diff --git a/ChangeLog b/ChangeLog index 5540e9c..e268aed 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,536 +1,1198 @@ -commit a33cb937ba5dc4c60c9dc7ac61d9796f0a96755f +commit dc16d6fffa69fe98e8bb338daea7b35ff59651c9 +Author: Stephan Wiesand +Date: Fri Jan 25 16:08:34 2019 +0100 + + Make OpenAFS 1.8.3pre1 + + Update version strings for the first 1.8.3 prerelease. + + Change-Id: I62d22cfba90ec89ac6734d7e8e08ce062dedff80 + Reviewed-on: https://gerrit.openafs.org/13444 + Tested-by: BuildBot + Reviewed-by: Mark Vitale + Reviewed-by: Michael Meffie + Reviewed-by: Stephan Wiesand + +commit 3f902d3213ca4bc5e2072c9a729e108ec9b5a0b4 +Author: Stephan Wiesand +Date: Fri Jan 25 18:15:00 2019 +0100 + + Update NEWS for 1.8.3pre1 + + Release notes for the OpenAFS 1.8.3 prerelease + + Change-Id: Ie9f988d0f03f1368125d0e5894d5dd5e9ef95d88 + Reviewed-on: https://gerrit.openafs.org/13445 + Reviewed-by: Benjamin Kaduk + Tested-by: BuildBot + Reviewed-by: Mark Vitale + Reviewed-by: Michael Meffie + Reviewed-by: Stephan Wiesand + +commit a4b3a659095cf50a4c5bb6cea69c71680817830a +Author: Mark Vitale +Date: Mon Oct 29 16:48:14 2018 -0400 + + afs: avoid afs_GetDownDSlot panic on afs_WriteDCache failure + + If afs_GetDownDSlot() finds insuffcient free slots in the + afs_freeDSList, it will walk the afs_DLRU attempting to flush and free + eligible dcaches. However, if an error occurs during the flush to + CacheItems (afs_WriteDCache()), e.g., -EINTR, afs_GetDownDSlot() will + assert. + + However, a panic in this case is overkill, since afs_GetDownDSlot() is a + best-effort attempt to free dslots. The caller (afs_UFSGetDSlot()) will + allocate more dcaches if needed. + + Instead: + - Refactor afs_GetDownDSlot() by moving the QRemove() call to after the + afs_WriteDCache logic, so it accompanies the logic that puts the dcache + back on the freelist. This is safe because we hold the afs_xdcache W + lock for the duration of the routine. + - If afs_WriteDCache() returns an error, return early and let the caller + handle any recovery. + + Reviewed-on: https://gerrit.openafs.org/13364 + Reviewed-by: Andrew Deason + Tested-by: Andrew Deason + Reviewed-by: Cheyenne Wills + Reviewed-by: Benjamin Kaduk + (cherry picked from commit d6f52d11c358f71b2c4357cb135e898de7c6277b) + + Change-Id: I2630bf04b3e3a88a1fa00f693adf2a77290d47ef + Reviewed-on: https://gerrit.openafs.org/13503 + Tested-by: BuildBot + Reviewed-by: Cheyenne Wills + Reviewed-by: Andrew Deason + Reviewed-by: Benjamin Kaduk + Reviewed-by: Stephan Wiesand + +commit ff3ae28f14cb42b5e72adfceb1f6271a8f675e4a +Author: Cheyenne Wills +Date: Fri Jan 25 17:35:51 2019 -0700 + + Redhat: 'clean build area' error message during dkms build/install + + dkms invokes a make clean command before and after building the kernel + module. The make clean that is issued at the start of building results + in a nuisance error message because the Makefile doesn't yet exist + + Building module: + cleaning build area...(bad exit status: 2) + + In the dkms.conf file, built from within the openafs.spec, change the + command defined in the CLEAN statement to test for the existence of the + Makefile prior to running the actual make clean + + Reviewed-on: https://gerrit.openafs.org/13460 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 10f2c469f45eece0e12573388ae66e392e2dff1c) + + Change-Id: If3440b576ad62441bb6b970016fa9808b51abf70 + Reviewed-on: https://gerrit.openafs.org/13479 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Stephan Wiesand + +commit 232bd12b070e1fbeb173e31251e65e63a0d1f959 +Author: Andrew Deason +Date: Tue Aug 7 17:27:24 2018 -0500 + + Avoid format truncation warnings + + With gcc 7.3, we start getting several warnings like the following: + + vutil.c: In function ‘VWalkVolumeHeaders’: + vutil.c:860:34: error: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 63 [-Werror=format-truncation=] + snprintf(name, VMAXPATHLEN, "%s" OS_DIRSEP "%s", partpath, dentry->d_name); + + Most or all of these truncations should be okay, but increase the size + of the relevant buffers so we can build with warning checking turned + on. + + Reviewed-on: https://gerrit.openafs.org/13274 + Reviewed-by: Michael Meffie + Reviewed-by: Benjamin Kaduk + Tested-by: BuildBot + (cherry picked from commit 2daa413e3ec061e0653adbd1d6549f15e0659a62) + + Change-Id: I61ae1ddae4b2d84147198a1dccb280d0da100a0b + Reviewed-on: https://gerrit.openafs.org/13459 + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit 804fefa6b46ed75921a1560a9e6b37842eabc94a +Author: Cheyenne Wills +Date: Fri Jan 18 17:22:44 2019 -0700 + + Linux_5.0: replaced current_kernel_time with ktime_get_coarse_real_ts64 + + In Kernel commit fb7fcc96a86cfaef0f6dcc0665516aa68611e736 the + current_kernel_time/current_kernel_time64 functions where renamed + and the calling was standardized. + + According to the Linux Documentation/core-api/timekeeping.rst + ktime_get_coarse_real_ts64 is the direct replacement for + current_kernel_time64. Because of year 2038 issues, there is no + replacement for current_kernel_time. + + Updated code that used current_kernel_time to use new name and calling + convention. + + Updated autoconf test that sets IATTR_TAKES_64BIT_TIME as well. + + Reviewed-on: https://gerrit.openafs.org/13434 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Mark Vitale + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 21ad6a0c826c150c4227ece50554101641ab4626) + + Change-Id: Idb8a2c1b74835601fb1fc699c3ebbcee75c94e3e + Reviewed-on: https://gerrit.openafs.org/13442 + Reviewed-by: Michael Meffie + Reviewed-by: Mark Vitale + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit e7d8dc01cc1f0592eaecea5b87990097e9e59b88 +Author: Cheyenne Wills +Date: Fri Jan 18 16:53:58 2019 -0700 + + Linux_5.0: replace do_gettimeofday with ktime_get_real_ts64 + + In Kernel commit e4b92b108c6cd6b311e4b6e85d6a87a34599a6e3 the + do_gettimeofday function was removed. + + According to the Linux Documentation/core-api/timekeeping.rst + ktime_get_real_ts64 is the direct replacement for do_gettimeofday + + Updated the macro osi_GetTime to use ktime_get_real_ts64 if it is + available. + + Reviewed-on: https://gerrit.openafs.org/13433 + Reviewed-by: Benjamin Kaduk + Tested-by: BuildBot + (cherry picked from commit b892fb127815bdf72103ae41ee70aadd87931b0c) + + Change-Id: I1a0237457e229a11d2a87a3a269cf24adc201e59 + Reviewed-on: https://gerrit.openafs.org/13441 + Reviewed-by: Michael Meffie + Tested-by: BuildBot + Reviewed-by: Mark Vitale + Reviewed-by: Stephan Wiesand + +commit 25829aaef319728e30fc45895e8945438e4dc719 +Author: Cheyenne Wills +Date: Thu Jan 17 16:00:37 2019 -0700 + + Linux_5.0: Use super_block flags instead of Mount flags when filling sb + + In Kernel commit e262e32d6bde0f77fb0c95d977482fc872c51996 + the mount flags (MS_) were moved from uapi/linux/fs.h to + uapi/linux/mount.h. This caused a compile failure in + src/afs/LINUX/osi_vfsops.c + + The Linux documentation in uapi/linux/mount.h indicates that the MS_ + (mount) flags should only be used when calling sys_mount and filesystems + should use the SB_ (super_block) equivalent. + + src/afs/LINUX/osi_vfsops.c utilized the mount flag MS_NOATIME while + filling the super_block. Changed to use SB_NOATIME (which has the same + numeric value as MS_NOATIME) if available. + + Reviewed-on: https://gerrit.openafs.org/13432 + Tested-by: BuildBot + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 3969bbca6017eb0ce6e1c3099b135f210403f661) + + Change-Id: I66f7b758c0258ea2c0d93da030fa97b3db49bd6c + Reviewed-on: https://gerrit.openafs.org/13440 + Reviewed-by: Michael Meffie + Tested-by: BuildBot + Reviewed-by: Mark Vitale + Reviewed-by: Stephan Wiesand + +commit 8ca82f1252db2e3f17f6a9080f56d74035bdaa16 +Author: Andrew Deason +Date: Thu Jan 17 00:12:06 2019 -0600 + + afs: Do not ignore errors in afs_CacheFetchProc + + afs_CacheFetchProc