectInformation
DirectoryNodeHdr.TreeLock is held exclusive.  Otherwise, it is
possible for a race to occur.

Change-Id: Ia4d94cca1d161062e9d98675976ba8fad5731032
Reviewed-on: http://gerrit.openafs.org/6883
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoMake volscan's column delimiter option work
Paul Smeddle [Mon, 12 Mar 2012 19:56:11 +0000]
Make volscan's column delimiter option work

Currently, volscan ignores the -delim command-line option,
using the hardcoded default. This patch adds processing
for this option, allowing alternative characters.

Corrects an error in a08c3207255756c825ab69a19e04f79dd879c646

Change-Id: I750f2d998cff029fc02556ed0baaaa0ca1c95e08
Reviewed-on: http://gerrit.openafs.org/6894
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoviced: fix inverted lockCount assignment
Jens Wegener [Tue, 6 Mar 2012 13:28:32 +0000]
viced: fix inverted lockCount assignment

FIXES 130605

Change-Id: Ibfdbc03100094ca33630dc9e1ddbcacf770a1a02
Reviewed-on: http://gerrit.openafs.org/6884
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoredhat: Don't replace modified configuration files during rpm update
Jonathan Billings [Thu, 8 Mar 2012 14:23:40 +0000]
redhat: Don't replace modified configuration files during rpm update

The previous setting for three %config files mentioned in the spec file:

%config /etc/sysconfig/openafs
%config %{_prefix}/vice/etc/ThisCell
%config %{_prefix}/vice/etc/cacheinfo

When using an unadorned %config, it's possible that these files will
be replaced by the packaged version during a package update.  Changing
%config to %config(noreplace) means that the packaged file will be
installed with the extension .rpmnew if there is already a modified
(from the existing package's version) file with the same name on the
installed machine.

The concern here is that updating an existing system could potentially
change the configuration if the person installing doesn't pay close
attention.  The Rule of Least Surprise indicates that we should
try to preserve existing configuration changes whenever possible.

Change-Id: Ie132c12a3c5defe9bf6fec9ec0f8bd08f3d98646
Reviewed-on: http://gerrit.openafs.org/6887
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agorxgen: fix to use rx accessor routines
chas williams - CONTRACTOR [Mon, 5 Mar 2012 16:41:08 +0000]
rxgen: fix to use rx accessor routines

apparently some uses didnt get converted during the previous work.

Change-Id: Iaa4dcf73fd2e29e3f95feede5217eac4eaded4e2
Reviewed-on: http://gerrit.openafs.org/6874
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoviced: fix -realm option arg parse
Michael Meffie [Sat, 3 Mar 2012 14:42:12 +0000]
viced: fix -realm option arg parse

Advance only once per realm argument when processing the
realm command line option.

Change-Id: Id3873fbe213f27be673ec0c02a27a032dd33c002
Reviewed-on: http://gerrit.openafs.org/6860
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoviced: fix log message in hpr initialize
Michael Meffie [Wed, 29 Feb 2012 16:08:10 +0000]
viced: fix log message in hpr initialize

The wrong dir object is used to log an error in hpr
initialize.

Change-Id: I4460b541a6458742839b47e8277990f426b233a7
Reviewed-on: http://gerrit.openafs.org/6845
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agomacos: don't crash on krb5 damage
Derrick Brashear [Sun, 4 Mar 2012 14:48:07 +0000]
macos: don't crash on krb5 damage

if we get success but still no client, don't crash

Change-Id: I6be28ac6ecece3448123a84cf442a791eebc93cc
Reviewed-on: http://gerrit.openafs.org/6868
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>

8 years agoWindows: add __try..__except
Jeffrey Altman [Fri, 2 Mar 2012 15:54:38 +0000]
Windows: add __try..__except

Wrap potential exception locations in __try ... __except so
that the exceptions can be caught by us instead of Cc/Mm which
use exceptions to signal status.

Change-Id: Ifef02bbf2c76b8583b538e4b67d4136c832b6cc6
Reviewed-on: http://gerrit.openafs.org/6859
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: fix indentation
Jeffrey Altman [Fri, 2 Mar 2012 15:54:23 +0000]
Windows: fix indentation

Change-Id: I2decb4093986c316fe6b9102f2d42a583a24b1f4
Reviewed-on: http://gerrit.openafs.org/6858
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Avoid deadlock in invalidation path
Jeffrey Altman [Fri, 2 Mar 2012 15:52:35 +0000]
Windows: Avoid deadlock in invalidation path

During data version invalidation the AFS redirector must CcPurge
any non-dirty extents on a file. This operation can be intercepted
by a filter driver which in turn might open the file and close it
again before the CcPurge completes.

