When ShakeLooseVCaches is called from afs_Daemon, the xvcache lock
is not held. This means that if the GLOCK is dropped for any reason
(for example, whilst purging the dentry cache), then
ShakeLooseVCaches can be raced, end we can end up attempting to
flush the same vcache twice.
The symptoms of this in Linux are that we oops in clear_inode.
Get the xvcache lock in afs_Daemon(), before calling
ShakeLooseVCaches. Also, remove the conditional GLOCK code from
that function. If we don't have the GLOCK on entry, then we're really
in trouble (and both code paths - afs_Daemon and afs_NewVCache should
get the GLOCK for us, anyway)
FIXES 125589
Change-Id: I3fe5b41a661cd162ec73c51492925ad87c6d4c13
Reviewed-on: http://gerrit.openafs.org/781
Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com>
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Recalculates a volume's disk space used and number of files upon
every clone where it is effortless. Even though tracked mostly
correctly, bugs and accidents leave their traces which only a
salvage would correct.
Change-Id: Ied6fb9eb3944b6e30eac175fe42649c5b7cfaefb
Reviewed-on: http://gerrit.openafs.org/756
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
everything else on osx will look for config in /var/db/openafs; make
fstrace do the same
Change-Id: I7b787435343b15c82cd8eb8f3ed00096d469e888
Reviewed-on: http://gerrit.openafs.org/772
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
the 64 bit pointer massaging was incomplete for kernel
tracing on macos. add in the missing cases.
Change-Id: I38eb608c233819ab437adec25e2cd3afac3e234e
Reviewed-on: http://gerrit.openafs.org/771
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Preserve the credentials used for cache initialisation and use then
whenever disk cache files are opened. This takes advantage of the
credentials separation work from David Howells available in kernels
2.6.29 and above.
Access to cache files was done under the security context of the
user process, causing processes constrained by selinux or AppArmor to
fail to access AFS cache files and causing the cache manager to panic.
Besides the RT tickets, should also fix the following Ubuntu bugs:
415766 429260 457779 459299
FIXES 92944,125544
Change-Id: Ief8acd65c1a3e4d8c951f80bfd65f8340b8cec34
Reviewed-on: http://gerrit.openafs.org/752
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
Many callers of h_Lock_r do not check if the HOSTDELETED flag is set,
even though it could have been set while waiting for the host lock. Add
checks for it everywhere we call h_Lock_r and we care if the host has
been deleted.
FIXES 125507
Change-Id: Id1430529a1afdb5e2af29d40148877f5e4260a41
Reviewed-on: http://gerrit.openafs.org/716
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
Avoid trying to contact the salvageserver for any reason while we are
shutting down. During shutdown the salvageserver may not be around
anymore, so any SALVSYNC communication will appear to hang.
Just set a global flag to indicate 'no-SALVSYNC' on shutdown, in
addition to the thread-local flag we already have.
Change-Id: Id96f20917fd0753b4934a0377b91032b2ea3d0dc
Reviewed-on: http://gerrit.openafs.org/765
Tested-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
In the FSYNC_VOL_OFF handler, fssync-server.c errors out if the call to
VGetVolumeByVp_r fails. However, this can fail if the volume is in an
error state such as SALVAGING. Normally we don't even call GetVolume
when the volume is salvaging, but the volume state can change to
SALVAGING inside GetVolume. This is particularly likely to happen on a
demand salvage, since we switch to the SALVSYNC_REQ state when
scheduling the salvage, and if we are still in that state when the
salvaged child requests a VOL_OFF, we will fail to get the heavyweight
ref.
Fix this in two ways. First, we VWaitExclusiveState_r before examining
states for the short-circuit logic so our view of the volume state is
more accurate. Second, re-examine the volume state after the call to
GetVolume, and perform the same short-circuit logic, since the volume
state may have changed during GetVolume.
Change-Id: I4ebb87691c28170b42e0056b342477a12d0f6888
Reviewed-on: http://gerrit.openafs.org/769
Tested-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
When hostList is not properly NULL-terminated, the current code does
not protect from buffer overflow. The following patch prevents buffer
overflow, prints a message, and asserts.
On our Linux hosts, we never reached the original assert, as there is
a problem handling the segfault the buffer overflow causes.
FIXES 125506
Change-Id: Ifce92c593d17050e45add9e37a7a9ed4fbc377ef
Reviewed-on: http://gerrit.openafs.org/757
Reviewed-by: Dan Hyde <drh@umich.edu>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
Recent RHEL kernels now define simple_write_begin, which was used as
a test for the write_begin address_space op. This makes the test
succeed when it shouldn't, and breaks the build.
Rewrite the test to actually check the address_space operation.
