even if we get more than one match, and even if there's a space,
work anyway
Reviewed-on: http://gerrit.openafs.org/6971
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
(cherry picked from commit 745e1bb00350ac481cd0998b1623b6e040fc7312)
Change-Id: Ibd4ca5cbd5cee45793735cede8cf488a944add3c
Reviewed-on: http://gerrit.openafs.org/6972
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
in xcode 4.3, packagemaker is unbundled. make no assumptions
about where it can be found; instead, let spotlight tell us
Reviewed-on: http://gerrit.openafs.org/6966
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
(cherry picked from commit fba35ba4e1d933126c788824f464a78ca1c93bf8)
Change-Id: I5d4083fa743ef181d680ffc2934a56d8429a75dc
Reviewed-on: http://gerrit.openafs.org/6968
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
the number of things which can return success without succeeding is
truly sad.
Reviewed-on: http://gerrit.openafs.org/6911
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
(cherry picked from commit 59b57ff85acbef10bcec9724c42e3bad78538687)
Change-Id: I487ece6f991157a95e200f7764027902a2402e7b
Reviewed-on: http://gerrit.openafs.org/6965
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
InlineBulkStatus currently returns 0 unconditionally, no matter what
errors are encountered. If we encounter an error early enough, from
CallPreamble for example, we do not fill in the OutStats nor CallBacks
structures at all. Since we return success anyway, this results in the
client getting AFSFetchStatus structures full of zeroes (or garbage,
before commit 726e1e13ff93e2cc1ac21964dc8d906869e64406).
Since current OpenAFS clients do not perform any sanity checks on the
information received, this can result in cache corruption of files
being seen incorrectly as empty, and, before commit 726e1e, more
arbitrary corruption.
So instead, return an error if we encounter an error before we iterate
over the given FIDs. We still of course do not return an error for any
errors encountered during the actual metadata retrieval, as those are
reflected in the individual per-fid status structures.
Reviewed-on: http://gerrit.openafs.org/6871
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 690a4c144b53fd1f3538d83017ecf581a2bcded5)
Change-Id: I364b35cfa865d88ab664e45a5d1fc9c542cffc1a
Reviewed-on: http://gerrit.openafs.org/6957
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
OpenAFS changed the behavior of implicit administrator permission
for directory ownership. In OpenAFS only the volume root directory
owner has implicit administrator permissions and they apply to all
directories in the volume not just those with matching ownership.
Reviewed-on: http://gerrit.openafs.org/6951
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
(cherry picked from commit 95ec152a850c0cde33829481b8e71e7e7e686a58)
Change-Id: I33fd24db250ef03a60f7f24853715e6f76d297a8
Reviewed-on: http://gerrit.openafs.org/6952
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
VNOSERVICE should not be grouped together with the volume status
error codes. It is used to indicate that the RPC was not serviced.
The file server issues it when its idle dead timeout period is reached
while receiving rx call data. The client's existing status information
is still valid and the client can retry the call.
Reviewed-on: http://gerrit.openafs.org/6938
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 39964d08792f3a09694f97d7c7fa76a86ca213a7)
Change-Id: I2baf441144d24411907760175cc7fa665dc33e41
Reviewed-on: http://gerrit.openafs.org/6940
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
If d_make_root is available, use it instead of d_alloc_root.
The helper was introduced in 3.3, and d_alloc_root gets removed
in 3.4.
Reviewed-on: http://gerrit.openafs.org/6931
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
(cherry picked from commit f246aa5f84a5233b6525ae43456a8da5b7e92984)
Change-Id: I036a3845d72f99c8ba647975593da496c12a53c1
Reviewed-on: http://gerrit.openafs.org/6932
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
afs_notify_change currently just returns "-code". This can cause a
panic if the error code is negative, since we will return a positive
error code, which may get interpreted as a valid pointer value in
higher levels.
Specifically, if we hit afs_notify_change via something like this code
path:
do_sys_open -> do_filp_open -> open_namei -> may_open -> do_truncate
-> notify_change -> afs_notify_change (via inode->i_op->setattr)
the positive error value will be interpreted by do_sys_open as a valid
'struct file' pointer, and will be dereferenced.
So pass the return value through afs_convert_code, like all of the
other vnode ops, so we ensure we return an error properly.