The AFSPerformObjectInvalidate call holds the ExtentsResource
shared which can deadlock if AFSClose attempts an extent tear down
which requires exclusive access to the ExtentsResource.

Change-Id: I7cb0289d8036aabf56bb11fd12a79308be45faa8
Reviewed-on: http://gerrit.openafs.org/6856
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoFixes dkms.conf for Redhat Enterprise
Dave Botsch [Thu, 1 Mar 2012 17:43:36 +0000]
Fixes dkms.conf for Redhat Enterprise

commit 8e0aaae076f4cccfd2d6ed81ede4e355235b578e , while fixing dkms.conf for
Fedora, broke dkms.conf for RHEL. In RHEL, you get a dkms.conf with too
many backslashes in the "mv" line. The dkms.conf should have the mv line
reading:

mv src/libafs/MODLOAD-*/\$KMODNAME \$DSTKMOD"

for Fedora.

This change checks if we are building on Fedora, and if so, maintains
the extra backslashes. Otherwise, not.

modified:   src/packaging/RedHat/openafs.spec.in

Uses the dist tags as specified at
http://fedoraproject.org/wiki/Packaging:DistTag

Change-Id: I7fd7531758a63b2634424c2fcba23ae1b0fc8f2f
Reviewed-on: http://gerrit.openafs.org/6851
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agounix: always retry RX_CALL_BUSY
Jeffrey Altman [Thu, 1 Mar 2012 20:49:12 +0000]
unix: always retry RX_CALL_BUSY

RX_CALL_BUSY is an indication that the call channel is busy not
that the server is down or otherwise cannot respond.  Unconditionally
retry the RPC and do not alter state.  We just want to force the use
of a different call channel.

Change-Id: Ic4ef9bac800087f1b287d3da08fcd5eec84374ef
Reviewed-on: http://gerrit.openafs.org/6852
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Hartmut Reuter <reuter@rzg.mpg.de>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Workaround Win7 SMB Reconnect Bug
Jeffrey Altman [Wed, 29 Feb 2012 18:07:47 +0000]
Windows: Workaround Win7 SMB Reconnect Bug

The SMB specification permits the server to save a round trip
in the GSS negotiation by sending an initial security blob.
Unfortunately, doing so trips a bug in Windows 7 and Server 2008 R2
whereby the SMB 1.x redirector drops the blob on the floor after
the first connection to the server and simply attempts to reuse
the previous authentication context.  This bug can be avoided by
the server sending no security blob in the SMB_COM_NEGOTIATE
response.  This forces the client to send an initial GSS init_sec_context
blob under all circumstances which works around the bug in Microsoft's
code.

Do not call smb_NegotiateExtendedSecurity(&secBlob, &secBlobLength);

As a result of the SMB 1.x bug, all attempts to reconnect fail due to
SMB connection resets.  The SMB 1.x redirector will retry indefinitely
but all processes with outstanding requests to \\AFS will block until
the machine is rebooted.

Change-Id: Iedd58fccbf85495d48871935f6e61ede1e1240ff
Reviewed-on: http://gerrit.openafs.org/6846
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoviced: Ignore client loopback alternate addresses
Andrew Deason [Thu, 8 Jul 2010 16:25:19 +0000]
viced: Ignore client loopback alternate addresses

When we receive interface information from a client to determine its
alternate IP addresses, ignore any addresses that look like loopback.

Change-Id: I245ebfc74ad1e8bd2fcd235a00f000d29229668d
Reviewed-on: http://gerrit.openafs.org/2368
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Fix an ExtentResource trace message
Jeffrey Altman [Fri, 24 Feb 2012 17:23:28 +0000]
Windows: Fix an ExtentResource trace message

This instance is logging a SHARED acquisition not an EXCL one.

