Directory writes are synchronous, so this is fine. There's a
mostly-convenient function in fs/libfs.c that returns 0 that we can use
to do what we want ("mostly" because it was renamed in 2.6.35).
FIXES 130425
Change-Id: I9a2af60ed3152be036f0145c94152d8cff2e1242
Reviewed-on: http://gerrit.openafs.org/6491
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
systemd is actually rather capable of leaving the OpenAFS client in an
incredibly broken state, thanks to its willingness to track services and
kill their processes. We should not attempt to restart the client on
upgrade, whether a normal upgrade or a migration from SysV initscripts.
In the former case, it's fine (and correct) for the old AFS to keep
running; in the latter case, the unit file is capable of correctly
shutting down an initscript-launched client. The same is true for the
OpenAFS server.
This brings the packaging in line with the SysV initscript code in the
specfile, which does not attempt to restart the service, as well as with
e.g. Debian's packaging, which uses --no-restart-on-upgrade.
While we're here, clean up a redundant BuildRequires on systemd-units.
Change-Id: I3b1771a7246f04be0e82765976664c50e0adae47
Reviewed-on: http://gerrit.openafs.org/6247
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
When performing object verification, check for status failures corresponding
to parent object issues which require a validation of the parent
Change-Id: I4a73b55961eda62079c933f9e85888ea24b39f1f
Reviewed-on: http://gerrit.openafs.org/6447
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
In the case where the direntry data is invalid, construct an Fcb
of type INVALID so that the direntry can be displayed and the objected
deleted even if it cannot be evaluated.
Change-Id: I37da154b7429929fe833874c7cd048a3a804a96f
Reviewed-on: http://gerrit.openafs.org/6445
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Add the parent directory data version to the AFSFileUpdateResultCB
structure.
Change-Id: Ia1b1345c410ff216b35f3d42912ac921b978a299
Reviewed-on: http://gerrit.openafs.org/6459
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The Windows client up to this point has never correctly implemented
directory renames. For the longest time it assumed that the file
server would not replace a pre-existing target. As a result, when
the target name was already in use the contents of the directory
would end up with the target name existing but its previous file id
associated with it.
A second problem was that lookups for the source and target names
were not performed while the directory (or directories) were exclusively
held to ensure that competing changes could not occur.
This patchset corrects both issues in cm_Rename() and adjusts the
redirector interface to match the new behavior.
Change-Id: I4f5cff7debcf9925947ac3fc6931565acb57ebd9
Reviewed-on: http://gerrit.openafs.org/6457
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
A directory enumeration is not an atomic operation. The redirector
reads an enumeration a chunk at a time. During the entire enumeration
it is possible that the data version of the directory object has
changed due to entries being added or removed. This patchset adds
two data version values to the AFSDirEnumResp structure.
The first is the snapshot data version which is the dv of the
directory object at the time the entry list snapshot was taken.
The second is the current data version number of the directory
object.
If an object has been removed from the directory after the snapshot
was taken, attempts to fetch status information for the object will
fail with a VNOVNODE (aka CM_ERROR_BADFD aka STATUS_INVALID_HANDLE).
The NTStatus field has been added to the AFSDirEnumEntry structure
to permit notifying the redirector of such failures.
RDR_PopulateCurrentEntry() has been extended with an additional
cm_Error parameter that accepts the errorCode field provided by
the cm_direnum_entry_t object constructed during the enumeration.
Change-Id: Iee8f6bf9919780ce4dd6c2b184810c0d6afc39cc
Reviewed-on: http://gerrit.openafs.org/6455
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
In response to AFS_REQUEST_TYPE_EVAL_TARGET_BY_ID and
AFS_REQUEST_TYPE_EVAL_TARGET_BY_NAME, return the new AFSFileEvalResultCB
instead of a raw AFSDirEnumEntry. AFSFileEvalResultCB includes
the data version number of the parent directory at the time the
node was evaluated.
Change-Id: Ida25790688f8ab193c234c9b3fadf4f594edd740
Reviewed-on: http://gerrit.openafs.org/6454
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Add AFSFileCleanupResultCB which includes the parent directory
data version number. This is necessary because object deletion occurs
during the Cleanup processing and the redirector needs to know the
resulting data version of the affected directory.
