openafs.git
13 months agoMake OpenAFS 1.8.3 46/13546/2 openafs-stable-1_8_3
Stephan Wiesand [Fri, 12 Apr 2019 14:53:40 +0000]
Make OpenAFS 1.8.3

Update version strings for the 1.8.3 release.

Change-Id: Ie8b29765e4f45bc3ddbe1aba9e31068da0bb54cf
Reviewed-on: https://gerrit.openafs.org/13546
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

13 months agoUpdate NEWS for 1.8.3 45/13545/2
Stephan Wiesand [Fri, 12 Apr 2019 14:47:28 +0000]
Update NEWS for 1.8.3

Finalize the release notes for OpenAFS 1.8.3

Change-Id: I5b5eeedde53a1135c003302719cfdeca4f67e8fd
Reviewed-on: https://gerrit.openafs.org/13545
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

14 months agoMake OpenAFS 1.8.3pre1 44/13444/2 openafs-stable-1_8_3pre1
Stephan Wiesand [Fri, 25 Jan 2019 15:08:34 +0000]
Make OpenAFS 1.8.3pre1

Update version strings for the first 1.8.3 prerelease.

Change-Id: I62d22cfba90ec89ac6734d7e8e08ce062dedff80
Reviewed-on: https://gerrit.openafs.org/13444
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

14 months agoUpdate NEWS for 1.8.3pre1 45/13445/6
Stephan Wiesand [Fri, 25 Jan 2019 17:15:00 +0000]
Update NEWS for 1.8.3pre1

Release notes for the OpenAFS 1.8.3 prerelease

Change-Id: Ie9f988d0f03f1368125d0e5894d5dd5e9ef95d88
Reviewed-on: https://gerrit.openafs.org/13445
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

15 months agoafs: avoid afs_GetDownDSlot panic on afs_WriteDCache failure 03/13503/2
Mark Vitale [Mon, 29 Oct 2018 20:48:14 +0000]
afs: avoid afs_GetDownDSlot panic on afs_WriteDCache failure

If afs_GetDownDSlot() finds insuffcient free slots in the
afs_freeDSList, it will walk the afs_DLRU attempting to flush and free
eligible dcaches.  However, if an error occurs during the flush to
CacheItems (afs_WriteDCache()), e.g., -EINTR, afs_GetDownDSlot() will
assert.

However, a panic in this case is overkill, since afs_GetDownDSlot() is a
best-effort attempt to free dslots.  The caller (afs_UFSGetDSlot()) will
allocate more dcaches if needed.

Instead:
- Refactor afs_GetDownDSlot() by moving the QRemove() call to after the
afs_WriteDCache logic, so it accompanies the logic that puts the dcache
back on the freelist.  This is safe because we hold the afs_xdcache W
lock for the duration of the routine.
- If afs_WriteDCache() returns an error, return early and let the caller
handle any recovery.

Reviewed-on: https://gerrit.openafs.org/13364
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit d6f52d11c358f71b2c4357cb135e898de7c6277b)

Change-Id: I2630bf04b3e3a88a1fa00f693adf2a77290d47ef
Reviewed-on: https://gerrit.openafs.org/13503
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

15 months agoRedhat: 'clean build area' error message during dkms build/install 79/13479/2
Cheyenne Wills [Sat, 26 Jan 2019 00:35:51 +0000]
Redhat: 'clean build area' error message during dkms build/install

dkms invokes a make clean command before and after building the kernel
module. The make clean that is issued at the start of building results
in a nuisance error message because the Makefile doesn't yet exist

    Building module:
    cleaning build area...(bad exit status: 2)

In the dkms.conf file, built from within the openafs.spec, change the
command defined in the CLEAN statement to test for the existence of the
Makefile prior to running the actual make clean

Reviewed-on: https://gerrit.openafs.org/13460
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 10f2c469f45eece0e12573388ae66e392e2dff1c)

Change-Id: If3440b576ad62441bb6b970016fa9808b51abf70
Reviewed-on: https://gerrit.openafs.org/13479
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

15 months agoAvoid format truncation warnings 59/13459/2
Andrew Deason [Tue, 7 Aug 2018 22:27:24 +0000]
Avoid format truncation warnings

With gcc 7.3, we start getting several warnings like the following:

vutil.c: In function ‘VWalkVolumeHeaders’:
vutil.c:860:34: error: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 63 [-Werror=format-truncation=]
      snprintf(name, VMAXPATHLEN, "%s" OS_DIRSEP "%s", partpath, dentry->d_name);

Most or all of these truncations should be okay, but increase the size
of the relevant buffers so we can build with warning checking turned
on.

Reviewed-on: https://gerrit.openafs.org/13274
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 2daa413e3ec061e0653adbd1d6549f15e0659a62)

Change-Id: I61ae1ddae4b2d84147198a1dccb280d0da100a0b
Reviewed-on: https://gerrit.openafs.org/13459
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

16 months agoLinux_5.0: replaced current_kernel_time with ktime_get_coarse_real_ts64 42/13442/3
Cheyenne Wills [Sat, 19 Jan 2019 00:22:44 +0000]
Linux_5.0: replaced current_kernel_time with ktime_get_coarse_real_ts64

In Kernel commit fb7fcc96a86cfaef0f6dcc0665516aa68611e736 the
current_kernel_time/current_kernel_time64 functions where renamed
and the calling was standardized.

According to the Linux Documentation/core-api/timekeeping.rst
ktime_get_coarse_real_ts64 is the direct replacement for
current_kernel_time64.  Because of year 2038 issues, there is no
replacement for current_kernel_time.

Updated code that used current_kernel_time to use new name and calling
convention.

Updated autoconf test that sets IATTR_TAKES_64BIT_TIME as well.

Reviewed-on: https://gerrit.openafs.org/13434
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 21ad6a0c826c150c4227ece50554101641ab4626)

Change-Id: Idb8a2c1b74835601fb1fc699c3ebbcee75c94e3e
Reviewed-on: https://gerrit.openafs.org/13442
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

16 months agoLinux_5.0: replace do_gettimeofday with ktime_get_real_ts64 41/13441/3
Cheyenne Wills [Fri, 18 Jan 2019 23:53:58 +0000]
Linux_5.0: replace do_gettimeofday with ktime_get_real_ts64

In Kernel commit e4b92b108c6cd6b311e4b6e85d6a87a34599a6e3 the
do_gettimeofday function was removed.

According to the Linux Documentation/core-api/timekeeping.rst
ktime_get_real_ts64 is the direct replacement for do_gettimeofday

Updated the macro osi_GetTime to use ktime_get_real_ts64 if it is
available.

Reviewed-on: https://gerrit.openafs.org/13433
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit b892fb127815bdf72103ae41ee70aadd87931b0c)

Change-Id: I1a0237457e229a11d2a87a3a269cf24adc201e59
Reviewed-on: https://gerrit.openafs.org/13441
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

16 months agoLinux_5.0: Use super_block flags instead of Mount flags when filling sb 40/13440/3
Cheyenne Wills [Thu, 17 Jan 2019 23:00:37 +0000]
Linux_5.0: Use super_block flags instead of Mount flags when filling sb

In Kernel commit e262e32d6bde0f77fb0c95d977482fc872c51996
the mount flags (MS_) were moved from uapi/linux/fs.h to
uapi/linux/mount.h. This caused a compile failure in
src/afs/LINUX/osi_vfsops.c

The Linux documentation in uapi/linux/mount.h indicates that the MS_
(mount) flags should only be used when calling sys_mount and filesystems
should use the SB_ (super_block) equivalent.

src/afs/LINUX/osi_vfsops.c utilized the mount flag MS_NOATIME while
filling the super_block.  Changed to use SB_NOATIME (which has the same
numeric value as MS_NOATIME) if available.

Reviewed-on: https://gerrit.openafs.org/13432
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 3969bbca6017eb0ce6e1c3099b135f210403f661)

Change-Id: I66f7b758c0258ea2c0d93da030fa97b3db49bd6c
Reviewed-on: https://gerrit.openafs.org/13440
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

16 months agoafs: Do not ignore errors in afs_CacheFetchProc 43/13443/2
Andrew Deason [Thu, 17 Jan 2019 06:12:06 +0000]
afs: Do not ignore errors in afs_CacheFetchProc

afs_CacheFetchProc currently has a section of code that looks like
this pseudocode:

    if (!code) do {
        while (length > 0) {
            code = read_from_rx();
            if (code) {
                break;
            }
            code = write_to_cache();
            if (code) {
                break;
            }
        }
        code = 0;
    } while (moredata);
    return code;

When we encounter an error when reading from rx or writing to the
cache, we break out of the current loop to stop processing and return
an error. But there are _two_ loops in this section of the code, so
what we actually do is break out of the inner loop, set 'code' to 0,
and then usually return (since 'moredata' is usually never set).

This means that when we encounter an unexpected error either from the
net or disk (or the memcache layer), we ignore the error and return
success. This means that we'll store a subset of the relevant chunk's
data to disk, and flag that chunk as complete and valid for the
relevant DV. If the error occurred before we wrote anything to disk,
this means we'll store an empty chunk and flag it as valid. The chunk
will be flagged as valid forever, serving invalid data, until the
cache chunk is evicted or manually kicked out. This can result in
files and directories appearing blank or truncated to applications
until the bad chunk is removed.

Possibly the most common way to encounter this issue is when using a
disk cache, and the underlying disk partition is full, resulting in an
unexpected ENOSPC error. Theoretically this can be seen from an
unexpected error from Rx, but we would have to see a short read from
Rx without the Rx call being aborted. If the call was aborted, we'd
get an error from the call to rx_EndCall() later on.

To fix this, change all of these 'break's into 'goto done's, to be
more explicit about where we are jumping to. Convert all of the
'break's in this function in the same way, to make the code flow more
consistent and easier to follow. Remove the 'if () do' on a single
line, since it makes it a little harder to see from a casual glance
that there are two nested loops here.

This problem appears to have been introduced in commit 61ae8792 (Unite
CacheFetchProcs and add abstraction calls), included in OpenAFS
1.5.62.

Reviewed-on: https://gerrit.openafs.org/13428
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit ce327b568f4ff522aa008f235d97e0d9144eb92c)

Change-Id: Id4ec8ffef38b4c86beffc6272bd283bce2c74ffe
Reviewed-on: https://gerrit.openafs.org/13443
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

16 months agolwp: Avoid freeing 'stackmemory' on AIX32 27/13427/2
Andrew Deason [Mon, 14 Jan 2019 23:12:27 +0000]
lwp: Avoid freeing 'stackmemory' on AIX32

Commit 55013a11 (lwp: Fix possible memory leak from scan-build) added
some free() calls to some otherwise-leaked memory. However, one of
these calls frees the 'stackmemory' pointer, which on AIX32 is not a
pointer from malloc/calloc, but calculated from reserveFromStack().

To avoid corrupting the heap, skip this free call on AIX32. This
commit adds another #ifdef to avoid this, which is unfortunate, but
this is also how the free is avoided in the existing code for
Free_PCB().

Reviewed-on: https://gerrit.openafs.org/13426
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit f6182922455aa0cbee19d138b0827eb87dc2b7ce)

Change-Id: Id32eea373799c0cb43fb01a98210a0800899a1d6
Reviewed-on: https://gerrit.openafs.org/13427
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

16 months agolwp: Fix possible memory leak from scan-build 22/13122/2
Pat Riehecky [Wed, 23 May 2018 20:42:09 +0000]
lwp: Fix possible memory leak from scan-build

It is possible for LWP_CreateProcess to return early. When it does, it
should free up any memory it allocated before leaving scope.