currently has a section of code that looks like + this pseudocode: + + if (!code) do { + while (length > 0) { + code = read_from_rx(); + if (code) { + break; + } + code = write_to_cache(); + if (code) { + break; + } + } + code = 0; + } while (moredata); + return code; + + When we encounter an error when reading from rx or writing to the + cache, we break out of the current loop to stop processing and return + an error. But there are _two_ loops in this section of the code, so + what we actually do is break out of the inner loop, set 'code' to 0, + and then usually return (since 'moredata' is usually never set). + + This means that when we encounter an unexpected error either from the + net or disk (or the memcache layer), we ignore the error and return + success. This means that we'll store a subset of the relevant chunk's + data to disk, and flag that chunk as complete and valid for the + relevant DV. If the error occurred before we wrote anything to disk, + this means we'll store an empty chunk and flag it as valid. The chunk + will be flagged as valid forever, serving invalid data, until the + cache chunk is evicted or manually kicked out. This can result in + files and directories appearing blank or truncated to applications + until the bad chunk is removed. + + Possibly the most common way to encounter this issue is when using a + disk cache, and the underlying disk partition is full, resulting in an + unexpected ENOSPC error. Theoretically this can be seen from an + unexpected error from Rx, but we would have to see a short read from + Rx without the Rx call being aborted. If the call was aborted, we'd + get an error from the call to rx_EndCall() later on. + + To fix this, change all of these 'break's into 'goto done's, to be + more explicit about where we are jumping to. Convert all of the + 'break's in this function in the same way, to make the code flow more + consistent and easier to follow. Remove the 'if () do' on a single + line, since it makes it a little harder to see from a casual glance + that there are two nested loops here. + + This problem appears to have been introduced in commit 61ae8792 (Unite + CacheFetchProcs and add abstraction calls), included in OpenAFS + 1.5.62. + + Reviewed-on: https://gerrit.openafs.org/13428 + Tested-by: BuildBot + Reviewed-by: Cheyenne Wills + Reviewed-by: Mark Vitale + Reviewed-by: Benjamin Kaduk + (cherry picked from commit ce327b568f4ff522aa008f235d97e0d9144eb92c) + + Change-Id: Id4ec8ffef38b4c86beffc6272bd283bce2c74ffe + Reviewed-on: https://gerrit.openafs.org/13443 + Reviewed-by: Michael Meffie + Tested-by: BuildBot + Reviewed-by: Mark Vitale + Reviewed-by: Stephan Wiesand + +commit 97f830605d5f251c58382c3f9febc4d98e949ee8 +Author: Andrew Deason +Date: Mon Jan 14 17:12:27 2019 -0600 + + lwp: Avoid freeing 'stackmemory' on AIX32 + + Commit 55013a11 (lwp: Fix possible memory leak from scan-build) added + some free() calls to some otherwise-leaked memory. However, one of + these calls frees the 'stackmemory' pointer, which on AIX32 is not a + pointer from malloc/calloc, but calculated from reserveFromStack(). + + To avoid corrupting the heap, skip this free call on AIX32. This + commit adds another #ifdef to avoid this, which is unfortunate, but + this is also how the free is avoided in the existing code for + Free_PCB(). + + Reviewed-on: https://gerrit.openafs.org/13426 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Benjamin Kaduk + (cherry picked from commit f6182922455aa0cbee19d138b0827eb87dc2b7ce) + + Change-Id: Id32eea373799c0cb43fb01a98210a0800899a1d6 + Reviewed-on: https://gerrit.openafs.org/13427 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Stephan Wiesand + +commit 4c5daaa26fbe2fd7e24ceba475e60e5e5c765e78 +Author: Pat Riehecky +Date: Wed May 23 15:42:09 2018 -0500 + + lwp: Fix possible memory leak from scan-build + + It is possible for LWP_CreateProcess to return early. When it does, it + should free up any memory it allocated before leaving scope. + + Reviewed-on: https://gerrit.openafs.org/13080 + Reviewed-by: Andrew Deason + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Mark Vitale + Tested-by: BuildBot + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 55013a111394052a0253c87a744d03dfabd1be75) + + Change-Id: I9112d2039c7c58a707231568e2e84e0340407bac + Reviewed-on: https://gerrit.openafs.org/13122 + Tested-by: BuildBot + Tested-by: PatRiehecky + Reviewed-by: Joe Gorse + Reviewed-by: Cheyenne Wills + Reviewed-by: Andrew Deason + Reviewed-by: Michael Meffie + Reviewed-by: Stephan Wiesand + +commit 05ceb67a574a8e263ce8f6738e0bf4495284f6fc +Author: Andrew Deason +Date: Thu Dec 13 12:25:32 2018 -0600 + + afs: Reword "cache is full" messages + + Currently, there are multiple different areas in the code that log a + message that look like this, when we encounter an ENOSPC error when + writing to the cache: + + *** Cache partition is FULL - Decrease cachesize!!! *** + + The message is a bit unclear, and doesn't even mention AFS at all. + Reword the message to try to explain a little more what's happening. + + Also, since we log the same message in several different places, move + them all to a common function, called afs_WarnENOSPC, so we only need + to change the message in one place. + + Reviewed-on: https://gerrit.openafs.org/13410 + Reviewed-by: Benjamin Kaduk + Tested-by: BuildBot + (cherry picked from commit d9d9571785dabc5c311111b1263fe0881b0ccda5) + + Change-Id: I8e958f2896f5d4503d3a153b52720e8ba3025261 + Reviewed-on: https://gerrit.openafs.org/13417 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Cheyenne Wills + Reviewed-by: Andrew Deason + Reviewed-by: Stephan Wiesand + +commit 036c01d2f129b7118a77ecd6d89fbc779d91c224 +Author: Andrew Deason +Date: Thu Nov 2 16:41:52 2017 -0500 + + rx: Convert rxinit_status to rx_IsRunning() + + Currently, all rx code examines the atomic rxinit_status to determine + if rx is running (that is, if rx_InitHost has been called, and + rx_Finalize/shutdown_rx hasn't been called). This is used in rx.c to + see if we're redundantly calling our setup/teardown functions, and + outside of rx.c in a couple of places to see if rx-related resources + have been initialized. + + The usage of rxinit_status is a little confusing, since setting bit 0 + indicates that rx is not running, and clearing bit 0 indicates rx is + running. Since using rxinit_status requires atomic functions, this + makes code checking or setting rxinit_status a little verbose, and it + can be hard to see what it is checking for. (For example, does + 'if (!rx_atomic_test_and_clear_bit(&rxinit_status, 0))' succeed when + rx running, or when rx is not running?) + + The current usage of rxinit_status in rx_InitHost also does not handle + initialization errors correctly. rx_InitHost clears rxinit_status near + the beginning of the function, but does not set rxinit_status if an + error is encountered. This means that any code that checks + rxinit_status (such as another rx_InitHost call) will think that rx + was initialized successfully, but various resources aren't actually + setup. This can cause segfaults and other errors as the code tries to + actually use rx. + + This can easily be seen in bosserver, if bosserver is started up while + the local host/port is in use by someone else. bosserver will try to + rx_InitHost, which will fail, and then we'll try to rx_InitHost again, + which will immediately succeed without doing any init. We then + segfault quickly afterwards as we try to use unitialized rx resources. + + To fix all of this, refactor code using rxinit_status to use a new + function, called rx_IsRunning(), to make it a little clearer what + we're checking for. We also re-introduce the LOCK_RX_INIT locks to + prevent functions like rx_InitHost and rx_Finalize from running in + parallel. + + Note that non-init/shutdown code (such as rx_upcall or