Reviewed-on: http://gerrit.openafs.org/6776
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 634c6f184b17e30ade86c0a838ab55ddddc730d6)
Change-Id: I5083f6ce4bea5b3bea551e5d47155453b7ff2328
Reviewed-on: http://gerrit.openafs.org/6918
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
afs_notify_change is almost always used solely in inode_operations
structs, and is more similar to the other per-vnode functions. Put it
with the other per-vnode functions for better organization, and so
they can use the same static functions.
Move the helper functions iattr2vattr and vattr2inode along with it.
Reviewed-on: http://gerrit.openafs.org/6775
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit 620d4169b73088579e691aec2cfdafc7f44e2fee)
Change-Id: If721c0b13518f8a925f39bcfa1dff005ce97a6cb
Reviewed-on: http://gerrit.openafs.org/6917
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Some versions of the Solaris Studio compiler on SPARC (at least 12.2
and possibly others, but not 12.3) get a little confused by code like
this:
extern int foo;
int
somefunc(void) {
if (0) return foo;
return 0;
}
When optimization is turned off, this results in an undefined symbol
reference to 'foo' (which is normal), but the resulting object file
lacks a relocation entry for the symbol 'foo', so the symbol remains
undefined after linking. In the OpenAFS tree, this occurs in
afs_daemons.c which references afs_vcount and afs_cacheStats in this
manner due to afsd_dynamic_vcaches being defined as '0' on Solaris.
The end result is that the libafs kernel module is not loadable, since
it complains about afs_vcount and afs_cacheStats being undefined, even
though the symbol definitions are also in the module.
While this is a bug in Solaris Studio and has since been fixed, it is
simple to work around this so we are usable with more compilers. If we
just always declare afsd_dynamic_vcaches as a regular variable, it
works around this issue and keeps the code a tiny bit simpler. So, do
that.
Reviewed-on: http://gerrit.openafs.org/6888
Tested-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
(cherry picked from commit e5821239cde138f74f73bec1bd9a3880d08ac3df)
Change-Id: I42073ebc7d6822f05de89f1c38370dd70e5c7508
Reviewed-on: http://gerrit.openafs.org/6910
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
RX Security Classes have a right to assume that when RXS_PreparePacket
is called that they have exclusive access to the rx_call structure.
Commit e445faa68c5ec6e47d3fd9d7318ade71d98703a9 unintentionally
failed to acquire the call->lock prior to RXS_PreparePacket being
called.
Reviewed-on: http://gerrit.openafs.org/6904
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Alistair Ferguson <alistair.ferguson@mac.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 0fdcf171a8d2b2153648b6b799096e09eb469beb)
Change-Id: I184a3c71418eb78742fbf1bf609daca1aea57f26
Reviewed-on: http://gerrit.openafs.org/6909
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
The previous setting for three %config files mentioned in the spec file:
%config /etc/sysconfig/openafs
%config %{_prefix}/vice/etc/ThisCell
%config %{_prefix}/vice/etc/cacheinfo
When using an unadorned %config, it's possible that these files will
be replaced by the packaged version during a package update. Changing
%config to %config(noreplace) means that the packaged file will be
installed with the extension .rpmnew if there is already a modified
(from the existing package's version) file with the same name on the
installed machine.
The concern here is that updating an existing system could potentially
change the configuration if the person installing doesn't pay close
attention. The Rule of Least Surprise indicates that we should
try to preserve existing configuration changes whenever possible.
Change-Id: Ie132c12a3c5defe9bf6fec9ec0f8bd08f3d98646
Reviewed-on: http://gerrit.openafs.org/6887
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
Reviewed-on: http://gerrit.openafs.org/6889
Tested-by: BuildBot <buildbot@rampaginggeek.com>
commit 8e0aaae076f4cccfd2d6ed81ede4e355235b578e , while fixing dkms.conf for
Fedora, broke dkms.conf for RHEL. In RHEL, you get a dkms.conf with too
many backslashes in the "mv" line. The dkms.conf should have the mv line
reading:
mv src/libafs/MODLOAD-*/\$KMODNAME \$DSTKMOD"
for Fedora.