Change-Id: Iac07ddaaa3e3373f1690c85d247313e070450169
Reviewed-on: http://gerrit.openafs.org/6453
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Modify evaluation of nodes by name and id to consistently return
STATUS_OBJECT_PATH_INVALID if the parent FID no longer exists.
Change-Id: I94f56e5b525a35279152f6f7848654a56bbfa235
Reviewed-on: http://gerrit.openafs.org/6446
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Two minor code modifications to make the code easier to read.
Change-Id: I1cf72911ace4eff17c857cd000cb24fbe0f28c2b
Reviewed-on: http://gerrit.openafs.org/6433
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
If the cm_buf_t is held by the redirector the buffer cannot
be written back to the file server even if dirty. Therefore,
do not check whether or not the cm_buf_t is dirty until after
it is known that the buffer is not redirector owned.
Change-Id: I10dc8f74915c2267dc44138284eba273eb708e0a
Reviewed-on: http://gerrit.openafs.org/6432
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The worker thread can race with a AFSCleanup() operation and
tear down the Fcb before the AFSCleanup() drops the Fcb->NPFcb->Resource.
Avoid this race by requiring the worker thread to obtain the resource
once before deleting the resource.
Change-Id: Iafad8260c5dfc4187a62c04b14d55ac0bf0e4aeb
Reviewed-on: http://gerrit.openafs.org/6462
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
If the cache manager has a valid callback at the start of a
directory enumeration, the service can begin a bulk status rpc
which can fail. The error code from the rpc is never propagated
to the caller, therefore the caller loops forever attempting to
complete the enumeration with status info.
Fix it by returning the error.
Change-Id: I53892ddf338152d53c533ef31c3b1047c96bfbf2
Reviewed-on: http://gerrit.openafs.org/6461
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
If AFSInsertHashEntry() fails, the object information structure
that was being inserted is not in the btree. Therefore, ensure
that the object does not have the AFS_OBJECT_INSERTED_HASH_TREE
or AFS_VOLUME_INSERTED_HASH_TREE flag set (as appropriate).
This permits the unreferenced object to be garbage collected.
Change-Id: I023f765571a7ba014556d9505ab2d46ec930f1a2
Reviewed-on: http://gerrit.openafs.org/6458
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The cm_BPlusDirEnum family of functions are atomic when generating
the directory enumeration but are not atomic with respect to the
rest of the system as the enumeration is accessed. Therefore, the
data version of the directory at the time the enumeration is created
may not be the same as the directory version when the enumeration
is fully processed. We therefore store the initial data version in the
cm_direnum_t object.
When the enumeration is fetching status information for each of the
directory entries, it is possible that the fetch status will fail.
We therefore store the fetch status error code in the cm_direnum_entry_t
object. By doing so, the consumer of the enumeration can make a
reasonable decision about the lack of status info. For example,
if the resulting error is CM_ERROR_BADFD it is known that the entry
has been removed from the directory since the initial enumeration.
Change-Id: I289881e2c59525a9f998559b00769d3ac3f335c0
Reviewed-on: http://gerrit.openafs.org/6452
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
If the directory status object is the same as the object for which
status info is being merged, the object will refer to itself as its
own parent. Do not permit that.
Change-Id: I6f7b6416f4c875a30dd5b85ba679389484523b12
Reviewed-on: http://gerrit.openafs.org/6451
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
CM_SCACHESYNC_STOREDATA is used to ensure that only one directory
modifying rpc can be issued to the file server at a time on a
single cm_scache_t. However, the local directory modifications
were being made after cm_MergeStatus() and cm_SyncOpDone()
were called. As a result, serialization of changes against the
local directory buffers and b+tree was lost.
Change-Id: I1e99685767b6b9b51e546be0946b189386e8dbd2
Reviewed-on: http://gerrit.openafs.org/6450
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Improve or correct a number of log messages. Report the correct
FID or NT Status value, etc.
Change-Id: I434b47e1350767f868170323280298f77e1a840a
Reviewed-on: http://gerrit.openafs.org/6442
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
If a symlink cannot be resolved, return STATUS_REPARSE_POINT_NOT_RESOLVED
instead of STATUS_ACCESS_DENIED. The symlink is after all a reparse
point. This results in a more meaningful error being delivered to
the end user.