rx_GetIFInfo) + does not need to wait for LOCK_RX_INIT to check if rx is running or + not. These functions only care if rx is currently setup enough to be + used, so we can immediately return a 'yes' or 'no' answer. That is, if + rx_InitHost is in the middle of running, rx_IsRunning returns 0, since + some resouces may not be fully initialized. + + Reviewed-on: https://gerrit.openafs.org/12761 + Reviewed-by: Michael Meffie + Reviewed-by: Benjamin Kaduk + Tested-by: BuildBot + (cherry picked from commit 5ced6025b9f11fadbdf2e092bf40cc87499ed277) + + Change-Id: I38ef9e3aea8a1f20e9db488a44da4535f76432d1 + Reviewed-on: https://gerrit.openafs.org/13416 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Cheyenne Wills + Reviewed-by: Andrew Deason + Reviewed-by: Stephan Wiesand + +commit a125fc5445fb4066a5845ff29b18974a0f7b5929 +Author: Mark Vitale +Date: Fri Nov 30 12:10:50 2018 -0500 + + vos: restore status information to 'vos status' + + Commit d3eaa39da3693bba708fa2fa951568009e929550 'rx: Make the rx_call + structure private' created accessors for several rx_call members. + However, it simply #ifdef'd out the packet counters and timestamps + reported by 'vos status' (AFSVol_Monitor). This is a regression for the + 1.8.x 'vos status' command. + + Instead, supply an accessor so 'vos status' can again be used to monitor + the progress of certain volume operations. + + FIXES 134856 + + Reviewed-on: https://gerrit.openafs.org/13400 + Reviewed-by: Benjamin Kaduk + Tested-by: BuildBot + Reviewed-by: Mark Vitale + (cherry picked from commit 59d3a8b86da648e3c5b9774183c6c8571a36f0c4) + + Change-Id: I16c995623c40a708b06f08fb09224be1baa4de21 + Reviewed-on: https://gerrit.openafs.org/13421 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Stephan Wiesand + +commit 53515f40f3dc980cc2c1afd369207617b88e93d1 +Author: Cheyenne Wills +Date: Wed Nov 28 15:45:20 2018 -0700 + + Redhat: correct path to kernel module in dkms.config + + This fix corrects some annoying error and warning messages during + dkms install or uninstall. + + Install: + DKMS: build completed. + + openafs: + Running module version sanity check. + ERROR: modinfo: could not open /lib/modules/2.6.32-754.6.3.el6.x + 86_64/weak-updates/openafs.ko: No such file or directory + - Original module + - No original module exists within this kernel + - Installation + - Installing to /lib/modules/2.6.32-754.6.3.el6.x86_64/extra/ + Adding any weak-modules + WARNING: Can't read module /lib/modules/2.6.32-754.6.3.el6.x86_6 + 4/weak-updates/openafs.ko: No such file or directory + egrep: /lib/modules/2.6.32-754.6.3.el6.x86_64//weak-updates/open + afs.ko: No such file or directory + + Remove + Status: Before uninstall, this module version was ACTIVE on this + kernel. + Removing any linked weak-modules + rmdir: failed to remove `.': Invalid argument + WARNING: Can't read module /lib/modules/2.6.32-754.6.3.el6.x86_6 + 4/weak-updates/openafs.ko: No such file or directory + egrep: /lib/modules/2.6.32-754.6.3.el6.x86_64//weak-updates/open + afs.ko: No such file or directory + + openafs.ko: + - Uninstallation + - Deleting from:/lib/modules/2.6.32-754.6.3.el6.x86_64/extra/ + - Original module + - No original module was found for this module on this kernel + - Use the dkms install command to reinstall any previous + module version. + + Background: + + Commit 1c96127e37c0ec41c7a30ea3e4aa68f3cc8a24f6 standardized the + location where the openafs.ko module is installed (from + /kernel/3rdparty to /extra/). The RPM Spec file was not updated to + build the dkms.conf file with the corrected location. + + From the documentation for dkms + + DEST_MODULE_LOCATION is ignored on Fedora Core 6 and higher, Red Hat + Enterprise Linux 5 and higher, Novell SuSE Linux Enterprise Server 10 + and higher, Novell SuSE Linux 10.0 and higher, and Ubuntu. Instead, + the proper distribution-specific directory is used. + + However the DEST_MODULE_LOCATION is still used saving and restoring old + copies of the module. + + The NO_WEAK_MODULES parameter prevents dkms from creating a symlink into + weak-updates directory, which can lead to broken symlinks when + dkms-openafs is removed. The weak modules facility was designed to + eliminate the need to rebuild kernel modules when kernel upgrades occur + and relies on the symbols within the kABI. Openafs uses symbols that + are outside the kABI, and therefor is not a candidate for a weak module. + + Reviewed-on: https://gerrit.openafs.org/13404 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Benjamin Kaduk + (cherry picked from commit a28f9d28aef18936eb0ea02491ce64c72eeb1fe9) + + Change-Id: Ia32856c85eb61e2f023e3ae970c945aa529682ce + Reviewed-on: https://gerrit.openafs.org/13438 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Stephan Wiesand + +commit bf4d7ed224738b7e04b236e2d515770b6c7f8c40 +Author: Marcio Barbosa +Date: Mon Oct 1 17:44:22 2018 -0400 + + auth: check if argument of afsconf_Close* is null + + Currently, we do not check if the argument of afsconf_Close / + afsconf_CloseInternal is equal to null. In order to avoid a possible + segmentation fault, add the checks. + + Reviewed-on: https://gerrit.openafs.org/13352 + Tested-by: BuildBot + Reviewed-by: Benjamin Kaduk + Reviewed-by: Michael Meffie + (cherry picked from commit bd58bb85004a18bb6681ff2b0c13a04e23c4d9c4) + + Change-Id: I6a99b559ab863c8485af9ec17c940b64cf844acf + Reviewed-on: https://gerrit.openafs.org/13372 + Reviewed-by: Michael Meffie + Reviewed-by: Mark Vitale + Reviewed-by: Cheyenne Wills + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit 82f9557c43f239c22fe1cb33d970392fdd049e29 +Author: Mark Vitale +Date: Tue Sep 11 15:59:41 2018 -0400 + + budb: SBUDB_FindLatestDump should check result of FillDumpEntry + + FillDumpEntry may return an error, but FindLatestDump doesn't check its + result. Therefore, SBUDB_FindLatestDump may return invalid results. + + Instead, check the return code from FillDumpEntry and abort the call if + it fails. + + Reviewed-on: https://gerrit.openafs.org/13312 + Tested-by: BuildBot + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 2d8045d67686fbb80696b47b4a60e48e7e74fec9) + + Change-Id: I47328fc61c492c82ae5e0cce8ca3a292706c7413 + Reviewed-on: https://gerrit.openafs.org/13329 + Reviewed-by: Michael Meffie + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Cheyenne Wills + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit af0636ac6f69a6f82f4fe7ab1895f4559a55c34b +Author: Jeffrey Altman +Date: Wed Jun 6 21:23:14 2018 -0400 + + rx: reset packet header userStatus field on reuse + + OpenAFS Rx fails to set the rx packet header userStatus field for most + packets sent other than type RX_PACKET_TYPE_ACK. If the userStatus + field is not set, its value will be random garbage based upon the + prior use of the memory allocated to the rx_packet. + + This change explicitly sets the userStatus field to zero for all + DATA and Special packet types. + + Background + ---------- + + OpenAFS Rx allocates a pool of rx_packet structures that are reused + for both incoming and outgoing Rx packets throughout the lifetime + of the process (or kernel module). + + The rx packet header field userStatus is set by rxi_Send() to + rx_call.localStatus. rxi_Send() is called from both rxi_SendAck() + when sending RX_PACKET_TYPE_ACK packets and from rxi_SendSpecial() + when called with a non-NULL call structure (RX_PACKET_TYPE_BUSY, + RX_PACKET_TYPE_ACKALL, or RX_PACKET_TYPE_ABORT). rx_call.localStatus + defaults to zero and can be modified by the application calling + rx_SetLocalStatus(). + + The userStatus field is neither set nor reset when sending + RX_PACKET_TYPE_DATA packets and all packets sent without a call + structure. When allocated packets are reused in these cases, the + value of the userStatus leaks from the prior packet use. The + userStatus field is expected to be zero unless