Change-Id: Id4e69bb275ff4eb242b2c145df80ed9b73313776
Reviewed-on: http://gerrit.openafs.org/6792
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: cm_UpdateCell never applies to Freelance mode
Jeffrey Altman [Fri, 24 Feb 2012 17:21:46 +0000]
Windows: cm_UpdateCell never applies to Freelance mode

The Freelance.Local.Cell is updated by the registry monitor
thread and cm_UpdateCell should be a no-op.  Make it so.

Change-Id: I2961114590af6b64b8ae06d608a97513e83aad4e
Reviewed-on: http://gerrit.openafs.org/6791
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Redirector opens must set a valid FsContext
Vaibhav Kamra [Thu, 23 Feb 2012 17:58:07 +0000]
Windows: Redirector opens must set a valid FsContext

A successful open must have FileObject->FsContext set to a structure
with a valid/initialized FSRTL_ADVANCED_FCB_HEADER object.

Not having this breaks assumptions in the kernel.

Patchset edited by Jeffrey Altman <jaltman@your-file-system.com>

Change-Id: I70c9045bfa02c54074c015e6e871ead63efb6769
Reviewed-on: http://gerrit.openafs.org/6782
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: remove AFSOpenRedirector from AFSRedirLib
Jeffrey Altman [Thu, 23 Feb 2012 19:13:08 +0000]
Windows: remove AFSOpenRedirector from AFSRedirLib

The AFSOpenRedirector functionality must exist in the framework,
AFSRedir.sys, not the library, AFSRedirLib.sys.

Change-Id: Id688efba016d94df558b241e9bee421c86c60e27
Reviewed-on: http://gerrit.openafs.org/6781
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: do not bugcheck in AFSExAllocatePoolWithTag
Jeffrey Altman [Thu, 23 Feb 2012 14:31:31 +0000]
Windows: do not bugcheck in AFSExAllocatePoolWithTag

If the Bug Check flag is set, the call to AFSBreakPoint() in
AFSExAllocatePoolWithTag() will trigger.  There is no need for
an explicit bug check test in AFSExAllocatePoolWithTag().

If AFSExAllocatePoolWithTag() returns NULL there is no need
to ASSERT() the return value since AFSBreakPoint() would already
have been called to signal a debugger.

Change-Id: Ie8564f41f811c3afd99dc2e9c02f4aa68d63ef8e
Reviewed-on: http://gerrit.openafs.org/6780
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: Revert "AFSRedir DebugFlags Turn on BugCheck"
Jeffrey Altman [Thu, 23 Feb 2012 14:28:49 +0000]
Windows: Revert "AFSRedir DebugFlags Turn on BugCheck"

This reverts commit 209df87d08fb07d9641b81858a0821b9fd95dbcc.

Turning on BugCheck by default was a good idea because we needed
to track down the cause of exceptions that were otherwise being
thrown resulting in resource leaks.  However, it is a bad idea
because it results in out of memory conditions throwing bug checks
that result in a BSOD.

Change-Id: If0965657957ed73b83686a9be42b0d7f89964f2f
Reviewed-on: http://gerrit.openafs.org/6779
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoRewrite make_h_tree.pl in shell script
Andrew Deason [Fri, 24 Feb 2012 00:28:21 +0000]
Rewrite make_h_tree.pl in shell script

The current usage of make_h_tree.pl adds a build requirement of
/usr/bin/perl that we did not have prior to commit
1d6593e952ce82c778b1cd6e40c6e22ec756daf1. Do the same thing in a
bourne shell script instead, so we don't need perl.

Note that this is not as generalized as make_h_tree.pl, but it doesn't
need to be. Specifically, this does not strip a leading ../ from found
include directives (nothing in the tree that includes h/* files uses
this), and header filenames containing whitespace almost certainly do
not work correctly.

The h => sys mapping is also much more hardcoded, but that's all we
were using this for anyway.

Change-Id: If07888abfdb9e8ec822b33abed0bf744b7210a52
Reviewed-on: http://gerrit.openafs.org/6790
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agosalvager: Do not fork for single VG salvage
Andrew Deason [Thu, 23 Feb 2012 19:02:13 +0000]
salvager: Do not fork for single VG salvage

Currently we always fork a child in the salvager in order to salvage a
volume group. I believe this is in order to protect SEGV, exit(), etc
in one salvage operation from preventing salvaging anything else. When
salvaging a single volume group, though, there appears to be little
benefit.

