openafs.git
7 years agoEnable dvolser and tvolser for FreeBSD
Ben Kaduk [Wed, 13 Mar 2013 17:27:32 +0000]
Enable dvolser and tvolser for FreeBSD

The top-level Makefile did not recurse into dvolser or tvolser for
FreeBSD.  They compile just fine, so enable them.

Change-Id: Id85e3a72f53b85e6b155b224268e2fe587fe3406
Reviewed-on: http://gerrit.openafs.org/9598
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

7 years agoutil: fix dirpath use of clntEtcDir on Windows
Jeffrey Altman [Tue, 19 Mar 2013 20:14:18 +0000]
util: fix dirpath use of clntEtcDir on Windows

When commit 9b0a7f5d13115fe5760db16587fe81dd35a5a0ef added the variable
'clntEtcDir' it failed to assign it a value on Windows.

Change-Id: I02cfb994a28e3e1032741d1b2710acb5d40d9bfd
Reviewed-on: http://gerrit.openafs.org/9635
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agovol: remove duplicate stmp declaration
Jeffrey Altman [Fri, 15 Mar 2013 03:27:25 +0000]
vol: remove duplicate stmp declaration

Patchset 38cf31463e3f3c675de727c1e793e117a90e6d20 added a definition of
afs_ino_str_t stmp which should have replaced the b64_string_t stmp
declaration that was already present.

Thanks to Jason Madar for noticing.

FIXES 131620

Change-Id: I780efd55dea33f1f7893b68285c841e80660b3f3
Reviewed-on: http://gerrit.openafs.org/9608
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoUpdate NEWS for 1.6.2.1
Stephan Wiesand [Thu, 14 Mar 2013 09:35:30 +0000]
Update NEWS for 1.6.2.1

Change-Id: I2c08474cc6034d40cef0d77d94c070bcdd8d4563
Reviewed-on: http://gerrit.openafs.org/9602
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Paul Smeddle <paul.smeddle@gmail.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoMake NEWS match the 1.6.2 Release Notes
Stephan Wiesand [Thu, 14 Mar 2013 09:16:30 +0000]
Make NEWS match the 1.6.2 Release Notes

Change-Id: Ic98bbb37e2f81e36724e69af348c06a2c6b8b5c3
Reviewed-on: http://gerrit.openafs.org/9601
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoWindows: Create Symlinks in Volume Roots
Jeffrey Altman [Sat, 23 Mar 2013 01:14:48 +0000]
Windows: Create Symlinks in Volume Roots

Permit the CreateSymbolicLink API to create symlinks in volume
root directories.

Change-Id: I779f127f9a7e4ddfee41fe7a9398f20175843be0
Reviewed-on: http://gerrit.openafs.org/9656
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Robocopy Symlinks
Jeffrey Altman [Fri, 22 Mar 2013 20:10:54 +0000]
Windows: Robocopy Symlinks

This patchset enables AFS Symlinks and DFSlinks to be copied to
a local NTFS disk using robocopy's /SL option.

Separate print names and substitute names are now provided permitting
the reparse data copied from AFS to be applied to a local disk object
for recreation.

Change-Id: I7bab4e8352a069a14b9ac4b3b2e22819f3de7a23
Reviewed-on: http://gerrit.openafs.org/9655
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: NPAddConnection no local name and connected
Jeffrey Altman [Thu, 21 Mar 2013 11:57:34 +0000]
Windows: NPAddConnection no local name and connected

The WN_ALREADY_CONNECTED error is only to be returned if a local
device name (aka drive letter) is provided in the request.  Otherwise,
the proper return status is WN_SUCCESS if an unnamed connection is
requested.

Change-Id: I1e1ca47a84e353db66e2830ec11f968a3578c4f6
Reviewed-on: http://gerrit.openafs.org/9642
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: NPCancelConnection without drive letter
Jeffrey Altman [Wed, 20 Mar 2013 20:23:59 +0000]
Windows: NPCancelConnection without drive letter

When canceling a network connection to a UNC path, do not match
connections that have drive letters assigned.  Only cancel the connection
if there it matches the UNC path and has no local name.

Change-Id: I2c27c6d08cec65406f7e7f9eb61cd6d6c7be1f5c
Reviewed-on: http://gerrit.openafs.org/9640
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: AFSDeleteObjectInfo InterlockedExchange
Jeffrey Altman [Fri, 22 Mar 2013 04:54:36 +0000]
Windows: AFSDeleteObjectInfo InterlockedExchange

Use InterlockedExchangePointer to disconnect the ObjectInformationCB
pointer from the caller.  This ensures that only one thread can
successfully call AFSDeleteObjectInfo on the same object at a time.

Change-Id: Ie70f52fc443f88c3cb4be41f12caa91466d92905
Reviewed-on: http://gerrit.openafs.org/9644
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: FSCTL_SET_REPARSE_POINT NULL ptr dereference
Jeffrey Altman [Thu, 21 Mar 2013 23:34:25 +0000]
Windows: FSCTL_SET_REPARSE_POINT NULL ptr dereference

Avoid a potential NULL pointer dereference if the ParentObjectInfo
object cannot be found.  If the Btree lookup fails, do not call
AFSCreateSymlink() and do not decrement the ObjectInfo refcount.
Doing so will result in a BSOD.

Change-Id: Ibd3e4ebb343f6c3cff8bf1cb160e42938d0f906c
Reviewed-on: http://gerrit.openafs.org/9643
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Remove Driver Verifier warning of memory leak
Jeffrey Altman [Thu, 21 Mar 2013 10:28:25 +0000]
Windows: Remove Driver Verifier warning of memory leak

Work items are now queued in an AFSRedir.sys data structure
and are not freed when AFSRedirLib.sys is unloaded.  Therefore,
do allocate the memory with AFSLibExAllocatePoolWithTag().
The allocation by AFSLibExAllocatePoolWithTag results in a false
Driver Verifier warning of a memory leak on unload.

Change-Id: I268c4b6d20090e88114456a24b7648eef59f6289
Reviewed-on: http://gerrit.openafs.org/9641
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: buf_ClearRDRFlag and cm_directIO
Jeffrey Altman [Wed, 20 Mar 2013 14:10:03 +0000]
Windows: buf_ClearRDRFlag and cm_directIO

When 'cm_directIO' is true, there are no RDR held buffers therefore
there is nothing for buf_ClearRDRFlag() to do.  Do not pass 'Go',
do not obtain cm_scache.rw exclusive nor buf_globalLock shared.
Simply return immediately.

Change-Id: I4c6d1486e3a2bef987a3eb36d8de446e9009e0d2
Reviewed-on: http://gerrit.openafs.org/9638
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: buf_RDRBuffersExist and cm_directIO
Jeffrey Altman [Wed, 20 Mar 2013 14:08:21 +0000]
Windows: buf_RDRBuffersExist and cm_directIO

If 'cm_directIO' is true, then no RDR buffers exist.  Return immediately,
do not pass 'Go', and do not lock and walk the buffer hash table.

Change-Id: I9c6499d429d7591c8bd67ce3077ff4c4e7d6d62d
Reviewed-on: http://gerrit.openafs.org/9637
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: buf_CleanVnode avoid lock contention
Jeffrey Altman [Wed, 20 Mar 2013 14:04:41 +0000]
Windows: buf_CleanVnode avoid lock contention

In the middle of the big loop do not obtain buf_globalLock unless
cm_buf.qFlags & CM_BUF_QREDIR is non-zero.  buf_globalLock is heavily
contested and any reduction in contention is an improvement.
CM_BUF_QREDIR is never set when 'cm_directIO' is true (now the default)
so this is a huge win.