Reviewed-on: https://gerrit.openafs.org/13080
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 55013a111394052a0253c87a744d03dfabd1be75)

Change-Id: I9112d2039c7c58a707231568e2e84e0340407bac
Reviewed-on: https://gerrit.openafs.org/13122
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: PatRiehecky <jcpunk@gmail.com>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

16 months agoafs: Reword "cache is full" messages 17/13417/2
Andrew Deason [Thu, 13 Dec 2018 18:25:32 +0000]
afs: Reword "cache is full" messages

Currently, there are multiple different areas in the code that log a
message that look like this, when we encounter an ENOSPC error when
writing to the cache:

    *** Cache partition is FULL - Decrease cachesize!!! ***

The message is a bit unclear, and doesn't even mention AFS at all.
Reword the message to try to explain a little more what's happening.

Also, since we log the same message in several different places, move
them all to a common function, called afs_WarnENOSPC, so we only need
to change the message in one place.

Reviewed-on: https://gerrit.openafs.org/13410
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit d9d9571785dabc5c311111b1263fe0881b0ccda5)

Change-Id: I8e958f2896f5d4503d3a153b52720e8ba3025261
Reviewed-on: https://gerrit.openafs.org/13417
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

16 months agorx: Convert rxinit_status to rx_IsRunning() 16/13416/2
Andrew Deason [Thu, 2 Nov 2017 21:41:52 +0000]
rx: Convert rxinit_status to rx_IsRunning()

Currently, all rx code examines the atomic rxinit_status to determine
if rx is running (that is, if rx_InitHost has been called, and
rx_Finalize/shutdown_rx hasn't been called). This is used in rx.c to
see if we're redundantly calling our setup/teardown functions, and
outside of rx.c in a couple of places to see if rx-related resources
have been initialized.

The usage of rxinit_status is a little confusing, since setting bit 0
indicates that rx is not running, and clearing bit 0 indicates rx is
running. Since using rxinit_status requires atomic functions, this
makes code checking or setting rxinit_status a little verbose, and it
can be hard to see what it is checking for. (For example, does
'if (!rx_atomic_test_and_clear_bit(&rxinit_status, 0))' succeed when
rx running, or when rx is not running?)

The current usage of rxinit_status in rx_InitHost also does not handle
initialization errors correctly. rx_InitHost clears rxinit_status near
the beginning of the function, but does not set rxinit_status if an
error is encountered. This means that any code that checks
rxinit_status (such as another rx_InitHost call) will think that rx
was initialized successfully, but various resources aren't actually
setup. This can cause segfaults and other errors as the code tries to
actually use rx.

This can easily be seen in bosserver, if bosserver is started up while
the local host/port is in use by someone else. bosserver will try to
rx_InitHost, which will fail, and then we'll try to rx_InitHost again,
which will immediately succeed without doing any init. We then
segfault quickly afterwards as we try to use unitialized rx resources.

To fix all of this, refactor code using rxinit_status to use a new
function, called rx_IsRunning(), to make it a little clearer what
we're checking for. We also re-introduce the LOCK_RX_INIT locks to
prevent functions like rx_InitHost and rx_Finalize from running in
parallel.

Note that non-init/shutdown code (such as rx_upcall or rx_GetIFInfo)
does not need to wait for LOCK_RX_INIT to check if rx is running or
not. These functions only care if rx is currently setup enough to be
used, so we can immediately return a 'yes' or 'no' answer. That is, if
rx_InitHost is in the middle of running, rx_IsRunning returns 0, since
some resouces may not be fully initialized.

Reviewed-on: https://gerrit.openafs.org/12761
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 5ced6025b9f11fadbdf2e092bf40cc87499ed277)

Change-Id: I38ef9e3aea8a1f20e9db488a44da4535f76432d1
Reviewed-on: https://gerrit.openafs.org/13416
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

16 months agovos: restore status information to 'vos status' 21/13421/2
Mark Vitale [Fri, 30 Nov 2018 17:10:50 +0000]
vos: restore status information to 'vos status'

Commit d3eaa39da3693bba708fa2fa951568009e929550 'rx: Make the rx_call
structure private' created accessors for several rx_call members.
However, it simply #ifdef'd out the packet counters and timestamps
reported by 'vos status' (AFSVol_Monitor).  This is a regression for the
1.8.x 'vos status' command.

Instead, supply an accessor so 'vos status' can again be used to monitor
the progress of certain volume operations.

FIXES 134856

Reviewed-on: https://gerrit.openafs.org/13400
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
(cherry picked from commit 59d3a8b86da648e3c5b9774183c6c8571a36f0c4)

Change-Id: I16c995623c40a708b06f08fb09224be1baa4de21
Reviewed-on: https://gerrit.openafs.org/13421
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

16 months agoRedhat: correct path to kernel module in dkms.config 38/13438/2
Cheyenne Wills [Wed, 28 Nov 2018 22:45:20 +0000]
Redhat: correct path to kernel module in dkms.config

This fix corrects some annoying error and warning messages during
dkms install or uninstall.

Install:
DKMS: build completed.

openafs:
Running module version sanity check.
ERROR: modinfo: could not open /lib/modules/2.6.32-754.6.3.el6.x
86_64/weak-updates/openafs.ko: No such file or directory
 - Original module
   - No original module exists within this kernel
 - Installation
   - Installing to /lib/modules/2.6.32-754.6.3.el6.x86_64/extra/
Adding any weak-modules
WARNING: Can't read module /lib/modules/2.6.32-754.6.3.el6.x86_6
4/weak-updates/openafs.ko: No such file or directory
egrep: /lib/modules/2.6.32-754.6.3.el6.x86_64//weak-updates/open
afs.ko: No such file or directory

Remove
Status: Before uninstall, this module version was ACTIVE on this
kernel.
Removing any linked weak-modules
rmdir: failed to remove `.': Invalid argument
WARNING: Can't read module /lib/modules/2.6.32-754.6.3.el6.x86_6
4/weak-updates/openafs.ko: No such file or directory
egrep: /lib/modules/2.6.32-754.6.3.el6.x86_64//weak-updates/open
afs.ko: No such file or directory

openafs.ko:
 - Uninstallation
   - Deleting from:/lib/modules/2.6.32-754.6.3.el6.x86_64/extra/
 - Original module
   - No original module was found for this module on this kernel
   - Use the dkms install command to reinstall any previous
   module version.

Background:

Commit 1c96127e37c0ec41c7a30ea3e4aa68f3cc8a24f6 standardized the
location where the openafs.ko module is installed (from
/kernel/3rdparty to /extra/).  The RPM Spec file was not updated to
build the dkms.conf file with the corrected location.

From the documentation for dkms

 DEST_MODULE_LOCATION is ignored on Fedora Core 6 and higher, Red Hat
 Enterprise Linux 5 and higher, Novell SuSE Linux Enterprise Server 10
 and higher, Novell SuSE Linux 10.0 and higher, and Ubuntu.  Instead,
 the proper distribution-specific directory is used.

However the DEST_MODULE_LOCATION is still used saving and restoring old
copies of the module.

The NO_WEAK_MODULES parameter prevents dkms from creating a symlink into
weak-updates directory, which can lead to broken symlinks when
dkms-openafs is removed.  The weak modules facility was designed to
eliminate the need to rebuild kernel modules when kernel upgrades occur
and relies on the symbols within the kABI.  Openafs uses symbols that
are outside the kABI, and therefor is not a candidate for a weak module.

Reviewed-on: https://gerrit.openafs.org/13404
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit a28f9d28aef18936eb0ea02491ce64c72eeb1fe9)

Change-Id: Ia32856c85eb61e2f023e3ae970c945aa529682ce
Reviewed-on: https://gerrit.openafs.org/13438
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoauth: check if argument of afsconf_Close* is null 72/13372/4
Marcio Barbosa [Mon, 1 Oct 2018 21:44:22 +0000]
auth: check if argument of afsconf_Close* is null

Currently, we do not check if the argument of afsconf_Close /
afsconf_CloseInternal is equal to null. In order to avoid a possible
segmentation fault, add the checks.

Reviewed-on: https://gerrit.openafs.org/13352
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
(cherry picked from commit bd58bb85004a18bb6681ff2b0c13a04e23c4d9c4)

Change-Id: I6a99b559ab863c8485af9ec17c940b64cf844acf
Reviewed-on: https://gerrit.openafs.org/13372
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agobudb: SBUDB_FindLatestDump should check result of FillDumpEntry 29/13329/4
Mark Vitale [Tue, 11 Sep 2018 19:59:41 +0000]
budb: SBUDB_FindLatestDump should check result of FillDumpEntry

FillDumpEntry may return an error, but FindLatestDump doesn't check its
result.  Therefore, SBUDB_FindLatestDump may return invalid results.

Instead, check the return code from FillDumpEntry and abort the call if
it fails.

Reviewed-on: https://gerrit.openafs.org/13312
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 2d8045d67686fbb80696b47b4a60e48e7e74fec9)

Change-Id: I47328fc61c492c82ae5e0cce8ca3a292706c7413
Reviewed-on: https://gerrit.openafs.org/13329
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agorx: reset packet header userStatus field on reuse 32/13332/4
Jeffrey Altman [Thu, 7 Jun 2018 01:23:14 +0000]
rx: reset packet header userStatus field on reuse

OpenAFS Rx fails to set the rx packet header userStatus field for most
packets sent other than type RX_PACKET_TYPE_ACK.  If the userStatus
field is not set, its value will be random garbage based upon the
prior use of the memory allocated to the rx_packet.

This change explicitly sets the userStatus field to zero for all
DATA and Special packet types.

Background
----------

OpenAFS Rx allocates a pool of rx_packet structures that are reused
for both incoming and outgoing Rx packets throughout the lifetime
of the process (or kernel module).

The rx packet header field userStatus is set by rxi_Send() to
rx_call.localStatus.  rxi_Send() is called from both rxi_SendAck()
when sending RX_PACKET_TYPE_ACK packets and from rxi_SendSpecial()
when called with a non-NULL call structure (RX_PACKET_TYPE_BUSY,
RX_PACKET_TYPE_ACKALL, or RX_PACKET_TYPE_ABORT).  rx_call.localStatus
defaults to zero and can be modified by the application calling
rx_SetLocalStatus().

The userStatus field is neither set nor reset when sending
RX_PACKET_TYPE_DATA packets and all packets sent without a call
structure.  When allocated packets are reused in these cases, the
value of the userStatus leaks from the prior packet use.  The
userStatus field is expected to be zero unless intentionally set by
the application protocol to another value.

The AFS3 suite of rx services uses the rx_header.userStatus field
only in the RXAFS service and only as part of the definition
for RXAFS_StoreData and RXAFS_StoreData64 RPCs.  The StoreData RPCs
use the rx_header.userStatus field as an out-of-band communication
mechanism that permits the fileserver to signal to the cache manager
when the RXAFS_StoreData[64] has been assigned to an application
worker (thread) and the worker has acquired all of the required locks
and other resources necessary to complete the RPC.  This signal can be
sent before all of the application data has been received.  The cache
manager reads the userStatus value via rx_GetRemoteStatus().  When
bit-0 of the remote status value equals one and CSafeStore mode is
disabled, the cache manager can wakeup any threads blocked waiting for
the store operation to complete.