Change-Id: Idac9b318ff716b61bf8ca4508d2dbdbfbad5b50d
Reviewed-on: http://gerrit.openafs.org/759
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Tested-by: Marc Dionne <marc.c.dionne@gmail.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
At shutdown we check for unfreed memory allocated with AllocSmallSpace
and AllocLargeSpace and complain in the syslog if there are dangling
pieces. This patch takes care of a few cases that always showed up
as warnings, even after a simple start-stop of the client.
- The cacheInode file needs to be closed before the checks, since it
uses a large piece for its struct file.
- The ICL logging code allocates 6 small pieces that are never freed.
Add a shutdown_icl() function that releases everything. While we're
at it, correct one place where we allocated with afs_osi_Alloc but
freed with osi_FreeSmallSpace, confusing our accounting.
Change-Id: I4c28c848f155dec9d89e6199cde34209227ca5c9
Reviewed-on: http://gerrit.openafs.org/758
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
This field was once used to track allocations in a credentials pool.
That code was removed a few years ago but the field remained.
Change-Id: Ieac642d7d55c4da766a5a3aa8ff790a514b606d6
Reviewed-on: http://gerrit.openafs.org/753
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Dan Hyde <drh@umich.edu>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
This patch cleans up the cache bypass code so that it uses a
consistent form of indentation throughout the file.
It also changes the do { } while(0); macros to omit the trailing
semicolon, as macro definitions with trailing semicolons break
normal coding conventions.
Change-Id: Id5161fe4b1ba27110e41ed27e14a2bb3c9cccd4a
Reviewed-on: http://gerrit.openafs.org/754
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Since h_Release_r has the possibility of freeing a host, we should not
be using a host after it has been released. A few places can still use a
released host, potentially causing heap corruption, double frees, and
generally weird behavior.
So either move calls of h_Release_r until after we finish using a host,
or make sure to set the pointer to NULL after it has been released.
Change-Id: I3d5275c3862003e372d3c19a5462e62bf9cb269e
Reviewed-on: http://gerrit.openafs.org/747
Tested-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Dan Hyde <drh@umich.edu>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Our style for function definitions has the name of the function as
the first item on a new line - this means you can find a definition
by using grep ^functionName. Fix the disconnected code to follow this
style.
Change-Id: I925039070f2bbbd97f04fbee006ea08df92d7cf5
Reviewed-on: http://gerrit.openafs.org/751
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
9d396c4916 (from 2005) introduced
autotuning for afsd, and changed some of the defaults which aren't
autotuned. Update the afsd man page to reflect the autotuning, and
the new defaults.
Change-Id: Iea2035743cb45cca1c249bc2e838405039ad7d3a
Reviewed-on: http://gerrit.openafs.org/744
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
1206e7538b added linux/errqueue.h to
rx_user.c, but added the include in the middle of a function - which
means that the new structure is out of scope for the rest of the file,
which breaks the build on Linux.
Put the header include at the start with all of its other friends.
Cc: Alf Wachsmann <alfw@slac.stanford.edu>
Change-Id: Id932ff63b59e6cd62eda3df4f01e4eef354736ca
Reviewed-on: http://gerrit.openafs.org/748
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Squash a warning about lt being potentially used uninitialized.
Change-Id: I41bfccfd1a0db925a4d728a217b154f45c28b112
Reviewed-on: http://gerrit.openafs.org/742
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
When we're not in AFS_MAXVCOUNT_ENV, make afsd_dynamic_vcaches a
static 0, which allows the removal of a scattering of #ifdef's in
the middle of conditionals in afs_vcache.c, and generally improves
the code browsing experience.
Also, move the externs for this variable to afs.h, where they belong,
and fix related formatting.
Change-Id: I4d56ebae63fe1855ac80f8511b9fc76f7e5a326f
Reviewed-on: http://gerrit.openafs.org/741
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
When iterating across the buffer list, afs_newslot used a hardcoded
maximum time to find the oldest. Instead of using this, just use the
accesstime of the first unused buffer that we find as the oldest, and
continue as normal.
Change-Id: Ifeacb8a407901b46a23fbc838b1fca761108ebbb
Reviewed-on: http://gerrit.openafs.org/738
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
Both dynamic vcaches and rxmaxmtu had been committed as using the
35th command entry. Fix this according to the order they are in
the command list (35 and 36, respectively). Tidy up the command list
so it's easier to read, and remove the #ifdef notdef entry from it,
as adding it back in would just cause chaos.
Change-Id: I3fce403aa0ab01c42f0e1a48ae401503b0e21c24
Reviewed-on: http://gerrit.openafs.org/740
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Back in 2002, 0eb68f307a was committed
to fix locking problems in dir/buffer.c.
