Commit Graph

10863 Commits

Author SHA1 Message Date
Jeffrey Altman
107d7ace8b Windows: RDR Dynamic root Freelance only
commit 6c708d1415 does not restrict
the AFS redirector dynamic root detection only to the Freelance
volume root directory.  This logic should not apply to arbitrary
mount point target paths.

Change-Id: Iedde41937f602895b1d5922453c93fae4a5bf5d8
Reviewed-on: http://gerrit.openafs.org/8728
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-09 13:48:34 -08:00
Jeffrey Altman
34f5193685 Windows: AFSProcessOpen !MmFlush release SectionObjectResource
Restructure the code around the MmFlushImageSection() call in
AFSProcessOpen() to ensure that the SectionObjectResource is
released even when the flush fails.

Change-Id: Ifd6b25640df796f64fba46b920fdababa5224637
Reviewed-on: http://gerrit.openafs.org/8713
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-07 06:54:39 -08:00
Jeffrey Altman
339723e78e Windows: AFSCachedWrite reset LastServerFlush when Forced
If the ForceFlush parameter to AFSCachedWrite is set to TRUE,
the Fcb->Specific.File.LastServerFlush value must be reset to
ensure that the AFSPrimaryVolumeWorkerThread will trigger an
extent flush on its next pass.  The LastServerFlush value will
not be reset by AFSNonCachedWrite() when called as a result of
a CcFlushCache() call as it appears to be PagingIo.

Change-Id: I72c368e05f30f04b13b2c6d098bdb1da578ac82c
Reviewed-on: http://gerrit.openafs.org/8717
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-07 06:49:38 -08:00
Jeffrey Altman
dd0f4bcd06 Windows: Periodic Worker CleanupFcb to Flush Dirty Extents
The AFSPrimaryVolumeWorkerThread must not check the ObjectInformationCB
reference count when determining whether or not to call AFSCleanupFcb().
One of the tasks of AFSCleanupFcb() is to flush dirty extents to the
service.

Change-Id: Id1821ec16393952d27520e73e290e520966b1d75
Reviewed-on: http://gerrit.openafs.org/8716
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-07 06:49:16 -08:00
Jeffrey Altman
b30c9dcfac Windows: SetDispositionInfo !MmFlush SectionObjectResource
In AFSSetDispositionInfo() if MmFlushImageSection() fails,
be sure to release the SectionObjectResource.

Change-Id: Ic0a31627369d0fa055f78e5949314398f58569e0
Reviewed-on: http://gerrit.openafs.org/8714
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-07 06:48:51 -08:00
Jeffrey Altman
42c404ba5d Windows: SetVolumeState is not an invalidation
Volume state notifications (online, offline, unknown) from the
afsd_service.exe to the afs redirector are not invalidation
events.  The verify flag should not be set, the extents should
not be purged, etc.  Just set or clear the AFS_VOLUME_FLAGS_OFFLINE.

Change-Id: I046468e614c836981db228aa142d2c8bdb03a9ad
Reviewed-on: http://gerrit.openafs.org/8651
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-07 06:48:04 -08:00
Marc Dionne
5b2cc290f8 cache bypass: fix afs_bypass_copy_page memcpy oops
The two memory copy cases were inverted when the code was
refactored, causing an oops when cache bypass is enabled.

Change-Id: I30a9a51b7280883fb9b7bbeebbabe464c139b714
Reviewed-on: http://gerrit.openafs.org/8617
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
Tested-by: Stephan Wiesand <stephan.wiesand@desy.de>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-12-06 08:00:53 -08:00
Jeffrey Altman
a774fa8a6a Windows: AFSSetRenameInfo Drop TreeLocks MmForceSectionClosed
If the Target directory TreeLock is held across the
MmForceSectionClosed() call in AFSSetRenameInfo() Trend Micro's
TmPreFlt!TmpQueryFullName call can deadlock in its worker thread
when AFSCommonCreate() attempts to AFSLocateNameEntry() which
requires shared access to the TreeLock for the search.

Reorganize the Target Entry Exists case to call MmForceSectionClosed()
after the directory entry has been deleted.  That should throw
a monkey wrench into Trend Micro's attempt to scan it.