Change-Id: I0b150bf77a0f1d748f94026d3b74bc7d90e7c3c6
Reviewed-on: http://gerrit.openafs.org/9636
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agowindows: AFSQueryDirectoryQueryDirect no Symlinks
Jeffrey Altman [Tue, 19 Mar 2013 15:48:42 +0000]
windows: AFSQueryDirectoryQueryDirect no Symlinks

When evaluating symlinks for directory enumerations, the response
must properly set the FILE_ATTRIBUTE_DIRECTORY flag based upon the
file attributes of the target.  At the present time the target is
not evaluated by the service and AFSQueryDirectoryQueryDirect does
not have the correct context in which to evaluate the target.

Instead of returning an incorrect result to the application, exit
AFSQueryDirectoryQueryDirect() returning STATUS_REPARSE_OBJECT which
is interpreted by AFSQueryDirectory() to perform a full directory
enumeration.

Change-Id: Ic35dcff31f1098b9f40f3a37534b79439e0e3f1f
Reviewed-on: http://gerrit.openafs.org/9633
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: 1.7.23 Release Notes
Jeffrey Altman [Tue, 19 Mar 2013 02:43:09 +0000]
Windows: 1.7.23 Release Notes

Add explanation of Win 7 Explorer Shell Read-Only Volume vs Network Drive
Letter Mapping bug.

Change-Id: I7cf1300c9ec91cbbd347030d0bb9642c78607398
Reviewed-on: http://gerrit.openafs.org/9634
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoLinux 3.9: hlist iterator change
Marc Dionne [Wed, 6 Mar 2013 01:54:50 +0000]
Linux 3.9: hlist iterator change

hlist iterators have been reworked to not require a temporary
node parameter.

Change-Id: Ibea1295163bd39ff2901a2194aa46c3d342f5128
Reviewed-on: http://gerrit.openafs.org/9403
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoWindows: Avoid cm_Analyze race on cm_serverRef lists
Jeffrey Altman [Mon, 18 Mar 2013 16:07:55 +0000]
Windows: Avoid cm_Analyze race on cm_serverRef lists

cm_Analyze() accepted as a parameter a pointer to the first element
on a cm_serverRef list which is only ever used for VL operations.

cm_Analyze() would separately call cm_GetVolServerList() to obtain
the cm_serverRef list for RXAFS operations.  Then the variable 'serversp'
would be set to the first element of the list.

'serversp' was then used to refer to the list and would be passed to
cm_SetServerBusyStatus() and cm_ResetServerBusyStatus() which would
in turn obtain the cm_serverLock while it manipulated the cm_serverRef
status flags for the elements in the list.

The problem is that passing a pointer to the first element of the
cm_serverRef list without holding cm_serverLock can permit the list
contents to be altered including removal of the first element.  If the
race is lost and the memory associated with the first element is freed
before access, the afsd_service.exe will crash.

This patchset makes a number of changes.  First, the cm_serverRef_t
parameter is changed from a pointer to the first element of the list
to be a pointer to the HEAD pointer of the list.  Since it is ever only
used for cm_cell.vlServerp lists, the parameter is renamed to
'vlServerspp'.   Second, a separate "cm_serverRef_t ** volServerspp"
variable is allocated for the return value from the cm_GetVolServerList()
operations.

cm_SetServerBusyStatus() and cm_ResetServerBusyStatus() are altered to
accept a pointer to the HEAD of the list instead of a pointer to the first
element.  The cm_serverLock is now held read instead of write because the
list itself is not being altered.  All of the state changes being applied
to the cm_serverRef objects are atomic.

Finally, cm_serverLock is held across all list traversals within
cm_Analyze().  A read lock is obtained if the elements of the list are not
being removed or inserted and a write lock is obtained if they are.

Change-Id: I48464e90a828706dad442c019c75a717b06d690b
Reviewed-on: http://gerrit.openafs.org/9625
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Replace AFSDbgMsgLog func with macro
pete scott [Wed, 13 Mar 2013 13:54:00 +0000]
Windows: Replace AFSDbgMsgLog func with macro

In order to reduce computation overhead when trace logging is not
active replace the AFSDbgMsgLog function call with a macro,
AFSDbgTrace.

Change-Id: I7bccee0ddffcd8488f81fcebbb970aa15c8dc52e
Reviewed-on: http://gerrit.openafs.org/9621
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Test AFS_DBG_FLAG_BREAK_ON_ENTRY earlier
Jeffrey Altman [Sun, 17 Mar 2013 12:43:39 +0000]
Windows: Test AFS_DBG_FLAG_BREAK_ON_ENTRY earlier

During AFSRedir.sys initialization, check the AFS_DBG_FLAG_BREAK_ON_ENTRY
registry flag before initializing the trace log system.

Change-Id: I928fab78b40dce51d2c0686bce68eb76f941b214
Reviewed-on: http://gerrit.openafs.org/9622
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Increase AFS DeviceObject StackSize
Jeffrey Altman [Fri, 15 Mar 2013 15:40:29 +0000]
Windows: Increase AFS DeviceObject StackSize

Increase the StackSize parameter of the DeviceObjects allocated
by the AFS Redirector framework.  The StackSize parameter is used
to notify callers how many Irp Stack frames will be consumed.  Now
that the redirector is using IoCompletion routines, an additional
stack frame is required to handle calls to the AFS Redirector library
driver.

Thanks to Peter Scott for identifying the solution.

FIXES 131618

Change-Id: Ib66f884911f0d425e6e07f338a36b3ebedeb8871
Reviewed-on: http://gerrit.openafs.org/9609
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: File Attribute Reporting Consistency
Jeffrey Altman [Sat, 16 Mar 2013 05:18:14 +0000]
Windows: File Attribute Reporting Consistency

Do a better job of consistently reporting file attribute information
via directory queries and file information queries.  Avoid computing file
attribute information for file information queries that do not return them
(e.g., Name Information) because computing it is expensive.

Change-Id: I5c8120698261f555edfa98e92230705b593aca36
Reviewed-on: http://gerrit.openafs.org/9613
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: netbios name comparisons are case insensitive
Jeffrey Altman [Sat, 16 Mar 2013 05:15:01 +0000]
Windows: netbios name comparisons are case insensitive

When parsing the symlink target string to categorize it as AFS Symlink
or DFS Link, the comparison with the netbios name string must be case
insensitive.  Otherwise, symlinks are reported to the redirector as
DFS Links.  For the most part they will work since the AFS redirector
requesting MUP to Reparse the \\AFS path will call back into the AFS
redirector.  However, the attributes on symlinks to files will be wrong
as DFS Links can only be links to directories.

Change-Id: Ia9652991549b0783f7a534b071ff99ceabdd3382
Reviewed-on: http://gerrit.openafs.org/9612
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: add RDR_ExtAttributes
Jeffrey Altman [Sat, 16 Mar 2013 05:13:01 +0000]
Windows: add RDR_ExtAttributes

Add RDR_ExtAttributes to compute the file attributes for redirector
queries.   The attributes reported via the RDR interface need to be
different from the SMB interface because the SMB interface does not
support reparse points nor does it support DFSLinks.

