2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #include <afsconfig.h>
11 #include <afs/param.h>
18 #ifdef AFS_PTHREAD_ENV
19 # include <opr/lock.h>
21 # include <opr/lockstub.h>
27 #include <afs/afsutil.h>
29 #define UBIK_INTERNALS
33 static void printServerInfo(void);
36 * routines for handling requests remotely-submitted by the sync site. These are
37 * only write transactions (we don't propagate read trans), and there is at most one
38 * write transaction extant at any one time.
41 struct ubik_trans *ubik_currentTrans = 0;
45 /* the rest of these guys handle remote execution of write
46 * transactions: this is the code executed on the other servers when a
47 * sync site is executing a write transaction.
50 SDISK_Begin(struct rx_call *rxcall, struct ubik_tid *atid)
54 if ((code = ubik_CheckAuth(rxcall))) {
58 urecovery_CheckTid(atid, 1);
59 code = udisk_begin(ubik_dbase, UBIK_WRITETRANS, &ubik_currentTrans);
60 if (!code && ubik_currentTrans) {
61 /* label this trans with the right trans id */
62 ubik_currentTrans->tid.epoch = atid->epoch;
63 ubik_currentTrans->tid.counter = atid->counter;
71 SDISK_Commit(struct rx_call *rxcall, struct ubik_tid *atid)
75 if ((code = ubik_CheckAuth(rxcall))) {
78 ObtainWriteLock(&ubik_dbase->cache_lock);
80 if (!ubik_currentTrans) {
85 * sanity check to make sure only write trans appear here
87 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
92 urecovery_CheckTid(atid, 0);
93 if (!ubik_currentTrans) {
98 code = udisk_commit(ubik_currentTrans);
100 /* sync site should now match */
101 uvote_set_dbVersion(ubik_dbase->version);
105 ReleaseWriteLock(&ubik_dbase->cache_lock);
110 SDISK_ReleaseLocks(struct rx_call *rxcall, struct ubik_tid *atid)
114 if ((code = ubik_CheckAuth(rxcall))) {
120 if (!ubik_currentTrans) {
124 /* sanity check to make sure only write trans appear here */
125 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
130 urecovery_CheckTid(atid, 0);
131 if (!ubik_currentTrans) {
136 /* If the thread is not waiting for lock - ok to end it */
137 if (ubik_currentTrans->locktype != LOCKWAIT) {
138 udisk_end(ubik_currentTrans);
140 ubik_currentTrans = (struct ubik_trans *)0;
147 SDISK_Abort(struct rx_call *rxcall, struct ubik_tid *atid)
151 if ((code = ubik_CheckAuth(rxcall))) {
155 if (!ubik_currentTrans) {
159 /* sanity check to make sure only write trans appear here */
160 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
165 urecovery_CheckTid(atid, 0);
166 if (!ubik_currentTrans) {
171 code = udisk_abort(ubik_currentTrans);
172 /* If the thread is not waiting for lock - ok to end it */
173 if (ubik_currentTrans->locktype != LOCKWAIT) {
174 udisk_end(ubik_currentTrans);
176 ubik_currentTrans = (struct ubik_trans *)0;
182 /* apos and alen are not used */
184 SDISK_Lock(struct rx_call *rxcall, struct ubik_tid *atid,
185 afs_int32 afile, afs_int32 apos, afs_int32 alen, afs_int32 atype)
188 struct ubik_trans *ubik_thisTrans;
190 if ((code = ubik_CheckAuth(rxcall))) {
194 if (!ubik_currentTrans) {
198 /* sanity check to make sure only write trans appear here */
199 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
207 urecovery_CheckTid(atid, 0);
208 if (!ubik_currentTrans) {
213 ubik_thisTrans = ubik_currentTrans;
214 code = ulock_getLock(ubik_currentTrans, atype, 1);
216 /* While waiting, the transaction may have been ended/
217 * aborted from under us (urecovery_CheckTid). In that
218 * case, end the transaction here.