Change-Id: Ib8d4777fde257c0f2c93e2577caa6542c1b08c79
Reviewed-on: http://gerrit.openafs.org/8607
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-05 21:10:25 -08:00
Jeffrey Altman
b338928bd4 Windows: Prevent lock inversion SetFileRenameInfo
SetFileRenameInfo calls MmForceSectionClosed() which can call
back to the afs redirector via the Cleanup processing.  AFSCleanup()
requires an exclusive hold of Fcb->Resource so we must obtain the
lock first in AFSSetFileRenameInfo() prior to obtaining the
SectionObjectResource.

Change-Id: If679eeb107f04153a26659971b7f2455eef97c9a
Reviewed-on: http://gerrit.openafs.org/8603
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-05 12:15:50 -08:00
Jeffrey Altman
ec6c7c1ce4 Windows: addition debug for --validate-cache
Print the value of the header size, the magic value and the
dirty flag.

Fail check if header size and magic do not match current
version of afsd_service.exe

Change-Id: I19c9a374a5f83dd9fcb37990c4dfbb97cf7f74a0
Reviewed-on: http://gerrit.openafs.org/8602
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-05 12:15:25 -08:00
Jeffrey Altman
2c7e200734 Windows: AFSProcessDFSLink to Dos Device
Support msdfs links to <drive>:\<path>

Map them to IOMgr as \??\<drive>:\<path>

Change-Id: I110dd7e857d4b7984e75611787d2135bc97aaa39
Reviewed-on: http://gerrit.openafs.org/8601
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-05 12:14:57 -08:00
Jeffrey Altman
5616b7e2f9 Windows: fs getcalleraccess
Implement VIOC_GETCALLERACCESS and associated 'fs getcalleraccess'
for Windows.  Varies from the Unix implementation in the following
ways:

 * getcalleraccess supports the -literal switch to permit
   querying rights of symlinks and mount points

 * multiple files can be provided on a single command line

The VIOC_GETCALLERACCESS pioctl returns the user access rights
and the anyuser access rights.

Change-Id: I75f636956bbafcc91144b44bd2d7729b8643605c
Reviewed-on: http://gerrit.openafs.org/8598
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-05 12:14:46 -08:00
Jeffrey Altman
5adf1476b1 Windows: AFSDevControl print control if exception
Change-Id: If94ba4f265d943ec8e4852c3d8c88d59cef3ef9b
Reviewed-on: http://gerrit.openafs.org/8599
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-05 12:14:34 -08:00
Jeffrey Altman
81212b18b3 rx: RX_INVALID_OPERATION abort unknown service only
Patchset 1fbe83f9aa introduced the
sending of RX_INVALID_OPERATION aborts for connection attempts
requesting a service not offered by the rx peer.  By sending aborts
for all failures of rxi_FindConnection() the set of incoming packets
that are responded to is broader than simply those with non-matching
serviceIds.  This patchset restricts the transmission of
RX_INVALID_OPERATION aborts only to the explicit case in which
rxi_FindConnection() attempted to find a service and either failed
to find a match or couldn't apply the requested security class/level
to that service.

Change-Id: Ie18798531e542e54878209ccd2fbbcd24f31abb6
Reviewed-on: http://gerrit.openafs.org/8512
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-12-05 10:46:44 -08:00
Andrew Deason
399abf159b rx: Add rx_GetNetworkError
Add the function rx_GetNetworkError to rx, to allow callers to
retrieve some information about the last ICMP error received for a
connection's peer. This can be useful if a call on that connection was
recently ended due to ICMP errors.

Change-Id: I7c507185f6a4ab986c0119f67cdaa4e50e447175
Reviewed-on: http://gerrit.openafs.org/8451
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
2012-12-05 10:46:34 -08:00
Andrew Deason
696db8667d afs: Apply VLRU safety check for Linux too
This invariant should apply to all platforms, not just those with
dynamic vcaches. Since this prevents an infinite loop if the list os
corrupt or something, having this around everywhere seems useful. So,
drop the check for afsd_dynamic_vcaches.