Change-Id: I5d5172f5afc1d50e2622e2068e20447cd1098fbb
Reviewed-on: http://gerrit.openafs.org/9611
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: drive mapping enumeration infinite loop
Jeffrey Altman [Fri, 15 Mar 2013 17:07:21 +0000]
Windows: drive mapping enumeration infinite loop

If WNetEnumResource returns an error as opposed to success, such as
ERROR_UNEXP_NET_ERR, the enumeration loop would retry forever passing
zero for 'cEntries' which in turn results in a successful response
containing zero entries.

Change the while conditional to test for continued success instead
of ERROR_NO_MORE_ENTRIES.

Change-Id: I93af73b379aa455de7a8b3264b5178d482bb52b0
Reviewed-on: http://gerrit.openafs.org/9610
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: remove last bits of BIOD from Direct Store
Jeffrey Altman [Thu, 14 Mar 2013 23:40:14 +0000]
Windows: remove last bits of BIOD from Direct Store

Direct I/O Store operations are performed directly against a memory
buffer stored in the background direct store rock structure.  There is no
BIOD used in the current implementation.  Remove the BIOD from the call
stack.

Change-Id: I78d7b898a6eec5eb39c943e760a678913b42bf0d
Reviewed-on: http://gerrit.openafs.org/9607
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: VolumeInfoReadOnlyFlag registry option
Jeffrey Altman [Thu, 14 Mar 2013 17:05:28 +0000]
Windows: VolumeInfoReadOnlyFlag registry option

Windows 7 Explorer Shell has a bug when processing drive letters
mapped to UNC paths whose target volume information specifies the
FILE_READ_ONLY_VOLUME flag.  When set, not only is the .readonly
volume treated as read only but all volumes that can be accessed via the
drive letter.   This bug is fixed in Windows 8.

Add a registry configuration option to permit configuration of the
behavior.  Sites that do not use drive letter mappings will want to
enable it even on Windows 7 because it permits the Explorer Shell
to disable the "Delete" and "Rename" options and others when the current
directory is read only.

The default is disabled on Win7 and below; enabled on Win8 and above.

Change-Id: I73bbaf7d40918650b1a217ed44409c0679920536
Reviewed-on: http://gerrit.openafs.org/9606
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Protect against DirEntry with NULL ObjInfo
Jeffrey Altman [Thu, 14 Mar 2013 16:30:36 +0000]
Windows: Protect against DirEntry with NULL ObjInfo

During cleanup protect AFSExamineObjectInfo() and AFSExamineDirectory()
from DirectoryCB objects that have a NULL ObjectInformation pointer.

Change-Id: Id46f6b53ec4861f5ac2d28b918d073201d2433ce
Reviewed-on: http://gerrit.openafs.org/9603
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agovos: noise messages when attempting to delete non-existent volume
Mark Vitale [Thu, 7 Mar 2013 14:34:55 +0000]
vos: noise messages when attempting to delete non-existent volume

With vos refactor commit f4e73067cdef990262c69c38ac98761620a63f25,
some formerly conditional volume deletes are now unconditional.
This regresses 'vos move' output with harmless "error" messages
when AFSVolTransCreate() returns VNOVOL:
  "Failed to start transaction on <volume>"
  "Volume not attached, does not exist, or not online"

Modify DoVolDelete() to return early (and silently) with VNOVOL
in this case, allowing the caller to handle this appropriately.

Change-Id: I21a72e38f330335adf97ac50a7ac7d0fb97c1a9c
Reviewed-on: http://gerrit.openafs.org/9596
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoOpenBSD: Replace "vnodeop_desc" with "vops" in kernel module.
Antoine Verheijen [Mon, 21 Jan 2013 09:30:58 +0000]
OpenBSD: Replace "vnodeop_desc" with "vops" in kernel module.

In OpenBSD 4.9, the vnode operations vector in the "vnode" struct
was changed from using a "vnodeop_desc" struct to a new "vops"
struct. This patch makes the appropriate changes to the OpenBSD
kernel module support to accommodate the change.

Change-Id: Ib47259e1213e29658a691ce3a53d7ac88e8d746b
Reviewed-on: http://gerrit.openafs.org/8928
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

7 years agoWindows: ReleaseNotes updates
Jeffrey Altman [Tue, 12 Mar 2013 14:59:44 +0000]
Windows: ReleaseNotes updates

explicitly list WinRT as unsupported.

Mention KFW 4.0.

Update Reparse Point text.

Update JPSoftware Take Command references.

Update UNC path processing text.  Reference PowerShell 3.0 and Cygwin.

Change-Id: Ib3d4d33173cf4808792c92737eb88a909d7d176b
Reviewed-on: http://gerrit.openafs.org/9589
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: avoid null cellp dereference during dump
Jeffrey Altman [Tue, 12 Mar 2013 04:38:05 +0000]
Windows: avoid null cellp dereference during dump

When performing a memory dump if cm_ucell_t.cellp is NULL, do
not attempt to print the cell name.

Change-Id: I146b90b5424b93d0c52a758b33fcff1bcf441e77
Reviewed-on: http://gerrit.openafs.org/9582
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoRevert "Windows: Treat all cached writes as write-through"
Jeffrey Altman [Fri, 7 Dec 2012 04:28:56 +0000]
Revert "Windows: Treat all cached writes as write-through"

This reverts commit 5130681fa2d4a35d3f0b578d92c5db1892fdfb18.

Change-Id: If33a6e1f6969628eaa74d5a56f2eec5560d827f4
Reviewed-on: http://gerrit.openafs.org/9572
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Enforce free space checks every 1MB
Jeffrey Altman [Mon, 11 Mar 2013 04:43:26 +0000]
Windows: Enforce free space checks every 1MB

Instead of performing a free space (or quota) check on every extending
write, perform the check only when the file length is increased beyond
the next 1MB boundary.   The file server permits 1MB quota over runs
and issuing the volume status rpc to the file server is extremely
expensive.  Especially for append only applications that write just a few
bytes at a time.

Change-Id: I74ff17ba5a95adb41350add24bc09a74c950a4fb
Reviewed-on: http://gerrit.openafs.org/9555
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agobos: Remove theoretical overflow in DateOf
Simon Wilkinson [Fri, 8 Mar 2013 16:15:51 +0000]
bos: Remove theoretical overflow in DateOf

DateOf copies the results of ctime into a static buffer. Typically
ctime will return a 26 byte string, but if you pass it a year larger
than 9999 (which we shouldn't), you can get a 32 (or more) byte string.

Get rid of this unlikely event by using strlcpy for the copy. We already
truncate at 24 bytes when we remove the \n, so this shouldn't cause any
further problems.

Really, this whole thing should be rewritten to use strftime.

Caught by coverity (#985776)

Change-Id: I18f6828d6ec3d79ecaf1dad8e27d3e8691ce87d5
Reviewed-on: http://gerrit.openafs.org/9551
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

7 years agobos: Don't overflow buffer with key data
Simon Wilkinson [Fri, 8 Mar 2013 13:02:26 +0000]
bos: Don't overflow buffer with key data

When parsing key data from the command line, don't overflow the
buffer used to hold it - instead just give an error if the data
is too long.

Caught by coverity (#985775)

Change-Id: I44fb62d30c5022e650475b3ca51a28bcb7cf1e06
Reviewed-on: http://gerrit.openafs.org/9550
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

7 years agobos: Don't overflow cellname buffer
Simon Wilkinson [Fri, 8 Mar 2013 13:01:28 +0000]
bos: Don't overflow cellname buffer

Don't overflow the fixed sized cellname buffer when copying the
information in from the command line - instead, just use a
dynamically allocated buffer.