Cache managers that perform a workload heavy in RXAFS_StoreData[64] RPCs
will end up with an increasing percentage of packets in which the
userStatus field is one instead of zero.

Fileservers processing a workload heavy in RXAFS_StoreData[64] RPCs
will likewise end up with an increasing percentage of packets in which
the userStatus field is one instead of zero.

Cache managers and Fileservers will therefore send DATA and call free
special packets with a non-zero userStatus field to peer services
(RXAFS, RXAFSCB, VL, PR).

The failure to reset the userStatus field has not been a problem in
the past because only the OpenAFS cache manager has ever queried the
userStatus via rx_GetRemoteStatus() and only when issuing
RXAFS_StoreData[64] RPCs.

Failure to correct this flaw interferes with future use of the userStatus
field in yet to be registered AFS3 RPCs and existing non-AFS3 services
that make use of the userStatus when sending data to a service.

FIXES: 134554
Reviewed-on: https://gerrit.openafs.org/13165
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

(cherry picked from commit c553170bcf3b97ba3745f21040c8e07b128ef983)

Change-Id: I4e3c7fea876225ec401988a16b21ed3bb0760ee0
Reviewed-on: https://gerrit.openafs.org/13332
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agovolser: DoVolDelete returning VNOVOL is success 35/13235/4
Jeffrey Altman [Sat, 24 Mar 2018 05:22:54 +0000]
volser: DoVolDelete returning VNOVOL is success

When moving, copying or releasing volumes, do not treat a failure
to delete a volume because the volume no longer exists as an error.
The volume clone has flags

  VTDeleteOnSalvage | VTOutOfService

assigned to it which means that the fileserver won't attach the volume
and volume has its deleteMe field assigned the value of DESTROY_ME.
Such a volume will be deleted the next time the salvager scans the
partition.  Once the transaction is complete the volume might be
removed.

Reviewed-on: https://gerrit.openafs.org/12976
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 328590dc5669cae3db6c509871b612b0384ea33d)

Change-Id: Iea98049a3948b75a5e7c13c068add663c9276515
Reviewed-on: https://gerrit.openafs.org/13235
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

17 months agomacos: packaging support for MacOS X 10.14 13/13413/3
Marcio Barbosa [Sun, 30 Sep 2018 21:38:53 +0000]
macos: packaging support for MacOS X 10.14

This commit introduces the new set of changes / files required to
successfully create the dmg installer on OS X 10.14 "Mojave".

Reviewed-on: https://gerrit.openafs.org/13349
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 2aeabf8c5bca22b400653e2bc88b6f36d47b05ca)

Change-Id: Ia271ca69d8102a93da50c59e2d92d3c803a13b0e
Reviewed-on: https://gerrit.openafs.org/13413
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agomacos: add support for MacOS 10.14 12/13412/3
Marcio Barbosa [Wed, 26 Sep 2018 03:18:38 +0000]
macos: add support for MacOS 10.14

This commit introduces the new set of changes / files required to
successfully build the OpenAFS source code on OS X 10.14 "Mojave".

Reviewed-on: https://gerrit.openafs.org/13348
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 72b2670a9e2e3937ed4e47485b9e9fa6953b5444)

Change-Id: Ida25278d68d875a630af1d916d2d6add9b6c1f9e
Reviewed-on: https://gerrit.openafs.org/13412
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agovolser: ensure GCTrans transaction walk remains valid 37/13337/3
Mark Vitale [Fri, 17 Aug 2018 22:48:08 +0000]
volser: ensure GCTrans transaction walk remains valid

Commit bc56f5cc97a982ee29219e6f258b372dbfe1a020 ("volser: Delete
timed-out temporary volumes") introduced new logic to GCTrans().
Unfortunately, part of this logic temporarily drops VTRANS_LOCK in order
to call VPurgeVolume().  While this lock is dropped, other volser_trans
may be added or deleted from the allTrans list.  Therefore, GCTrans
should not trust the next pointer (nt = tt->next) which was obtained
before the lock was dropped.

One symptom observed in the field was a segfault while examining
tt->volume.  Neither tt nor volume were valid any longer, since tt had
been set from a stale nt at the top of the loop.

To repair, improve, and clarify this logic:
- Refactor so nt is assigned correctly and as late as possible.
- Add comments to explain the placement of the assigns to future
maintainers.

Reviewed-on: https://gerrit.openafs.org/13286
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 930d8ee638112ca8bf27a9528c0a527cfab54c7d)

Change-Id: I9ed2c0440b03137cb0e0ef536167be9535c90dbb
Reviewed-on: https://gerrit.openafs.org/13337
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agovolser: combine GCTrans conditional clauses 36/13336/3
Mark Vitale [Thu, 6 Sep 2018 18:09:26 +0000]
volser: combine GCTrans conditional clauses

In preparation for a future commit, combine two conditional clauses in
GCTrans().

No functional change should be incurred by this commit.

Reviewed-on: https://gerrit.openafs.org/13303
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 95b0641ad8cfd0358576c6e1a93266fc59ecf710)

Change-Id: If808a00cf935235cdeb20bf73f03ad235f8b2c39
Reviewed-on: https://gerrit.openafs.org/13336
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoviced: fix typo in help for option -unsafe-nosalvage 11/13411/4
Mark Vitale [Fri, 26 Oct 2018 13:12:44 +0000]
viced: fix typo in help for option -unsafe-nosalvage

Reviewed-on: https://gerrit.openafs.org/13367
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 84b3e1c43685862c147603627a020a68650d6e1c)

Change-Id: Ie264fbd0064a3e22b1c474cea59040ecb0804b73
Reviewed-on: https://gerrit.openafs.org/13411
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoafs: remove dead code afs_osi_SetTime 07/13407/4
Mark Vitale [Thu, 15 Nov 2018 20:41:24 +0000]
afs: remove dead code afs_osi_SetTime

afs_osi_SetTime() has been dead code since -settime support was removed
with commit 1d9888be486198868983048eeffabdfef5afa94b 'Remove
-settime/RXAFS_GetTime client support'.

Remove the dead code.

No functional change is incurred by this commit.

Reviewed-on: https://gerrit.openafs.org/13393
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 16b981ec6697b511c36c09adfeb8b79eaf2345b0)

Change-Id: I3fa92cbe1598703b4eddd78e4c7afdc04c525750
Reviewed-on: https://gerrit.openafs.org/13407
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoLinux 4.20: do_settimeofday is gone 06/13406/4
Mark Vitale [Thu, 15 Nov 2018 20:31:37 +0000]
Linux 4.20: do_settimeofday is gone

With Linux commit 976516404ff3fab2a8caa8bd6f5efc1437fed0b8 'y2038:
remove unused time interfaces', do_settimeofday() is gone.

However, OpenAFS only calls do_settimeofday() from afs_osi_SetTime(),
which has been dead code since -settime support was removed from afsd
with commit 1d9888be486198868983048eeffabdfef5afa94b 'Remove
-settime/RXAFS_GetTime client support'.

Instead of fixing afs_osi_SetTime() to use a current Linux API, remove
it as dead code.

No functional change is incurred by this commit.  However, this change
is required in order to build OpenAFS on Linux 4.20.

Reviewed-on: https://gerrit.openafs.org/13392
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit aa80f892ec39e2984818090a6bb2047430836ee2)

Change-Id: I7f5ee9c21bc87cd261d87126bc3848d941ff5409
Reviewed-on: https://gerrit.openafs.org/13406
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoLinux 4.20: current_kernel_time is gone 05/13405/4
Mark Vitale [Tue, 13 Nov 2018 16:20:09 +0000]
Linux 4.20: current_kernel_time is gone

With Linux commit 976516404ff3fab2a8caa8bd6f5efc1437fed0b8 'y2038:
remove unused time interfaces' (4.20-rc1), current_kernel_time() has
been removed.

Many y2038-compliant time APIs were introduced with Linux commit
fb7fcc96a86cfaef0f6dcc0665516aa68611e736 'timekeeping: Standardize on
ktime_get_*() naming' (4.18).  According to
Documentation/core-api/timekeeping.rst, a suitable replacement for:

  struct timespec current_kernel_time(void)

would be:

  void ktime_get_coarse_real_ts64(struct timespec64 *ts))

Add an autoconf test and equivalent logic to deal.

Reviewed-on: https://gerrit.openafs.org/13391
Tested-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 3c454b39d04f4886536267c211171dae30dc0344)

Change-Id: I3f00cf4bd3a1ffb7c90e3920113964d74c6df403
Reviewed-on: https://gerrit.openafs.org/13405
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoafs: Return memcache allocation errors 07/13307/5
Andrew Deason [Tue, 7 Aug 2018 22:08:26 +0000]
afs: Return memcache allocation errors

During cache initialization, we can fail to allocate our dcache
entries for memcache. Currently when this happens, we just log a
message and try to disable dcache access. However, this results in at
least one code path that causes a panic anyway during startup, since
afs_CacheTruncateDaemon will try to trim the cache, and afs_GetDownD
will call afs_MemGetDSlot, and we cannot find the given dslot.

To avoid this, change our cache initialization to return an error,
instead of trying to continue without a functional dcache. This causes
afs_dcacheInit to return an error in this case, and by extension
afs_CacheInit and the AFSOP_CACHEINIT syscall. Also change afsd to
actually detect errors from AFSOP_CACHEINIT, and to bail out when it
does.

Thanks to gsgatlin@ncsu.edu for reporting the relevant panic.

Reviewed-on: https://gerrit.openafs.org/13273
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 0da5ac4d9fb2a9b46c7415403a3cd26e711554e2)

Change-Id: I00b0d3dac1f4d8edc46389fe3c59501fd23c18f8
Reviewed-on: https://gerrit.openafs.org/13307
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoCellServDB update 14 May 2018 09/13409/2
Benjamin Kaduk [Thu, 31 May 2018 00:38:57 +0000]
CellServDB update 14 May 2018

Update all three copies in the tree, and the rpm specfile.

Reviewed-on: https://gerrit.openafs.org/13134
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 4a2b5101afda24b2d937e7350ca35b0b3d3c4af8)

Change-Id: I47dad888b71c798132f2841375f9ebb2f6b263f7
Reviewed-on: https://gerrit.openafs.org/13409
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoubik: Buffer log writes with stdio 53/13353/5
Andrew Deason [Thu, 10 May 2018 21:22:52 +0000]
ubik: Buffer log writes with stdio

Currently, when we write ubik i/o operations to the db log, we tend to
issue several syscalls involving small writes and fstat()s. This is
because each "log" operation involves at least one write, and each log
operation tends to be pretty small.

Each logged operation hitting disk separately is unnecessary, since
the db log does not need to hit the disk at all until we are ready to
commit the transaction. So to reduce the number of syscalls when
writing to the db, change our log writes to be buffered in memory
(using stdio calls). This also avoids needing to fstat() the
underlying log file, since we open the underlying file in append-only
mode, since we only ever append to (and truncate) the log file.

To implement this, we introduce a new 'buffered_append' phys
operation, to explicitly separate our buffered and non-buffered
operations, to try to avoid any bugs from mixing buffered and
non-buffered i/o. This new operation is only used for the db log.