This change checks if we are building on Fedora, and if so, maintains
the extra backslashes. Otherwise, not.
modified: src/packaging/RedHat/openafs.spec.in
Uses the dist tags as specified at
http://fedoraproject.org/wiki/Packaging:DistTag
Reviewed-on: http://gerrit.openafs.org/6851
Reviewed-by: Ken Dreyer <ktdreyer@ktdreyer.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
(cherry picked from commit 81a9a33e0bc5455841ba105dab52735c64c7096b)
Change-Id: I7b1e09700d9b17e6616be71ab9dd8bc0a760996d
Reviewed-on: http://gerrit.openafs.org/6862
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: Derrick Brashear <shadow@dementix.org>
RX_CALL_BUSY is an indication that the call channel is busy not
that the server is down or otherwise cannot respond. Unconditionally
retry the RPC and do not alter state. We just want to force the use
of a different call channel.
Reviewed-on: http://gerrit.openafs.org/6852
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Hartmut Reuter <reuter@rzg.mpg.de>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 579976cf246bd55dea2dfd3bf8470fd8bb8bde0a)
Change-Id: I1ab5ed69dc707f13620d91a01227679c47bb97df
Reviewed-on: http://gerrit.openafs.org/6853
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The SMB specification permits the server to save a round trip
in the GSS negotiation by sending an initial security blob.
Unfortunately, doing so trips a bug in Windows 7 and Server 2008 R2
whereby the SMB 1.x redirector drops the blob on the floor after
the first connection to the server and simply attempts to reuse
the previous authentication context. This bug can be avoided by
the server sending no security blob in the SMB_COM_NEGOTIATE
response. This forces the client to send an initial GSS init_sec_context
blob under all circumstances which works around the bug in Microsoft's
code.
Do not call smb_NegotiateExtendedSecurity(&secBlob, &secBlobLength);
As a result of the SMB 1.x bug, all attempts to reconnect fail due to
SMB connection resets. The SMB 1.x redirector will retry indefinitely
but all processes with outstanding requests to \\AFS will block until
the machine is rebooted.
Reviewed-on: http://gerrit.openafs.org/6846
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 28a33f8492098c23f7c3c58763ace93b82ea80a7)
Change-Id: Iae19a76dfbcb95c5e3cdea046a97f26feba86b33
Reviewed-on: http://gerrit.openafs.org/6848
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
OpenAFS 1.6.x does not require the use of SDK 6.0 or above.
Therefore the Advanced Internet Connection Firewall support
may not be available. In particular, the 32-bit distribution
for 1.6.x does not rely on SDK 6.0 or higher.
This is a 1.6.x only change.
Change-Id: I8ab5bbf4c5d6e4893d5389c04ec020114a3d5683
Reviewed-on: http://gerrit.openafs.org/6841
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
When a file server returns the VBUSY error for an RPC the
cache manager records the 'srv_busy' state in the cm_serverRef_t
structure binding that file server to the active cm_volume_t
object. The 'srv_busy' was never cleared which prevents the
volume from being accessed.
Clear the 'srv_busy' flag whenever cm_Analyze() receives a
CM_ERROR_ALLBUSY error which means that all replicas have
been tried or whenever the error is not VBUSY or VRESTARTING.
FIXES 130537
Reviewed-on: http://gerrit.openafs.org/6563
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 9056d09887c84a480e0a9ee3457a9469fbb97064)
Change-Id: Ifd8204a3bba83a893188e96f85b1ad3ba078fe49
Reviewed-on: http://gerrit.openafs.org/6831
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
RX_CALL_IDLE has been treated the same as RX_CALL_DEAD which is
a fatal error that results in the server being marked down. This
is not the appropriate behavior for an idle dead timeout error
which should not result in servers being marked down.
Idle dead timeouts are locally generated and are an indication
that the server:
a. is severely overloaded and cannot process all
incoming requests in a timely fashion.
b. has a partition whose underlying disk (or iSCSI, etc) is
failing and all I/O requests on that device are blocking.
c. has a large number of threads blocking on a single vnode
and cannot process requests for other vnodes as a result.
d. is malicious.