Caught by coverity (#985775)

Change-Id: If87b1ba9bcb990d3145a89627e212144cd78f5a0
Reviewed-on: http://gerrit.openafs.org/9549
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agobutc: Init volheader before using it for hton
Simon Wilkinson [Mon, 4 Mar 2013 16:34:20 +0000]
butc: Init volheader before using it for hton

When converting a volume header from host to network order, make
sure that any unused fields in the structure are zero'd, so we don't
end up filling them with stack garbage in the network version of
the structure.

Caught by coverity (#985956)

Change-Id: I3e039ffcb102a97afeb0e2223de12523f53b0a67
Reviewed-on: http://gerrit.openafs.org/9548
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

7 years agobucoord: restore requires server and partition
Simon Wilkinson [Mon, 4 Mar 2013 16:31:50 +0000]
bucoord: restore requires server and partition

The VolRestoreCmd sub command requires that the user specifies
the server and partition - calls which don't do so won't get past
libcmd. Don't check again in the handler that they have been supplied,
as it confuses things.

Caught by coverity (#985953)

Change-Id: Id4548c117b677bd2048744ade8fd91bb15e0e35e
Reviewed-on: http://gerrit.openafs.org/9547
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

7 years agoupserver: Don't overflow file and hostname buffers
Simon Wilkinson [Mon, 4 Mar 2013 16:22:08 +0000]
upserver: Don't overflow file and hostname buffers

If the user specifies a ridiculously long command line, don't
overflow the filename or hostname buffers with what they supply.

Caught by coverity (#985911)

Change-Id: Ia73f9fb94491f5691358eec1d13dbdd2651a604c
Reviewed-on: http://gerrit.openafs.org/9546
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoafscp: null-terminate root.cell dir if needed in dynroot mode
Derrick Brashear [Thu, 7 Mar 2013 11:53:16 +0000]
afscp: null-terminate root.cell dir if needed in dynroot mode

instead of doing a check for something which will never be true,
and then terminating, just terminate if it's not already
null-terminated.

Change-Id: I8ad18800de22c8d10eb27fbcb2fffb2b3a5a9127
Reviewed-on: http://gerrit.openafs.org/9439
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chaskiel Grundman <cg2v@andrew.cmu.edu>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoWindows: Use Microsoft IO_REPARSE_TAG_SYMLINK tag
Jeffrey Altman [Fri, 8 Mar 2013 06:41:22 +0000]
Windows: Use Microsoft IO_REPARSE_TAG_SYMLINK tag

For symlinks and DFS Links use Microsoft's NTFS Symlink tag,
IO_REPARSE_TAG_SYMLINK, instead of the OpenAFS assigned tag.

The DeleteFile() and RemoveDirectory() Win32 APIs do not delete
non-Microsoft reparse points and instead delete the target object.
While it is possible for Take Command and potentially Cygwin to
alter their behavior with AFS specific knowlege, it is not possible
to alter the Explorer Shell, cmd.exe and powershell.

Using the Microsoft tag is a violation of Microsoft policy.

Change-Id: I90a419fe21637bb871d08528463d1178078a9947
Reviewed-on: http://gerrit.openafs.org/9497
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: GetReparseData UNC path format
Jeffrey Altman [Thu, 7 Mar 2013 05:54:32 +0000]
Windows: GetReparseData UNC path format

When specifying UNC paths for Symlink and UNCLink targets output
the paths using true UNC notation "\\server\..." instead of "\server\...".

Change-Id: I51ecc6578fb0a984a5ad44b1bf1e40556e737465
Reviewed-on: http://gerrit.openafs.org/9426
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: cm_BPlusDirEnumBulkStatNext index error
Jeffrey Altman [Thu, 7 Mar 2013 14:25:09 +0000]
Windows: cm_BPlusDirEnumBulkStatNext index error

In cm_BPlusDirEnumBulkStatNext the 'next' variable was being set
even if the FileId was not added to the list of objects added to
the cm_bulkStat array.  Delay the assignment to ensure that 'next'
refers to the first element in the array.

In the CM_ERROR_BULKSTAT_FAILURE processing, 'next' is used to
obtain a reference to the cm_scache object that is supposed to
correlate to the [1] entry in the array.  If 'next' == -1, there
is no such entry.  Add a conditional to ensure that 'next' is not
used when its value is -1.

Change-Id: I4ebc49de4bf67eee5a28790cd49f0128891cc202
Reviewed-on: http://gerrit.openafs.org/9450
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: PopulateCurrentEntry Symlink Targets
Jeffrey Altman [Thu, 7 Mar 2013 05:59:01 +0000]
Windows: PopulateCurrentEntry Symlink Targets

Handle a broader range of symlink target formats and be more
precise regarding what is an afs symlink or a dfs link.

Change-Id: Ia37c1adf5d64ba44fffca976885a455e6900a047
Reviewed-on: http://gerrit.openafs.org/9428
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Claim success for Delete Reparse Tag
Jeffrey Altman [Thu, 7 Mar 2013 05:56:15 +0000]
Windows: Claim success for Delete Reparse Tag

The typical pattern for deleting a reparse point is

 1. open reparse point object
 2. delete reparse tag
 3. set delete on close
 4. close handle

Claim success when we receive delete reparse tag fsctl so that
the delete on close disposition can be set.

Change-Id: I8f4212dd6ba04be95455eaa210e632ca59cfa7c8
Reviewed-on: http://gerrit.openafs.org/9427
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Report actual volume creation time
Jeffrey Altman [Mon, 11 Mar 2013 04:03:38 +0000]
Windows: Report actual volume creation time

The cm_scache.volumeCreationDate is populated by any non-bulkstat
callback issuing operation.  If it is not set at the time the
redirector requests volume information, force an RXAFS_FetchStatus
and then use the resulting timestamp in the response.

Change-Id: I8ab471767dd6525efc71deff073d54ae38f1f462
Reviewed-on: http://gerrit.openafs.org/9554
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: RDR_UpdateFile dscp != scp
Jeffrey Altman [Sun, 10 Mar 2013 14:51:47 +0000]
Windows: RDR_UpdateFile dscp != scp

Do not set bScpLocked when obtaining scp->rw as scp != dscp.

Change-Id: I878166cd510a188a0e56cc92660e74b9625c3ab6
Reviewed-on: http://gerrit.openafs.org/9553
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Service processing for Symlink creation
Jeffrey Altman [Wed, 6 Mar 2013 14:53:41 +0000]
Windows: Service processing for Symlink creation

Initial support for symlink creation via the Win32 CreateSymbolicLink api.
Add support for AFS_REQUEST_TYPE_CREATE_SYMLINK redirector requests via
the new RDR_CreateSymlinkEntry() function.

Since CreateSymbolicLink api creates a new directory or file object and
then assigns the Microsoft reparse tag data to that object,
RDR_CreateSymlinkEntry must first delete the empty directory or file and
then create the new symlink object in its place.  If the empty object can
be removed but the symlink cannot be created, STATUS_FILE_DELETED is
returned to indicate to the redirector that a failure occurred that
changed the state of the directory without creating a new object.

If the empty object cannot be removed, a STATUS_ACCESS_DENIED error will
be returned and the empty object will unfortunately remain in the AFS
directory.