Change-Id: I30713dac7b916efaf3cf7a5d7717cb0bc971a31a
Reviewed-on: http://gerrit.openafs.org/6441
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The idle dead timeout processing must eventually be removed
from Rx for initiators. In the meantime, make the timeout period
ten times longer than the hard dead timeout. This permits eventual
failure when the server doesn't respond in ten minutes but avoids
more transient issues.
Change-Id: Ia673666dd55b33c4375ee8fdcbb89c82e8b01185
Reviewed-on: http://gerrit.openafs.org/6440
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The CRT allocator cannot be used for memory that will be freed
by afsrpc.dll. Use xdr_alloc() instead.
Change-Id: Idd33710c225d58b4e6eba0bfdb2f8b3282996258
Reviewed-on: http://gerrit.openafs.org/6439
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
There is no need to manually remove an entry from a queue before
executing osi_QRemoveHT(). osi_QRemoveHT() removes the item
from the queue and fixes up the pointers correctly. Manual
intervention is a waste of cpu and can be harmful.
Change-Id: Iaea4ceac2cb5f61e5bb73fd181bd934e06ddf0a6
Reviewed-on: http://gerrit.openafs.org/6437
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The thread id type is DWORD not size_t for consistency
with the rest of the client_osi package.
Change-Id: I2e2d31d8738d9de82d99f346f5109de133f3e25e
Reviewed-on: http://gerrit.openafs.org/6436
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
osi_TWait() was adding new locks to the turnstile at the tail
which is the end of the queue locks are removed from. This
implemented LIFO instead of FIFO when FIFO is the "fair" order
to service lock requests.
osi_TWaitExt() is added to permit the Reader to Writer upgrade
request to use LIFO when more than one reader is present.
Change-Id: Ib6435a3edc2cb8519939cfad93e0db4b0604da2d
Reviewed-on: http://gerrit.openafs.org/6435
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The osi_TEmpty() macro examines the values of the turnstile
pointers. Instead use the lock's 'waiters' counter to determine
if there are waiting threads to signal.
Change-Id: I8e14a03a30adcf1e67b07fc020104c2ada3b5c6a
Reviewed-on: http://gerrit.openafs.org/6434
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Modify src/kauth/user_nt.c to match the service name search
order of the Unix code:
kerberos4
kerberos-iv
kerberos
The standard Windows SERVICES file includes "kerberos-iv" as
port 750.
FIXES 127907
Change-Id: I518a812cc2d465334e8ef6929f8988c51b33749b
Reviewed-on: http://gerrit.openafs.org/6430
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
An undercounted afs_conn can easily cause a panic and/or memory
corruption later on, since we put an rx_connection reference with each
afs_conn reference. Panic as soon as we detect this, as this indicates
a serious bug.
Change-Id: I251fd3303114d0822b8cf70805a8a447986a7762
Reviewed-on: http://gerrit.openafs.org/6413
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Writing a non-free non-discarded dcache entry with a zero volume id
can easily cause hash table corruption later on, so make sure we don't
do that. Also log something if the write itself fails, as this usually
indicates an unusual situation involving I/O errors or something.
Change-Id: Ib9602227e8cee324cb63a4a3dee28e53af69b446
Reviewed-on: http://gerrit.openafs.org/6419
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Make callers of afs_GetValidDSlot deal with getting a NULL dcache,
which can occur if an error is encountered. Some of these just panic
at least for now, since a code path for recovery is complex, but this
is at least better than dereferencing a NULL pointer.
Change-Id: I4022a914bbaa0e1f3f4daadfdc32d165a6e2febd
Reviewed-on: http://gerrit.openafs.org/6418
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Currently afs_UFSGetDSlot will silently swallow any error in reading
the specified dslot from disk, and will return a "blank" dcache to the
caller. However, many callers of afs_GetDSlot will be asking for a
dcache that we know exists, and more importantly, we know is on the
global hash table. If a disk error is encountered and we're given a
"blank" dcache, we will erroneously believe the dcache entry is not on
the hash table, causing corruption of the hash table later on.
So instead, modify all callers of afs_GetDSlot to use either
afs_GetValidDSlot or afs_GetNewDSlot. Calling afs_GetValidDSlot
indicates that the given dentry index is known to be valid, and any
error encountered while reading the entry from disk should result in
an error (for disk I/O errors we have no control over, this results in
a NULL dentry returned; for internal consistency errors we panic).