Change-Id: I90e438eb33f40762346d1c5a7138ed127fdcdcc6
Reviewed-on: http://gerrit.openafs.org/8555
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-12-05 08:22:03 -08:00
Andrew Deason
bc6dd95016 afs: Fix VLRU traversal sanity check
On non-Linux, the number of vcaches in the VLRU can easily exceed
afs_maxvcount, since we allocate new vcaches when we run out. So,
assume we only have afs_vcount vcaches on the VLRU, instead of
assuming we have at most afs_maxvcount vcaches.

Change-Id: I3bec8f795b1f6e086ddb490400616c5b42d8b8be
Reviewed-on: http://gerrit.openafs.org/8471
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-12-05 08:21:37 -08:00
Andrew Deason
4d4668b161 ubik: Try to detect VOTE_Beacon errors
Currently the way ubik dbsites vote for each other is via the "return
value" of the Beacon VOTE RPC. Since this is really an Rx abort, this
can easily collide with actual errors on the wire, such as rxkad
errors.

Try to detect these by detecting vote times that are very different
than the current timestamp (more than an hour in the future or past),
and treat it like a network error.

If we do not do this, a single site reporting an error can cause us to
never reach quorum, since we calculate our sync site expiration based
on the oldest 'yes' vote, which for most known Rx aborts will be far
in the past.

Change-Id: I28cf4c520bbbe9e98eb55947476c8785d3c8ec0b
Reviewed-on: http://gerrit.openafs.org/8486
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-12-04 03:22:16 -08:00
Michael Meffie
7c8373c8c2 tools: example sysvmq audit reader
A user contributed sysvmq audit log example reader. Shows
how to read the sysvmq audit log using core only perl modules.

Change-Id: I39adb62150df2bcb812ca4d06b193b08d7e95c21
Reviewed-on: http://gerrit.openafs.org/8485
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-12-04 03:21:36 -08:00
Andrew Deason
595a614d76 afs_open: Deal with afs_GetDCache returning NULL
afs_open was assuming afs_GetDCache always returned non-NULL. Make it
deal with a NULL return.

Change-Id: Ib0593de27d65294726a4a40b3faa4687bb6fc5fe
Reviewed-on: http://gerrit.openafs.org/8408
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-12-04 03:21:14 -08:00
Derrick Brashear
274daabae3 config: provide inlines to make 64bit ints printable
same idea as the 32 bit versions. make it so you can print something
the compiler would otherwise stand in the way of.

Change-Id: Iec9d2efe7ecb74c13406dacf854d13fe61075092
Reviewed-on: http://gerrit.openafs.org/8552
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-12-04 03:20:24 -08:00
Andrew Deason
dbd801d585 afs: log ICMP errors for downed servers
When we notice a server is unreachable, log the ICMP error we got for
that server, if any.

Change-Id: I9dcd40bf45fefa6679eac92a5d03d44eceac0816
Reviewed-on: http://gerrit.openafs.org/8410
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-12-04 03:18:44 -08:00
Derrick Brashear
2d4745244d macos: decode mountain lion panics
security hardening in the mountain lion kernel
screws up our decoder. apple doesn't bother to document
what to do, but after some head smashing, here we are.

Change-Id: I1f8411e6fa81baab065acc5cdfe7ef3dea10a077
Reviewed-on: http://gerrit.openafs.org/8476
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-12-04 03:17:55 -08:00
Jeffrey Altman
cbce3193b0 Windows: shuffle trace messages for clarity
Some of the trace messages for VolumeReferenceLocks and
VolumeReferenceCounts were in odd places.  Move them for consistency and
clarity.

Change-Id: I3cf95de0670af8855b622f8a83d2f0b69dc851df
Reviewed-on: http://gerrit.openafs.org/8581
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 14:08:00 -08:00
Jeffrey Altman
e58eaae182 Windows: Handle AFSLocateNameEntry() STATUS_REPARSE
AFSLocateNameEntry() can return STATUS_REPARSE in addition to
NTSTATUS failure codes.  As in the case of an NTSTATUS code other
than STATUS_OBJECT_NAME_NOT_FOUND, the reference counts are decremented in
AFSLocateNameEntry() if STATUS_REPARSE is returned.