Sadly, similar changes were never made to afs/afs_buffer.c, so the
same problems remain in the cache manager.
The issue here is with two processes racing in afs_newslot. Calls to
afs_newslot protect buffers with a zero reference count using
afs_bufferLock. If we release afs_bufferLock, before we increase the
reference count of the vcache, then we can end up with newslot
picking the same buffer for two different purposes.
The GLOCK actually protects us from the worst of this, but this fix
is necessary both for correctness, and for symmetry with the file
server buffer code.
Change-Id: I7f1c7d6571559c5f1784926c39d4889b77677231
Reviewed-on: http://gerrit.openafs.org/737
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
The pininodes option has been commented out of afsd since the
original OpenAFS commit. Enabling it now would cause chaos, due to
the way that cmd orders its arguments. Just remove the sections
of code to avoid this danger.
Change-Id: I9e9944d4470fd21d2ec9e36e17771b499d7c8e0b
Reviewed-on: http://gerrit.openafs.org/739
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
The convertROtoRW code for the inode fileserver makes copies of the
volume's special inodes, but leaves the old (RO) inodes around. If the
RO is created again, this will result in duplicate special inodes for
the same volume, which freaks out the salvager (and possibly other
things).
So IH_DEC the old RO special inodes after converting, so they go away.
Change-Id: Ifefa2cb69c5b2960b81dbee9d54e5ea8401b240e
Reviewed-on: http://gerrit.openafs.org/735
Tested-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
ubik_VL_GetAddrU accepts a pointer to a uniqifier and not
a pointer to a VLCallBack structure. Remove an incorrect
cast and provide the correct parameter in src/volser/vos.c.
Change-Id: I4b12cf2d4c65f115fdef76f0a4306960b5cd0413
Reviewed-on: http://gerrit.openafs.org/733
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Running salvageserver with the -client and -showlog options will
currently segfault, since -client does not open logFile, and -showlog
will attempt to rewind logFile on exit.
Fix this by not allowing -client and -showlog together (since it won't
work anyway, as -showlog tries to read SalvageLog), and by making
showlog() check logFile for NULL-ness.
Change-Id: I30f43ef1696f1e7e8873b9e1cc3867b4e06d1980
Reviewed-on: http://gerrit.openafs.org/734
Tested-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Remove check on powerStateSuspend in cm_Daemon()
Update the server Reference lists if the ranking changes.
Change-Id: Id290e0f98c616a12f4f8b1746dca58ad7a0f06ce
Reviewed-on: http://gerrit.openafs.org/729
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Jacob Thebault-Spieker <summatusmentis@gmail.com>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
This adds the functions cm_RankUpServers() and cm_RankServer() to
the Windows cache manager. cm_RankUpServers() steps through the
list of servers, and calls cm_RankServer(), which in turn re-ranks
the servers that are currently up based on rx peer statistics as
exposed by rx_GetLocalPeers().
cm_RankUpServers() is called every 10 minutes by the cache manager
daemon, so as to allow re-ranking of the servers.
Also added is the struct server->adminRank data structure, to
allow for the modification of the rank that the admin has set,
without but basing this modification on the admin-set rank.
Change-Id: I118b885e179e4f84901dd9a3180ce821f194feb8
Reviewed-on: http://gerrit.openafs.org/317
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Clean up the 'all buffers locked' console message so that it's
clear that it comes from AFS, and so it has a trailing newline.
From a bug report by Rainer Toebbicke to openafs-info
Change-Id: I3f69e57e37a91ae3e6e8822ccfe72dddc06b4359
Reviewed-on: http://gerrit.openafs.org/732
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
When we're called from write(), we don't have the option
of deferring the writing of a page by returning AOP_WRITEPAGE_ACTIVATE.
Instead, write() simply sees this as the output of 0x8000 bytes of data.
So, whilst we can mark a vcache as being output, we can't defer the
processing of one which is already being written (by, for example, an
earlier writepage()).
This problem only affects files which are have mmap() and write()
called in quick succession, but it does break the fsx utility.
Change-Id: I750a186de38da9873665a862f5b584a78e6979ad
Reviewed-on: http://gerrit.openafs.org/725
Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com>
Tested-by: Marc Dionne <marc.c.dionne@gmail.com>
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
We have no control over the context in which the kernel calls our
writepage routine. It may be from the process which original wrote the
page, from any other process on the system which is writing and goes
over the dirty page threshold, or from the flush thread (pdflush /
flush-afs). Therefore, we cannot use the credentials of the current
process to perform the writeback. This is an issue both for afs_write
(which, in our current MM model, may need to contact the fileserver
to read missing chunks), and for DoPartialWrite (which needs to be
able to store chunks when the local cache is getting full)
This patch stores the credentials of the first process to open a file in
the vcache structure. Whenever writepage() is used to writeback pages
for this file, the cached credentials are used rather than those of the
current context.