Calling afs_GetNewDSlot indicates that the specified index may not
exist or may not be valid, and so returning a "blank" dentry in that
case is fine.
For memcache, the situation is the same, except any time we go to
"disk" it is an (internal) error, since there is no disk.
Change-Id: I53ea6e99649e4d6d5cbde58929dfcee1d45a3e7b
Reviewed-on: http://gerrit.openafs.org/6417
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
All callers of afs_GetDSlot were passing NULL as the second argument
to afs_GetDSlot. So, remove the argument, and behave as if tmpdc was
NULL unconditionally.
Change-Id: I138fe917d739c3020c35c20da48ffdf38f682fd6
Reviewed-on: http://gerrit.openafs.org/6416
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Currently afs_osi_Read and afs_osi_Write just return -1 on any I/O
error, even though they know the error code given from the OS VFS.
Just return that code instead so the caller can see what the error
was; but negate it, so it's clear that it is an error.
Change-Id: I3d8350da18d075713356137a1cacf182a749fe3e
Reviewed-on: http://gerrit.openafs.org/6412
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
afs_osi_Read and afs_osi_Write need to return negative values on
error. EIO is not negative; return -EIO so we don't accidentally
return "success" if someone requested to read or write EIO bytes.
Change-Id: Id0693776737fdf7086de16a935ad3942f5026e55
Reviewed-on: http://gerrit.openafs.org/6411
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
get_cred_keylen can yield a type besides an unsigned int (such as a
size_t on heimdal). But we are printing it with %u, which causes a
warning, so cast it to an unsigned int.
Change-Id: I7b89de5b0b163b9532ac347e9c56e865cb58f266
Reviewed-on: http://gerrit.openafs.org/6410
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
FUSE exists in Solaris 11, but it does not come with a fuse.pc
pkg-config configuration. Autodetect the presence of FUSE anyway.
Change-Id: Ia052ba0a1bfe511dd051f3cfbee10395dc9d2c60
Reviewed-on: http://gerrit.openafs.org/6422
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
The FUSE in Solaris 11 has a couple of quirks; work around them.
Change-Id: I29b8a8858467d1c6ebacb4926a15165feae64f2c
Reviewed-on: http://gerrit.openafs.org/6421
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Currently we parse cacheinfo in afsd_run, when the client is
initialized and started. Parsing cacheinfo can change
afsd_cacheMountDir, however, which may be of interest to afsd.o users;
in particular, libuafs exposes this via uafs_MountDir(). This means
that if a mount dir is not explicitly specified in the libcmd
arguments to afsd, a libuafs-using program will see the mountpoint as
the empty string if it is queried after afsd_parse but before
afsd_run. For afsd.fuse, this causes the cryptic error message:
fuse: bad mount point `': No such file or directory
since the mountpoint is the empty string if it is not specified
explicitly on the command line.
To fix this, move cacheinfo parsing to effectively near the end of
afsd_parse, so the mountpoint is calculated in afsd_parse().
Change-Id: I058f2c7c2f0cc21db21c4b1d38ff63b9e9ed1562
Reviewed-on: http://gerrit.openafs.org/6400
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
By default, fuse mountpoints are only accessible by the same uid as
that which mounted the fuse filesystem. When we're running as root,
specify -oallow_other so by default anyone can access the afs
mountpoint.
Change-Id: Idc732a22136fbe6bc585b76ac6291d8518f1f9de
Reviewed-on: http://gerrit.openafs.org/6390
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
The VolumeLock resource was obtained during each AFSParseName()
and held across a wide range of operations including volume
info queries, renames, and extent requests. These operations can
take a long time to complete and as long as the VolumeLock was
held exclusively there could only be one operation in flight at
a time on a given volume. This significantly reduced the parallelism
of operations.
The VolumeLock was not required in almost all cases. This patchset
adjusts the use of the VolumeLock and avoids the bottleneck.
Change-Id: I9d60fe41d157b9e315aeaa15feee8d1e0d4ded4c
Reviewed-on: http://gerrit.openafs.org/6420
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The cm_scacheLock is dropped while walking the scache LRU queue.
As a result it is possible for the cm_scache_t that is being
considered for recycling to be accessed and moved to the head
of the queue.
Track the prev and next pointers so it is possible to detect if
the cm_scache_t that is about to be recycled has been moved. If
so, restart the search from the tail.