Reviewed-on: https://gerrit.openafs.org/13070
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 800318b43fdf461ad95cd7f3940718f3f0a609a7)

Change-Id: Ia40d75e7bdeb6a9f6c316aaea6fd20d5c8d80625
Reviewed-on: https://gerrit.openafs.org/13353
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoubik: make ContactQuorum_* routines static 88/13188/4
Mark Vitale [Fri, 4 May 2018 19:42:14 +0000]
ubik: make ContactQuorum_* routines static

Most of the ContactQuorum_* routines are only used in ubik.c, so make
them all static - except for ContactQuorum_DISK_SetVersion, which is
called from disk.c.

Reviewed-on: https://gerrit.openafs.org/13078
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 27d7b8fe4603c39362983758fe6a749fa5ffa4e5)

Change-Id: I70721aef02f5f2e203c1877428c46c49ea1cb7c9
Reviewed-on: https://gerrit.openafs.org/13188
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoubik: remove unused ContactQuorum_DISK_Write 87/13187/4
Mark Vitale [Wed, 9 May 2018 20:50:55 +0000]
ubik: remove unused ContactQuorum_DISK_Write

This function is not used; remove it.

No functional change is incurred by this commit.

Reviewed-on: https://gerrit.openafs.org/13077
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 8b1e730c11a6ed7dc067ef185302bd57a69f6d1e)

Change-Id: I548e2442684a26ab017afebb1c42bdef9bd7c7bf
Reviewed-on: https://gerrit.openafs.org/13187
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoubik: do not assign variables in logging argument lists 18/13218/4
Michael Meffie [Thu, 14 Jun 2018 19:01:18 +0000]
ubik: do not assign variables in logging argument lists

Several logging statements in ubik contain an assignment statement
within the logging function call argument list, which would set a
variable as side effect of evaluating the function call arguments.

These embedded assignments are problematic since the logging function
calls have been replaced by ViceLog macros, which avoid the overhead of
a function call depending on logging levels.

Remove the embedded assignments within the logging argument lists so the
variables are always set regardless of the logging level.

Reviewed-on: https://gerrit.openafs.org/13211
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 472d6b1ee2f7de415e0fa0f8be0636f86956b6fc)

Change-Id: I230f71022a58445c99adc67ae1b888caa4ce260e
Reviewed-on: https://gerrit.openafs.org/13218
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoubik: disambiguate "Synchonize database with server" msgs 86/13186/4
Mark Vitale [Mon, 8 May 2017 21:50:00 +0000]
ubik: disambiguate "Synchonize database with server" msgs

Ubik issues the same message in two very different cases:
- sync server issues DISK_GetFile to obtain the latest version
- non-sync server receives DISK_SendFile from the sync server

Modify the messages so they provide more information and are
distinguishable from each other.

Reviewed-on: https://gerrit.openafs.org/12615
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit b9fe4d4290ad19faf3b5fb5dc0c3b1ee3ee5ab69)

Change-Id: I806c2ce5ada097b07022d8c4da81f613a3f9989c
Reviewed-on: https://gerrit.openafs.org/13186
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agoubik: convert ubik_print to ViceLog 53/13153/5
Michael Meffie [Mon, 25 Apr 2016 15:06:11 +0000]
ubik: convert ubik_print to ViceLog

Use the server logging macros instead of the utility functions to avoid
function call overhead, especially at logging level 25.  The server
logging macros perform a logging level check in-line to avoid the
unnecessary ubik_dprint* calls.

Reviewed-on: https://gerrit.openafs.org/12619
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 343234d221ae8388f55748f5c494a42d5d69bfa0)

Change-Id: Icdb60f75a0c6c6efc7793d545f0565c0cd587eae
Reviewed-on: https://gerrit.openafs.org/13153
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

17 months agobutc: repair build error 28/13328/2
Mark Vitale [Tue, 11 Sep 2018 20:29:59 +0000]
butc: repair build error

Commit c43169fd36348783b1a5a55c5bb05317e86eef82 introduced a build error
by invoking TLog with an extraneous set of internal parentheses.

Remove the offending parentheses.

Reviewed-on: https://gerrit.openafs.org/13311
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 91bab84e7a3b7de2591c475ba4912b0db8899f05)

Change-Id: I06df561daf37330e6fdd9c9d41b55daa4d6b3886
Reviewed-on: https://gerrit.openafs.org/13328
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

20 months agoMake OpenAFS 1.8.2 openafs-stable-1_8_2
Benjamin Kaduk [Tue, 11 Sep 2018 03:18:34 +0000]
Make OpenAFS 1.8.2

Update version strings for the 1.8.2 release.

Change-Id: I90e59f3a8c930d80eab46b405050e11ea2fc2fe1

20 months agoUpdate NEWS for 1.8.2
Benjamin Kaduk [Tue, 11 Sep 2018 01:26:20 +0000]
Update NEWS for 1.8.2

Release notes for the OpenAFS 1.8.2 security release.

Change-Id: If447b08cc3b3901da22eeb92a2e75bf2ab476633

20 months agoFix typos in audit format strings
Benjamin Kaduk [Tue, 11 Sep 2018 15:51:01 +0000]
Fix typos in audit format strings

Commit 9ebff4c6caa8b499d999cfd515d4d45eb3179769 introduced audit
framework support for several butc-related data types, but had
a typo ('$d' for '%d') in a couple of places, that was not reported
by compiler format-string checking.  Fix the typo to properly print
all the auditable data.

(cherry picked from commit d5816fd6cd1876760a985a817dbbb3940cf3bddb)

Change-Id: Iaea64ab0fe422381c298d94eff201c3525bd00c2

20 months agoOPENAFS-SA-2018-001 backup: use authenticated connection to butc
Benjamin Kaduk [Sun, 9 Sep 2018 15:44:38 +0000]
OPENAFS-SA-2018-001 backup: use authenticated connection to butc

Use the standard routine to pick a client security object, instead of
always assuming rxnull.  Respect -localauth as well as being able to
use the current user's tokens, but also provide a -nobutcauth argument
to fall back to the historical rxnull behavior (but only for the connections
to butc; vldb and budb connections are not affected).

(cherry picked from commit 345ee34236c08a0a2fb3fff016edfa18c7af4b0a)

Change-Id: I1e5e0e38d4003020db5875609db08194f7684bb7

20 months agoOPENAFS-SA-2018-001 butc: require authenticated connections with -localauth
Benjamin Kaduk [Thu, 6 Sep 2018 23:50:39 +0000]
OPENAFS-SA-2018-001 butc: require authenticated connections with -localauth

The butc -localauth option is available to use the cell-wide key to
authenticate to the vlserver and buserver, which in normal deployments
will require incoming connections to be authenticated as a superuser.
In such cases, the cell-wide key is also available for use in
authenticating incoming connections to the butc, which would otherwise
have been completely unauthenticated.

Because of the security hazards of allowing unauthenticaed inbound
RPCs, especially ones that manipulate backup information and are allowed
to initiate outboud RPCs authenticated as the superuser, default to
not allowing unauthenticated inbound RPCs at all.  Provide an opt-out
command-line argument for deployments that require this functionality
and have configured their network environment (firewall/etc.) appropriately.

Change-Id: Ia6349757a4c6d59d1853df1a844e210d32c14feb

20 months agoOPENAFS-SA-2018-001 Add auditing to butc server RPC implementations
Benjamin Kaduk [Sun, 9 Sep 2018 16:49:03 +0000]
OPENAFS-SA-2018-001 Add auditing to butc server RPC implementations

Make the actual implementations into helper functions, with the RPC
stubs calling the helpers and doing the auditing on the results, akin
to most other server programs in the tree.  This relies on support for
some additional types having been added to the audit framework.

(cherry picked from commit c43169fd36348783b1a5a55c5bb05317e86eef82)

Change-Id: Ia90c355bfded24820ae3b5c014e948e28eac6356

20 months agoOPENAFS-SA-2018-001 audit: support butc types
Benjamin Kaduk [Sun, 9 Sep 2018 00:42:36 +0000]
OPENAFS-SA-2018-001 audit: support butc types

Add support for several complex butc types to enable butc auditing.

Change-Id: I6aedd933cf5330cda40aae6f33827ae65409df32

20 months agoOPENAFS-SA-2018-001 butc: remove dummy osi_audit() routine
Benjamin Kaduk [Sun, 9 Sep 2018 01:35:25 +0000]
OPENAFS-SA-2018-001 butc: remove dummy osi_audit() routine

This local stub was present in the original IBM import and is unused.
It will conflict with the real audit code once we start adding auditing
to the TC_ RPCs, so remove it now.

(cherry picked from commit 50216dbbc30ed94f89bdd0e964f4891e87f28c0b)

Change-Id: I63db513bb107ef47da77f13b27cdf5d24b4a24b4

20 months agoOPENAFS-SA-2018-003 rxgen: prevent unbounded input arrays
Mark Vitale [Fri, 6 Jul 2018 07:14:19 +0000]
OPENAFS-SA-2018-003 rxgen: prevent unbounded input arrays

RPCs with unbounded arrays as inputs are susceptible to remote
denial-of-service (DOS) attacks.  A malicious client may submit an RPC
request with an arbitrarily large array, forcing the server to expend
large amounts of network bandwidth, cpu cycles, and heap memory to
unmarshal the input.

Instead, issue an error message and stop rxgen when it detects an RPC
defined with an unbounded input array.  Thus we will detect the problem
at build time and prevent any future unbounded input arrays.

(cherry picked from commit a4c1d5c48deca2ebf78b1c90310b6d56b3d48af6)

Change-Id: I4c60c4776d7f02ea9790b76b49e7325d9c55f31d

20 months agoOPENAFS-SA-2018-003 volser: prevent unbounded input to various AFSVol* RPCs
Mark Vitale [Fri, 6 Jul 2018 07:21:26 +0000]
OPENAFS-SA-2018-003 volser: prevent unbounded input to various AFSVol* RPCs

Several AFSVol* RPCs are defined with an unbounded XDR "string" as
input.

RPCs with unbounded arrays as inputs are susceptible to remote
denial-of-service (DOS) attacks.  A malicious client may submit an
AFSVol* request with an arbitrarily large string, forcing the volserver
to expend large amounts of network bandwidth, cpu cycles, and heap
memory to unmarshal the input.

Instead, give each input "string" an appropriate size.
Volume names are inherently capped to 32 octets (including trailing NUL)
by the protocol, but there is less clearly a hard limit on partition names.
The Vol_PartitionInfo{,64} functions accept a partition name as input and
also return a partition name in the output structure; the output values
have wire-protocol limits, so larger values could not be retrieved by clients,
but for denial-of-service purposes, a more generic PATH_MAX-like value seems
appropriate.  We have several varying sources of such a limit in the tree, but
pick 4k as the least-restrictive.

[kaduk@mit.edu: use a larger limit for pathnames and expand on PATH_MAX in
commit message]

(cherry picked from commit 8b92d015ccdfcb70c7acfc38e330a0475a1fbe28)

Change-Id: Ifa591dfd861688d4d7eb43145b29a1739c6e0f6f

20 months agoOPENAFS-SA-2018-003 volser: prevent unbounded input to AFSVolForwardMultiple
Mark Vitale [Fri, 6 Jul 2018 05:09:53 +0000]
OPENAFS-SA-2018-003 volser: prevent unbounded input to AFSVolForwardMultiple

AFSVolForwardMultiple is defined with an input parameter that is defined
to XDR as an unbounded array of replica structs:
  typedef replica manyDests<>;

RPCs with unbounded arrays as inputs are susceptible to remote
denial-of-service (DOS) attacks.  A malicious client may submit an
AFSVolForwardMultiple request with an arbitrarily large array, forcing
the volserver to expend large amounts of network bandwidth, cpu cycles,
and heap memory to unmarshal the input.

