* re-enable LogoffTokenTransferTimeout and LogoffTokenTransfer.
Tokens are now destroyed at logoff based upon the values specified
here. Default is ON and 120 seconds. Setting this to OFF will
result in tokens never being destroyed. This will leak memory.
* protect global queues with mutexes and avoid a variety of race
conditions.
(cherry picked from commit 97304b84f76154d067717e3b34a3525abebc0cf7)
and jhutz@cs.cmu.edu
The size of h_maxSlots as computed based upon the value of
MAX_FILESERVER_THREAD is too small. It is possible for h_lwpIndex
(in the pthread case) to have produce the same Slot value for multiple
threads. In that case it is possible for the following to occur:
X: h_Hold_r(host)
X: H_UNLOCK
...
E: H_LOCK
E: Check h_Held_r(host); it is true, so don't hold
E: H_UNLOCK
X: H_LOCK
X: h_Release_r(host)
X: h_TossStuff_r(host) [called by h_Release_r]
X: H_UNLOCK
E: CheckHost(host)
The end result would be a crash due to a reference to a null field
in the host processed by CheckHost.
This patch is a bit of a hack in that it solves the problem by increasing
the number of slots for threads and does not determine the correct number
of threads the process should be allowed to produce.
(cherry picked from commit 4a5dda84178842e3eaa61d03fecc96149333dd13)
There should never be a case where h_Enumerate calls CheckHost with a
host whose callback_rxcon that is NULL. However, due to a bug it ended up
being the case that it happened. An examination of the CheckHost code
showed that the check for the HOSTDELETED flag should take place before
a reference to callback_rxcon is obtained. If HOSTDELETED were set, the
code would simply release the reference immediately. However, the process
of obtaining and releasing the reference required dropping and obtaining
locks that would be a performance hit.
(cherry picked from commit ff40c87da3ce4c6a7a58c08eaa223e8760dc8f73)
This patch:
(1) removes the rest of the dead logoff code that was originally
stripped of any meaning by DELTA
winnt-win2000-win98-afs-client-updates-20010623.
(2) gives new meaning to smb_TokenTransfer and smb_TokenTransferTimeout.
these variables now control how long a smb_username_t and its
associated cm_user_t and its cm_cellinfo_t (including tokens)
will be preserved after a logoff.
(3) adds logic to detect logoff conditions
(4) adds cm_CheckVCs(). This function probes the SMB client with a ECHO
response to determine if the associated SMB virtual circuit is still
valid. This is executed once every five minutes by smb_Daemon()
and whenever the machine's IP addresses change. This allows
abandoned VCs to be detected and the associated user credentials,
file handles, and locks to be cleaned up. This will also prevent
the exhaustion of the limited number of SMB sessions.
====================
This delta was composed from multiple commits as part of the CVS->Git migration.
The checkin message with each commit was inconsistent.
The following are the additional commit messages.
====================
and remember to mark the session dead so it can be re-used
====================
fix an error caused by patch conflict during pullup
(cherry picked from commit 7fde756a2c6f17e6a3b0db7659c6edcc2eaa0bd7)
FIXES 25647
don't do lookups on the wrong vnode, if it's a mvstat=1 vnode, it's not useful
(cherry picked from commit a784c131709a8252fa1e8cb4ce49cb0c655dd7aa)
The Integrated Logon hack of setting a token for a smb name different
than the one associated with the current smb session fails when smb
virtual circuits, sessions and username objects are properly reference
counted. When refcounts are not leaked the constructed smb_username_t
is destroyed immediately after the token is set since there are not
references to it from a current session.
The fix is to mark the smb_username_t object with a flag indicating that
it was created by the Network Provider. This flag prevents the destruction
when the refcount is zero so that it will be available at the time the
smb session is created (just a moment or two later.) During the binding
of the smb_username_t to the smb_vc_t the flag is cleared allowing the
tokens to be destroyed when the smb session is closed.
(cherry picked from commit 70b76b3a1cff1dabe9b10b8222cd84fc207b6704)
In smb_ReceiveNTCreateX the lock check, cm_CheckNTOpen(), must take place
before we allow the file to be truncated.
(cherry picked from commit d921ee381aa46e4385524f0c31ca5ad606aa920a)
FIXES 22260
allow newvcache to fail without ooping
sort of nasty, if you want more vcaches, say so.
(cherry picked from commit c19324c8574c66f18cd18f2df4beb486460205aa)
another location where EHOSTUNREACH can be returned
such that we can timeout the request immediately
(cherry picked from commit f7b9cd54e50e553486c2ad850df1a8ecaee0d954)
This patch fixes several issues:
* the smb virtual circuits can be active and/or dead. this patch
improves the handling of vc's making the transition from active
to dead
* correct the refcounts on the smb_user_t and smb_vc_t objects
* replace the deprecated GetCurrentTime() with GetTickCounts() which
is the new name. This function needs to be replaced with something
else because its return value wraps after 49.7 days
* hold the correct locks when adjusting the scp->fileLocksH queue
(cherry picked from commit 880a6b66a5477e092d5bb74febbf24639d786c64)
move allocations for SYS_NAME_ID_amd64_w2k and SYS_NAME_ID_i64_w2k to avoid
conflicts
(cherry picked from commit fb6d1dacfc256386f32f59fe4335b546a7d368c3)
the smb_username_t objects are reference counted but they were never
released on their own accord. Instead the smb_uid_t objects when
released were also cleaning up the smb_username_t. Since the smb_username_t
is reused, now that smb_user_t objects are being cleaned up, this was
a problem.
(cherry picked from commit a9df3ca715f483a31c14b72bae3f548a4c9291d4)
When SMB sessions are prematurely terminated as part of the tear down
of the virtual circuit we must clean up any remaining file handles,
tree connections, and user sessions.
(cherry picked from commit 78c40badbd8c65d82f6c384fdff8056c03100b67)
* Update architectural documentation
* Allow locks to be obtained as soon as it is possible instead of
enforcing a requirement that locks be granted in order.
* Fix other bugs
* Disable byte range lock processing
(cherry picked from commit f057d9515c72609e4ca9e51ff96f658689679497)
don't improperly enforce read attribute restriction on child instead of parent
when it's a directory
avoid screwing ourselves on mode 0 files, also
(cherry picked from commit e07a781b20272a629f73cf8b2377ee8e3bd6cd99)
Add man pages for rxgen and cmdebug. The cmdebug man page was written from
scratch based on the source code. The rxgen man page is a conversion of an
old TeX document to POD.
(cherry picked from commit 8863143052cb1a60de4fe90c1617df0bb3eca931)
Add new man pages for livesys and voldump. Fix the man page for sys to say
what it actually does, rather than implying that it works like livesys, and
to recommend livesys instead. Fix a path error in the NetInfo
documentation. Update the README for the current status, including
listing all installed commands that don't have man pages. (There may still
be some subcommands that don't have man pages but aren't listed.)
(cherry picked from commit 90bc5c0092652b047c4eabffb5577e05859c80f4)
On installation, substitute the configured paths into the man pages,
replacing the Transarc paths. Also fix a problem with the way that
pinstall was being used to install man pages. (Silly me, I was assuming
it had the same behavior as install.)
This is just a quick first pass. Longer term, it's probably better to
replace all paths in the man pages with unambiguous tokens and then
replace those tokens instead of assuming that the man pages use Transarc
paths and replacing those paths specifically. The current method has a
few minor problems, such as not being able to distinguish between the
various paths that make up /usr/afs/bin. Still, the results of this method
are good enough to start with.
(cherry picked from commit 5fde2994348d1c7f6239f98aac355011125b06ad)