Change-Id: I7cab5be2ae304be47cb14abb4f6952e4e0e65efe
Reviewed-on: http://gerrit.openafs.org/8580
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 14:07:39 -08:00
Jeffrey Altman
f25a061b71 Windows: Decr. used buf count flush and deleted files
When flushing the cache (fs flush*) or when deleting files or
when a file server reported error indicates that the buffer is
bad, decrement the used cache count so "fs getcacheparms" now
indicates a floating value based upon the number of buffers
containing potentially valid data.

Change-Id: I1bfb7b64ff36832526a02e9374ab87baf679f100
Reviewed-on: http://gerrit.openafs.org/8579
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 14:07:11 -08:00
Jeffrey Altman
66a5703463 Windows: Restore "fs getcacheparms" used space
buf_Init() adds all of the available buffers to the free queue
at startup and cm_data.buf_freeCount tracks the number of items
in the free queue.  So it cannot be used as a method of reporting
how much of the cache space has been used.   Add a new buf_usedCount
parameter to the cm_memmap data to track the number of cache blocks
that have been used up to the total number of allocated blocks.
buf_usedCount can then be used in cm_IoctlGetCacheParms to restore
the original behavior.

Change-Id: I3ecdfdbda1c423551b7e7691243696e0f1553edc
Reviewed-on: http://gerrit.openafs.org/8578
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 14:06:43 -08:00
Jeffrey Altman
be27d61961 Windows: QFileInfo only Verify Entry when necessary
During a QueryFileInformation request only call AFSVerifyEntry()
when the AFS_OBJECT_FLAGS_VERIFY flag is set on the ObjectInformationCB.
The AFS_OBJECT_FLAGS_VERIFY flag is set in response to an invalidation
event from the cache manager.  Let the cache manager decide when our
data is no longer consistent with the file server.

Change-Id: I299597577f9fb13d008e20aff7a404ad6c2185b5
Reviewed-on: http://gerrit.openafs.org/8568
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 14:05:59 -08:00
Jeffrey Altman
f499babad0 Windows: Dir Enum only validate when necessary
During a directory enumeration, do not call AFSValidateEntry()
for every DirectoryCB.  Instead only do so when the
AFS_OBJECT_FLAGS_VERIFY is set on the ObjectInformationCB.

Change-Id: I5653cbf8703da03aeaee24c0c7bf8817e66b8f9e
Reviewed-on: http://gerrit.openafs.org/8567
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 14:05:35 -08:00
Jeffrey Altman
957601aeab Windows: AFSTearDownFcbExtents count extents properly
Fcb->Specific.File.ExtentsCount cannot be used directly
in the for loop conditional because each call to AFSFreeExtent()
decrements the value.  Instead, save the original value to
'lFcbExtentCount' and use that in the loop conditional.

Change-Id: I7b2dc0fbd1cbf0eec2f627f8caad8c973c3437c7
Reviewed-on: http://gerrit.openafs.org/8566
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 14:05:03 -08:00
Jeffrey Altman
da6c8d5728 Windows: AFSCleanup calls AFSDeleteFcbExtents
When the hard link count of the file drops to zero, call
AFSDeleteFcbExtents() instead of AFSTearDownFcbExtents()
because the file has been deleted and the extents have been
implicitly released.

Change-Id: I4198ece075a23850699ae188943d06df7bf4c668
Reviewed-on: http://gerrit.openafs.org/8565
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 14:04:27 -08:00
Jeffrey Altman
037d568de5 Windows: AFSDeleteFcbExtents()
Similar to AFSTearDownFcbExtents() but does not release the
extents to afsd_service.exe.  It is intended for use when the
FCB's extents are implicitly released as the result of file
deletion.

Change-Id: If9b09f3190db84eb194475161247fb375cd3dc66
Reviewed-on: http://gerrit.openafs.org/8564
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 14:04:00 -08:00
Jeffrey Altman
dc87e01c70 Windows: Fcb sectionObjectResource
Add a SectionObjectResource to the AFS_FCB structure.  This lock
replaces the Fcb.Resource in protecting the SectionObjectPointers.

The new resource is being added to assist in avoiding deadlocks
caused by Trend Micro and perhaps other AV products when
CcPurgeCacheSection() is called while holding the Fcb.Resource
which is required in AFSProcessOpen().