Even though AFSVolForwardMultiple requires superuser authorization, this
attack is exploitable by non-authorized actors because XDR unmarshalling
happens long before any authorization checks can occur.

Add a bounding constant (NMAXNSERVERS 13) to the manyDests input array.
This constant is derived from the current OpenAFS vldb implementation, which
is limited to 13 replica sites for a given volume by the layout (size) of the
serverNumber, serverPartition, and serverFlags fields.

[kaduk@mit.edu: explain why this constant is used]

(cherry picked from commit 97b0ee4d9c9d069e78af2e046c7987aa4d3f9844)

Change-Id: I49945ce1fd5979eadf6d5b310dc6d8c68f6f8dc7

20 months agoOPENAFS-SA-2018-003 budb: prevent unbounded input to BUDB_SaveText
Mark Vitale [Fri, 6 Jul 2018 03:51:37 +0000]
OPENAFS-SA-2018-003 budb: prevent unbounded input to BUDB_SaveText

BUDB_SaveText is defined with an input parameter that is defined to XDR
as an unbounded array of chars:
   typedef char charListT<>;

RPCs with unbounded arrays as inputs are susceptible to remote
denial-of-service (DOS) attacks.  A malicious client may submit a
BUDB_SaveText request with an arbitrarily large array, forcing the budb
server to expend large amounts of network bandwidth, cpu cycles, and
heap memory to unmarshal the input.

Modify the XDR definition of charListT so it is bounded.  This typedef
is shared (as an OUT parameter) by BUDB_GetText and BUDB_DumpDB, but
fortunately all in-tree callers of the client routines specify the same
maximum length of 1024.

Note: However, SBUDB_SaveText server implementation seems to allow for up to
BLOCK_DATA_SIZE (2040) = BLOCKSIZE (2048) - sizeof(struct blockHeader)
(8), and it's unknown if any out-of-tree callers exist.  Since we do not need a
tight bound in order to avoid the DoS, use a somewhat higher maximum of
4096 bytes to leave a safety margin.

[kaduk@mit.edu: bump the margin to 4096; adjust commit message to match]

(cherry picked from commit 124445c0c47994f5e2efef30e86337c3c8ebc93f)

Change-Id: Ic34f8f9e7484b7503a223509d5d61b72e1298b35

20 months agoOPENAFS-SA-2018-003 vlserver: prevent unbounded input to VL_RegisterAddrs
Mark Vitale [Fri, 6 Jul 2018 01:11:30 +0000]
OPENAFS-SA-2018-003 vlserver: prevent unbounded input to VL_RegisterAddrs

VL_RegisterAddrs is defined with an input argument of type bulkaddrs,
which is defined to XDR as an unbounded array of afs_uint32 (IPv4 addresses):
  typedef afs_uint32 bulkaddrs<>

The <> with no value instructs rxgen to build client and server stubs
that allow for a maximum size of "~0u" or 0xFFFFFFFF.

Ostensibly the bulkaddrs array is unbounded to allow it to be shared
among VL_RegisterAddrs, VL_GetAddrs, and VL_GetAddrsU.  The VL_GetAddrs*
RPCs use bulkaddrs as an output array with a maximum size of MAXSERVERID
(254). VL_RegisterAddrss uses bulkaddrs as an input array, with a
nominal size of VL_MAXIPADDRS_PERMH (16).

However, RPCs with unbounded array inputs are susceptible to remote
denial-of-service attacks.  That is, a malicious client may send a
VL_RegisterAddrs request with an arbitrarily long array, forcing the
vlserver to expend large amounts of network bandwidth, cpu cycles, and
heap memory to unmarshal the argument.  Even though VL_RegisterAddrs
requires superuser authorization, this attack is exploitable by
non-authorized actors because XDR unmarshalling happens long before any
authorization checks can occur.

Because all uses of the type that our implementation support have fixed
bounds on valid data (whether input or output), apply an arbitrary
implementation limit (larger than any valid structure would be), to
prevent this class of attacks in the XDR decoder.

[kaduk@mit.edu: limit the bulkaddrs type instead of introducing a new type]

(cherry picked from commit 7629209219bbea3f127b33be06ac427ebc3a559e)

Change-Id: I1726a834eb98b7e06285bac78a74e20bbedb9ce8

20 months agoOPENAFS-SA-2018-002 butc: Initialize OUT scalar value
Benjamin Kaduk [Thu, 30 Aug 2018 15:38:56 +0000]
OPENAFS-SA-2018-002 butc: Initialize OUT scalar value

In STC_ReadLabel, the interaction with the tape device is
synchronous, so there is no need to allocate a task ID for status
monitoring.  However, we do need to initialize the output value,
to avoid writing stack garbage on the wire.

(cherry picked from commit f5a80115f8f7f9418287547f0fc7fdb13d936f00)

Change-Id: I3f5ea1cfff0d04adb49cdca7b05ac869665660e5

20 months agoOPENAFS-SA-2018-002 ubik: prevent VOTE_Debug, VOTE_XDebug information leak
Mark Vitale [Tue, 26 Jun 2018 10:01:16 +0000]
OPENAFS-SA-2018-002 ubik: prevent VOTE_Debug, VOTE_XDebug information leak

VOTE_Debug and VOTE_XDebug (udebug) both leave a single field
uninitialized if there is no current transaction.  This leaks the memory
contents of the ubik server over the wire.

struct ubik_debug
- 4 bytes in member writeTrans

In common code to both RPCs, ensure that writeTrans is always
initialized.

[kaduk@mit.edu: switch to memset]

(cherry picked from commit 7a7c1f751cdb06c0d95339c999b2c035c2d2168b)

Change-Id: I2759989bf1a5190f9f03621218224c47094a88b7

20 months agoOPENAFS-SA-2018-002 kaserver: prevent KAM_ListEntry information leak
Mark Vitale [Tue, 26 Jun 2018 09:26:21 +0000]
OPENAFS-SA-2018-002 kaserver: prevent KAM_ListEntry information leak

KAM_ListEntry (kas list) does not initialize its output correctly.  It
leaks kaserver memory contents over the wire:

struct kaindex
- up to 64 bytes for member name
- up to 64 bytes for member instance

Initialize the buffer.

[kaduk@mit.edu: move initialization to top of server routine]

(cherry picked from commit b604ee7add7be416bf20973422a041e913d20761)

Change-Id: Ic40bb2d5af409399c11a378340ba92174e26112f

20 months agoOPENAFS-SA-2018-002 butc: prevent TC_DumpStatus, TC_ScanStatus information leaks
Mark Vitale [Tue, 26 Jun 2018 09:12:32 +0000]
OPENAFS-SA-2018-002 butc: prevent TC_DumpStatus, TC_ScanStatus information leaks

TC_ScanStatus (backup status) and TC_GetStatus (internal backup status
watcher) do not initialize their output buffers.  They leak memory
contents over the wire:

struct tciStatusS
- up to 64 bytes in member taskName (TC_MAXNAMELEN 64)
- up to 64 bytes in member volumeName  "

Initialize the buffers.

[kaduk@mit.edu: move initialization to top of server routines]

(cherry picked from commit be0142707ca54f3de99c4886530e7ac9f48dd61c)

Change-Id: I7a97ad1dbab004938085b401929d4925d80ff3b2

20 months agoOPENAFS-SA-2018-002 butc: prevent TC_ReadLabel information leak
Mark Vitale [Tue, 26 Jun 2018 09:00:25 +0000]
OPENAFS-SA-2018-002 butc: prevent TC_ReadLabel information leak

TC_ReadLabel (backup readlabel) does not initialize its output buffer
completely.  It leaks butc memory contents over the wire:

struct tc_tapeLabel
- up to 32 bytes from member afsname (TC_MAXTAPELEN 32)
- up to 32 bytes from member pname (TC_MAXTAPELEN 32)

Initialize the buffer.

[kaduk@mit.edu: move initialization to the RPC stub]

(cherry picked from commit 52f4d63148323e7d605f9194ff8c1549756e654b)

Change-Id: Ia5d9dd649bdbd45c8b201f344bf55080a55e3392

20 months agoOPENAFS-SA-2018-002 budb: prevent BUDB_* information leaks
Mark Vitale [Tue, 26 Jun 2018 08:39:44 +0000]
OPENAFS-SA-2018-002 budb: prevent BUDB_* information leaks

The following budb RPCs do not initialize their output correctly.
This leaks buserver memory contents over the wire:

BUDB_FindLatestDump (backup dump)
BUDB_FindDump (backup volrestore, diskrestore, volsetrestore)
BUDB_GetDumps (backup dumpinfo)
BUDB_FindLastTape (backup dump)

struct budb_dumpEntry
- up to 32 bytes in member volumeSetName
- up to 256 bytes in member dumpPath
- up to 32 bytes in member name
- up to 32 bytes in member tape.tapeServer
- up to 32 bytes in member tape.format
- up to 256 bytes in member dumper.name
- up to 128 bytes in member dumper.instance
- up to 256 bytes in member dumper.cell

Initialize the buffer in common routine FillDumpEntry.

(cherry picked from commit e96771471134102d3879a0ac8b2c4ef9d91a61b8)

Change-Id: I85ec8a21966386baa8243326072e5730726cba96

20 months agoOPENAFS-SA-2018-002 afs: prevent RXAFSCB_TellMeAboutYourself information leak
Mark Vitale [Tue, 26 Jun 2018 07:56:24 +0000]
OPENAFS-SA-2018-002 afs: prevent RXAFSCB_TellMeAboutYourself information leak

RXAFSCB_TellMeAboutYourself does not completely initialize its output
buffers.  This leaks kernel memory over the wire:

struct interfaceAddr
Unix cache manager (libafs)
- up to 124 bytes in array addr_in ((AFS_MAX_INTERFACE_ADDR 32 * 4) - 4))
- up to 124 bytes in array subnetmask "
- up to 124 bytes in array mtu "

Windows cache manager
- 64 bytes in array addr_in ((AFS_MAX_INTERFACE_ADDR 32 - CM_MAXINTERFACE_ADDR 16)* 4)
- 64 bytes in array subnetmask "
- 64 bytes in array mtu         "

The following implementations of SRXAFSCB_TellMeAboutYourself are not susceptible:
- fsprobe
- libafscp
- xstat_fs_test

Initialize the buffer.

(cherry picked from commit 211b6d6a4307006da1467b3be46912a3a5d7b20b)

Change-Id: I2fee5cc9c11ea42726c7c8f9a7d14eafee6142f0

20 months agoOPENAFS-SA-2018-002 afs: prevent RXAFSCB_GetLock information leak
Mark Vitale [Tue, 26 Jun 2018 07:47:41 +0000]
OPENAFS-SA-2018-002 afs: prevent RXAFSCB_GetLock information leak

RXAFSCB_GetLock (cmdebug) does not correctly initialize its output.
This leaks kernel memory over the wire:

struct AFSDBLock
- up to 14 bytes for member name (16 - '<cellname>\0')

Initialize the buffer.