220 if (!code && (ubik_currentTrans != ubik_thisTrans)) {
221 udisk_end(ubik_thisTrans);
230 * \brief Write a vector of data
233 SDISK_WriteV(struct rx_call *rxcall, struct ubik_tid *atid,
234 iovec_wrt *io_vector, iovec_buf *io_buffer)
236 afs_int32 code, i, offset;
237 struct ubik_iovec *iovec;
240 if ((code = ubik_CheckAuth(rxcall))) {
244 if (!ubik_currentTrans) {
248 /* sanity check to make sure only write trans appear here */
249 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
254 urecovery_CheckTid(atid, 0);
255 if (!ubik_currentTrans) {
260 iovec = (struct ubik_iovec *)io_vector->iovec_wrt_val;
261 iobuf = (char *)io_buffer->iovec_buf_val;
262 for (i = 0, offset = 0; i < io_vector->iovec_wrt_len; i++) {
263 /* Sanity check for going off end of buffer */
264 if ((offset + iovec[i].length) > io_buffer->iovec_buf_len) {
268 udisk_write(ubik_currentTrans, iovec[i].file, &iobuf[offset],
269 iovec[i].position, iovec[i].length);
274 offset += iovec[i].length;
282 SDISK_Write(struct rx_call *rxcall, struct ubik_tid *atid,
283 afs_int32 afile, afs_int32 apos, bulkdata *adata)
287 if ((code = ubik_CheckAuth(rxcall))) {
291 if (!ubik_currentTrans) {
295 /* sanity check to make sure only write trans appear here */
296 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
301 urecovery_CheckTid(atid, 0);
302 if (!ubik_currentTrans) {
307 udisk_write(ubik_currentTrans, afile, adata->bulkdata_val, apos,
308 adata->bulkdata_len);
315 SDISK_Truncate(struct rx_call *rxcall, struct ubik_tid *atid,
316 afs_int32 afile, afs_int32 alen)
320 if ((code = ubik_CheckAuth(rxcall))) {
324 if (!ubik_currentTrans) {
328 /* sanity check to make sure only write trans appear here */
329 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
334 urecovery_CheckTid(atid, 0);
335 if (!ubik_currentTrans) {
339 code = udisk_truncate(ubik_currentTrans, afile, alen);
346 SDISK_GetVersion(struct rx_call *rxcall,
347 struct ubik_version *aversion)
351 if ((code = ubik_CheckAuth(rxcall))) {
356 * If we are the sync site, recovery shouldn't be running on any
357 * other site. We shouldn't be getting this RPC as long as we are
358 * the sync site. To prevent any unforseen activity, we should
359 * reject this RPC until we have recognized that we are not the
360 * sync site anymore, and/or if we have any pending WRITE
361 * transactions that have to complete. This way we can be assured
362 * that this RPC would not block any pending transactions that
363 * should either fail or pass. If we have recognized the fact that
364 * we are not the sync site any more, all write transactions would
365 * fail with UNOQUORUM anyway.
368 if (ubeacon_AmSyncSite()) {
373 code = (*ubik_dbase->getlabel) (ubik_dbase, 0, aversion);
376 /* tell other side there's no dbase */
378 aversion->counter = 0;
384 SDISK_GetFile(struct rx_call *rxcall, afs_int32 file,
385 struct ubik_version *version)
388 struct ubik_dbase *dbase;
390 struct ubik_stat ubikstat;
395 if ((code = ubik_CheckAuth(rxcall))) {
400 code = (*dbase->stat) (dbase, file, &ubikstat);
405 length = ubikstat.size;
406 tlen = htonl(length);
407 code = rx_Write(rxcall, (char *)&tlen, sizeof(afs_int32));
408 if (code != sizeof(afs_int32)) {
410 ubik_dprint("Rx-write length error=%d\n", code);
415 tlen = (length > sizeof(tbuffer) ? sizeof(tbuffer) : length);
416 code = (*dbase->read) (dbase, file, tbuffer, offset, tlen);
419 ubik_dprint("read failed error=%d\n", code);
422 code = rx_Write(rxcall, tbuffer, tlen);
425 ubik_dprint("Rx-write length error=%d\n", code);
431 code = (*dbase->getlabel) (dbase, file, version); /* return the dbase, too */
437 SDISK_SendFile(struct rx_call *rxcall, afs_int32 file,
438 afs_int32 length, struct ubik_version *avers)
441 struct ubik_dbase *dbase = NULL;
444 struct ubik_version tversion;
446 struct rx_peer *tpeer;
447 struct rx_connection *tconn;
448 afs_uint32 otherHost = 0;
455 /* send the file back to the requester */
459 if ((code = ubik_CheckAuth(rxcall))) {
464 /* next, we do a sanity check to see if the guy sending us the database is
465 * the guy we think is the sync site. It turns out that we might not have
466 * decided yet that someone's the sync site, but they could have enough
467 * votes from others to be sync site anyway, and could send us the database
468 * in advance of getting our votes. This is fine, what we're really trying
469 * to check is that some authenticated bogon isn't sending a random database
470 * into another configuration. This could happen on a bad configuration
471 * screwup. Thus, we only object if we're sure we know who the sync site
472 * is, and it ain't the guy talking to us.