Change-Id: I738c175512e97e1ec153be52ab874f16389d4c95
Reviewed-on: http://gerrit.openafs.org/8563
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 14:03:31 -08:00
Jeffrey Altman
6c708d1415 Windows: Implement dynamic cell detection for RDR
RDR_EvaluateNodeByName knew how to parse \\afs\foo#bar\ notation
but couldn't perform a lookup for a cell that wasn't already
in the root directory.  Add support for autorecognition.

Change-Id: I8c2bacd034afa507d551da83dfc1958bd849a3a1
Reviewed-on: http://gerrit.openafs.org/8562
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 13:59:47 -08:00
Jeffrey Altman
a428033bfe Windows: PrimaryVolumeWorkerThread Garbage Collect Fcb
Revert commit cecd99abd3.  Failing
to garbage collect the FCB from the ObjectInformationCB at the
earliest opportunity opens the door to a deadlock with Trend Micro's
anti-virus driver.  Trend Micro attempts to make a copy of the
file data each time a CcPurgeCacheSection() is performed on the
FCB.  If during AFSValidateEntry or AFSVerifyEntry a DirectoryCB->
ObjectInformationCB->FCB is discovered which has a non-NULL
SectionObjectPointers.DataSectionObject and the data version in
the DirEnumEntryCB differs from the ObjectInformationCB, a
CcPurgeCacheSection() call is performed while holding the
FCB->NPFcb->Resource exclusively.  Trend Micro will deadlock the
thread making the CcPurgeCacheSection() call when it attempts
to open the file in one of its worker threads.

Change-Id: I912f22ab3695ad8faf1edcdbf2d50ff9a76277db
Reviewed-on: http://gerrit.openafs.org/8529
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-03 13:59:29 -08:00
Jeffrey Altman
8e68e08901 rx: set abort client_initiated flag to match direction
In a recent incident involving packet reflection back to the
file server, aborts were being sent by the file server in response
to a server sent packet.  The aborts sent in response also failed
to set the CLIENT_INITIATED flag in the header which permitted the
the actual client to confuse the Abort as applying to its client
initiated connection.

in rxi_SendRawAbort, set the CLIENT_INITIATED flag to the opposite
of the packet the abort is being sent in response to.

Thanks to Chaskiel Grundman for the suggestion.

Change-Id: Iea4189f022ac050e2e005e80c427f1c02c2251db
Reviewed-on: http://gerrit.openafs.org/8513
Reviewed-by: Chaskiel Grundman <cg2v@andrew.cmu.edu>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-12-01 09:55:53 -08:00
Simon Wilkinson
f2fdd3040c rx: Make rxevent_Put NULL the event ptr being put
Change rxevent_Put so that it takes a pointer to the event being
put, and NULLs that pointer. This removes a lot of duplicate code
in callers, as well as making it harder to reuse a discarded event.

Change-Id: Ib7a51f01687e08ea3dced5932ec9ec27797a784a
Reviewed-on: http://gerrit.openafs.org/8540
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-01 09:51:31 -08:00
Simon Wilkinson
f40199327a rx: Return success value when cancelling an event
When cancelling an event that holds reference counts, we need
to know whether the attempt to cancel the event was successful
or not, otherwise references can be double put when the
cancellation races with the event firing. Take the follwing

Thread A			Event Thread
=========			============

				... event fired ...
MUTEX_ENTER(&obj->lock);
if (obj->event) {
    rxevent_Cancel(&obj->event);
    obj_put(&obj->refcnt);
}
MUTEX_EXIT(&obj->lock)
				MUTEX_ENTER(&obj->lock);
				if (event == obj->event)
				    rxevent_Put(&obj->event);
				...
				MUTEX_EXIT(&obj->lock);
				obj_put(&obj->refcnt);

Holding obj->lock doesn't control whether the event is fired or
not. Only putting the reference if the event being fired matches
that in obj doesn't help - it just leaks a reference in a different
race.

So, make rxevent_Cancel return true if it did actually cancel the
event, and false if the event has already been fired. This means
that Thread A can become

MUTEX_ENTER(&obj->lock);
if (rxevent_Cancel(&obj->event)
    obj_put(&obj->refcnt);
MUTEX_EXIT(&obj->lock)

In the example above, rxevent_Cancel would return false.