RX_CALL_IDLE is distinct from RX_DEAD_CALL in that idle dead timeout
handling should permit failover to replicas when they exist in a
timely fashion but in the non-replica case should not be triggered
until the hard dead timeout. If the request cannot be retried, it
should fail with an I/O error. The client should not retry a request
to the same server as a result of an idle dead timeout.
In addition, RX_CALL_IDLE indicates that the client has abandoned
the call but the server has not. Therefore, the client cannot determine
whether or not the RPC will eventually succeed and it must discard
any status information it has about the object of the RPC if the
RPC could have altered the object state upon success.
This patchset splits the RX_CALL_DEAD processing in cm_Analyze() to
clarify that only RX_CALL_DEAD errors result in the server being marked
down. Since Rx idle dead timeout processing is per connection and
idle dead timeouts must differ depending upon whether or not replica
sites exist, cm_ConnBy*() are extended to select a connection based
upon whether or not replica sites exist. A separate connection object
is used for RPCs to replicated objects as compared to RPCs to non-replicated
objects (volumes or vldb).
For non-replica connections the idle dead timeout is set to the hard
dead timeout. For replica connections the idle dead timeout is set
to the configured idle dead timeout.
Idle dead timeout events and whether or not a retry was triggered
are logged to the Windows Event Log.
cm_Analyze() is given a new 'storeOp' parameter which is non-zero
when the execute RPC could modify the data on the file server.
Reviewed-on: http://gerrit.openafs.org/6118
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
(cherry picked from commit f768fb95f3eb3815d6225e074c43341ed2ad5347)
Change-Id: If7194292be0fc2350af9f26c397bd3a1e840abdc
Reviewed-on: http://gerrit.openafs.org/6830
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
The Freelance.Local.Cell is updated by the registry monitor
thread and cm_UpdateCell should be a no-op. Make it so.
Reviewed-on: http://gerrit.openafs.org/6791
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit cfb7f205d8153899c0165594a29d91926a40425d)
Change-Id: I2607ea87ebcc849474f4e0a183d7ad4eba121de9
Reviewed-on: http://gerrit.openafs.org/6829
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
In cm_DirOpDelBuffer() the data version field for a buffer
in cm_dirOp_t.buffers[] can be CM_BUF_VERSION_BAD if the buffer
was added to the buffer list but was never fetched from the file
server. If the buffer was recycled by buf_Get() an attempt to
remove an entry from the directory will be failed as opposed to
fetching the buffer from the file server and performing the local
removal.
Reviewed-on: http://gerrit.openafs.org/6650
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 865f2442e682ff71b28a6b21363de8262f9e2bd1)
Change-Id: I4d822d9286ca891fc50cf04fdd68272c0af2e38e
Reviewed-on: http://gerrit.openafs.org/6828
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
In cm_MergeStatus, always set cm_scache_t.bufDataVersionLow
to the new data version because the cm_dir package does not
support version ranges. All modified dir buffers have their
dataVersion field set to the current data version value.
Failure to update the bufDataVersionLow field can result in
B+ Trees being constructed from out of date directory information.
Reviewed-on: http://gerrit.openafs.org/6649
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 25142a9c2db933607507ee20e20216c635465d6d)
Change-Id: I9bdad7bed4ce76e0425adff433982b9bf35ac15f
Reviewed-on: http://gerrit.openafs.org/6827
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Releasing the BIOD permits the accumulated buffers to be accessed.
Releasing the BIOD before the cm_MergeStatus() call creates a
window where the buffer data version is larger than the cm_scache
data version. Release the BIOD after the status merge.
Reviewed-on: http://gerrit.openafs.org/6598
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 111de76ea8dac713247c99ebe2182ae16cc0a3c0)
Change-Id: I7c8dd9f3e22e83b82679b9d3a4ee3aa5f45a49aa
Reviewed-on: http://gerrit.openafs.org/6824
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
An assertion in buf_Recycle() was being triggered when a cm_buf_t
object was supposed to be in the free buffer list but wasn't.
buf_Recycle() was racing with another thread. The test for
refCount == 0 was performed while holding the buf_globalLock
exclusively but the InterlockedDecrement(refCount) in buf_Release()
was performed without holding buf_globalLock at all. buf_globalLOck
must be held at least as a read lock. Otherwise, the refCount can
reach 0 prior to the thread blocking for exclusive access to the
buf_globalLock. This provides buf_Recycle() which is holding
buf_globalLock the opportunity to race.