Change-Id: I6c3b645b85aa60197b9b6d60cffdcb818eb6f4b2
Reviewed-on: http://gerrit.openafs.org/6424
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Now that it is permissible for more than one store data operation
to construct BIOD lists in parallel, cm_BufWrite() must be willing
to wait in cm_SyncOp(). Otherwise, the daemon threads will spin.
Change-Id: I77ee2005025de9255b4c9cdb8bed8efc44b9518a
Reviewed-on: http://gerrit.openafs.org/6423
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
If we notice that time has gone backwards (that is, the current
time is older than the time of the last event we fired), then we
reschedule all pending events.
On Windows, immediately after we have resumed from a suspend, this
code path can be executed with an empty event tree, causing an
exception:
FAULTING_IP:
afsrpc!adjustTimes+cf [c:\src\openafs\openafs.git\repo\src\rx\rx_event.c @ 213]
00000000`61041847 4c8b4030 mov r8,qword ptr [rax+30h]
EXCEPTION_RECORD: ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 0000000061041847 (afsrpc!adjustTimes+0x00000000000000cf)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: 0000000000000030
Attempt to read from address 0000000000000030
Resolve this by checking for an empty tree before we attempt to adjust
event times. If the tree is empty, we just zero the last event time
(so we don't keep running the adjustTimes routine), and continue as
normal.
Change-Id: I42a42ff1bd53a9d5c4733efc7ac5f629426b3aa1
Reviewed-on: http://gerrit.openafs.org/6425
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
1. Perform a CcFlushCache() any time the file is cached
and the Context Control Block indicates that the handle
has FILE_WRITE_DATA permission.
2. Perform an AFSFlushExtents() whenever there are dirty
extents and the handle has FILE_WRITE_DATA permission.
No point flushing the extents if the AuthGroup does not
have write permission. Another Ccb must exist that does
have write permission.
Change-Id: I3ece011b484c12e7dc936b81c272ba6a42f6c7d6
Reviewed-on: http://gerrit.openafs.org/6399
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Only an AuthGroup belonging to a Context Control Block that was
granted the FILE_READ_DATA permission is capable of reading
data from the file server.
Change-Id: I93a7d8e65a6bc87b44399a30da5c0dd7d4e07685
Reviewed-on: http://gerrit.openafs.org/6398
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
If AFSRequestExtentsAsync() fails to obtain requested extents
due to STATUS_ACCESS_DENIED using the AuthGroup associated with
the Context Control Block, try to find an alternate AuthGroup
to use to perform the extent request. We have already told
Windows what permissions the application has when the file was
opened. Windows will perform its own validation checks prior
to permitting the data to be accessed or altered.
Change-Id: I430657e8c8e30c9f636a5ec81065af4122c926d7
Reviewed-on: http://gerrit.openafs.org/6397
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The afs redirector current tracks the most recent extent error
in the File Control Block. Prior to this patchset the error
was returned to the requesting thread when the process Id matched
the most recent Process to issue a request. This approach resulted
in a couple of problems.
1. There are multiple threads that can issue an extent request
on the same file at the same time representing different processes.
Resetting the process Id with each new request could clear the
error prior to its receipt.
2. The failure may be due to inappropriate permissions. Permissions
are not associated with proceses but with Authentication Groups.
This patchset makes several changes:
1. It enables the afsd_service to track the active authgroup as
part of the cm_user_t structure and associates that object with
the BIOD object to ensure that the active authgroup can be
reported to the afs redirector.
2. It modifies the AFSExtentFailureCB structure to include the
AuthGroup GUID.
3. It tracks the AuthGroup GUID associated with the extent
failure in the non-paged file control block.
4. It converts all tests on Process Id to use AuthGroup instead.
5. It alters the behavior of error delivery such that reported
error is only cleared after it has been reported once to a
thread using the matching AuthGroup.
These changes make the situation better but not perfect as error
states can still be lost. However, it avoids the case most often
seen in production where two processes (a end user process and an
anti-malware process) are fighting over a file and the anti-malware
process has no permission to access the file under its own credentials.
Change-Id: Ia5c3877b8d46de695c86884c4166dc812885a72c
Reviewed-on: http://gerrit.openafs.org/6396
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Peter Scott <pscott@kerneldrivers.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