Change-Id: I48e012774c97c9d9588b00687428a32795be2b37
Reviewed-on: http://gerrit.openafs.org/8539
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-01 09:51:20 -08:00
Simon Wilkinson
20034a8157 rx: Don't treat calls specially in event package
Many different structures can be passed to the rxevent package as
data. Don't give calls special treatment by making rxevent aware of
how to release their reference counts when an event is cancelled.

Update all of the callers of rxevent_Cancel to use the new arguments,
and where they were cancelling functions with calls as parameters add
the appropriate CALL_RELE directives. In many cases, this has led to
new helper functions to cancel particular call-based events.

Change-Id: Ic02778e48fd950e8850b77bd3c076c235453274d
Reviewed-on: http://gerrit.openafs.org/8538
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-12-01 09:51:06 -08:00
Simon Wilkinson
4abcf4a7d1 rx: Remove unused origPeer parameter to FindPeer
rxi_FindPeer took an 'origPeer' parameter, which was originally
there as an optimisation to decrement a reference count when replacing
a peer on a connection structure. However, we don't do that any more,
and the origPeer parameter is never used.

Just remove it to simplify this bit of code.

Change-Id: I49127f25dd151082f4e508a28e8cab232e251ed1
Reviewed-on: http://gerrit.openafs.org/8537
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-11-30 06:08:14 -08:00
Simon Wilkinson
5245d15c23 rx: Remove unused timeoutEvent
The timeoutEvent pointer in the rx_call structure is unused. Remove
it to reduce confusion about which events can hold call reference
counts.

Change-Id: Ide625fe0af608cc434c33188e642750979a8db21
Reviewed-on: http://gerrit.openafs.org/8536
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-11-30 06:08:04 -08:00
Simon Wilkinson
e9c91feace rx: CheckBusy doesn't drop conn_call_lock
As rxi_CheckBusy doesn't drop the conn_call_lock when it checks for
busy call slots, it doesn't need to deal with someone replacing a
call behind its back.

Change-Id: I7cc64150e32e29b0a497cded55cd187b5bb78ad1
Reviewed-on: http://gerrit.openafs.org/8535
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-11-30 06:07:54 -08:00
Jeffrey Altman
b5876a60f7 Windows: RefCounts, Asserts, and Trace Logging
Rename DirectoryCB.OpenReferenceCount to DirOpenReferenceCount
to distinguish it from the FCB.OpenReferenceCount.  This makes
it easier to search for instances within an editor or debugger.

Ensure that all InterlockedIncrement and InterlockedDecrement
calls on a reference count field assign their value to a local
'lCount' variable.  Ensure that 'lCount' is used within any
trace log messages and conditionals.

Add ASSERT( lCount >= 0) after all reference count decrements
in order to catch underflows.

Change conditionals from (RefCount == 0) to (RefCount <= 0) so
that object destruction can occur when there has been an underflow.
This is important in release builds for which ASSERT() is a no-op.

Change-Id: I1d10076464c68745ede117eef2f728f70a0003c1
Reviewed-on: http://gerrit.openafs.org/8522
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-11-29 15:57:37 -08:00
Jeffrey Altman
438b0d8a23 Windows: AFSClose File FCB/CCB cleanup before DirCB
Move the processing of FCB and CCB cleanup ahead of the
DirectoryCB cleanup.  It is not safe to dereference the
Ccb->DirectoryCB until after the CCB has been destroyed.

Change-Id: I74ec824ea523fe1d575169472c65da6ffe87ce5e
Reviewed-on: http://gerrit.openafs.org/8521
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-11-29 15:51:15 -08:00
Jeffrey Altman
71ef2663da Windows: AFSDeleteObjectInfo not on volume roots
The VolumeCB embeds an ObjectInformationCB structure which must
not be freed by calling AFSDeleteObjectInfo().  Add an assert
in the checked build and return without destroying the object
in the free build.

Change-Id: I77c92fbe0d10252785f4796153d9d824ff074d4c
Reviewed-on: http://gerrit.openafs.org/8520
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-11-29 15:50:26 -08:00
Jeffrey Altman
282e2bdd7f Windows: Missing DirEntry Ref incr AFSLocateName
In the STATUS_NAME_COLLISION error path the DirEntry refcnt must
be incremented because it will be decremented before exit from
AFSLocateName().