Target path translation is performed.  Absolute AFS paths are stored in
UNIX notation.  Absolute non-AFS UNC and device paths are prefaced with
"msdfs:".

Change-Id: If8b4729dd5fffddc71221750852b8be731c83cab
Reviewed-on: http://gerrit.openafs.org/9425
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoauth: Don't overflow lower case cell string
Simon Wilkinson [Sun, 3 Mar 2013 17:47:49 +0000]
auth: Don't overflow lower case cell string

When building tcell_l in kerberosSuperUser, make sure that we
don't overflow the string that we're constructing.

Use the opr_lcstring function to do the lower case conversion,
rather than rolling our own.

Caught by coverity (#985772)

Change-Id: I6e28cfc54883aac7e3a3eb2f4e2b2bf7ebc0bc63
Reviewed-on: http://gerrit.openafs.org/9544
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoauth: Don't overflow buffer in CompFindUser
Simon Wilkinson [Sat, 2 Mar 2013 13:01:14 +0000]
auth: Don't overflow buffer in CompFindUser

The fullname buffer in CompFindUser is theoretically big enough
to take the data usually supplied to it. However, play it safe by
using strlcat and strlcpy to catch buffer overflows.

Caught by coverity (#985771)

Change-Id: Icc80d012b61ae90e1a62a814f7a6d552bb264294
Reviewed-on: http://gerrit.openafs.org/9543
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoauth: Catch long cells in backwards compat code
Simon Wilkinson [Sat, 2 Mar 2013 12:55:18 +0000]
auth: Catch long cells in backwards compat code

ktc_SetTokenEx can fall back to calling the SetToken pioctl when
the kernel module doesn't support the newer call. When we do this,
we have to transform the token structure into the older format.

Catch tokens whose cells are too long to be represented in the
older format, and bail with KTC_INVAL, rather than overflowing the
array.

Caught by coverity (#985770)

Change-Id: Ibaa1cc92c494cc6f4e56ebe7b16109d4558db131
Reviewed-on: http://gerrit.openafs.org/9449
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoaudit: Fix overflow in file backend
Simon Wilkinson [Sat, 2 Mar 2013 12:38:49 +0000]
audit: Fix overflow in file backend

If the filename passed to open_file was larger than MAXPATHLEN-5,
then we'd overflow the oldName buffer when creating the backup
filename. Fix the overflow by using a malloc'd buffer instead.

Caught by coverity (#985767)

Change-Id: Ie364aae0749b3658ab11a354844878d10c6970ab
Reviewed-on: http://gerrit.openafs.org/9448
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoWindows: IsSpaceAvail lock order violation
Jeffrey Altman [Sun, 10 Mar 2013 14:49:42 +0000]
Windows: IsSpaceAvail lock order violation

cm_IsSpaceAvailable() obtains the cm_scache.rw lock of the volume
root directory.  Therefore it is a lock order violation to call the
function while any other cm_scache.rw lock is held belonging to an
object in the same volume.   vnode 1 is always less than any other
vnode value.

Change-Id: Id34591b6ccec8d7e8e0fe48e3357c991cd99acfb
Reviewed-on: http://gerrit.openafs.org/9552
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Fix directory to service null mask lookups
Jeffrey Altman [Sat, 9 Mar 2013 20:43:14 +0000]
Windows: Fix directory to service null mask lookups

The direct to service for non-wildcard lookups, commit
b7ba97ad537bd0e9a241f052ddd1c3a50c74745b, introduced a bug when the search
mask is left unspecified.   Do not set bNonWildcardMatch to TRUE
when the mask is NULL.

Change-Id: I6c4846b443acc7e5e42d4e83e75ef383fc400db9
Reviewed-on: http://gerrit.openafs.org/9542
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Permit deletion of reparse points
Jeffrey Altman [Fri, 8 Mar 2013 03:05:20 +0000]
Windows: Permit deletion of reparse points

AFSSetDispositionInfo did not set the AFS_DIR_ENTRY_PENDING_DELETE
flag if the DirectoryCB type was mountpoint, symlink, dfslink or invalid.
This patchset permits the flag to be set so reparse point objects can be
deleted without using the AFS "symlink.exe remove" command.

Change-Id: I03e1cb7b08989950a4307e59073e5fb712d1a901
Reviewed-on: http://gerrit.openafs.org/9475
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: AFSLocateNameEntry Backup Volume Change
Jeffrey Altman [Thu, 7 Mar 2013 22:39:05 +0000]
Windows: AFSLocateNameEntry Backup Volume Change

When AFSLocateNameEntry() calls AFSBackupEntry() in the name array it is
possible that the DirectoryCB returned belongs to a different VolumeCB.
If so, pCurrentVolume must be updated and reference counts must be
adjusted.

Change-Id: I9fcd30374b20f2e1c214a019feeab55c30ce9666
Reviewed-on: http://gerrit.openafs.org/9465
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: AFSLocateNameEntry OutVolumeCB can be NULL
Jeffrey Altman [Thu, 7 Mar 2013 22:28:36 +0000]
Windows: AFSLocateNameEntry OutVolumeCB can be NULL

It is possible for the AFSLocateNameEntry OutVolumeCB parameter
to be assigned a NULL value upon return.   Handle it in the callers.

Change-Id: I15e4581d4655dbaca7c4ca4b9e9af758e97c5c95
Reviewed-on: http://gerrit.openafs.org/9464
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: RDR SymbolicLink create support
pete scott [Tue, 5 Mar 2013 20:21:41 +0000]
Windows: RDR SymbolicLink create support

Permit the redirector to handle Microsoft's IO_REPARSE_TAG_MOUNT_POINT
and IO_REPARSE_TAG_SYMLINK requests.   The IO_REPARSE_TAG_SYMLINK request
is issued as a result of a CreateSymbolicLink Win32 API.

Creating a symlink in Windows is not equivalent to the way a symlink is
created in AFS or UNIX.  Instead of creating a symlink object whose data
string represents the target and mode bits indicate that the stream should
be treated as a link, on Windows it is a two step process.

To create a symlink to a directory, create an empty directory and then
assign the reparse tag data to the directory object.  To create a symlink
to anything else, create an empty file and assign the reparse tag data to
the file.  Deleting a reparse point simply removes the reparse tag data
and not the underlying directory or file.

The way this will work for AFS is that assigning reparse data to an
existing directory or file will require that the object be deleted from
the directory and a new symlink object be created in its place.  This is
why upon successful completion of the upcall to the service the directory
object information has the AFS_OBJECT_FLAGS_DIRECTORY_ENUMERATED flag
cleared.

This patchset permits symlink creation but does not do anything to support
symlink removal.

Symlink target data is not validated.

Change-Id: Ie7019445a7c307dcb2cd47beee47d02e1a82145f
Reviewed-on: http://gerrit.openafs.org/9424
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Avoid race during cm_FreeServerList
Jeffrey Altman [Tue, 5 Mar 2013 12:52:37 +0000]
Windows: Avoid race during cm_FreeServerList

cm_FreeServerList obtains cm_serverLock exclusively and in some
circumstances will call cm_FreeServer().   cm_FreeServer() will
drop the cm_serverLock if the cm_server_t.refCount is zero in order to
avoid a lock order violation when calling cm_GCConnections() since
cm_connLock is higher in the lock hierarchy.

The call to cm_FreeServer is performed after the cm_serverRef_t
to be deleted is identified but before it is removed from the list.
There is the potential for two threads calling cm_FreeServerList()
to race and for more than one thread to attempt to delete the same
cm_serverRef_t twice.

