2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #include <afsconfig.h>
11 #include <afs/param.h>
18 #ifdef AFS_PTHREAD_ENV
19 # include <opr/lock.h>
21 # include <opr/lockstub.h>
27 #include <afs/afsutil.h>
29 #define UBIK_INTERNALS
33 static void printServerInfo(void);
36 * routines for handling requests remotely-submitted by the sync site. These are
37 * only write transactions (we don't propagate read trans), and there is at most one
38 * write transaction extant at any one time.
41 struct ubik_trans *ubik_currentTrans = 0;
45 /* the rest of these guys handle remote execution of write
46 * transactions: this is the code executed on the other servers when a
47 * sync site is executing a write transaction.
50 SDISK_Begin(struct rx_call *rxcall, struct ubik_tid *atid)
54 if ((code = ubik_CheckAuth(rxcall))) {
58 if (urecovery_AllBetter(ubik_dbase, 0) == 0) {
62 urecovery_CheckTid(atid, 1);
63 code = udisk_begin(ubik_dbase, UBIK_WRITETRANS, &ubik_currentTrans);
64 if (!code && ubik_currentTrans) {
65 /* label this trans with the right trans id */
66 ubik_currentTrans->tid.epoch = atid->epoch;
67 ubik_currentTrans->tid.counter = atid->counter;
76 SDISK_Commit(struct rx_call *rxcall, struct ubik_tid *atid)
80 if ((code = ubik_CheckAuth(rxcall))) {
83 ObtainWriteLock(&ubik_dbase->cache_lock);
85 if (!ubik_currentTrans) {
90 * sanity check to make sure only write trans appear here
92 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
97 urecovery_CheckTid(atid, 0);
98 if (!ubik_currentTrans) {
103 code = udisk_commit(ubik_currentTrans);
105 /* sync site should now match */
106 uvote_set_dbVersion(ubik_dbase->version);
110 ReleaseWriteLock(&ubik_dbase->cache_lock);
115 SDISK_ReleaseLocks(struct rx_call *rxcall, struct ubik_tid *atid)
119 if ((code = ubik_CheckAuth(rxcall))) {
125 if (!ubik_currentTrans) {
129 /* sanity check to make sure only write trans appear here */
130 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
135 urecovery_CheckTid(atid, 0);
136 if (!ubik_currentTrans) {
141 /* If the thread is not waiting for lock - ok to end it */
142 if (ubik_currentTrans->locktype != LOCKWAIT) {
143 udisk_end(ubik_currentTrans);
145 ubik_currentTrans = (struct ubik_trans *)0;
152 SDISK_Abort(struct rx_call *rxcall, struct ubik_tid *atid)
156 if ((code = ubik_CheckAuth(rxcall))) {
160 if (!ubik_currentTrans) {
164 /* sanity check to make sure only write trans appear here */
165 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
170 urecovery_CheckTid(atid, 0);
171 if (!ubik_currentTrans) {
176 code = udisk_abort(ubik_currentTrans);
177 /* If the thread is not waiting for lock - ok to end it */
178 if (ubik_currentTrans->locktype != LOCKWAIT) {
179 udisk_end(ubik_currentTrans);
181 ubik_currentTrans = (struct ubik_trans *)0;
187 /* apos and alen are not used */
189 SDISK_Lock(struct rx_call *rxcall, struct ubik_tid *atid,
190 afs_int32 afile, afs_int32 apos, afs_int32 alen, afs_int32 atype)
193 struct ubik_trans *ubik_thisTrans;
195 if ((code = ubik_CheckAuth(rxcall))) {
199 if (!ubik_currentTrans) {
203 /* sanity check to make sure only write trans appear here */
204 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
212 urecovery_CheckTid(atid, 0);
213 if (!ubik_currentTrans) {
218 ubik_thisTrans = ubik_currentTrans;
219 code = ulock_getLock(ubik_currentTrans, atype, 1);
221 /* While waiting, the transaction may have been ended/
222 * aborted from under us (urecovery_CheckTid). In that
223 * case, end the transaction here.