The solution is to make sure that buf_Release() always holds
buf_globalLock as a read lock and then use buf_ReleaseLocked()
to perform the actual decrement and test.
Reviewed-on: http://gerrit.openafs.org/6576
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 22cba8e9702f3673c335bf834a9ee2c5e5fd9b6e)
Change-Id: I82c6480859a85e00e8602421204dac9a9ce588ed
Reviewed-on: http://gerrit.openafs.org/6823
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Performance drops off considerably when the number of processors
increases due to lock contention and the cm_SyncOp wait processing.
If the MaxCPUs registry value is not set, limit ourselves to two.
Setting MaxCPUs to zero permits use of all CPUs.
Reviewed-on: http://gerrit.openafs.org/6555
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 69196e41ec9c5a6ce8efd370fb8582f66667bcf7)
Change-Id: I0cf2d2eeb3d8f7c708e7c365520f10fcd5f22d83
Reviewed-on: http://gerrit.openafs.org/6822
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
if cm_CheckForSingleDirChange() fails, mark the cm_scache_t
bufDataVersionLow as the current data version so that old directory
buffers are discarded.
Reviewed-on: http://gerrit.openafs.org/6498
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit e77b6858ee889ec9e4e3fe3bb62c23b1c1f5727f)
Change-Id: I8b149d3655c249fc3ea034d179b919f4370f19a2
Reviewed-on: http://gerrit.openafs.org/6821
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Modify src/kauth/user_nt.c to match the service name search
order of the Unix code:
kerberos4
kerberos-iv
kerberos
The standard Windows SERVICES file includes "kerberos-iv" as
port 750.
FIXES 127907
Reviewed-on: http://gerrit.openafs.org/6430
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 2cdd59d8f318193d0ef7937910466531caf1c963)
Change-Id: I936c35bbd45395f26ad6c523b72398584d1384f9
Reviewed-on: http://gerrit.openafs.org/6819
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Now that it is permissible for more than one store data operation
to construct BIOD lists in parallel, cm_BufWrite() must be willing
to wait in cm_SyncOp(). Otherwise, the daemon threads will spin.
Reviewed-on: http://gerrit.openafs.org/6423
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 17ce77f843e01ff96f66e05b4b932b0c6187493e)
Change-Id: I8ae9d057413252e73774c5209465223fa5a36947
Reviewed-on: http://gerrit.openafs.org/6818
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
If the original file did not terminate with a newline,
add one before appending the "AFS" entry.
FIXES 130210
Reviewed-on: http://gerrit.openafs.org/6375
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 2d8f9141fa98df50ce682364ef5a7958ce422613)
Change-Id: I1a95a42b420b4695b52ae0c2e2de46cd97a5294a
Reviewed-on: http://gerrit.openafs.org/6817
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Do not specify the Service Name property. According to feedback
on openafs-info the Service Name blocks the rule from working properly.
If the rule already exists, attempt to remove the Service Name filter
and update NAT Edge Traversal and Permitted interface rules.
Reviewed-on: http://gerrit.openafs.org/6332
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 2d472f94ab1017724e56bcdd29b9ef451a13f182)
Change-Id: I8184074adbd4c19426d87d48673402b3c8cd97a3
Reviewed-on: http://gerrit.openafs.org/6816
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
The SID string of the RPC used to set the token sessionKey
was being leaked. Be sure to free it when it is no longer
required.
Reviewed-on: http://gerrit.openafs.org/6244
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit f30d70ba5575753302be0a2b08c27a639898d4aa)
Change-Id: I1133b50841919ca5957081c82625c2b1607c34ae
Reviewed-on: http://gerrit.openafs.org/6815
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Use CM_UCELLFLAG_ROOTUSER flag to identify the cm_rootUser
connections and only apply Nat pings to those connections
instead of examining the security state of the connection.
Reviewed-on: http://gerrit.openafs.org/6208
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 01f55bbf14210ef3e4f4c0246409af370de3a383)
Change-Id: Id26a955190aace50ca4740b910325474077941e1
Reviewed-on: http://gerrit.openafs.org/6814
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Add CM_UCELLFLAG_ROOTUSER flag to cm_ucell_t for the purpose
of tracking which connections belong to the cm_rootUser.