Thanks to Marc Dionne for his work in testing and refining this patch.
FIXES 125471
Change-Id: I2900f711150fd81b2b4839bbc2bf77623bde3b64
Reviewed-on: http://gerrit.openafs.org/724
Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com>
Tested-by: Marc Dionne <marc.c.dionne@gmail.com>
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Fix the transaction object races between VolMonitor and the
volume operation procedures which can cause the volume
server to crash.
Add a per transaction object mutex to safely set the
transaction call pointer and name. Fix VolMonitor to safely
traverse the transaction list and to access the call pointer
and last proc name while copying info to send to the vos
client. Fix the sleep thread to safely access the last proc
name.
FIXES 125479
Change-Id: I59595b93522d111b6a771d3d93c246bfc2ce65de
Reviewed-on: http://gerrit.openafs.org/718
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Tested-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
Currently, h_GetHost_r and removeAddress_r can destroy the
callback_rxcon of a host. Having a NULL callback_rxcon can cause
segfaults in code that does not properly check if a host has been
HOSTDELETED before trying to use it.
Although such code is incorrect and should be fixed, we can still avoid
a segfault in those situations by not destroying callback_rxcon until we
destroy the host itself. This just prevents destroying callback_rxcon in
h_GetHost_r and removeAddress_r, leaving it to h_TossStuff_r to destroy
when it destroys the host.
Change-Id: I6fd5cbb924053446689c576026f9044f78ba71be
Reviewed-on: http://gerrit.openafs.org/717
Tested-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
The writepage_sync changes get error returns wrong in a couple of places. In
particular, they return a 0 code from dopartialwrite in preference to the
length return from page_writeback
Change-Id: I34a848fed5f799aa6844e9ef0339321f91c7e59b
Reviewed-on: http://gerrit.openafs.org/721
Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com>
Tested-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Add support for Windows 7 and Server 2008 R2.
Improve text in a variety of areas.
LICENSE MIT
Reviewed-on: http://gerrit.openafs.org/719
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
This change refactors writepage_sync into 4 functions -
*) prepare_writeback() readies a vnode for writeback, and performs
the anti-recursion check.
*) dopartialwrite() intialises a request and performs the call to
DoPartialWrite
*) page_writeback() does the actual work of writing an AFS page into
the disk cache page
*) complete_writeback clears the writeback flag from a vnode
There should be no change to the current behaviour of writepage_sync,
these modifications are the first part of a fix to our writepage()
behaviour.
Reviewed-on: http://gerrit.openafs.org/712
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Marc Dionne <marc.c.dionne@gmail.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
WinExec is a compatibility interface for 16-bit applications.
It is not compatible with Windows 7. Replace it with ShellExecuteEx.
LICENSE MIT
Reviewed-on: http://gerrit.openafs.org/714
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
in rx, we use pthread_self (which can return a pointer) as a pid;
in order to not cause problems, cast it as we do elsewhere
Reviewed-on: http://gerrit.openafs.org/703
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Tested-by: Derrick Brashear <shadow@dementia.org>
WinExec is for 16-bit application compatibility. Starting with
Windows 7 it cannot be used to execute a process that requires
elevated privileges. ShellExecute[Ex] must be used instead.
LICENSE MIT
Reviewed-on: http://gerrit.openafs.org/711
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
fstrace should not log sets to the kernel message log
Reviewed-on: http://gerrit.openafs.org/710
Reviewed-by: Simon Wilkinson <sxw@inf.ed.ac.uk>
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
GCC doesn't catch issues with performing pointer arithmetic on
(void *)s, unless the -Wpointer-arith warning flags is supplied.
Enable it for warning and checking builds.
Reviewed-on: http://gerrit.openafs.org/708
Tested-by: Marc Dionne <marc.c.dionne@gmail.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
exiting in library code is antisocial. if rx encounters an error
which cannot be returned and would otherwise indicate a service thread
has gone away, assert.
Reviewed-on: http://gerrit.openafs.org/668
Tested-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Tom Keiser <tkeiser@sinenomine.net>
In places where we're doing pointer arithmetic, we must cast to (char
*), because pointer arithmetic on a void * isn't permitted by the C
standard. Sadly gcc lets us get away with it 'for convenience'.
Reinstate the necessary casts.
Reviewed-on: http://gerrit.openafs.org/707
Tested-by: Jeffrey Altman <jaltman@openafs.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