474 offset = uvote_GetSyncSite();
475 tconn = rx_ConnectionOf(rxcall);
476 tpeer = rx_PeerOf(tconn);
477 otherHost = ubikGetPrimaryInterfaceAddr(rx_HostOf(tpeer));
478 if (offset && offset != otherHost) {
479 /* we *know* this is the wrong guy */
487 /* abort any active trans that may scribble over the database */
488 urecovery_AbortAll(dbase);
490 ubik_print("Ubik: Synchronize database with server %s\n",
491 afs_inet_ntoa_r(otherHost, hoststr));
495 epoch = tversion.epoch = 0; /* start off by labelling in-transit db as invalid */
496 (*dbase->setlabel) (dbase, file, &tversion); /* setlabel does sync */
497 snprintf(pbuffer, sizeof(pbuffer), "%s.DB%s%d.TMP",
498 ubik_dbase->pathName, (file<0)?"SYS":"",
499 (file<0)?-file:file);
500 fd = open(pbuffer, O_CREAT | O_RDWR | O_TRUNC, 0600);
505 code = lseek(fd, HDRSIZE, 0);
506 if (code != HDRSIZE) {
511 memcpy(&ubik_dbase->version, &tversion, sizeof(struct ubik_version));
514 tlen = (length > sizeof(tbuffer) ? sizeof(tbuffer) : length);
515 #if !defined(AFS_PTHREAD_ENV)
519 code = rx_Read(rxcall, tbuffer, tlen);
521 ubik_dprint("Rx-read length error=%d\n", code);
526 code = write(fd, tbuffer, tlen);
529 ubik_dprint("write failed error=%d\n", code);
541 /* sync data first, then write label and resync (resync done by setlabel call).
542 * This way, good label is only on good database. */
543 snprintf(tbuffer, sizeof(tbuffer), "%s.DB%s%d",
544 ubik_dbase->pathName, (file<0)?"SYS":"", (file<0)?-file:file);
546 snprintf(pbuffer, sizeof(pbuffer), "%s.DB%s%d.OLD",
547 ubik_dbase->pathName, (file<0)?"SYS":"", (file<0)?-file:file);
548 code = unlink(pbuffer);
550 code = rename(tbuffer, pbuffer);
551 snprintf(pbuffer, sizeof(pbuffer), "%s.DB%s%d.TMP",
552 ubik_dbase->pathName, (file<0)?"SYS":"", (file<0)?-file:file);
555 code = rename(pbuffer, tbuffer);
558 (*ubik_dbase->open) (ubik_dbase, file);
559 code = (*ubik_dbase->setlabel) (dbase, file, avers);
562 snprintf(pbuffer, sizeof(pbuffer), "%s.DB%s%d.OLD",
563 ubik_dbase->pathName, (file<0)?"SYS":"", (file<0)?-file:file);
566 memcpy(&ubik_dbase->version, avers, sizeof(struct ubik_version));
567 udisk_Invalidate(dbase, file); /* new dbase, flush disk buffers */
568 #ifdef AFS_PTHREAD_ENV
569 opr_Assert(pthread_cond_broadcast(&dbase->version_cond) == 0);
571 LWP_NoYieldSignal(&dbase->version);
580 /* Failed to sync. Allow reads again for now. */
583 tversion.epoch = epoch;
584 (*dbase->setlabel) (dbase, file, &tversion);
588 ("Ubik: Synchronize database with server %s failed (error = %d)\n",
589 afs_inet_ntoa_r(otherHost, hoststr), code);
591 ubik_print("Ubik: Synchronize database completed\n");
599 SDISK_Probe(struct rx_call *rxcall)
605 * \brief Update remote machines addresses in my server list
607 * Send back my addresses to caller of this RPC
608 * \return zero on success, else 1.