In addition, we need to keep the VG salvaging code in the same process
as the cleanup code for single-volume salvages, so we can know which
volumes were deleted by SalvageVolumeGroup, so we know which volumes
to bring back online. So, do not fork for the singleVolumeNumber case.

Note that for DAFS, we already never fork for the entire salvage
operation when salvaging an individual volume group. So, this is
effectively a non-DAFS-only change.

Change-Id: I2b646b9ff932a673c714bc27ac32ed41cc3e22e6
Reviewed-on: http://gerrit.openafs.org/6787
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agosalvager: Remove VolumeSummary->fileName
Andrew Deason [Wed, 22 Feb 2012 00:05:32 +0000]
salvager: Remove VolumeSummary->fileName

The 'fileName' field in VolumeSummary serves two apparent purposes:

 - Storing the filename of the volume header file (V0XXX.vol).

 - Indicating whether or not a given VolumeSummary object is
   referenced by any inodes on disk. fileName is set by
   AskVolumeSummary/GetVolumeSummary, and is cleared in
   SalvageFileSys1 when a matching inodeSummary entry is found.

This is very confusing. The first purpose is completely unnecessary;
we can always calculate the filename from the volume id for the
volume, and we already enforce the filename to be of that specific
format. The second purpose is very unclear in the current code, and
overloads the meaning of the field.

So instead, remove fileName entirely. Code that was using it to locate
the header file are changed to use VolumeExternalName_r. Code that was
using the field to determine if the volume is "unused" is changed to
use a field just called "unused", set to 0 or 1.

Change-Id: I5e257ea633b7ae821136c88e1b2024f62125ab30
Reviewed-on: http://gerrit.openafs.org/6786
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agosalvager: Remove PrintVolumeSummary
Andrew Deason [Wed, 22 Feb 2012 00:03:24 +0000]
salvager: Remove PrintVolumeSummary

Nothing uses this function; remove it.

Change-Id: I55ae048ba920bbd10030c227724323fa20681941
Reviewed-on: http://gerrit.openafs.org/6785
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agosalvager: Do not require MaybeZapVolume fileName
Andrew Deason [Tue, 21 Feb 2012 23:46:41 +0000]
salvager: Do not require MaybeZapVolume fileName

In MaybeZapVolume, currently we do not remove the volume header if the
given isp->volSummary->fileName is not set. This effectively means
that we only actually "zap" volumes for which we have just created the
header, or which are not referenced by any inodes.

For readonly volumes that have errors, we want to delete the volumes
instead of salvaging. Readonly volumes with valid headers will have
fileName as NULL, though (set back in SalvageFileSys1), so
MaybeZapVolume will refuse to remove them. What ends up happening is
that the headers will stay around, but since we do not finish checking
the volume, all of the inodes for the data in the volume will be
dec'd. This results in a volume whose header exists, but none of its
inodes (including special inodes) exist, so the volume will need to be
salvaged again, and during that salvage will be deleted (because there
are no inodes for the volume).

Avoid all this, and just delete volume headers for volumes that lack a
valid fileName. Instead try to avoid deleting headers with
volSummary->deleted set, just so we don't try to delete the same
headers twice.

Related issue reported by ├ůsa Andersson.

Change-Id: I4797d0cabe3851debdc78f4ed9ee619534397970
Reviewed-on: http://gerrit.openafs.org/6784
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agosalvager: Do not set fileName on header fixup
Andrew Deason [Tue, 21 Feb 2012 23:40:46 +0000]
salvager: Do not set fileName on header fixup

Currently, SalvageVolumeHeaderFile will set isp->volSummary->fileName
to a new string whenever the volume header needs to be created or
re-written. When control reaches back to SalvageFileSys1, this can
cause DeleteExtraVolumeHeaderFile to delete the header, since
vsp->fileName is used as a sort of indicator to see whether or not a
volume has been referenced by the inode summary.

When we create a new header, we avoid this because we allocate a new
VolumeSummary struct, which is not caught by the last
DeleteExtraVolumeHeaderFile for loop in SalvageFileSys1. However, we
do delete the header when we simply re-write a header, since we use
the existing VolumeSummary struct. Set fileName in neither, for
consistency.