Reviewed-on: http://gerrit.openafs.org/6207
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 2495d02951fa1a9f6f48cc2a5bc7750f310dae75)
Change-Id: Ie0014200d9e3ed3832bf875a9788aad1f55f29ec
Reviewed-on: http://gerrit.openafs.org/6813
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
buf_CleanAsync() calls cm_BufWrite() which stores the dirty
buffers synchronously. There is nothing asynchronous about
buf_CleanAsync() so rename it to buf_Clean() and buf_CleanAsyncLocked()
to buf_CleanLocked(). Update the comments to remove the references
to the asynchronous processing which doesn't exist.
That is not to say that the call to buf_Clean() in buf_GetNewLocked()
should not be asynchronous; it should. There is no such functionality
at the moment. One approach would be to modify buf_IncrSyncer to
trigger on an event set by buf_GetNewLocked() instead of the call
to buf_Clean(). Another approach would be registering a background
store event. In any case, that is for another patchset.
Reviewed-on: http://gerrit.openafs.org/6172
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit c712403f192bd9932f3ec1dce5fb23461d3d0349)
Change-Id: Ib8d5bb06b0c4ffa3e53d53e24ca9f970b7cb63b0
Reviewed-on: http://gerrit.openafs.org/6811
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
if cm_GetNewSCache() fails, an attempt would be made to
release cm_scacheLock which is not held. However, it should
be noted that cm_GetNewSCache() cannot fail without itself
triggering a panic.
Reviewed-on: http://gerrit.openafs.org/6103
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit d42db13152fb8fa374db6531020da6effca51ab4)
Change-Id: Ibb3aff0a256c6846ac8b9336a50ea021f8a1e2f6
Reviewed-on: http://gerrit.openafs.org/6809
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
buf_CleanAsyncLocked() should not instruct cm_BufWrite() to
write a full chunk if the current buffer is the only one that
is dirty. cm_BufWrite() will determine if it is appropriate
to fill a full chunk when storing. Instructing it to check
a full chunk forces it to do more work than necessary.
Reviewed-on: http://gerrit.openafs.org/6054
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit fd42e08bf1882a02c3200e1c33a101e644aa046a)
Change-Id: Ibbd823feb5fe18f0ab0ee54af8c9b8ccb531c8bc
Reviewed-on: http://gerrit.openafs.org/6808
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
When cm_SetupStoreBIOD attempts to store a chunk to the file
server it should not use *inOffsetp as the start of the range.
There is no guarantee that the buffer at *inOffsetp is dirty.
Instead use firstModOffset which refers to the first known
dirty buffer in the range specified by the caller. Attempt
to fill a chunk of consecutive dirty buffers from that point.
Reviewed-on: http://gerrit.openafs.org/6057
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 320c7292e6ae014e44e89b0da736bcc04ef42b2b)
Change-Id: I26f7fc9e0c7281ca2118205d7916102c2471bb43
Reviewed-on: http://gerrit.openafs.org/6807
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
smb_ReceiveNTCreateX() calls cm_CheckNTOpen() which now
requires the smb_fid_t allocated fid value for use in share
mode locking. Move the allocation of the smb_fid earlier
in the function and apply necessary cleanup in error paths.
Reviewed-on: http://gerrit.openafs.org/6004
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 38fbf93fcc21aaecbf9a7e27d19131b9de4c3839)
Change-Id: I9399d8f16ee236b4724a0ec825fca1ce72f363ce
Reviewed-on: http://gerrit.openafs.org/6806
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
The smb username lock and the daemon global lock can be requested
while the scache dirlock is held if there are no free buffers
and the service is forced to claw back extents from the redirector.
Adjust the locking hierarchy accordingly.
Reviewed-on: http://gerrit.openafs.org/6000
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@secure-endpoints.com>
Tested-by: Jeffrey Altman <jaltman@secure-endpoints.com>
(cherry picked from commit 2fc9edc6e34ebef60413fad9a2af2aa73ea1681f)
Change-Id: I74e87494c1360c61812908e3b4fb012829f71cf3
Reviewed-on: http://gerrit.openafs.org/6805
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementix.org>