225 if (!code && (ubik_currentTrans != ubik_thisTrans)) {
226 udisk_end(ubik_thisTrans);
235 * \brief Write a vector of data
238 SDISK_WriteV(struct rx_call *rxcall, struct ubik_tid *atid,
239 iovec_wrt *io_vector, iovec_buf *io_buffer)
241 afs_int32 code, i, offset;
242 struct ubik_iovec *iovec;
245 if ((code = ubik_CheckAuth(rxcall))) {
249 if (!ubik_currentTrans) {
253 /* sanity check to make sure only write trans appear here */
254 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
259 urecovery_CheckTid(atid, 0);
260 if (!ubik_currentTrans) {
265 iovec = (struct ubik_iovec *)io_vector->iovec_wrt_val;
266 iobuf = (char *)io_buffer->iovec_buf_val;
267 for (i = 0, offset = 0; i < io_vector->iovec_wrt_len; i++) {
268 /* Sanity check for going off end of buffer */
269 if ((offset + iovec[i].length) > io_buffer->iovec_buf_len) {
273 udisk_write(ubik_currentTrans, iovec[i].file, &iobuf[offset],
274 iovec[i].position, iovec[i].length);
279 offset += iovec[i].length;
287 SDISK_Write(struct rx_call *rxcall, struct ubik_tid *atid,
288 afs_int32 afile, afs_int32 apos, bulkdata *adata)
292 if ((code = ubik_CheckAuth(rxcall))) {
296 if (!ubik_currentTrans) {
300 /* sanity check to make sure only write trans appear here */
301 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
306 urecovery_CheckTid(atid, 0);
307 if (!ubik_currentTrans) {
312 udisk_write(ubik_currentTrans, afile, adata->bulkdata_val, apos,
313 adata->bulkdata_len);
320 SDISK_Truncate(struct rx_call *rxcall, struct ubik_tid *atid,
321 afs_int32 afile, afs_int32 alen)
325 if ((code = ubik_CheckAuth(rxcall))) {
329 if (!ubik_currentTrans) {
333 /* sanity check to make sure only write trans appear here */
334 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
339 urecovery_CheckTid(atid, 0);
340 if (!ubik_currentTrans) {
344 code = udisk_truncate(ubik_currentTrans, afile, alen);
351 SDISK_GetVersion(struct rx_call *rxcall,
352 struct ubik_version *aversion)
356 if ((code = ubik_CheckAuth(rxcall))) {
361 * If we are the sync site, recovery shouldn't be running on any
362 * other site. We shouldn't be getting this RPC as long as we are
363 * the sync site. To prevent any unforseen activity, we should
364 * reject this RPC until we have recognized that we are not the
365 * sync site anymore, and/or if we have any pending WRITE
366 * transactions that have to complete. This way we can be assured
367 * that this RPC would not block any pending transactions that
368 * should either fail or pass. If we have recognized the fact that
369 * we are not the sync site any more, all write transactions would
370 * fail with UNOQUORUM anyway.
373 if (ubeacon_AmSyncSite()) {
378 code = (*ubik_dbase->getlabel) (ubik_dbase, 0, aversion);
381 /* tell other side there's no dbase */
383 aversion->counter = 0;
389 SDISK_GetFile(struct rx_call *rxcall, afs_int32 file,
390 struct ubik_version *version)
393 struct ubik_dbase *dbase;
395 struct ubik_stat ubikstat;
400 if ((code = ubik_CheckAuth(rxcall))) {
405 code = (*dbase->stat) (dbase, file, &ubikstat);
410 length = ubikstat.size;
411 tlen = htonl(length);
412 code = rx_Write(rxcall, (char *)&tlen, sizeof(afs_int32));
413 if (code != sizeof(afs_int32)) {
415 ubik_dprint("Rx-write length error=%d\n", code);
420 tlen = (length > sizeof(tbuffer) ? sizeof(tbuffer) : length);
421 code = (*dbase->read) (dbase, file, tbuffer, offset, tlen);
424 ubik_dprint("read failed error=%d\n", code);
427 code = rx_Write(rxcall, tbuffer, tlen);
430 ubik_dprint("Rx-write length error=%d\n", code);
436 code = (*dbase->getlabel) (dbase, file, version); /* return the dbase, too */
442 SDISK_SendFile(struct rx_call *rxcall, afs_int32 file,
443 afs_int32 length, struct ubik_version *avers)
446 struct ubik_dbase *dbase = NULL;
449 struct ubik_version tversion;
451 struct rx_peer *tpeer;
452 struct rx_connection *tconn;
453 afs_uint32 otherHost = 0;
460 /* send the file back to the requester */
465 if ((code = ubik_CheckAuth(rxcall))) {
470 /* next, we do a sanity check to see if the guy sending us the database is
471 * the guy we think is the sync site. It turns out that we might not have
472 * decided yet that someone's the sync site, but they could have enough
473 * votes from others to be sync site anyway, and could send us the database
474 * in advance of getting our votes. This is fine, what we're really trying
475 * to check is that some authenticated bogon isn't sending a random database
476 * into another configuration. This could happen on a bad configuration
477 * screwup. Thus, we only object if we're sure we know who the sync site
478 * is, and it ain't the guy talking to us.