intentionally set by + the application protocol to another value. + + The AFS3 suite of rx services uses the rx_header.userStatus field + only in the RXAFS service and only as part of the definition + for RXAFS_StoreData and RXAFS_StoreData64 RPCs. The StoreData RPCs + use the rx_header.userStatus field as an out-of-band communication + mechanism that permits the fileserver to signal to the cache manager + when the RXAFS_StoreData[64] has been assigned to an application + worker (thread) and the worker has acquired all of the required locks + and other resources necessary to complete the RPC. This signal can be + sent before all of the application data has been received. The cache + manager reads the userStatus value via rx_GetRemoteStatus(). When + bit-0 of the remote status value equals one and CSafeStore mode is + disabled, the cache manager can wakeup any threads blocked waiting for + the store operation to complete. + + Cache managers that perform a workload heavy in RXAFS_StoreData[64] RPCs + will end up with an increasing percentage of packets in which the + userStatus field is one instead of zero. + + Fileservers processing a workload heavy in RXAFS_StoreData[64] RPCs + will likewise end up with an increasing percentage of packets in which + the userStatus field is one instead of zero. + + Cache managers and Fileservers will therefore send DATA and call free + special packets with a non-zero userStatus field to peer services + (RXAFS, RXAFSCB, VL, PR). + + The failure to reset the userStatus field has not been a problem in + the past because only the OpenAFS cache manager has ever queried the + userStatus via rx_GetRemoteStatus() and only when issuing + RXAFS_StoreData[64] RPCs. + + Failure to correct this flaw interferes with future use of the userStatus + field in yet to be registered AFS3 RPCs and existing non-AFS3 services + that make use of the userStatus when sending data to a service. + + FIXES: 134554 + Reviewed-on: https://gerrit.openafs.org/13165 + Tested-by: BuildBot + Reviewed-by: Benjamin Kaduk + + (cherry picked from commit c553170bcf3b97ba3745f21040c8e07b128ef983) + + Change-Id: I4e3c7fea876225ec401988a16b21ed3bb0760ee0 + Reviewed-on: https://gerrit.openafs.org/13332 + Reviewed-by: Michael Meffie + Reviewed-by: Mark Vitale + Reviewed-by: Cheyenne Wills + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit 6b119a79a0dce1448e21cc14be8aa1db823f6513 +Author: Jeffrey Altman +Date: Sat Mar 24 01:22:54 2018 -0400 + + volser: DoVolDelete returning VNOVOL is success + + When moving, copying or releasing volumes, do not treat a failure + to delete a volume because the volume no longer exists as an error. + The volume clone has flags + + VTDeleteOnSalvage | VTOutOfService + + assigned to it which means that the fileserver won't attach the volume + and volume has its deleteMe field assigned the value of DESTROY_ME. + Such a volume will be deleted the next time the salvager scans the + partition. Once the transaction is complete the volume might be + removed. + + Reviewed-on: https://gerrit.openafs.org/12976 + Reviewed-by: Benjamin Kaduk + Tested-by: BuildBot + (cherry picked from commit 328590dc5669cae3db6c509871b612b0384ea33d) + + Change-Id: Iea98049a3948b75a5e7c13c068add663c9276515 + Reviewed-on: https://gerrit.openafs.org/13235 + Reviewed-by: Michael Meffie + Reviewed-by: Andrew Deason + Reviewed-by: Benjamin Kaduk + Reviewed-by: Mark Vitale + Tested-by: BuildBot + +commit 6f41efd6c85d4d759bc2fc6d6e787fc8dbe1e1c0 +Author: Marcio Barbosa +Date: Sun Sep 30 17:38:53 2018 -0400 + + macos: packaging support for MacOS X 10.14 + + This commit introduces the new set of changes / files required to + successfully create the dmg installer on OS X 10.14 "Mojave". + + Reviewed-on: https://gerrit.openafs.org/13349 + Tested-by: BuildBot + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 2aeabf8c5bca22b400653e2bc88b6f36d47b05ca) + + Change-Id: Ia271ca69d8102a93da50c59e2d92d3c803a13b0e + Reviewed-on: https://gerrit.openafs.org/13413 + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit 170dd4a6a2ac7a08e4c94e82e664dcfd5816bbbf +Author: Marcio Barbosa +Date: Wed Sep 26 00:18:38 2018 -0300 + + macos: add support for MacOS 10.14 + + This commit introduces the new set of changes / files required to + successfully build the OpenAFS source code on OS X 10.14 "Mojave". + + Reviewed-on: https://gerrit.openafs.org/13348 + Tested-by: BuildBot + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 72b2670a9e2e3937ed4e47485b9e9fa6953b5444) + + Change-Id: Ida25278d68d875a630af1d916d2d6add9b6c1f9e + Reviewed-on: https://gerrit.openafs.org/13412 + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit 318330ca51a3ba780471f4c05221be1f8e3897d1 +Author: Mark Vitale +Date: Fri Aug 17 18:48:08 2018 -0400 + + volser: ensure GCTrans transaction walk remains valid + + Commit bc56f5cc97a982ee29219e6f258b372dbfe1a020 ("volser: Delete + timed-out temporary volumes") introduced new logic to GCTrans(). + Unfortunately, part of this logic temporarily drops VTRANS_LOCK in order + to call VPurgeVolume(). While this lock is dropped, other volser_trans + may be added or deleted from the allTrans list. Therefore, GCTrans + should not trust the next pointer (nt = tt->next) which was obtained + before the lock was dropped. + + One symptom observed in the field was a segfault while examining + tt->volume. Neither tt nor volume were valid any longer, since tt had + been set from a stale nt at the top of the loop. + + To repair, improve, and clarify this logic: + - Refactor so nt is assigned correctly and as late as possible. + - Add comments to explain the placement of the assigns to future + maintainers. + + Reviewed-on: https://gerrit.openafs.org/13286 + Reviewed-by: Benjamin Kaduk + Tested-by: BuildBot + (cherry picked from commit 930d8ee638112ca8bf27a9528c0a527cfab54c7d) + + Change-Id: I9ed2c0440b03137cb0e0ef536167be9535c90dbb + Reviewed-on: https://gerrit.openafs.org/13337 + Reviewed-by: Michael Meffie + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Cheyenne Wills + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit b0920d0a07a2aec55269002960bc71a9a9b99411 +Author: Mark Vitale +Date: Thu Sep 6 14:09:26 2018 -0400 + + volser: combine GCTrans conditional clauses + + In preparation for a future commit, combine two conditional clauses in + GCTrans(). + + No functional change should be incurred by this commit. + + Reviewed-on: https://gerrit.openafs.org/13303 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 95b0641ad8cfd0358576c6e1a93266fc59ecf710) + + Change-Id: If808a00cf935235cdeb20bf73f03ad235f8b2c39 + Reviewed-on: https://gerrit.openafs.org/13336 + Reviewed-by: Michael Meffie + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Cheyenne Wills + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit a19404d0903e1a015b71c8f23d1bb045e080c81d +Author: Mark Vitale +Date: Fri Oct 26 09:12:44 2018 -0400 + + viced: fix typo in help for option -unsafe-nosalvage + + Reviewed-on: https://gerrit.openafs.org/13367 + Reviewed-by: Stephan Wiesand + Tested-by: BuildBot + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 84b3e1c43685862c147603627a020a68650d6e1c) + + Change-Id: Ie264fbd0064a3e22b1c474cea59040ecb0804b73 + Reviewed-on: https://gerrit.openafs.org/13411 + Reviewed-by: Mark Vitale + Reviewed-by: Michael Meffie + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit 0b1f77b4563a2ea5484a403d6c838ff06aeecdb0 +Author: Mark Vitale +Date: Thu Nov 15 15:41:24 2018 -0500 + + afs: remove dead code afs_osi_SetTime + + afs_osi_SetTime() has been dead code since -settime support was removed + with commit 1d9888be486198868983048eeffabdfef5afa94b 'Remove + -settime/RXAFS_GetTime client support'. + + Remove the dead code. + + No functional change is incurred by this commit. + + Reviewed-on: https://gerrit.openafs.org/13393 + Reviewed-by: Benjamin Kaduk + Tested-by: Benjamin Kaduk + (cherry picked from commit 16b981ec6697b511c36c09adfeb8b79eaf2345b0) + + Change-Id: I3fa92cbe1598703b4eddd78e4c7afdc04c525750 + Reviewed-on: https://gerrit.openafs.org/13407 + Reviewed-by: Mark Vitale + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit 5a77ac9a3a0ce6114b6b4b2ccd9cd8d51154530c +Author: Mark Vitale +Date: Thu Nov 15 15:31:37 2018 -0500 + + Linux 4.20: do_settimeofday is gone + + With Linux commit 976516404ff3fab2a8caa8bd6f5efc1437fed0b8 'y2038: + remove unused time interfaces', do_settimeofday() is gone. + + However, OpenAFS only calls do_settimeofday() from afs_osi_SetTime(), + which has been dead code since -settime support was removed from afsd + with commit 1d9888be486198868983048eeffabdfef5afa94b 'Remove + -settime/RXAFS_GetTime client support'. + + Instead of fixing afs_osi_SetTime() to use a current Linux API, remove + it as dead code. + + No functional change is incurred by this commit. However, this change + is required in order to build OpenAFS on Linux 4.20. + + Reviewed-on: https://gerrit.openafs.org/13392 + Reviewed-by: Benjamin Kaduk + Tested-by: Benjamin Kaduk + (cherry picked from commit aa80f892ec39e2984818090a6bb2047430836ee2) + + Change-Id: I7f5ee9c21bc87cd261d87126bc3848d941ff5409 + Reviewed-on: https://gerrit.openafs.org/13406 + Reviewed-by: Mark Vitale + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit 7fb6d488156e673e78b462faf93f2c5b2214fe59 +Author: Mark Vitale +Date: Tue Nov 13 11:20:09 2018 -0500 + + Linux 4.20: current_kernel_time is gone + + With Linux commit 976516404ff3fab2a8caa8bd6f5efc1437fed0b8 'y2038: + remove unused time interfaces' (4.20-rc1), current_kernel_time() has + been removed. + + Many y2038-compliant time APIs were introduced with Linux commit + fb7fcc96a86cfaef0f6dcc0665516aa68611e736 'timekeeping: Standardize on + ktime_get_*() naming' (4.18). According to + Documentation/core-api/timekeeping.rst, a suitable replacement for: + + struct timespec current_kernel_time(void) + + would be: + + void ktime_get_coarse_real_ts64(struct timespec64 *ts)) + + Add an autoconf test and equivalent logic to deal. + + Reviewed-on: https://gerrit.openafs.org/13391 + Tested-by: Mark Vitale + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 3c454b39d04f4886536267c211171dae30dc0344) + + Change-Id: I3f00cf4bd3a1ffb7c90e3920113964d74c6df403 + Reviewed-on: https://gerrit.openafs.org/13405 + Reviewed-by: Mark Vitale + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit fc9211be1b242e7026a679a41e5f53f3b4a7e818 +Author: Andrew Deason +Date: Tue Aug 7 17:08:26 2018 -0500 + + afs: Return memcache allocation errors + + During cache initialization, we can fail to allocate our dcache + entries for memcache. Currently when this happens, we just log a + message and try to disable dcache access. However, this results in at + least one code path that causes a panic anyway during startup, since + afs_CacheTruncateDaemon will try to trim the cache, and afs_GetDownD + will call afs_MemGetDSlot, and we cannot find the given dslot. + + To avoid this, change our cache initialization to return an error, + instead of trying to continue without a functional dcache. This causes + afs_dcacheInit to return an error in this case, and by extension + afs_CacheInit and the AFSOP_CACHEINIT syscall. Also change afsd to + actually detect errors from AFSOP_CACHEINIT, and to bail out when it + does. + + Thanks to gsgatlin@ncsu.edu for reporting the relevant panic. + + Reviewed-on: https://gerrit.openafs.org/13273 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 0da5ac4d9fb2a9b46c7415403a3cd26e711554e2) + + Change-Id: I00b0d3dac1f4d8edc46389fe3c59501fd23c18f8 + Reviewed-on: https://gerrit.openafs.org/13307 + Reviewed-by: Michael Meffie + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Mark Vitale + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit eca7ade855e0f9b14d0bb763be2d2d3e925dcd86 Author: Benjamin Kaduk -Date: Mon Sep 10 22:18:34 2018 -0500 +Date: Wed May 30 19:38:57 2018 -0500 - Make OpenAFS 1.8.2 + CellServDB update 14 May 2018 - Update version strings for the 1.8.2 release. + Update all three copies in the tree, and the rpm specfile. - Change-Id: I90e59f3a8c930d80eab46b405050e11ea2fc2fe1 + Reviewed-on: https://gerrit.openafs.org/13134 + Reviewed-by: Michael Meffie + Reviewed-by: Benjamin Kaduk + Tested-by: BuildBot + (cherry picked from commit 4a2b5101afda24b2d937e7350ca35b0b3d3c4af8) + + Change-Id: I47dad888b71c798132f2841375f9ebb2f6b263f7 + Reviewed-on: https://gerrit.openafs.org/13409 + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand -commit aecb8aef7074910838d639d75f46e5515baffc35 -Author: Benjamin Kaduk -Date: Mon Sep 10 20:26:20 2018 -0500 +commit 39272929fc528a4c6af05e74b98518a3bae18462 +Author: Andrew Deason +Date: Thu May 10 16:22:52 2018 -0500 - Update NEWS for 1.8.2 + ubik: Buffer log writes with stdio - Release notes for the OpenAFS 1.8.2 security release. + Currently, when we write ubik i/o operations to the db log, we tend to + issue several syscalls involving small writes and fstat()s. This is + because each "log" operation involves at least one write, and each log + operation tends to be pretty small. - Change-Id: If447b08cc3b3901da22eeb92a2e75bf2ab476633 + Each logged operation hitting disk separately is unnecessary, since + the db log does not need to hit the disk at all until we are ready to + commit the transaction. So to reduce the number of syscalls when + writing to the db, change our log writes to be buffered in memory + (using stdio calls). This also avoids needing to fstat() the + underlying log file, since we open the underlying file in append-only + mode, since we only ever append to (and truncate) the log file. + + To implement this, we introduce a new 'buffered_append' phys + operation, to explicitly separate our buffered and non-buffered + operations, to try to avoid any bugs from mixing buffered and + non-buffered i/o. This new operation is only used for the db log. + + Reviewed-on: https://gerrit.openafs.org/13070 + Reviewed-by: Mark Vitale + Reviewed-by: Michael Meffie + Reviewed-by: Joe Gorse + Reviewed-by: Benjamin Kaduk + Reviewed-by: Marcio Brito Barbosa + Tested-by: BuildBot + (cherry picked from commit 800318b43fdf461ad95cd7f3940718f3f0a609a7) + + Change-Id: Ia40d75e7bdeb6a9f6c316aaea6fd20d5c8d80625 + Reviewed-on: https://gerrit.openafs.org/13353 + Reviewed-by: Michael Meffie + Reviewed-by: Mark Vitale + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Cheyenne Wills + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand -commit 90601818205aeefd1cf99b8766a7bfd03bf9b96a -Author: Benjamin Kaduk -Date: Tue Sep 11 10:51:01 2018 -0500 - - Fix typos in audit format strings - - Commit 9ebff4c6caa8b499d999cfd515d4d45eb3179769 introduced audit - framework support for several butc-related data types, but had - a typo ('$d' for '%d') in a couple of places, that was not reported - by compiler format-string checking. Fix the typo to properly print - all the auditable data. - - (cherry picked from commit d5816fd6cd1876760a985a817dbbb3940cf3bddb) - - Change-Id: Iaea64ab0fe422381c298d94eff201c3525bd00c2 - -commit ed217df4b23e111d4b12e7236bdf6f8ab5575952 -Author: Benjamin Kaduk -Date: Sun Sep 9 10:44:38 2018 -0500 - - OPENAFS-SA-2018-001 backup: use authenticated connection to butc - - Use the standard routine to pick a client security object, instead of - always assuming rxnull. Respect -localauth as well as being able to - use the current user's tokens, but also provide a -nobutcauth argument - to fall back to the historical rxnull behavior (but only for the connections - to butc; vldb and budb connections are not affected). - - (cherry picked from commit 345ee34236c08a0a2fb3fff016edfa18c7af4b0a) - - Change-Id: I1e5e0e38d4003020db5875609db08194f7684bb7 - -commit 1b199eeafad6420982380ce5e858f00c528cfd13 -Author: Benjamin Kaduk -Date: Thu Sep 6 18:50:39 2018 -0500 - - OPENAFS-SA-2018-001 butc: require authenticated connections with -localauth - - The butc -localauth option is available to use the cell-wide key to - authenticate to the vlserver and buserver, which in normal deployments - will require incoming connections to be authenticated as a superuser. - In such cases, the cell-wide key is also available for use in - authenticating incoming connections to the butc, which would otherwise - have been completely unauthenticated. - - Because of the security hazards of allowing unauthenticaed inbound - RPCs, especially ones that manipulate backup information and are allowed - to initiate outboud RPCs authenticated as the superuser, default to - not allowing unauthenticated inbound RPCs at all. Provide an opt-out - command-line argument for deployments that require this functionality - and have configured their network environment (firewall/etc.) appropriately. - - Change-Id: Ia6349757a4c6d59d1853df1a844e210d32c14feb - -commit 6f8c0c8134de1b5358ec56878e350aeab31aa3cd -Author: Benjamin Kaduk -Date: Sun Sep 9 11:49:03 2018 -0500 - - OPENAFS-SA-2018-001 Add auditing to butc server RPC implementations - - Make the actual implementations into helper functions, with the RPC - stubs calling the helpers and doing the auditing on the results, akin - to most other server programs in the tree. This relies on support for - some additional types having been added to the audit framework. - - (cherry picked from commit c43169fd36348783b1a5a55c5bb05317e86eef82) - - Change-Id: Ia90c355bfded24820ae3b5c014e948e28eac6356 - -commit 41d2dd569a365465ac47da3cd39eceba4beaeaf3 -Author: Benjamin Kaduk -Date: Sat Sep 8 19:42:36 2018 -0500 - - OPENAFS-SA-2018-001 audit: support butc types - - Add support for several complex butc types to enable butc auditing. - - Change-Id: I6aedd933cf5330cda40aae6f33827ae65409df32 - -commit 7eb650a6edd96e3c7e68f170945ddcdac8b67975 -Author: Benjamin Kaduk -Date: Sat Sep 8 20:35:25 2018 -0500 - - OPENAFS-SA-2018-001 butc: remove dummy osi_audit() routine - - This local stub was present in the original IBM import and is unused. - It will conflict with the real audit code once we start adding auditing - to the TC_ RPCs, so remove it now. - - (cherry picked from commit 50216dbbc30ed94f89bdd0e964f4891e87f28c0b) - - Change-Id: I63db513bb107ef47da77f13b27cdf5d24b4a24b4 - -commit 2cf5cfa8561047e855fed9ab35d1a041e309e39a +commit b71f75cad51cf58260d0593635d66dd367a2af1a Author: Mark Vitale -Date: Fri Jul 6 03:14:19 2018 -0400 +Date: Fri May 4 15:42:14 2018 -0400 - OPENAFS-SA-2018-003 rxgen: prevent unbounded input arrays + ubik: make ContactQuorum_* routines static - RPCs with unbounded arrays as inputs are susceptible to remote - denial-of-service (DOS) attacks. A malicious client may submit an RPC - request with an arbitrarily large array, forcing the server to expend - large amounts of network bandwidth, cpu cycles, and heap memory to - unmarshal the input. + Most of the ContactQuorum_* routines are only used in ubik.c, so make + them all static - except for ContactQuorum_DISK_SetVersion, which is + called from disk.c. - Instead, issue an error message and stop rxgen when it detects an RPC - defined with an unbounded input array. Thus we will detect the problem - at build time and prevent any future unbounded input arrays. + Reviewed-on: https://gerrit.openafs.org/13078 + Tested-by: BuildBot + Reviewed-by: Andrew Deason + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 27d7b8fe4603c39362983758fe6a749fa5ffa4e5) - (cherry picked from commit a4c1d5c48deca2ebf78b1c90310b6d56b3d48af6) - - Change-Id: I4c60c4776d7f02ea9790b76b49e7325d9c55f31d + Change-Id: I70721aef02f5f2e203c1877428c46c49ea1cb7c9 + Reviewed-on: https://gerrit.openafs.org/13188 + Reviewed-by: Michael Meffie + Reviewed-by: Andrew Deason + Reviewed-by: Joe Gorse + Reviewed-by: Mark Vitale + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Cheyenne Wills + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand -commit fe41fa565be6e325da75f3e9b8fbdac2c521b027 +commit 88db0996e3287a62e519ef4cc09f0b8516f6a9b9 Author: Mark Vitale -Date: Fri Jul 6 03:21:26 2018 -0400 +Date: Wed May 9 16:50:55 2018 -0400 - OPENAFS-SA-2018-003 volser: prevent unbounded input to various AFSVol* RPCs + ubik: remove unused ContactQuorum_DISK_Write - Several AFSVol* RPCs are defined with an unbounded XDR "string" as - input. + This function is not used; remove it. - RPCs with unbounded arrays as inputs are susceptible to remote - denial-of-service (DOS) attacks. A malicious client may submit an - AFSVol* request with an arbitrarily large string, forcing the volserver - to expend large amounts of network bandwidth, cpu cycles, and heap - memory to unmarshal the input. + No functional change is incurred by this commit. - Instead, give each input "string" an appropriate size. - Volume names are inherently capped to 32 octets (including trailing NUL) - by the protocol, but there is less clearly a hard limit on partition names. - The Vol_PartitionInfo{,64} functions accept a partition name as input and - also return a partition name in the output structure; the output values - have wire-protocol limits, so larger values could not be retrieved by clients, - but for denial-of-service purposes, a more generic PATH_MAX-like value seems - appropriate. We have several varying sources of such a limit in the tree, but - pick 4k as the least-restrictive. + Reviewed-on: https://gerrit.openafs.org/13077 + Reviewed-by: Andrew Deason + Reviewed-by: Michael Meffie + Reviewed-by: Marcio Brito Barbosa + Tested-by: BuildBot + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 8b1e730c11a6ed7dc067ef185302bd57a69f6d1e) - [kaduk@mit.edu: use a larger limit for pathnames and expand on PATH_MAX in - commit message] - - (cherry picked from commit 8b92d015ccdfcb70c7acfc38e330a0475a1fbe28) - - Change-Id: Ifa591dfd861688d4d7eb43145b29a1739c6e0f6f + Change-Id: I548e2442684a26ab017afebb1c42bdef9bd7c7bf + Reviewed-on: https://gerrit.openafs.org/13187 + Reviewed-by: Michael Meffie + Reviewed-by: Andrew Deason + Reviewed-by: Joe Gorse + Reviewed-by: Mark Vitale + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Cheyenne Wills + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand -commit fac3749f0d180e0ca229326c0e8568a60e17d3e9 +commit 10157d82c3e8f7cbdec768d92119ed5be126b844 +Author: Michael Meffie +Date: Thu Jun 14 15:01:18 2018 -0400 + + ubik: do not assign variables in logging argument lists + + Several logging statements in ubik contain an assignment statement + within the logging function call argument list, which would set a + variable as side effect of evaluating the function call arguments. + + These embedded assignments are problematic since the logging function + calls have been replaced by ViceLog macros, which avoid the overhead of + a function call depending on logging levels. + + Remove the embedded assignments within the logging argument lists so the + variables are always set regardless of the logging level. + + Reviewed-on: https://gerrit.openafs.org/13211 + Tested-by: BuildBot + Reviewed-by: Joe Gorse + Reviewed-by: Andrew Deason + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 472d6b1ee2f7de415e0fa0f8be0636f86956b6fc) + + Change-Id: I230f71022a58445c99adc67ae1b888caa4ce260e + Reviewed-on: https://gerrit.openafs.org/13218 + Reviewed-by: Andrew Deason + Reviewed-by: Mark Vitale + Reviewed-by: Michael Meffie + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Cheyenne Wills + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit b9603bfb27c3c1d5ae90ed68545a4dd9fe9da862 Author: Mark Vitale -Date: Fri Jul 6 01:09:53 2018 -0400 +Date: Mon May 8 17:50:00 2017 -0400 - OPENAFS-SA-2018-003 volser: prevent unbounded input to AFSVolForwardMultiple + ubik: disambiguate "Synchonize database with server" msgs - AFSVolForwardMultiple is defined