(cherry picked from commit b52eb11a08f2ad786238434141987da27b81e743)

Change-Id: If84c5d9d805356cd56be77313149a931a948b4d5

20 months agoOPENAFS-SA-2018-002 ptserver: prevent PR_ListEntries information leak
Mark Vitale [Tue, 26 Jun 2018 07:37:37 +0000]
OPENAFS-SA-2018-002 ptserver: prevent PR_ListEntries information leak

PR_ListEntries (pts listentries) does not properly initialize its output
buffers.  This leaks ptserver memory over the wire:

struct prlistentries
- up to 62 bytes for each entry name (PR_MAXNAMELEN 64 - 'a\0')

Initialize the buffer, and remove the now redundant memset for the
reserved fields.

(cherry picked from commit 9d1aeb5d761581a35bef2042e9116b96e9ae3bf5)

Change-Id: I679c205502941891cbb34f10e648a6f9d83c3c60

20 months agoOPENAFS-SA-2018-002 volser: prevent AFSVolMonitor information leak
Mark Vitale [Tue, 26 Jun 2018 07:00:02 +0000]
OPENAFS-SA-2018-002 volser: prevent AFSVolMonitor information leak

AFSVolMonitor (vos status) does not properly initialize its output
buffers.  This leaks information from volserver memory:

struct transDebugInfo
- up to 29 bytes in member lastProcName (30-'\0')
- 16 bytes in members readNext, tranmitNext, lastSendTime,
  lastReceiveTime

Initialize the buffers.  This must be done on a per-buffer basis inside
the loop, since realloc is used to expand the storage if needed,
and there is not a standard realloc API to zero the newly allocated storage.

[kaduk@mit.edu: update commit message]

(cherry picked from commit 26924fd508b21bb6145e77dc31b6cd0923193b72)

Change-Id: Id10aa1f4d0b8694f6d85468d743c2fc2a8102339

20 months agoOPENAFS-SA-2018-002 volser: prevent AFSVolPartitionInfo(64) information leak
Mark Vitale [Tue, 26 Jun 2018 06:33:05 +0000]
OPENAFS-SA-2018-002 volser: prevent AFSVolPartitionInfo(64) information leak

AFSVolPartitionInfo and AFSVolPartitionInfo64 (vos partinfo) do not
properly initialize their reply buffers.  This leaks the contents of
volserver memory over the wire:

AFSVolPartitionInfo (struct diskPartition)
- up to 24 bytes in member name (32-'/vicepa\0'))
- up to 12 bytes in member devName (32-'/vicepa/Lock/vicepa\0'))

AFSVolPartitionInfo64 (struct diskPartition64)
- up to 248 bytes in member name (256-'/vicepa\0'))
- up to 236 bytes in member devName (256-'/vicepa/Lock/vicepa\0')

Initialize the output buffers.

[kaduk@mit.edu: move memset to top-level function scope of RPC handlers]

(cherry picked from commit 76e62c1de868c2b2e3cc56a35474e15dc4cc1551)

Change-Id: I041b91873a38a2af40f5b0a00b70cc87634f25c8

20 months agoOPENAFS-SA-2018-002 ptserver: prevent PR_IDToName information leak
Mark Vitale [Mon, 25 Jun 2018 22:03:12 +0000]
OPENAFS-SA-2018-002 ptserver: prevent PR_IDToName information leak

SPR_IDToName does not completely initialize the return array of names,
and thus leaks information from ptserver memory:

- up to 62 bytes per requested id (PR_MAXNAMELEN 64 - 'a\0')

Use calloc to ensure that all memory sent on the wire is initialized,
preventing the information leak.

[kaduk@mit.edu: switch to calloc; update commit message]

(cherry picked from commit 70b0136d552a0077d3fae68f3aebacd985abd522)

Change-Id: I787fc26ecb6fa64b17f8579198793903bc4eb16d

20 months agoUpdate NEWS for 1.8.1.1 97/13297/2 openafs-stable-1_8_1_1
Stephan Wiesand [Fri, 24 Aug 2018 14:15:32 +0000]
Update NEWS for 1.8.1.1

Release notes for the OpenAFS 1.8.1.1 release

Change-Id: I94e0d52c22ca1f7ddfab0f12538a3e32136a3846
Reviewed-on: https://gerrit.openafs.org/13297
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

20 months agoMake OpenAFS 1.8.1.1 98/13298/2
Stephan Wiesand [Fri, 24 Aug 2018 14:19:07 +0000]
Make OpenAFS 1.8.1.1

Update configure version strings for 1.8.1.1. Note that macos kext
can be of form XXXX.YY[.ZZ[(d|a|b|fc)NNN]] where d dev, a alpha,
b beta, f final candidate so we have no way to represent 1.8.1.1.
Switch to 1.8.2 dev 1 for macOS.

Change-Id: I9a8e9a2f0e2c70599d4c9c95eb8828f31aa35731
Reviewed-on: https://gerrit.openafs.org/13298
Tested-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

22 months agoLINUX: Update to Linux struct iattr->ia_ctime to timespec64 with 4.18 68/13268/2
Joe Gorse [Mon, 2 Jul 2018 20:36:04 +0000]
LINUX: Update to Linux struct iattr->ia_ctime to timespec64 with 4.18

With 4.18+ Linux kernels we see a transition to 64-bit time stamps by
default.

current_kernel_time() returns the 32-bit struct timespec.
current_kernel_time64() returns the 64-bit struct timespec64.

struct iattr->ia_ctime expects struct timespec64 as of 4.18+.

Timestamps greater than 31-bit rollover after 2147483647 or
January 19, 2038 03:14:07 UTC. This is the same approach taken by
the Linux developers for converting between timepsec64 and timespec.

Reviewed-on: https://gerrit.openafs.org/13241
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 0bc5c15029cf7e720731f1415fcf9dc972d57ef4)

Change-Id: I16f93fd54dd45fe64f0c6fd499bf3adca978e9b1
Reviewed-on: https://gerrit.openafs.org/13268
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

22 months agoMake OpenAFS 1.8.1 66/13266/3 openafs-stable-1_8_1
Benjamin Kaduk [Sat, 28 Jul 2018 15:16:37 +0000]
Make OpenAFS 1.8.1

Update version strings for the 1.8.1 release.
(Note that the version number for Windows for the 1.8.1 prereleases was
erroneously 1.8.99xx, when it should have been 1.8.00xx to reflect
"next after 1.8.0-final".)

Change-Id: I2ce32aeae50d80b88cbc3f73f6787e3a15747085
Reviewed-on: https://gerrit.openafs.org/13266
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

22 months agoUpdate NEWS for 1.8.1 65/13265/3
Benjamin Kaduk [Sat, 28 Jul 2018 15:13:13 +0000]
Update NEWS for 1.8.1

Change-Id: I341cf2a5e02874629ceee2c9e46d4f764e3494fa
Reviewed-on: https://gerrit.openafs.org/13265
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

22 months agoredhat: actually remove unused AFS::ukernel man page 64/13264/2
Marcio Barbosa [Thu, 26 Jul 2018 17:30:35 +0000]
redhat: actually remove unused AFS::ukernel man page

Commit 278581c24a802834719e0d57f27978321556c9bb (redhat: package libuafs
perl bindings) added swig as a build dependency on RHEL 6+/Fedora 15+ to
build and package AFS::ukernel perl bindings for libuafs.  The man page
for AFS::ukernel is generated from the pod files unconditionally, so
needs to be removed from the staging directories when AFS::ukernel is
not packaged.

Unfortunately, the full path to the staged AFS::ukernel manpage was
not given in that commit, so the rpmbuild will fail on RHEL 5 with
the error:

        RPM build errors:
        Installed (but unpackaged) file(s) found:
        /usr/share/man/man3/AFS::ukernel.3.gz

Fix this error by specifying the full path to the AFS::ukernel man page
to actually remove it when we are not packaging AFS::ukernel files.

[mmeffie: updated commit message]

Reviewed-on: https://gerrit.openafs.org/13257
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit a85aab9dfe7c2ee9e025bc15d849de2dd0a48913)

Change-Id: If81f930bd7e922cd5e71c0d459751d4bbe85c843
Reviewed-on: https://gerrit.openafs.org/13264
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

22 months agoafs: Stop looking for dcaches on Get*DSlot errors 91/13191/2
Andrew Deason [Thu, 26 Apr 2018 17:27:12 +0000]
afs: Stop looking for dcaches on Get*DSlot errors

In various places in the code, we'll be looking for a dslot, calling
afs_GetValidDSlot (or afs_GetUnusedDSlot) in a loop. In a few places,
we currently keep looking for the dslot when we get an error back,
since afs_GetValidDSlot may return successfully for other slots, and
we might find the dslot we're looking for.

This behavior was introduced in a few commits, including:

- commit 2679af76 (afs: Traverse discard/free dslot list if errors)
- commit 00fd34a6 (afs: Handle easy GetValidDSlot errors)
- commit 9a558660 (afs: Cope with afs_GetValidDSlot errors)

This behavior means that if afs_GetValidDSlot/afs_GetUnusedDSlot
returns an error for a particular dcache slot, but other slots are
okay, then we may still find the dcache we're looking for.

However, by far the most common reason that
afs_GetValidDSlot/afs_GetUnusedDSlot fails is because our disk cache
is completely unusable; it is very rare that only a few slots cannot
be used, but others are fine (this would mean that the disk cache was
corrupted in oddly specific ways, or there are small isolated errors
in the underlying disk). So continuing the dcache search in these
situations is not very useful.

On Linux, this is most commonly seen by the underlying disk cache i/o
calls returning -EINTR, which can happen if a SIGKILL signal is
pending for the current process when we try to do the i/o. In this
situation, all attempts to read in a dslot from disk will fail; trying
other slots or waiting will not improve the situation. Depending on
which specific code path encounters an afs_Get*DSlot error, we can
then flood the log with "disk cache read error in CacheItems" messages
emitted from afs_UFSGetDSlot, since we keep calling afs_Get*DSlot in
our loop.

The worst offender of this is usually afs_GetDSlotFromList via
afs_AllocDCache, since we end up calling afs_GetUnusedDSlot for every
single dslot in the free and discard lists. However, our other call
sites that are looking for dcaches for a specific file can still
generate quite a few of these messages, since we'll end up calling
afs_GetValidDSlot for every slot in a dcache hash chain.

So to avoid flooding the log in these situations, change most callers
of afs_GetValidDSlot and afs_GetUnusedDSlot to stop on the first
error, and act like we never found a dcache that we were looking for.

This commit also adjusts one caller in afs_ProcessOpCreate, which was
not handling errors from afs_GetValidDSlot at all, and changes
FlushVolumeData to be able to return error codes.

Reviewed-on: https://gerrit.openafs.org/13034
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 12f4fd2901fee8bf27c2cec97efd3d242c6ff025)

Change-Id: I2a9865e510be39d1b5bcb9280419630036c00bef
Reviewed-on: https://gerrit.openafs.org/13191
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

22 months agoafs: Make afs_osi_Free(NULL) a no-op 50/13250/2
Andrew Deason [Fri, 29 Jun 2018 20:25:48 +0000]
afs: Make afs_osi_Free(NULL) a no-op

In userspace, we assume that free(NULL) does nothing, which makes
certain cleanup code paths simpler. This may or may not be true for
our free() abstractions that can run in the kernel (like afs_osi_Free,
rxi_Free, etc), which is confusing. To make the higher-level free()
abstractions more consistent, change afs_osi_Free to guarantee that
passing a NULL pointer does nothing.