611 SDISK_UpdateInterfaceAddr(struct rx_call *rxcall,
612 UbikInterfaceAddr *inAddr,
613 UbikInterfaceAddr *outAddr)
615 struct ubik_server *ts, *tmp;
616 afs_uint32 remoteAddr; /* in net byte order */
617 int i, j, found = 0, probableMatch = 0;
621 /* copy the output parameters */
622 for (i = 0; i < UBIK_MAX_INTERFACE_ADDR; i++)
623 outAddr->hostAddr[i] = ntohl(ubik_host[i]);
625 remoteAddr = htonl(inAddr->hostAddr[0]);
626 for (ts = ubik_servers; ts; ts = ts->next)
627 if (ts->addr[0] == remoteAddr) { /* both in net byte order */
633 /* verify that all addresses in the incoming RPC are
634 ** not part of other server entries in my CellServDB
636 for (i = 0; !found && (i < UBIK_MAX_INTERFACE_ADDR)
637 && inAddr->hostAddr[i]; i++) {
638 remoteAddr = htonl(inAddr->hostAddr[i]);
639 for (tmp = ubik_servers; (!found && tmp); tmp = tmp->next) {
640 if (ts == tmp) /* this is my server */
642 for (j = 0; (j < UBIK_MAX_INTERFACE_ADDR) && tmp->addr[j];
644 if (remoteAddr == tmp->addr[j]) {
652 /* if (probableMatch) */
653 /* inconsistent addresses in CellServDB */
654 if (!probableMatch || found) {
655 ubik_print("Inconsistent Cell Info from server:\n");
656 for (i = 0; i < UBIK_MAX_INTERFACE_ADDR && inAddr->hostAddr[i]; i++)
657 ubik_print("... %s\n", afs_inet_ntoa_r(htonl(inAddr->hostAddr[i]), hoststr));
665 /* update our data structures */
666 for (i = 1; i < UBIK_MAX_INTERFACE_ADDR; i++)
667 ts->addr[i] = htonl(inAddr->hostAddr[i]);
669 ubik_print("ubik: A Remote Server has addresses:\n");
670 for (i = 0; i < UBIK_MAX_INTERFACE_ADDR && ts->addr[i]; i++)
671 ubik_print("... %s\n", afs_inet_ntoa_r(ts->addr[i], hoststr));
678 printServerInfo(void)
680 struct ubik_server *ts;
684 ubik_print("Local CellServDB:\n");
685 for (ts = ubik_servers; ts; ts = ts->next, j++) {
686 ubik_print(" Server %d:\n", j);
687 for (i = 0; (i < UBIK_MAX_INTERFACE_ADDR) && ts->addr[i]; i++)
688 ubik_print(" ... %s\n", afs_inet_ntoa_r(ts->addr[i], hoststr));
693 SDISK_SetVersion(struct rx_call *rxcall, struct ubik_tid *atid,
694 struct ubik_version *oldversionp,
695 struct ubik_version *newversionp)
699 if ((code = ubik_CheckAuth(rxcall))) {
703 if (!ubik_currentTrans) {
707 /* sanity check to make sure only write trans appear here */
708 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
713 /* Should not get this for the sync site */
714 if (ubeacon_AmSyncSite()) {
719 urecovery_CheckTid(atid, 0);
720 if (!ubik_currentTrans) {
725 /* Set the label if its version matches the sync-site's */
726 if (uvote_eq_dbVersion(*oldversionp)) {
728 code = (*ubik_dbase->setlabel) (ubik_dbase, 0, newversionp);
730 ubik_dbase->version = *newversionp;
731 uvote_set_dbVersion(*newversionp);