Change-Id: Ibb7b5fbadb701028a6bafe01ae9f8d3265e2f443
Reviewed-on: http://gerrit.openafs.org/6783
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoLINUX: Use afs_convert_code in afs_notify_change
Andrew Deason [Wed, 22 Feb 2012 21:40:20 +0000]
LINUX: Use afs_convert_code in afs_notify_change

afs_notify_change currently just returns "-code". This can cause a
panic if the error code is negative, since we will return a positive
error code, which may get interpreted as a valid pointer value in
higher levels.

Specifically, if we hit afs_notify_change via something like this code
path:

do_sys_open -> do_filp_open -> open_namei -> may_open -> do_truncate
-> notify_change -> afs_notify_change (via inode->i_op->setattr)

the positive error value will be interpreted by do_sys_open as a valid
'struct file' pointer, and will be dereferenced.

So pass the return value through afs_convert_code, like all of the
other vnode ops, so we ensure we return an error properly.

Change-Id: I941cc2d77d5a96cf86dfe133d30af4ccf6e9f2cb
Reviewed-on: http://gerrit.openafs.org/6776
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoLINUX: move afs_notify_change to osi_vnodeops.c
Andrew Deason [Wed, 22 Feb 2012 21:36:37 +0000]
LINUX: move afs_notify_change to osi_vnodeops.c

afs_notify_change is almost always used solely in inode_operations
structs, and is more similar to the other per-vnode functions. Put it
with the other per-vnode functions for better organization, and so
they can use the same static functions.

Move the helper functions iattr2vattr and vattr2inode along with it.

Change-Id: I47a69fe673cfc3318ce583596ba25cbeb9cb0b96
Reviewed-on: http://gerrit.openafs.org/6775
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agolibafs: retry retriable RPCs instead of abandoning
Derrick Brashear [Wed, 22 Feb 2012 20:57:46 +0000]
libafs: retry retriable RPCs instead of abandoning

if we get e.g. an idle dead error we should retry
retriable actions, namely data stores. in order
for writing files to work correctly given how
the writeback code is structured it's important that
this not interfere with analyze's shouldRetry decision
on those RPCs

Change-Id: Ie091a72b924c8414ec66c377fa13da14575a69cf
Reviewed-on: http://gerrit.openafs.org/6749
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agolibafs: ensure one nat ping connection per srvAddr
Derrick Brashear [Mon, 13 Feb 2012 03:45:59 +0000]
libafs: ensure one nat ping connection per srvAddr

track the natping conn with the srvAddr, ensuring exactly one.

Change-Id: I2e424a71d398563f9d0ec3ca77b83320cbef4ea1
Reviewed-on: http://gerrit.openafs.org/6706
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoWindows: invalidate data version on link creation
Jeffrey Altman [Wed, 22 Feb 2012 19:19:51 +0000]
Windows: invalidate data version on link creation

notify the redirector that the directory data version has
changed when a pioctl is used to create a symlink or mount point.

FIXES 130589

Change-Id: I07e1ae130b9db8d3dd68fef892c47de008be7cd4
Reviewed-on: http://gerrit.openafs.org/6747
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: AFSPerformObjectInvalidate hold ExtentsResource shared
Jeffrey Altman [Tue, 21 Feb 2012 01:50:53 +0000]
Windows: AFSPerformObjectInvalidate hold ExtentsResource shared

The AFSPerformObjectInvalidate() was obtaining exclusive
access to the Fcb ExtentsResource even though it was not
tearing down the extents list.  The ExtentsResource could
be held shared instead.  Doing so will avoid the following
deadlock:

Thread 1:
 nt!MmPurgeSection+0x403
 nt!CcPurgeCacheSection+0x100
 AFSRedirLib!AFSPerformObjectInvalidate+0xd4
 AFSRedirLib!AFSWorkerThread+0xa4
 nt!PspSystemThreadStartup+0x2e

Thread 2:
 AFSRedirLib!AFSAcquireShared+0x18
 AFSRedirLib!AFSMarkDirty+0x68
 AFSRedirLib!AFSNonCachedWrite+0x603
 AFSRedirLib!AFSCommonWrite+0x5fa
 AFSRedirLib!AFSWrite+0x20
 nt!IofCallDriver+0x45
 AFSRedir!AFSWrite+0x57
 nt!IofCallDriver+0x45
 fltMgr!FltpDispatch+0x6f
 nt!IofCallDriver+0x45
 AMFilter+0x2c6e
 nt!IofCallDriver+0x45
 PMDriver+0x112a
 nt!IofCallDriver+0x45
 OpLoader+0x1cd2
 nt!IofCallDriver+0x45
 savonaccesscontrol+0x6f15
 savonaccessfilter+0x2fa0
 nt!IofCallDriver+0x45
 nt!IoAsynchronousPageWrite+0xd0
 nt!MiMappedPageWriter+0x127
 nt!PspSystemThreadStartup+0x2e

Thread 1 is attempting to perform a cache purge which cannot complete
until Thread 2 is finished but Thread 2 requires the ExtentsResource
which is held by Thread 1.