Reviewed-on: https://gerrit.openafs.org/13236
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 7523397333c0f8c6a08312434968d84b8ff56306)

Change-Id: Ifda1bd8c99f128fe01d38fd64dc19afee4c5158f
Reviewed-on: https://gerrit.openafs.org/13250
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

22 months agoLINUX: Detect NULL page during write_begin 43/13243/2
Andrew Deason [Thu, 5 Jul 2018 22:16:48 +0000]
LINUX: Detect NULL page during write_begin

In afs_linux_write_begin, we call grab_cache_page_write_begin to get a
page to use for writing data when servicing a write into AFS. Under
low-memory conditions, this can return NULL if Linux cannot find a
free page to use. Currently, we always try to reference the page
returned, and so this causes a BUG.

To avoid this, check if grab_cache_page_write_begin returns NULL, and
just return -ENOMEM, like other callers of grab_cache_page_write_begin
do.

Linux's fault injection framework is useful for testing code paths
like these. The following settings made it possible to
somewhat-reliably exercise the relevant code path on a test RHEL7
system:

    # grep ^ /sys/kernel/debug/fail_page_alloc/*
    /sys/kernel/debug/fail_page_alloc/ignore-gfp-highmem:Y
    /sys/kernel/debug/fail_page_alloc/ignore-gfp-wait:N
    /sys/kernel/debug/fail_page_alloc/interval:1
    /sys/kernel/debug/fail_page_alloc/min-order:0
    /sys/kernel/debug/fail_page_alloc/probability:100
    /sys/kernel/debug/fail_page_alloc/space:90
    /sys/kernel/debug/fail_page_alloc/task-filter:Y
    /sys/kernel/debug/fail_page_alloc/times:-1
    [...]

Reviewed-on: https://gerrit.openafs.org/13242
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 89e80c354c404dedc0e5197f99710db0e5e08767)

Change-Id: I37b4d1ebb1b76e435bb1c56a76d7e475f47f33de
Reviewed-on: https://gerrit.openafs.org/13243
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

22 months agovldb_check: write mh entry header flags in network order 46/13246/2
Michael Meffie [Fri, 6 Jul 2018 19:22:36 +0000]
vldb_check: write mh entry header flags in network order

Commit 6b93ad695e53a86dbe9eea13bd0ff651e1d8c9b7 fixed a false error
reported when the vldb contained more than one mh extent blocks.  That
fix changed the readMH() function to convert the flags field to host
byte order of all the mh blocks, not just the first block, in order to
check the value of those flags.

Unfortunately, that commit missed converting non-zero blocks back to
network byte order in the complementary writeMH() function, which is
used to write the data back to disk when vldb_check is run with the -fix
option.

FIXES 134589

Reviewed-on: https://gerrit.openafs.org/13245
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 483cad0121d848836b4155817b86231ef21be27a)

Change-Id: I28afa243c78d0a8a53e13f302d69c17a779837d9
Reviewed-on: https://gerrit.openafs.org/13246
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

22 months agoredhat: parallel builds 49/13249/2
Stephan Wiesand [Mon, 2 Jul 2018 12:05:47 +0000]
redhat: parallel builds

Parallel builds can be an order of magnitude faster. Add the
_smp_mflags macro to all invocations of make in the rpm spec,
to make use of all available cores and SMT threads on the build
system. This should also help noticing new dependency issues
early. Note the macro can be overridden on the rpmbuild command
line.

Reviewed-on: https://gerrit.openafs.org/13240
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit e60766286b7a581dcdd14466884ea7fdcae10918)

Change-Id: I3428e5acc7114a5bf1a1090352055041ef099fbd
Reviewed-on: https://gerrit.openafs.org/13249
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>

22 months agoredhat: speed up userland-only rpm builds 48/13248/2
Stephan Wiesand [Mon, 2 Jul 2018 11:33:20 +0000]
redhat: speed up userland-only rpm builds

When building with --define "build_modules 0", have configure
skip the Linux kernel tests, which are slow and many.

Reviewed-on: https://gerrit.openafs.org/13239
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit ab61bcffefdd0a431a435def193cd9a46e3b8ab6)

Change-Id: I030c4fab62bc8973dd4d914374865569d878090d
Reviewed-on: https://gerrit.openafs.org/13248
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>

22 months agoredhat: package new file include/opr/lock.h 47/13247/2
Stephan Wiesand [Mon, 2 Jul 2018 11:28:07 +0000]
redhat: package new file include/opr/lock.h

Commit 792dd44ac57032a3f2a4743c83c8a0208a08ecec added the
installation of include/opr/lock.h, but the rpm spec fails
to pick it up, making rpm builds fail. Add the new file
to the files list for the -devel package.

FIXES 134579

Reviewed-on: https://gerrit.openafs.org/13238
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit babf419886d687f8359159f35e8b89aff5e166f8)

Change-Id: I32b6737a6868239c56a604030a49cc45f0379707
Reviewed-on: https://gerrit.openafs.org/13247
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoMake OpenAFS 1.8.1pre2 31/13231/2 openafs-stable-1_8_1pre2
Benjamin Kaduk [Fri, 22 Jun 2018 02:05:56 +0000]
Make OpenAFS 1.8.1pre2

Update version strings for the first 1.8.1 prerelease.
(This time, for sure!)

Change-Id: I50a1f939f64f0fd78c47c99d4c921d28c00380ce
Reviewed-on: https://gerrit.openafs.org/13231
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoUpdate NEWS for 1.8.1pre2 30/13230/2
Benjamin Kaduk [Sun, 1 Jul 2018 17:43:28 +0000]
Update NEWS for 1.8.1pre2

Change-Id: I5ceba218589aab4f2c3c1874661e2edbb9be0b65
Reviewed-on: https://gerrit.openafs.org/13230
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agorxevent: prevent negative rx_connection refCount 29/13229/2
Mark Vitale [Sat, 30 Jun 2018 21:35:09 +0000]
rxevent: prevent negative rx_connection refCount

rxi_ChallengeEvent is called directly from rxi_ChallengeOn to start the
first challenge; subsequent calls to rxi_ChallengeEvent are from the
event handler.  When called as an event, we must putConnection the
reference held by the event.  But when called directly for the first
time, the event has not been scheduled yet and so has not taken a
reference on the connection.  For this case, we must not putConnection
or the rx_connection refCount will go negative.

One reported symptom of this bug is a fileserver crash with:
  'Assertion failed! file rx.c, line 1327.'

Introduced by commit 304d758983b499dc568d6ca57b6e92df24b69de8
('Standardize rx_event usage').

Reviewed-on: https://gerrit.openafs.org/13228
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit b1ad473be01162fe9b3835544a835c4dcf0fcb35)

Change-Id: Ice5856627f4f77b5ede3a84fef4b6f2915f5477d
Reviewed-on: https://gerrit.openafs.org/13229
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoMake OpenAFS 1.8.1pre1 25/13225/2 openafs-stable-1_8_1pre1
Benjamin Kaduk [Fri, 22 Jun 2018 02:05:56 +0000]
Make OpenAFS 1.8.1pre1

Update version strings for the first 1.8.1 prerelease.

Change-Id: Iaf262f468d36fb27d4ce8c994483c99bde666aff
Reviewed-on: https://gerrit.openafs.org/13225
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoUpdate NEWS for 1.8.1pre1 24/13224/3
Benjamin Kaduk [Mon, 18 Jun 2018 03:31:21 +0000]
Update NEWS for 1.8.1pre1

Change-Id: I9c443b26cd937b7d7d0d6863ca92792dfacae770
Reviewed-on: https://gerrit.openafs.org/13224
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoComment out missing comerr functions from afsauthent.def 22/13222/3
Benjamin Kaduk [Fri, 15 Jun 2018 14:07:04 +0000]
Comment out missing comerr functions from afsauthent.def

Apparently commit 70c4922980d1596155b4021cd72d6895c2371e23 was overzealous
in making Windows match Unix, as these functions are not available
in the Windows build.

Reviewed-on: https://gerrit.openafs.org/13219
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 9d0b2698ac7ab8bb689f30d819bbef08c05a8bf7)

Change-Id: I6ea04a04a2e18f3a8b7f2fdd0e2ca49f4b208361
Reviewed-on: https://gerrit.openafs.org/13222
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

23 months agoComment out opr_AssertionFailed from afsrpc.def 21/13221/2
Benjamin Kaduk [Fri, 15 Jun 2018 13:39:47 +0000]
Comment out opr_AssertionFailed from afsrpc.def

Apparently the Windows utilities link opr.lib directly, so this
caused a "multiply defined symbol" error.

Reviewed-on: https://gerrit.openafs.org/13216
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 907e09ff2b7e86005765a594db27e1df194ec204)

Change-Id: Ibdd1388235086177bd3fec3c1088916d71fc204f
Reviewed-on: https://gerrit.openafs.org/13221
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoComment out (again!) xdr_Capabilities from afsrpc.def 20/13220/2
Benjamin Kaduk [Fri, 15 Jun 2018 13:16:26 +0000]
Comment out (again!) xdr_Capabilities from afsrpc.def

This shows up as an "unresolved external" when linking (though apparently
this error does not cause a buildbot failure), noticed when viewing
a related windows build log.

Reviewed-on: https://gerrit.openafs.org/13215
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 94f1c1e2a7125e93ed49de31522be806af28626b)

Change-Id: Ia3a4977f00a0e4b3e3a9c16b20028d78269c4ce8
Reviewed-on: https://gerrit.openafs.org/13220
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoUn-export opr_AssertFailU 14/13214/3
Benjamin Kaduk [Fri, 15 Jun 2018 01:35:46 +0000]
Un-export opr_AssertFailU

It appears to have been created for parity with osi_AssertFailU, but
was then never used.

It is safe to remove the export line, since this export has never
been in a released version of OpenAFS.

Reviewed-on: https://gerrit.openafs.org/13212
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 691757576fb6d60a34fef2c4bc50ae581b65ad76)

Change-Id: I4811d1587fc7a25e90e2a0203d965ef352efe7c5
Reviewed-on: https://gerrit.openafs.org/13214
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

23 months agolibafsrpc: export more xdr functions 95/13195/3
Benjamin Kaduk [Fri, 1 Jun 2018 00:02:18 +0000]
libafsrpc: export more xdr functions

Most of the xdr functions in the library text are to support RXAFS and
RXAFSCB RPCs, which we explicitly do not expose from libafsrpc.
As such, they do not need to be in the export list, but a couple of
generic ones probably should be exported.

Do so, for both Unix and Windows.

Reviewed-on: https://gerrit.openafs.org/13139
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 6e7db633efad1c88bb300089e3bd4c9feaea5f23)

Change-Id: I42ae33f5fdb36401d052cfb200a22aff423ac0a9
Reviewed-on: https://gerrit.openafs.org/13195
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

23 months agolibafsrpc: export some more rx functions 94/13194/3
Benjamin Kaduk [Fri, 1 Jun 2018 00:00:03 +0000]
libafsrpc: export some more rx functions

Reviewed-on: https://gerrit.openafs.org/13138
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 0b1edd96ac7a952148ec14f8baaf60c8d8bbc04f)

Change-Id: I86c81dd95c75953ebd193bd8b49b467693572614
Reviewed-on: https://gerrit.openafs.org/13194
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

23 months agoExport missing opr functions from libafsrpc 93/13193/2
Benjamin Kaduk [Thu, 31 May 2018 23:40:21 +0000]
Export missing opr functions from libafsrpc

Our assertion macros expand to function calls, and we have assertions
included in macros in installed headers, so the public needs to be
able to link against them.