480 offset = uvote_GetSyncSite();
481 tconn = rx_ConnectionOf(rxcall);
482 tpeer = rx_PeerOf(tconn);
483 otherHost = ubikGetPrimaryInterfaceAddr(rx_HostOf(tpeer));
484 if (offset && offset != otherHost) {
485 /* we *know* this is the wrong guy */
493 /* abort any active trans that may scribble over the database */
494 urecovery_AbortAll(dbase);
496 ubik_print("Ubik: Synchronize database with server %s\n",
497 afs_inet_ntoa_r(otherHost, hoststr));
501 epoch = tversion.epoch = 0; /* start off by labelling in-transit db as invalid */
502 (*dbase->setlabel) (dbase, file, &tversion); /* setlabel does sync */
503 snprintf(pbuffer, sizeof(pbuffer), "%s.DB%s%d.TMP",
504 ubik_dbase->pathName, (file<0)?"SYS":"",
505 (file<0)?-file:file);
506 fd = open(pbuffer, O_CREAT | O_RDWR | O_TRUNC, 0600);
511 code = lseek(fd, HDRSIZE, 0);
512 if (code != HDRSIZE) {
517 memcpy(&ubik_dbase->version, &tversion, sizeof(struct ubik_version));
520 tlen = (length > sizeof(tbuffer) ? sizeof(tbuffer) : length);
521 #if !defined(AFS_PTHREAD_ENV)
525 code = rx_Read(rxcall, tbuffer, tlen);
527 ubik_dprint("Rx-read length error=%d\n", code);
532 code = write(fd, tbuffer, tlen);
535 ubik_dprint("write failed error=%d\n", code);
547 /* sync data first, then write label and resync (resync done by setlabel call).
548 * This way, good label is only on good database. */
549 snprintf(tbuffer, sizeof(tbuffer), "%s.DB%s%d",
550 ubik_dbase->pathName, (file<0)?"SYS":"", (file<0)?-file:file);
552 snprintf(pbuffer, sizeof(pbuffer), "%s.DB%s%d.OLD",
553 ubik_dbase->pathName, (file<0)?"SYS":"", (file<0)?-file:file);
554 code = unlink(pbuffer);
556 code = rename(tbuffer, pbuffer);
557 snprintf(pbuffer, sizeof(pbuffer), "%s.DB%s%d.TMP",
558 ubik_dbase->pathName, (file<0)?"SYS":"", (file<0)?-file:file);
561 code = rename(pbuffer, tbuffer);
564 (*ubik_dbase->open) (ubik_dbase, file);
565 code = (*ubik_dbase->setlabel) (dbase, file, avers);
568 snprintf(pbuffer, sizeof(pbuffer), "%s.DB%s%d.OLD",
569 ubik_dbase->pathName, (file<0)?"SYS":"", (file<0)?-file:file);
572 memcpy(&ubik_dbase->version, avers, sizeof(struct ubik_version));
573 udisk_Invalidate(dbase, file); /* new dbase, flush disk buffers */
574 #ifdef AFS_PTHREAD_ENV
575 opr_Assert(pthread_cond_broadcast(&dbase->version_cond) == 0);
577 LWP_NoYieldSignal(&dbase->version);
585 if (pbuffer[0] != '\0')
588 /* Failed to sync. Allow reads again for now. */
591 tversion.epoch = epoch;
592 (*dbase->setlabel) (dbase, file, &tversion);
596 ("Ubik: Synchronize database with server %s failed (error = %d)\n",
597 afs_inet_ntoa_r(otherHost, hoststr), code);
599 ubik_print("Ubik: Synchronize database completed\n");
607 SDISK_Probe(struct rx_call *rxcall)
613 * \brief Update remote machines addresses in my server list
615 * Send back my addresses to caller of this RPC
616 * \return zero on success, else 1.