Change-Id: I4582093cf973f61cf6aff0df5e23b6711ec708b3
Reviewed-on: http://gerrit.openafs.org/6744
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoWindows: fsLockCount not accurate
Jeffrey Altman [Mon, 20 Feb 2012 06:48:20 +0000]
Windows: fsLockCount not accurate

Prior to 1.6.2 the file server does not report an accurate value
for the lock state.  In addition, callbacks are not broken when
locks are freed due to lease expiration.

Change-Id: I5b79d1d59c2ace9834cf23dfbef33e343ce6dda0
Reviewed-on: http://gerrit.openafs.org/6741
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agoviced: lockcount only valid if not expired
Jeffrey Altman [Mon, 20 Feb 2012 06:40:03 +0000]
viced: lockcount only valid if not expired

locks are issued on a lease.  If the lock is expired, the lock
count is zero.

Change-Id: I628dd5b8b0d38694d653d9e8e82ff60ec2e1505c
Reviewed-on: http://gerrit.openafs.org/6740
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>

8 years agovolser: Remove unused variable
Marc Dionne [Mon, 20 Feb 2012 22:56:29 +0000]
volser: Remove unused variable

tid is now unused - remove it to avoid a warning.

Change-Id: If2d4fdf16415bbf19de3cd8a3e621d04d4d9b018
Reviewed-on: http://gerrit.openafs.org/6743
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoviced: Relax "h_TossStuff_r failed" warnings
Andrew Deason [Fri, 17 Feb 2012 23:12:46 +0000]
viced: Relax "h_TossStuff_r failed" warnings

Currently, h_TossStuff_r bails out and logs a message if we detect
that somebody grabbed a reference or locked the host while we tried to
h_NBLock_r. The reasoning for this is that it is not legal for anyone
to h_Hold_r a host that has HOSTDELETED set (but the error is
detectable and recoverable); callers are supposed to check for
HOSTDELETED and not hold a host in that case.

However, HOSTDELETED may not be set when h_TossStuff_r is called,
since we call it if either HOSTDELETED _or_ CLIENTDELETED are set. If
CLIENTDELETED is set and HOSTDELETED is not, it's perfectly fine (and
necessary) for callers to grab a reference to the host. So, if that's
what is going on, don't log a message, since that's normal behavior.

Check for HOSTDELETED before we h_NBLock_r, since it is technically
possible (and legal) for someone to grab a reference to the host and
somehow set HOSTDELETED while we wait for h_NBLock_r to return. Also
log the flags when we see this message.

Change-Id: Ie50a0617de094bb1c721da28f100ed4b31aa849f
Reviewed-on: http://gerrit.openafs.org/6733
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoviced: Remove extraneous h_AHTAHT_r in h_GetHost_r
Andrew Deason [Fri, 17 Feb 2012 22:24:16 +0000]
viced: Remove extraneous h_AHTAHT_r in h_GetHost_r

We added this address to the host with an addInterfaceAddr_r call just
a few lines before, which adds the host to the address hash table.
Another call to h_AddHostToAddrHashTable_r is pure overhead and
confusing.

Change-Id: Ib08817274e632f67776956ede8b56eaf0dce879e
Reviewed-on: http://gerrit.openafs.org/6729
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoviced: Set h_GetHost_r probefail if MPAA_r fails
Andrew Deason [Fri, 17 Feb 2012 21:46:50 +0000]
viced: Set h_GetHost_r probefail if MPAA_r fails

Currently, in h_GetHost_r, if we get a connection whose address does
not match an extant host, but the reported uuid does, we ProbeUuid the
old host. If it fails, we call MultiProbeAlternateAddress_r and set
'probefail'. Later on, if 'probefail' is set, we always add the
connection address to the host, and remove the host->host,host->port
address from the host.

However, this is not always correct. Consider the following situation.