Change-Id: I7cf976afa8e62d0d9803549b64a5d0dae27cd9b1
Reviewed-on: http://gerrit.openafs.org/8518
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-11-29 15:49:54 -08:00
Jeffrey Altman
fcfd1f99d8 Windows: AFSLocateNameEntry move InsertNextEntry
In AFSLocateNameEntry, move the InsertNextEntry to name array
call from before the directory entry DirOpenReferenceCount is
incremented to afterwards.  This permits InsertNextEntry() to
consistently assert based upon the DirOpenReferenceCount value.

Change-Id: I3c65f5360650739f6d75b7e657ae5cdea4c14aa4
Reviewed-on: http://gerrit.openafs.org/8517
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-11-29 15:49:32 -08:00
Jeffrey Altman
5a09e6ab2b Windows: AFSInvalidateCache volume refcounts
AFSInvalidateCache failed to release the volume reference count
when FileId is the volume root.   In the non-root case it released
it too early permitting a race with AFSPrimaryVolumeWorkerThread
calling AFSRemoveVolume().

Change-Id: I12b756e5a543a2ef791d716f660df1f4a7ae2327
Reviewed-on: http://gerrit.openafs.org/8516
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-11-29 15:49:09 -08:00
Jeffrey Altman
ded88c8f8d Windows: Fail RX_INVALID_OPERATION errors
RX_INVALID_OPERATION errors were not resulting in an eventual
failure and the RPC was being repeated indefinitely.  There were
three subtle problems:

 1. RX_INVALID_OPERATION was being processed by cm_Analyze()
    resulting in a retry in all cases.  Even those where no
    connp was passed in as NULL.  connp == NULL implies that
    no server could be obtained so the RPC was not issued on
    this pass.  As a result there should be no retry.

 2. RX_INVALID_OPERATION was mapped to CM_ERROR_UNKNOWN which
    is not an error that is reported to the AFS redirector.

 3. RDR_BkgFetch was setting CM_REQ_NORETRY and permitting
    the retries to be handled by the cm_daemon threads.  However,
    CM_ERROR_UNKNOWN was not treated as a fatal error by cm_Daemon.

Address the failures in the following ways:

 A. cm_Analyze no longer retries calls which did not take place.

 B. Create a new CM_ERROR_INVAL_NET_RESP error for RX_INVALID_OPERATION
    which is translated to the Win32 STATUS_INVALID_NETWORK_RESPONSE
    error.  This is now returned to the AFS redirector and treated
    as a fatal error.

 C. RDR_BkgFetch no longer queues tasks to cm_Daemon with the
    CM_REQ_NORETRY flag set.

Change-Id: I1eba0e83fbbe5726f43f667ddb67ced8c011853d
Reviewed-on: http://gerrit.openafs.org/8510
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
2012-11-29 15:48:42 -08:00
Andrew Deason
988f66c5c3 vol: Let non-usable volumes attach for non-DAFS
Before DAFS, volumes that were not inService/blessed were not
accessible by normal clients, but were still allowed to attach. That
is, access to clients was prevented at VGetVolume-time, rather than at
attach-time. Commit 939382c5 tried to short-circuit this by detecting
this volume state at attach-time. However, volume utilities (e.g.
volserver) can give us back a volume over FSSYNC when they are done
with the volume, and for non-DAFS, we then try to attach the volume.
So, with 939382c5 that attachment will fail when volserver gives us
back a volume that is not inService/blessed (which can happen for some
normal volume operations).

This situation is not terrible, since either way the volume is not
usable by clients (since the volume didn't attach), and the volume is
still usable by volserver (since volserver is allowed to check out
nonexistent volumes). But it is a deviation from pre-DAFS behavior and
it can result in confusing error messages, so revert the 939382c5
behavior for non-DAFS.

For DAFS, this behavior is fine, since the fileserver does not attach
a volume unless it is trying to service a client request. So, leave it
for DAFS.

FIXES 131505

Change-Id: I8cf47640ceb068762eb42f1b70eb88aa9c4a060a
Reviewed-on: http://gerrit.openafs.org/8557
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
2012-11-28 20:03:38 -08:00