Fix this by:

1. maintain a private copy of the cm_server_t pointer, delete the
cm_serverRef_t and update the list pointers before calling cm_FreeServer().

2. obtain and release a refcnt on the next cm_serverRef_t to ensure
that it is not deleted out from underneath the thread in case the
cm_serverLock is dropped.

Change-Id: Ia7b6eed66e9ba306c07d47027262e1a8ad1e52ac
Reviewed-on: http://gerrit.openafs.org/9391
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoaklog: Fix buffer overflows in next_path
Simon Wilkinson [Sat, 2 Mar 2013 12:21:06 +0000]
aklog: Fix buffer overflows in next_path

Use strlcpy and strlcat

Caught by coverity (#985765)

Change-Id: I2fc3d04a762f6872c31fe728e1ab0247ac16e6de
Reviewed-on: http://gerrit.openafs.org/9447
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoaklog: Protect against overflows from cmdline
Simon Wilkinson [Sat, 2 Mar 2013 12:15:22 +0000]
aklog: Protect against overflows from cmdline

The cell, realm and path arrays are populated based on the user's
command line, and xlog_path is populated from their passwd map
entry. Protect against all of these overflowing, by making suitable
use of strlcpy and strlcat.

Caught by coverity (#985764, #985904)

Change-Id: Ia8f1816b010eb2b85b537e156de2b7983e4626ba
Reviewed-on: http://gerrit.openafs.org/9446
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoaklog: Avoid overflows in get_afs_mountpoint
Simon Wilkinson [Sat, 2 Mar 2013 12:09:42 +0000]
aklog: Avoid overflows in get_afs_mountpoint

When working with the fixed length cellname buffer, use
strlcat and strlcpy rather than strcat and strcpy.

Caught by coverity (#985763)

Change-Id: Idfb3a0562d4028f5d1aa134b7ab0b5fa2dd60edb
Reviewed-on: http://gerrit.openafs.org/9445
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoaklog: Fix overflows in auth_to_path
Simon Wilkinson [Sat, 2 Mar 2013 12:04:46 +0000]
aklog: Fix overflows in auth_to_path

In the auth_to_path routine, don't use strcpy and strcat when
working with the fixed length pathtocheck buffer. Instead, use
strlcpy and strlcat to ensure that all string operations fit within
the buffer limits.

Caught by coverity (#985762)

Change-Id: I66ae11e1f49c66574d457fd79e97dd647ac98a73
Reviewed-on: http://gerrit.openafs.org/9444
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoafsmonitor: Fix theoretical overflow of handler string
Simon Wilkinson [Sat, 2 Mar 2013 12:00:47 +0000]
afsmonitor: Fix theoretical overflow of handler string

Don't do an unbounded copy into the thresh structure's handler
string, in case the caller has passed us a string which is too
long.

Instead, switch to strlcpy for all string copies.

Caught by coverity (#985761)

Change-Id: I80e3d35d7a9a4b57e8efc0cb0c7b2dc12f021063
Reviewed-on: http://gerrit.openafs.org/9443
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoafsmonitor: Use roken
Simon Wilkinson [Thu, 7 Mar 2013 22:28:12 +0000]
afsmonitor: Use roken

Include the roken.h header, and remove the redundant system
includes from afsmonitor.c

Change-Id: Ia3eb8a7a0bb1e77d928d26cdfc87f818e6791e16
Reviewed-on: http://gerrit.openafs.org/9463
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoutil: Avoid overflow in GetNameByINet
Simon Wilkinson [Sat, 2 Mar 2013 10:27:47 +0000]
util: Avoid overflow in GetNameByINet

We copy the results of gethostbyaddr into a fixed length buffer
without checking whether they fit. Add a length check, and use
strlcpy to do the copy to make sure we can't overflow.

Caught by coverity (#985912, #985872)

Change-Id: I1e8f0fbb2577199c25201940f54646a4acdbbd37
Reviewed-on: http://gerrit.openafs.org/9393
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agokauth: Don't overflow stack when building username
Simon Wilkinson [Sat, 2 Mar 2013 09:35:01 +0000]
kauth: Don't overflow stack when building username

knfs constructs the userName by combining the clientName.name
and clientName.instance arrays, along with a dot separator. Make
sure that the userName array is big enough to hold these, and
use strlcpy and strlcat just to make sure.

Caught by coverity (#985829)

Change-Id: I75431212c8464861a26546c9e47d13acbff08967
Reviewed-on: http://gerrit.openafs.org/9351
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agofs: Fix improper use of readlink
Simon Wilkinson [Fri, 1 Mar 2013 12:08:46 +0000]
fs: Fix improper use of readlink

readlink returns a non-NUL terminated buffer. If we are going to
terminate its response, we need to make sure that there's space to
do so. So the length passed to readlink should be one less than the
real length of the buffer.

Caught by coverity (#985596)

Change-Id: I47081877a54a7b3d99ab8e6ec52d4663acd2eeb6
Reviewed-on: http://gerrit.openafs.org/9328
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agofstrace: Don't read uninitialised data
Simon Wilkinson [Sat, 2 Mar 2013 11:49:13 +0000]
fstrace: Don't read uninitialised data

The pftix variable points to the next free element in the
printfTypes array, so when we iterate through that array to
read that data back, we should stop when our iterator equals
pftix, not when it is greater than it.

Caught by coverity (#986013)

Change-Id: Ie08ebdd28cdde6647e91da5c5f67512096ecb34c
Reviewed-on: http://gerrit.openafs.org/9442
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoreadpwd: Make sure user supplies a passwdfile
Simon Wilkinson [Sat, 2 Mar 2013 11:44:02 +0000]
readpwd: Make sure user supplies a passwdfile

If the user supplies enough command line arguments, but doesn't
provide a passwdfile, then we can end up trying to open whatever
garbage is on the stack.

Once we've finished parsing the command line arguments, make sure
that a filename was supplied.

Caught by coverity (#986009)

Change-Id: Ice2fca16458a90d73ae6b5fadb0efa22ed0b185a
Reviewed-on: http://gerrit.openafs.org/9441
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoreadgroup: Make sure user supplies a groupfile
Simon Wilkinson [Sat, 2 Mar 2013 11:44:02 +0000]
readgroup: Make sure user supplies a groupfile

If the user supplies enough command line arguments, but doesn't
provide a groupfile, then we can end up trying to open whatever
garbage is on the stack.

Once we've finished parsing the command line arguments, make sure
that a filename was supplied.

Caught by coverity (#986008)

Change-Id: Iaea60027cf4bd81f9af04e995ce5c395275be833
Reviewed-on: http://gerrit.openafs.org/9440
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agolibadmin: Don't pass garbage to pts_UserCreate
Simon Wilkinson [Sat, 2 Mar 2013 11:36:31 +0000]
libadmin: Don't pass garbage to pts_UserCreate

The libadmin pts_UserCreate function uses the value passed to
it in newUserId to control whether the user is being created
with a user supplied ID or not.

Initialise this value in the caller, so we don't end up creating
users with corrupt ids.

Caught by clang (#985979)

Change-Id: I89492a02db9f981a4d2040ea913a7e75f5f0b272
Reviewed-on: http://gerrit.openafs.org/9401
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agolibadmin: Don't pass garbage to pts_GroupCreate
Simon Wilkinson [Sat, 2 Mar 2013 11:36:31 +0000]
libadmin: Don't pass garbage to pts_GroupCreate

The libadmin pts_GroupCreate function uses the value passed to
it in newGroupId to control whether the group is being created
with a user supplied ID or not.