We have an existing host that has primary address 1.1.1.1, and also
has addresses 1.1.1.2 and 1.1.1.3 on the interface list but not on the
hash table. Say that host A stops responding on 1.1.1.1, and a
connection comes in from 1.1.1.2. We ProbeUuid 1.1.1.1 and get a
failure, so we call MultiProbeAlternateAddress_r.
MultiProbeAlternateAddress_r probes via rx_Multi the addresses 1.1.1.2
and 1.1.1.3. Say that 1.1.1.3 responds first, and responds
successfully, so MultiProbeAlternateAddress_r sets 1.1.1.3 to be the
primary address for the host.

After MultiProbeAlternateAddress_r returns, 'probefail' is set. A few
lines down, we see that oldHost->host does not match haddr, and
'probefail' is set, so we add 1.1.1.2 to the interface list, and
remove 1.1.1.3, and set 1.1.1.2 to be the primary address, even though
1.1.1.3 is the address we most recently 'know' is correct.

To fix this, only set 'probefail' if MultiProbeAlternateAddress_r also
fails after the failed ProbeUuid call. Conceptually this makes sense,
since if MultiProbeAlternateAddress_r succeeds, it found an address
that responds successfully to ProbeUuid, and it sets that address to
be the primary address. Therefore, after MultiProbeAlternateAddress_r
returns success, the situation is the same as if the 'good' address
was already the primary address, and the ProbeUuid call succeeded, so
'probefail' should be cleared.

Change-Id: Id32817916a8a42db567ad099aae00745b79598c5
Reviewed-on: http://gerrit.openafs.org/6728
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoviced: Correctly update addrs on alt addr probe
Andrew Deason [Fri, 17 Feb 2012 19:14:31 +0000]
viced: Correctly update addrs on alt addr probe

The functions MultiBreakCallBackAlternateAddress_r and
MultiProbeAlternateAddress_r try to find a valid address in a host's
interface list of addrs. If they find one, they update host->host and
host->port. However, they do so just by changing those fields directly
and by calling h_DeleteHostFromAddrHashTable_r and
h_AddHostToAddrHashTable_r. This leaves the old host->host, host->port
on the interface list, and leaves it marked as 'valid'. Similarly, the
new host and port may still be marked as not 'valid'.

This can result in the host being on the addr hash table via an
address that is not on the host's interface list. After the above
situation occurs, we may call

  removeInterfaceAddr_r(host, host->host, host->port);

and then update host->host and host->port, which happens in a variety
of places. Since host->host, host->port is not marked as valid in the
interface list, it is not removed from the addr hash table, but it is
removed from the interface list. Eventually, this can cause the host
to be referenced from the addr hash table even after it has been
freed.

Since this can result in hash table entries pointing to the 'wrong'
host, this can result in FileLog messages such as:

Sun Feb  5 03:16:35 2012 Removing address that does not belong to host 0xdeadbeefdead (1.2.3.4:7001).

And bogus instances of the message:

Sun Feb  5 03:16:36 2012 CB: new identity for host 0xdeadbeefdead (1.2.3.4:7001), deleting(1 baadcafe 12345678-9abc-def0-12-34-456789abcdef fedcba98-76543210f-ed-cb-a9876543210f)

To fix this, make MultiBreakCallBackAlternateAddress_r and
MultiProbeAlternateAddress_r update the address list the same way as
all of the code in host.c does; by adding the new address with
addInterfaceAddr_r, removing it with removeInterfaceAddr_r, and
updating host->host and host->port.

Change-Id: I0a95e0186c03c1831c4df86daae901bf2462da0e
Reviewed-on: http://gerrit.openafs.org/6727
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agoviced: Delete dup host before probing old host
Andrew Deason [Thu, 16 Feb 2012 22:20:16 +0000]
viced: Delete dup host before probing old host

Currently, when the fileserver gets a new connection from an address
not on the addr hash table, we allocate a new host structure and add
that host to the addr hash table. If we then find that that host's
uuid matches the uuid of an extant host, we do the following:

 - probe the old host with the uuid, and MultiProbeAlternateAddress_r
   if the probe fails

 - mark the duplicate host as HOSTDELETED

 - manipulate the interface lists

Consider, for example, that we have an extant host ('oldHost') with
address 1.2.3.4:7001, but with 5.6.7.8:7001 on its alternate interface
list. At some point, the 1.2.3.4:7001 interface goes away or becomes
unreachable. A new connection comes in from that same host on
5.6.7.8:7001.