with an input parameter that is defined - to XDR as an unbounded array of replica structs: - typedef replica manyDests<>; + Ubik issues the same message in two very different cases: + - sync server issues DISK_GetFile to obtain the latest version + - non-sync server receives DISK_SendFile from the sync server - RPCs with unbounded arrays as inputs are susceptible to remote - denial-of-service (DOS) attacks. A malicious client may submit an - AFSVolForwardMultiple request with an arbitrarily large array, forcing - the volserver to expend large amounts of network bandwidth, cpu cycles, - and heap memory to unmarshal the input. + Modify the messages so they provide more information and are + distinguishable from each other. - Even though AFSVolForwardMultiple requires superuser authorization, this - attack is exploitable by non-authorized actors because XDR unmarshalling - happens long before any authorization checks can occur. + Reviewed-on: https://gerrit.openafs.org/12615 + Tested-by: BuildBot + Reviewed-by: Andrew Deason + Reviewed-by: Benjamin Kaduk + (cherry picked from commit b9fe4d4290ad19faf3b5fb5dc0c3b1ee3ee5ab69) - Add a bounding constant (NMAXNSERVERS 13) to the manyDests input array. - This constant is derived from the current OpenAFS vldb implementation, which - is limited to 13 replica sites for a given volume by the layout (size) of the - serverNumber, serverPartition, and serverFlags fields. - - [kaduk@mit.edu: explain why this constant is used] - - (cherry picked from commit 97b0ee4d9c9d069e78af2e046c7987aa4d3f9844) - - Change-Id: I49945ce1fd5979eadf6d5b310dc6d8c68f6f8dc7 + Change-Id: I806c2ce5ada097b07022d8c4da81f613a3f9989c + Reviewed-on: https://gerrit.openafs.org/13186 + Reviewed-by: Mark Vitale + Reviewed-by: Michael Meffie + Reviewed-by: Joe Gorse + Reviewed-by: Andrew Deason + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Cheyenne Wills + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand -commit 87f199c14199afa29f75bb336383564f0fb4548a +commit 354fef1f0af9272cd5bf1e8a6466a3b727dcc08d +Author: Michael Meffie +Date: Mon Apr 25 11:06:11 2016 -0400 + + ubik: convert ubik_print to ViceLog + + Use the server logging macros instead of the utility functions to avoid + function call overhead, especially at logging level 25. The server + logging macros perform a logging level check in-line to avoid the + unnecessary ubik_dprint* calls. + + Reviewed-on: https://gerrit.openafs.org/12619 + Reviewed-by: Andrew Deason + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Michael Meffie + Reviewed-by: Mark Vitale + Reviewed-by: Benjamin Kaduk + Tested-by: BuildBot + (cherry picked from commit 343234d221ae8388f55748f5c494a42d5d69bfa0) + + Change-Id: Icdb60f75a0c6c6efc7793d545f0565c0cd587eae + Reviewed-on: https://gerrit.openafs.org/13153 + Reviewed-by: Andrew Deason + Reviewed-by: Michael Meffie + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Mark Vitale + Reviewed-by: Cheyenne Wills + Tested-by: BuildBot + Reviewed-by: Stephan Wiesand + +commit 3143627f9b7f91743a85cd8fd8f00f913a31f17c Author: Mark Vitale -Date: Thu Jul 5 23:51:37 2018 -0400 +Date: Tue Sep 11 16:29:59 2018 -0400 - OPENAFS-SA-2018-003 budb: prevent unbounded input to BUDB_SaveText - - BUDB_SaveText is defined with an input parameter that is defined to XDR - as an unbounded array of chars: - typedef char charListT<>; - - RPCs with unbounded arrays as inputs are susceptible to remote - denial-of-service (DOS) attacks. A malicious client may submit a - BUDB_SaveText request with an arbitrarily large array, forcing the budb - server to expend large amounts of network bandwidth, cpu cycles, and - heap memory to unmarshal the input. - - Modify the XDR definition of charListT so it is bounded. This typedef - is shared (as an OUT parameter) by BUDB_GetText and BUDB_DumpDB, but - fortunately all in-tree callers of the client routines specify the same - maximum length of 1024. - - Note: However, SBUDB_SaveText server implementation seems to allow for up to - BLOCK_DATA_SIZE (2040) = BLOCKSIZE (2048) - sizeof(struct blockHeader) - (8), and it's unknown if any out-of-tree callers exist. Since we do not need a - tight bound in order to avoid the DoS, use a somewhat higher maximum of - 4096 bytes to leave a safety margin. - - [kaduk@mit.edu: bump the margin to 4096; adjust commit message to match] - - (cherry picked from commit 124445c0c47994f5e2efef30e86337c3c8ebc93f) - - Change-Id: Ic34f8f9e7484b7503a223509d5d61b72e1298b35 - -commit 4218dc0a2db75c740d1d31966e672f85ad7999bd -Author: Mark Vitale -Date: Thu Jul 5 21:11:30 2018 -0400 - - OPENAFS-SA-2018-003 vlserver: prevent unbounded input to VL_RegisterAddrs - - VL_RegisterAddrs is defined with an input argument of type bulkaddrs, - which is defined to XDR as an unbounded array of afs_uint32 (IPv4 addresses): - typedef afs_uint32 bulkaddrs<> - - The <> with no value instructs rxgen to build client and server stubs - that allow for a maximum size of "~0u" or 0xFFFFFFFF. - - Ostensibly the bulkaddrs array is unbounded to allow it to be shared - among VL_RegisterAddrs, VL_GetAddrs, and VL_GetAddrsU. The VL_GetAddrs* - RPCs use bulkaddrs as an output array with a maximum size of MAXSERVERID - (254). VL_RegisterAddrss uses bulkaddrs as an input array, with a - nominal size of VL_MAXIPADDRS_PERMH (16). - - However, RPCs with unbounded array inputs are susceptible to remote - denial-of-service attacks. That is, a malicious client may send a - VL_RegisterAddrs request with an arbitrarily long array, forcing the - vlserver to expend large amounts of network bandwidth, cpu cycles, and - heap memory to unmarshal the argument. Even though VL_RegisterAddrs - requires superuser authorization, this attack is exploitable by - non-authorized actors because XDR unmarshalling happens long before any - authorization checks can occur. - - Because all uses of the type that our implementation support have fixed - bounds on valid data (whether input or output), apply an arbitrary - implementation limit (larger than any valid structure would be), to - prevent this class of attacks in the XDR decoder. - - [kaduk@mit.edu: limit the bulkaddrs type instead of introducing a new type] - - (cherry picked from commit 7629209219bbea3f127b33be06ac427ebc3a559e) - - Change-Id: I1726a834eb98b7e06285bac78a74e20bbedb9ce8 - -commit 418b2ab56c60e44375df31a3a8f77461d577a5ff -Author: Benjamin Kaduk -Date: Thu Aug 30 10:38:56 2018 -0500 - - OPENAFS-SA-2018-002 butc: Initialize OUT scalar value - - In STC_ReadLabel, the interaction with the tape device is - synchronous, so there is no need to allocate a task ID for status - monitoring. However, we do need to initialize the output value, - to avoid writing stack garbage on the wire. - - (cherry picked from commit f5a80115f8f7f9418287547f0fc7fdb13d936f00) - - Change-Id: I3f5ea1cfff0d04adb49cdca7b05ac869665660e5 - -commit 0ee86cc3f986365df9de21ede5735cc1f40db7e5 -Author: Mark Vitale -Date: Tue Jun 26 06:01:16 2018 -0400 - - OPENAFS-SA-2018-002 ubik: prevent VOTE_Debug, VOTE_XDebug information leak - - VOTE_Debug and VOTE_XDebug (udebug) both leave a single field - uninitialized if there is no current transaction. This leaks the memory - contents of the ubik server over the wire. - - struct ubik_debug - - 4 bytes in member writeTrans - - In common code to both RPCs, ensure that writeTrans is always - initialized. - - [kaduk@mit.edu: switch to memset] - - (cherry picked from commit 7a7c1f751cdb06c0d95339c999b2c035c2d2168b) - - Change-Id: I2759989bf1a5190f9f03621218224c47094a88b7 - -commit c912830e9c82d91bccf85018ef1e6a75edc410c4 -Author: Mark Vitale -Date: Tue Jun 26 05:26:21 2018 -0400 - - OPENAFS-SA-2018-002 kaserver: prevent KAM_ListEntry information leak - - KAM_ListEntry (kas list) does not initialize its output correctly. It - leaks kaserver memory contents over the wire: - - struct kaindex - - up to 