Initialise this value in the caller, so we don't end up creating
groups with corrupt ids.

Caught by clang (#985978)

Change-Id: I5c3e2cec5b39b8eecbea316e351480863d3d7761
Reviewed-on: http://gerrit.openafs.org/9400
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agolibadmin: Don't double check for required param
Simon Wilkinson [Sat, 2 Mar 2013 11:09:08 +0000]
libadmin: Don't double check for required param

The server, process and stat_type parameters are declared as
required when the command syntax is set up - so they must be
present when the command handler is called. So, don't bother
checking for them.

Caught by coverity (#985963, #985964, #985965, #985966, #985967,
    #985968, #985969, #985970, #985971, #985972,
    #985973, #985974, #985975, #985976, #985977)

Change-Id: Ic0565aa50c5a998b327efe60d460a182a93c7552
Reviewed-on: http://gerrit.openafs.org/9399
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agolibadmin: Don't free garbage pointer
Simon Wilkinson [Sat, 2 Mar 2013 11:02:09 +0000]
libadmin: Don't free garbage pointer

If we jump to the error handler early on in pts_GroupOwnerChange,
idlist may not have been used, and so we will end up trying to
free stack garbage.

Initialise the structure to 0 at the start of the function, so it
is always safe to enter the error handler.

Caught by coverity (#985962)

Change-Id: If70102e3da07135a9ec695f13caebe6298eff8ca
Reviewed-on: http://gerrit.openafs.org/9398
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agokauth: Use strl* functions in ka_log
Simon Wilkinson [Sat, 2 Mar 2013 10:54:16 +0000]
kauth: Use strl* functions in ka_log

Switch to using the strlcat and strlcpy functions in ka_log, to
avoid potential buffer overflows.

Caught by coverity (#985824)

Change-Id: Icb537567f8ae67ecb42332cda4413274edeaa681
Reviewed-on: http://gerrit.openafs.org/9397
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agokauth: Handle calls to ka_log with no principal
Simon Wilkinson [Sat, 2 Mar 2013 10:48:50 +0000]
kauth: Handle calls to ka_log with no principal

If ka_log is called without a principal string, then the resulting
buffer will be garbage, as we don't start with a string for strlcat
to append to.

Caught by coverity (#985959)

Change-Id: I928b2807c093ac3f71a28150a117fd7b7eb29b05
Reviewed-on: http://gerrit.openafs.org/9396
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agovsys: Avoid uninitialised variable warning
Simon Wilkinson [Sat, 2 Mar 2013 10:42:27 +0000]
vsys: Avoid uninitialised variable warning

Initialise the parms array to 0 so that we don't get warnings from
the compiler when we call syscall() using it.

Caught by coverity (#985949)

Change-Id: I134841bcb334d06146386e55ebfa38c7be993311
Reviewed-on: http://gerrit.openafs.org/9395
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agormtsys: Don't overflow pathname buffer
Simon Wilkinson [Sat, 2 Mar 2013 10:15:10 +0000]
rmtsys: Don't overflow pathname buffer

When we're constructing a homedirectory path to look for the
.AFSSERVER file in, we copy the HOME environment variable into a
static buffer, with a risk of overflowing that buffer.

Instead of using a static buffer, just allocate one with asprintf.

Caught by coverity (#985910)

Change-Id: I2daa5613609f2c09712b12a7ce7e59b1c0028ef2
Reviewed-on: http://gerrit.openafs.org/9392
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agofsprobe: Get rid of unused hostname buffer
Simon Wilkinson [Sat, 2 Mar 2013 10:35:42 +0000]
fsprobe: Get rid of unused hostname buffer

When we copy the user supplied hostname into the fixed length
hnamebuf array, we might overflow it. As we never use this buffer,
just get rid of it.

Caught by coverity (#985913)

Change-Id: I4cda6279cd667343856deeb425dceaf00f7904b6
Reviewed-on: http://gerrit.openafs.org/9394
Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoauth: Don't overflow hostName array
Simon Wilkinson [Sat, 2 Mar 2013 09:59:20 +0000]
auth: Don't overflow hostName array

afsconf_cell's hostName structure is a fixed length. Don't overflow
it by writing whatever comes back from gethostbyaddr into it. Use
strlcpy to catch an overflow, and if one occurs, just use
"UNKNOWNHOST", rather than a truncated host name.

Caught by coverity (#985906)

Change-Id: Iaa927f3e4860d99166789e8dc4950a03ea2237e4
Reviewed-on: http://gerrit.openafs.org/9354
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agolibadmin: Don't overflow volume name
Simon Wilkinson [Sat, 2 Mar 2013 09:47:53 +0000]
libadmin: Don't overflow volume name

The maximum volume name length in the VLDB RPCs is VL_MAXNAMELEN
(65), not 64 as used as a hardcoded value in vsprocs. Switch to
using the defined value, and also use strlcat to check that we
don't overflow this.

Caught by coverity (#985849)

Change-Id: Idde2cf8362bbd48538fafcd8c8d98e1f71cc15e1
Reviewed-on: http://gerrit.openafs.org/9353
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agovolser: Don't overflow volume name
Simon Wilkinson [Sat, 2 Mar 2013 09:47:53 +0000]
volser: Don't overflow volume name

The maximum volume name length in the VLDB RPCs is VL_MAXNAMELEN
(65), not 64 as used as a hardcoded value in vsprocs. Switch to
using the defined value, and also use strlcat to check that we
don't overflow this.

Caught by coverity (#985849)

Change-Id: I860d4bd4ed9a22185f4a83408d163ce20d21e751
Reviewed-on: http://gerrit.openafs.org/9352
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agokauth: Don't overflow cell string
Simon Wilkinson [Sat, 2 Mar 2013 09:33:12 +0000]
kauth: Don't overflow cell string

The cell string within a ktc_principal is only 64 characters long.
Be careful not to overflow it.

Caught by coverity (#985829)

Change-Id: I761dfcf5eebf1bd4ef31aa5982a2593e5317257b
Reviewed-on: http://gerrit.openafs.org/9350
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoauth: Don't overflow cell string
Simon Wilkinson [Sat, 2 Mar 2013 09:26:05 +0000]
auth: Don't overflow cell string

If the kernel gives us bogus data back from the VIOCGETTOK pioctl,
we might overflow the cell string when copying in to it. Use
strlcpy to avoid this (unlikely) occurrence.

Caught by coverity (#985768, #985769)

Change-Id: I2583b017e7a366f4271f356216bdd60f3a7b7911
Reviewed-on: http://gerrit.openafs.org/9349
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoaklog: Fix improper use of readlink
Simon Wilkinson [Sat, 2 Mar 2013 09:16:10 +0000]
aklog: Fix improper use of readlink

readlink doesn't NUL terminate its return string, so it is up to
us to do so.

Caught by coverity (#985739)

Change-Id: Ifb858d628845bd963928e25834e540bbb3a187c8
Reviewed-on: http://gerrit.openafs.org/9347
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agovlserver: Use correct literal in bounds check
Simon Wilkinson [Sat, 2 Mar 2013 09:01:59 +0000]
vlserver: Use correct literal in bounds check

The base array has VL_MAX_ADDREXTBLKS elements. Use this when
checking for an array overflow, rather than VL_ADDREXTBLK_SIZE.