619 SDISK_UpdateInterfaceAddr(struct rx_call *rxcall,
620 UbikInterfaceAddr *inAddr,
621 UbikInterfaceAddr *outAddr)
623 struct ubik_server *ts, *tmp;
624 afs_uint32 remoteAddr; /* in net byte order */
625 int i, j, found = 0, probableMatch = 0;
629 /* copy the output parameters */
630 for (i = 0; i < UBIK_MAX_INTERFACE_ADDR; i++)
631 outAddr->hostAddr[i] = ntohl(ubik_host[i]);
633 remoteAddr = htonl(inAddr->hostAddr[0]);
634 for (ts = ubik_servers; ts; ts = ts->next)
635 if (ts->addr[0] == remoteAddr) { /* both in net byte order */
641 /* verify that all addresses in the incoming RPC are
642 ** not part of other server entries in my CellServDB
644 for (i = 0; !found && (i < UBIK_MAX_INTERFACE_ADDR)
645 && inAddr->hostAddr[i]; i++) {
646 remoteAddr = htonl(inAddr->hostAddr[i]);
647 for (tmp = ubik_servers; (!found && tmp); tmp = tmp->next) {
648 if (ts == tmp) /* this is my server */
650 for (j = 0; (j < UBIK_MAX_INTERFACE_ADDR) && tmp->addr[j];
652 if (remoteAddr == tmp->addr[j]) {
660 /* if (probableMatch) */
661 /* inconsistent addresses in CellServDB */
662 if (!probableMatch || found) {
663 ubik_print("Inconsistent Cell Info from server:\n");
664 for (i = 0; i < UBIK_MAX_INTERFACE_ADDR && inAddr->hostAddr[i]; i++)
665 ubik_print("... %s\n", afs_inet_ntoa_r(htonl(inAddr->hostAddr[i]), hoststr));
673 /* update our data structures */
674 for (i = 1; i < UBIK_MAX_INTERFACE_ADDR; i++)
675 ts->addr[i] = htonl(inAddr->hostAddr[i]);
677 ubik_print("ubik: A Remote Server has addresses:\n");
678 for (i = 0; i < UBIK_MAX_INTERFACE_ADDR && ts->addr[i]; i++)
679 ubik_print("... %s\n", afs_inet_ntoa_r(ts->addr[i], hoststr));
684 * The most likely cause of a DISK_UpdateInterfaceAddr RPC
685 * is because the server was restarted. Reset its state
686 * so that no DISK_Begin RPCs will be issued until the
687 * known database version is current.
690 ts->beaconSinceDown = 0;
692 urecovery_LostServer(ts);
698 printServerInfo(void)
700 struct ubik_server *ts;
704 ubik_print("Local CellServDB:\n");
705 for (ts = ubik_servers; ts; ts = ts->next, j++) {
706 ubik_print(" Server %d:\n", j);
707 for (i = 0; (i < UBIK_MAX_INTERFACE_ADDR) && ts->addr[i]; i++)
708 ubik_print(" ... %s\n", afs_inet_ntoa_r(ts->addr[i], hoststr));
713 SDISK_SetVersion(struct rx_call *rxcall, struct ubik_tid *atid,
714 struct ubik_version *oldversionp,
715 struct ubik_version *newversionp)
719 if ((code = ubik_CheckAuth(rxcall))) {
723 if (!ubik_currentTrans) {
727 /* sanity check to make sure only write trans appear here */
728 if (ubik_currentTrans->type != UBIK_WRITETRANS) {
733 /* Should not get this for the sync site */
734 if (ubeacon_AmSyncSite()) {
739 urecovery_CheckTid(atid, 0);
740 if (!ubik_currentTrans) {
745 /* Set the label if our version matches the sync-site's. Also set the label
746 * if our on-disk version matches the old version, and our view of the
747 * sync-site's version matches the new version. This suggests that
748 * ubik_dbVersion was updated while the sync-site was setting the new
749 * version, and it already told us via VOTE_Beacon. */
750 if (uvote_eq_dbVersion(*oldversionp)
751 || (uvote_eq_dbVersion(*newversionp)
752 && vcmp(ubik_dbase->version, *oldversionp) == 0)) {
754 code = (*ubik_dbase->setlabel) (ubik_dbase, 0, newversionp);
756 ubik_dbase->version = *newversionp;
757 uvote_set_dbVersion(*newversionp);