What will happen is we create a new host for address 5.6.7.8:7001, and
then detect the uuid collision. When we try to probe the old address
of 1.2.3.4:7001, it will fail, and we will try to
MultiProbeAlternateAddress_r. MultiProbeAlternateAddress_r will
determine that the alternate address 5.6.7.8:7001 responds
successfully to the probe, and it tries to set 5.6.7.8:7001 to be the
primary address of 'oldHost', and add 'oldHost' to the addr hash table
under 5.6.7.8:7001.

But the "new" host from the incoming connection is already hashed on
the address hash table under 5.6.7.8:7001, so the
h_AddHostToAddrHashTable_r call in MultiProbeAlternateAddress_r fails.
Since we later delete the new duplicate host, this results in
5.6.7.8:7001 being the primary address for the host, but that address
is not anywhere in the address hash table.

This behavior can be seen by the following pair of FileLog messages:

Wed Feb  1 11:02:38 2012 CB: ProbeUuid for 0xdeadbeefdead (1.2.3.4:7001) failed -01
Wed Feb  1 11:02:38 2012 h_AddHostToAddrHashTable_r: refusing to hash host beefdeadbaadcafe (5.6.7.8:7001) already hashed

While those message do not necessarily indicate this problem, this
problem will result in those messages.

To fix this, mark the duplicate host as HOSTDELETED before we do any
probing on 'oldHost'. This way, if MultiProbeAlternateAddress_r tries
to add 'oldHost' to the addr hash table under 5.6.7.8:7001, it will be
able to do so successfully, since the old duplicate host is deleted.

Change-Id: Id3aaab0718425492dca1deba892725160677b85f
Reviewed-on: http://gerrit.openafs.org/6726
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

8 years agovos: allow releases without offline time
Derrick Brashear [Tue, 13 Dec 2011 17:46:36 +0000]
vos: allow releases without offline time

allow releases using dumps to clones to avoid offline time

Change-Id: I06ed71f12494e362aa10a851081c9dcaf8c9a1af
Reviewed-on: http://gerrit.openafs.org/6254
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agovos: refactor code
Derrick Brashear [Tue, 13 Dec 2011 17:29:30 +0000]
vos: refactor code

change vos to remove lots of duplicated code for volume deletes and clones

Change-Id: I1f39e857de6eefa0d8897e4eb8ece49e4a72f518
Reviewed-on: http://gerrit.openafs.org/6253
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agoRx: Avoid lastBusy/PEER_BUSY discrepancy
Andrew Deason [Mon, 13 Feb 2012 20:11:36 +0000]
Rx: Avoid lastBusy/PEER_BUSY discrepancy

If an rx call has the RX_CALL_PEER_BUSY flag set, but the call's
conn->lastBusy is not set, we can easily cause an rx caller to loop
infinitely. rx_NewCall will see that lastBusy for a call channel is
not set, and will use that call channel, but rxi_CheckBusy will note
that the call appears busy and that there are non-busy call channels
on the same conn, and so will return RX_CALL_BUSY.

This can currently happen in rxi_ResetCall, since we set
RX_CALL_PEER_BUSY on the call again if the call had that flag set when
rxi_ResetCall was called. If we are calling rxi_ResetCall with
'newcall' set, the passed in call is unrelated to the new call, since
it was obtained from the free list. Thus, the busy-ness of the call
should be ignored. Fix this by only paying attention to the incoming
RX_CALL_PEER_BUSY flag if 'newcall' is not set.

Also prevent this from happening by clearing RX_CALL_PEER_BUSY in
rx_NewCall when we select a call and clear lastBusy for that call.

Change-Id: Ic5a4709854b62d962ed91ee0103c6cbdd735d175
Reviewed-on: http://gerrit.openafs.org/6707
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>

8 years agovol: allow clones of readonly volumes
Derrick Brashear [Tue, 13 Dec 2011 17:00:52 +0000]
vol: allow clones of readonly volumes

allow writing of data where it's not user data we're changing
(e.g. allow a vnode to be marked cloned in the vnode index)

Change-Id: If3338ab0474ddbfe895b705217d61c054c4cb696
Reviewed-on: http://gerrit.openafs.org/6251
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>