Export for both Unix and Windows.

Reviewed-on: https://gerrit.openafs.org/13137
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit f01ee714152a0a6247f2f456aa1f0a728d74373c)

Change-Id: I1d983d352f4838619d0b8a833e6be90207dffa87
Reviewed-on: https://gerrit.openafs.org/13193
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoafs: Avoid GetDCache delays on screwy cache 90/13190/2
Andrew Deason [Thu, 26 Apr 2018 17:01:57 +0000]
afs: Avoid GetDCache delays on screwy cache

Currently, if our afs_AllocDCache call fails in afs_GetDCache, we
retry once per second for 5 minutes. The reasoning is that we're out
of dcache slots, and so if we wait a little while, maybe something
will become freeable and we can continue.

However, afs_AllocDCache can also fail if we have plenty of free
dslots, but we are unable to successfully call afs_GetUnusedDSlot() on
any of them. This can happen if our disk cache is screwed up, and so
waiting and retrying will not make things better (but we'll spew a ton
of "disk cache read error in CacheItems slot" errors in the log each
time, and do so 300 times).

So instead, only do our sleep/retry loop if we actually appear to be
out of free or discarded dslots. Otherwise, just return an error
immediately, since sleeping and retrying will not make anything
better.

Reviewed-on: https://gerrit.openafs.org/13033
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit bec329c1c81d96b5933527f7cdb3638f24833087)

Change-Id: Iaee53eca133985ad5964b61b3641cd8ad2802014
Reviewed-on: https://gerrit.openafs.org/13190
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoafs: Avoid GetDCache panic on AllocDCache failure 89/13189/2
Andrew Deason [Thu, 26 Apr 2018 17:02:18 +0000]
afs: Avoid GetDCache panic on AllocDCache failure

Currently, in afs_GetDCache, if afs_AllocDCache fails, we retry for 5
minutes and then panic. Panicing in this situation is completely
unnecessary; afs_GetDCache can fail for a variety of other mundane
reasons (such as, if we can't fetch the requested data from the
relevant fileserver).

It may seem unusual for afs_AllocDCache to fail for over 5 minutes
(this is supposed to mean that we're out of dslots, and our attempts
to free up dslots have failed). However, afs_AllocDCache can also fail
if we are having issues in accessing the disk cache, and so we may not
be out of cache space or dslots at all; we just can't access the
cache. In this case, afs_AllocDCache can easily fail forever; waiting
longer or trying to free up cache space isn't going to help.

So, to avoid panicing in such situations, just make afs_GetDCache
return an error. We just need to make sure afs_xdcache is unlocked,
and then we can just jump to 'done', like plenty of other codepaths
do; no extra cleanup is required.

Also since we are removing a panic, add a log message when this
situation happens, so EIO errors don't suddenly pop up silently.

Reviewed-on: https://gerrit.openafs.org/13032
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 0ff2364bd5e68c0a7587f8fbc552bf20b99d7039)

Change-Id: Ie29eed271b490edc943929710a87550e2d67b735
Reviewed-on: https://gerrit.openafs.org/13189
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoxdr: remove dead code, whitespace from xdr_enum 84/13184/2
Mark Vitale [Tue, 5 Jun 2018 18:12:20 +0000]
xdr: remove dead code, whitespace from xdr_enum

The 'enum sizecheck' declaration has been unused since openafs-ibm-1_0; it is
apparently vestigial from the original XDR code.  Remove it, along with some
extraneous whitespace.

No functional change is incurred by this commit.

Reviewed-on: https://gerrit.openafs.org/13076
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit fdc8adbf0904cbbc0590379c5cb702a15273b40c)

Change-Id: Ie586f210d17169a03143d1bdebb8430e3881e58c
Reviewed-on: https://gerrit.openafs.org/13184
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoxdr: avoid xdr_enum memory overrun 83/13183/2
Mark Vitale [Wed, 6 Jun 2018 19:23:26 +0000]
xdr: avoid xdr_enum memory overrun

Since openafs-ibm-1_0, xdr_enum has used xdr_long to read and write, even
though enum_t is defined as int.  For systems where sizeof(int) ==
sizeof(long), this works by accident.  But other systems (e.g., DARWIN
ARCHFLAGS=x86_64) xdr_enum will overrun its int-sized second parameter.  For
XDR_DECODE, this results in memory corruption.

This was first noticed with OpenAFS 1.8.0 on macOS 10.13; if aklog is issued
while already holding a token, it will fail in token_SetsEquivalent with a
segfault in decodeToken.  The root cause is that the address passed to
decodeToken had been overwritten by a previous call to tokenType -> xdr_enum ->
xdr_long.

Instead, modify xdr_enum to use xdr_int for its work.

Reviewed-on: https://gerrit.openafs.org/13075
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit eb1d2ef203a2a99c908b3b89d9ea8337a91b944b)

Change-Id: I548ab43fe4513262b6be0608be45bfd8580e6ed8
Reviewed-on: https://gerrit.openafs.org/13183
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoutil: check for trailing characters in partition names 21/13121/2
Michael Meffie [Sat, 28 Apr 2018 03:08:34 +0000]
util: check for trailing characters in partition names

The function which maps partition names to partition ids currently
ignores trailing characters in the partition names. For example, the
partition name "/vicepbogus" is currently considered a valid partition
name ("/vicepbogus" maps to "bo" which is id 66). Although this is not a
regression, it is problematic for several reasons.

Firstly, this can lead to duplicate partition ids on the server, for
example "/vicepbad" and "/vicepbar" both map to the same partition id
("ba" is id 52).

Second, partitions are internally tracked by numeric id. The partition
names are generated from numeric ids when reporting partition names.
This means the trailing characters are lost when reporting the partition
names. For example, vos reports the attached partition "/vicepbad" as
"/vicepba".

Third, it could be possible (but perhaps unlikely) in the future to
extend the range of partition ids, so the trailing characters could
become significant at that time.

Finally, it could be confusing to admins that such partition names are
attached by the fileserver. For example, "/vicepaa-backup" is attached
and is used by the fileserver as partition id 26.

This change adds a check for trailing characters in partition names in
the volutil_GetPartitionID function, so it is more strict in what it
accepts as a valid partition name.  That function will now return -1
(illegal partition name) when trailing characters are found in
partition names.

Reviewed-on: https://gerrit.openafs.org/13039
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
(cherry picked from commit 850c7c50dccbdebb8e0a44da4fc7840760d9e02d)

Change-Id: I1244630f3b31408f9f723b97956dca6987dd9747
Reviewed-on: https://gerrit.openafs.org/13121
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoautoconf: add kernel module to the summary 12/13112/3
Michael Meffie [Mon, 9 Apr 2018 23:54:54 +0000]
autoconf: add kernel module to the summary

Add the kernel module to the list of optional build items in the
configure summary to indicate whether the kernel module build is
enabled.

Reviewed-on: https://gerrit.openafs.org/13005
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 3d3e7bc51aaf39b5ca04bfd36ff9017ab0622057)

Change-Id: I842752bb12b09fdcab6bfb341673bff3528f3880
Reviewed-on: https://gerrit.openafs.org/13112
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

23 months agolibafsauthent: export additional xdr_ functions 92/13192/2
Benjamin Kaduk [Mon, 28 May 2018 03:54:01 +0000]
libafsauthent: export additional xdr_ functions

Formally, we need to use xdr_free to deallocate storage for RPC output
variables, in case the XDR stack uses a different allocator than the
standard application allocator.  Some types have non-autogenerated
wrappers exposed already (e.g., token_FreeSet()), but for a handful of
the base ptint types we need to expose the xdr routines in order for a
safe way to deallocate their storage to be available.

Reviewed-on: https://gerrit.openafs.org/13131
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit c12cfd7331727142cb928e08ec32a708d0cfd1e9)

Change-Id: Iea3b0bd9fdb373020b41c2bcbf1ebbde222114a8
Reviewed-on: https://gerrit.openafs.org/13192
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agolibafsauthent: export ugen_ClientInit* 82/13182/2
Benjamin Kaduk [Sun, 27 May 2018 21:23:16 +0000]
libafsauthent: export ugen_ClientInit*

Windows was only exporting the bare version and not the Cell/Flags/Server
versions; Unix was exporting none of them.

These routines for obtaining a ubik client are more generic than the
historical (and already exported) ubik_ClientInit routine, allowing for
the use of an alternative configuration directory, additional flags,
and the like.

Reviewed-on: https://gerrit.openafs.org/13130
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit ef6a1e8118a25b885889179739a3539a598068bc)

Change-Id: I04c6565cc4b9c3366bf15b86cd5f70402609c5c5
Reviewed-on: https://gerrit.openafs.org/13182
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agolibafsauthent: Export more token-manipulation functions 81/13181/2
Benjamin Kaduk [Sun, 27 May 2018 21:03:12 +0000]
libafsauthent: Export more token-manipulation functions

For both Windows and Unix.

Reviewed-on: https://gerrit.openafs.org/13129
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 1974eac772157651594c1b76ea8f55e4567b3ec5)

Change-Id: I7b26772fe9f447ac1cf562eb5837a6035d8f0175
Reviewed-on: https://gerrit.openafs.org/13181
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agolibafsauthent: export ktc token 'Ex' routines for Unix 80/13180/2
Benjamin Kaduk [Sun, 27 May 2018 20:18:12 +0000]
libafsauthent: export ktc token 'Ex' routines for Unix

We need these to handle the modern identity structures (they are
already exported on Windows).

Reviewed-on: https://gerrit.openafs.org/13128
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit 4008f83ca80c5ed7b612a13f760b4bb8b9866f2b)

Change-Id: I05d4ea37212738db6be9dace0b9cc1db1e76bd08
Reviewed-on: https://gerrit.openafs.org/13180
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agolibafsauthent: export more afsconf_ functions 79/13179/2
Benjamin Kaduk [Sun, 27 May 2018 19:18:07 +0000]
libafsauthent: export more afsconf_ functions

We have new functions for (among other things) typed keys, and generic
rx identity management; expose them as well as the legacy key- and user-
management functions, on both Unix and Windows.

Reviewed-on: https://gerrit.openafs.org/13127
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit cdd1f16f5ef52093a8f7d3f87a45775d3c87b780)

Change-Id: Ia9ab364fcac10822ba50eb7f418a2228ac0fd935
Reviewed-on: https://gerrit.openafs.org/13179
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>

23 months agoSynchronize libafsauthent afsconf_ exports with windows 78/13178/2
Benjamin Kaduk [Sun, 27 May 2018 18:11:05 +0000]
Synchronize libafsauthent afsconf_ exports with windows

The Windows library was exporting several more afsconf_* symbols
than the Unix one; bring them into sync.

Reviewed-on: https://gerrit.openafs.org/13126
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
(cherry picked from commit bcce41bd99b4361631b64cf4749d1dcf80df1cd7)

Change-Id: I4993395d30ca93d28e0ccd4c6ad52975a1e23324
Reviewed-on: https://gerrit.openafs.org/13178
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Joe Gorse <jhgorse@gmail.com>
Reviewed-by: Marcio Brito Barbosa <mbarbosa@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>