Caught by coverity (#985600)

Change-Id: Ie60ad5cc79c41245028887871759776549694426
Reviewed-on: http://gerrit.openafs.org/9346
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoviced: Improve CallPreamble error messages
Andrew Deason [Sat, 23 Feb 2013 04:46:12 +0000]
viced: Improve CallPreamble error messages

These messages are not very useful right now. At least try to say what
host we sent an error to, so we know which host may be experiencing
some troubles as a result.

Change-Id: I8b41b46511ebd4760d5021ea2fe2011842450998
Reviewed-on: http://gerrit.openafs.org/9381
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

7 years agoihandle: Remove ih_sync_thread
Andrew Deason [Wed, 19 Dec 2012 23:11:40 +0000]
ihandle: Remove ih_sync_thread

ih_sync_thread currently syncs files flagged as needing
synchronization in the background every 10 seconds. This practice has
caused severe data corruption on more than one occasion over the past
few years (124359, 131530). It has also been argued repeatedly that it
provides no meaningful additional on-disk consistency, so there is no
reason for it to exist even if it were error-free.

Syncing files in the background provides no guarantee on the
consistency of the file contents, since the files are not synced in
any order with respect to each other, or with respect to what
filesystem operations may be occurring in the application.
Additionally, journalling filesystems common on fileserver backends
will typically ensure some consistency after a certain amount of time
(by default, 5 seconds on ZFS and ext3+), so doing this sync ourselves
is often redundant or even counterproductive.

So, to avoid current and future issues with ih_sync_thread interacting
with other ihandle users, just get rid of it. Files flagged as needing
sync are still synced (not in the background) during IH_REALLYCLOSE.

FIXES 131530

Change-Id: I29571c82c5b7454cd834b339fd48baeb9963a87b
Reviewed-on: http://gerrit.openafs.org/8797
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoWindows: AFSPopulateNameArrayFromRelatedArray change
Jeffrey Altman [Mon, 4 Mar 2013 03:54:53 +0000]
Windows: AFSPopulateNameArrayFromRelatedArray change

Modify AFSPopulateNameArrayFromRelatedArray so that the DirectoryCB
parameter can safely be NULL.   A NULL DirectoryCB input is required
to copy the entire NameArray.

Change-Id: Id125bb22df89c93e60d485e178bc7be0ab3c313e
Reviewed-on: http://gerrit.openafs.org/9340
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: AFS_NAME_ARRAY_TAG value
Jeffrey Altman [Mon, 4 Mar 2013 03:10:39 +0000]
Windows: AFS_NAME_ARRAY_TAG value

The AFS_NAME_ARRAY_TAG value collided with AFS_NAME_BUFFER_TEN_TAG.
Change its definition.

Change-Id: I29ff2d4cb7f5d1afebea91cbb5c294ecedbe50a2
Reviewed-on: http://gerrit.openafs.org/9339
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agoWindows: Add AFSCreateSymlinkCB data strctures
Jeffrey Altman [Sun, 3 Mar 2013 19:16:35 +0000]
Windows: Add AFSCreateSymlinkCB data strctures

AFSCreateSymlinkCB and AFSCreateSymlinkResultCB
Used for creating a symlink to either a file or a directory.

Change-Id: Ic7dc49d48fc7ba3863752b3732c932f57d674d99
Reviewed-on: http://gerrit.openafs.org/9338
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Rod Widdowson <rdw@steadingsoftware.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>

7 years agosrc/rxosd/Makefile.in: avoid infinite recursion in CC variable
Nickolai Zeldovich [Mon, 4 Mar 2013 03:03:41 +0000]
src/rxosd/Makefile.in: avoid infinite recursion in CC variable

src/rxosd/Makefile sets CC=$(MT_CC).
src/config/Makefile.config sets MT_CC=$(CC).
Since both are recursive-expansion variables, this causes an infinite
loop, and make complains about it:

Makefile:25: *** Recursive variable `CC' references itself (eventually).  Stop.

This patch avoids setting CC in src/rxosd/Makefile.in altogether, since
it does not appear to be necessary, as suggested by Jeffrey and Derrick.

Change-Id: Ieaa5c5ed21d83629ea713a745e76d17ac7f76ec1
Reviewed-on: http://gerrit.openafs.org/9336
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoafscp: Fix check for bare root.cell dirs in dynroot mode
Nickolai Zeldovich [Mon, 4 Mar 2013 02:14:22 +0000]
afscp: Fix check for bare root.cell dirs in dynroot mode

A previous fix (git commit fb1d7491fbe2e90300b23284f213cac2bdcd56ac)
added a check for '!p' in gettoproot(), but p is always a non-NULL pointer
(in part since it's dereferenced just above in the code), so the check
is always false.

Instead, I suspect the original author intended to check for '!*p',
which this patch does.

Change-Id: I1c0a2dd1d582a6b5e82275db18474343efa679a2
Reviewed-on: http://gerrit.openafs.org/9337
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

7 years agoup: Fix improper use of readlink
Simon Wilkinson [Fri, 1 Mar 2013 12:12:07 +0000]
up: Fix improper use of readlink

readlink returns a non-NUL terminated string. If the string must be
terminated, we need to have space in the buffer for it. So, the
buffer passed to readlink must be 1 less than the real length of
the buffer.

Caught by coverity (#985597, #985610)

Change-Id: Id9a6f8227d756140960ac295330aaf17dca2ec03
Reviewed-on: http://gerrit.openafs.org/9329
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoutil: Fix overflows in address parsing
Simon Wilkinson [Fri, 1 Mar 2013 12:01:19 +0000]
util: Fix overflows in address parsing

The extractAddr function (which turns a dotted quad into an IP
address), has a number of overflows when one or more elements of
the quad are more than 31 characters in length.

The array allocated for each portion is 32 bytes long, but we only
stop writing into the array when the indexing pointer reaches 32,
which doesn't leave us with space for the trailing NULL.

Rework this so we always allow space for the NULL, and use a #define
for the array length to make it more clear whats going on.

Caught by coverity (#985591, #985592, #985593, #985594)

Change-Id: I33ecc78ba6c90e44c3a4f2df171abba1d58562b3
Reviewed-on: http://gerrit.openafs.org/9327
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agoubik: Don't overflow server's addr array
Simon Wilkinson [Fri, 1 Mar 2013 11:47:03 +0000]
ubik: Don't overflow server's addr array

We're checking to see if we've overflowed the array _after_ we've
looked up an element within it - so on the final iteration, we
always read past the end of the array.

Fix this by swapping the order of the tests in the for statemen

Caught by coverity (#985590)

Change-Id: Ibbf0eb88083166f0a23316edf0612e94593c07ce
Reviewed-on: http://gerrit.openafs.org/9326
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>

7 years agorxgen: Don't overflow PackageIndex
Simon Wilkinson [Fri, 1 Mar 2013 11:35:05 +0000]
rxgen: Don't overflow PackageIndex

PackageIndex++ returns the pre-index value of PackageIndex, so the
error statement isn't run when PackageIndex == MAX_PACKAGES. This
means we go on to overflow all of the arrays that are MAX_PACKAGES
in size.

Caught by coverity (#985583, #985584, #985585, #985586,
                    #985587, #985588, #985589)

Change-Id: If81f9ff89edc4cfd56677ff51cea71281ebe1e3b
Reviewed-on: http://gerrit.openafs.org/9325
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>