64 bytes for member name - - up to 64 bytes for member instance - - Initialize the buffer. - - [kaduk@mit.edu: move initialization to top of server routine] - - (cherry picked from commit b604ee7add7be416bf20973422a041e913d20761) - - Change-Id: Ic40bb2d5af409399c11a378340ba92174e26112f - -commit 43b3efd4f8cd3227b2b24ff673adeb834f6a3f0b -Author: Mark Vitale -Date: Tue Jun 26 05:12:32 2018 -0400 - - OPENAFS-SA-2018-002 butc: prevent TC_DumpStatus, TC_ScanStatus information leaks - - TC_ScanStatus (backup status) and TC_GetStatus (internal backup status - watcher) do not initialize their output buffers. They leak memory - contents over the wire: - - struct tciStatusS - - up to 64 bytes in member taskName (TC_MAXNAMELEN 64) - - up to 64 bytes in member volumeName " - - Initialize the buffers. - - [kaduk@mit.edu: move initialization to top of server routines] - - (cherry picked from commit be0142707ca54f3de99c4886530e7ac9f48dd61c) - - Change-Id: I7a97ad1dbab004938085b401929d4925d80ff3b2 - -commit b7e53b9e9706d63215a1804ed9eca30d69461f03 -Author: Mark Vitale -Date: Tue Jun 26 05:00:25 2018 -0400 - - OPENAFS-SA-2018-002 butc: prevent TC_ReadLabel information leak - - TC_ReadLabel (backup readlabel) does not initialize its output buffer - completely. It leaks butc memory contents over the wire: - - struct tc_tapeLabel - - up to 32 bytes from member afsname (TC_MAXTAPELEN 32) - - up to 32 bytes from member pname (TC_MAXTAPELEN 32) - - Initialize the buffer. - - [kaduk@mit.edu: move initialization to the RPC stub] - - (cherry picked from commit 52f4d63148323e7d605f9194ff8c1549756e654b) - - Change-Id: Ia5d9dd649bdbd45c8b201f344bf55080a55e3392 - -commit 6f26a945adeca87b669282eed0eaca3dca0a1423 -Author: Mark Vitale -Date: Tue Jun 26 04:39:44 2018 -0400 - - OPENAFS-SA-2018-002 budb: prevent BUDB_* information leaks - - The following budb RPCs do not initialize their output correctly. - This leaks buserver memory contents over the wire: - - BUDB_FindLatestDump (backup dump) - BUDB_FindDump (backup volrestore, diskrestore, volsetrestore) - BUDB_GetDumps (backup dumpinfo) - BUDB_FindLastTape (backup dump) - - struct budb_dumpEntry - - up to 32 bytes in member volumeSetName - - up to 256 bytes in member dumpPath - - up to 32 bytes in member name - - up to 32 bytes in member tape.tapeServer - - up to 32 bytes in member tape.format - - up to 256 bytes in member dumper.name - - up to 128 bytes in member dumper.instance - - up to 256 bytes in member dumper.cell - - Initialize the buffer in common routine FillDumpEntry. - - (cherry picked from commit e96771471134102d3879a0ac8b2c4ef9d91a61b8) - - Change-Id: I85ec8a21966386baa8243326072e5730726cba96 - -commit a6557ffa64d8fab3526c4f89629dcbb965a27780 -Author: Mark Vitale -Date: Tue Jun 26 03:56:24 2018 -0400 - - OPENAFS-SA-2018-002 afs: prevent RXAFSCB_TellMeAboutYourself information leak - - RXAFSCB_TellMeAboutYourself does not completely initialize its output - buffers. This leaks kernel memory over the wire: - - struct interfaceAddr - Unix cache manager (libafs) - - up to 124 bytes in array addr_in ((AFS_MAX_INTERFACE_ADDR 32 * 4) - 4)) - - up to 124 bytes in array subnetmask " - - up to 124 bytes in array mtu " - - Windows cache manager - - 64 bytes in array addr_in ((AFS_MAX_INTERFACE_ADDR 32 - CM_MAXINTERFACE_ADDR 16)* 4) - - 64 bytes in array subnetmask " - - 64 bytes in array mtu " - - The following implementations of SRXAFSCB_TellMeAboutYourself are not susceptible: - - fsprobe - - libafscp - - xstat_fs_test - - Initialize the buffer. - - (cherry picked from commit 211b6d6a4307006da1467b3be46912a3a5d7b20b) - - Change-Id: I2fee5cc9c11ea42726c7c8f9a7d14eafee6142f0 - -commit 3dea4adaa356b7eed40b6162c106c5e90690f5a1 -Author: Mark Vitale -Date: Tue Jun 26 03:47:41 2018 -0400 - - OPENAFS-SA-2018-002 afs: prevent RXAFSCB_GetLock information leak - - RXAFSCB_GetLock (cmdebug) does not correctly initialize its output. - This leaks kernel memory over the wire: - - struct AFSDBLock - - up to 14 bytes for member name (16 - '\0') - - Initialize the buffer. - - (cherry picked from commit b52eb11a08f2ad786238434141987da27b81e743) - - Change-Id: If84c5d9d805356cd56be77313149a931a948b4d5 - -commit e19ad4cdde463d2bbb4b815525da992bd5fc2648 -Author: Mark Vitale -Date: Tue Jun 26 03:37:37 2018 -0400 - - OPENAFS-SA-2018-002 ptserver: prevent PR_ListEntries information leak - - PR_ListEntries (pts listentries) does not properly initialize its output - buffers. This leaks ptserver memory over the wire: - - struct prlistentries - - up to 62 bytes for each entry name (PR_MAXNAMELEN 64 - 'a\0') - - Initialize the buffer, and remove the now redundant memset for the - reserved fields. - - (cherry picked from commit 9d1aeb5d761581a35bef2042e9116b96e9ae3bf5) - - Change-Id: I679c205502941891cbb34f10e648a6f9d83c3c60 - -commit 2d22756de7af2c72b8aca6969825f8e921f01d6c -Author: Mark Vitale -Date: Tue Jun 26 03:00:02 2018 -0400 - - OPENAFS-SA-2018-002 volser: prevent AFSVolMonitor information leak - - AFSVolMonitor (vos status) does not properly initialize its output - buffers. This leaks information from volserver memory: - - struct transDebugInfo - - up to 29 bytes in member lastProcName (30-'\0') - - 16 bytes in members readNext, tranmitNext, lastSendTime, - lastReceiveTime - - Initialize the buffers. This must be done on a per-buffer basis inside - the loop, since realloc is used to expand the storage if needed, - and there is not a standard realloc API to zero the newly allocated storage. - - [kaduk@mit.edu: update commit message] - - (cherry picked from commit 26924fd508b21bb6145e77dc31b6cd0923193b72) - - Change-Id: Id10aa1f4d0b8694f6d85468d743c2fc2a8102339 - -commit 28edf734db08d3a8285e89d9d78aa21db726e4c7 -Author: Mark Vitale -Date: Tue Jun 26 02:33:05 2018 -0400 - - OPENAFS-SA-2018-002 volser: prevent AFSVolPartitionInfo(64) information leak - - AFSVolPartitionInfo and AFSVolPartitionInfo64 (vos partinfo) do not - properly initialize their reply buffers. This leaks the contents of - volserver memory over the wire: - - AFSVolPartitionInfo (struct diskPartition) - - up to 24 bytes in member name (32-'/vicepa\0')) - - up to 12 bytes in member devName (32-'/vicepa/Lock/vicepa\0')) - - AFSVolPartitionInfo64 (struct diskPartition64) - - up to 248 bytes in member name (256-'/vicepa\0')) - - up to 236 bytes in member devName (256-'/vicepa/Lock/vicepa\0') - - Initialize the output buffers. - - [kaduk@mit.edu: move memset to top-level function scope of RPC handlers] - - (cherry picked from commit 76e62c1de868c2b2e3cc56a35474e15dc4cc1551) - - Change-Id: I041b91873a38a2af40f5b0a00b70cc87634f25c8 - -commit c8c8682bb0e84ee5289fac3063119ae524773f61 -Author: Mark Vitale -Date: Mon Jun 25 18:03:12 2018 -0400 - - OPENAFS-SA-2018-002 ptserver: prevent PR_IDToName information leak - - SPR_IDToName does not completely initialize the return array of names, - and thus leaks information from ptserver memory: - - - up to 62 bytes per requested id (PR_MAXNAMELEN 64 - 'a\0') - - Use calloc to ensure that all memory sent on the wire is initialized, - preventing the information leak. - - [kaduk@mit.edu: switch to calloc; update commit message] - - (cherry picked from commit 70b0136d552a0077d3fae68f3aebacd985abd522) - - Change-Id: I787fc26ecb6fa64b17f8579198793903bc4eb16d + butc: repair build error + + Commit c43169fd36348783b1a5a55c5bb05317e86eef82 introduced a build error + by invoking TLog with an extraneous set of internal parentheses. + + Remove the offending parentheses. + + Reviewed-on: https://gerrit.openafs.org/13311 + Tested-by: BuildBot + Reviewed-by: Benjamin Kaduk + (cherry picked from commit 91bab84e7a3b7de2591c475ba4912b0db8899f05) + + Change-Id: I06df561daf37330e6fdd9c9d41b55daa4d6b3886 + Reviewed-on: https://gerrit.openafs.org/13328 + Tested-by: BuildBot + Reviewed-by: Michael Meffie + Reviewed-by: Marcio Brito Barbosa + Reviewed-by: Cheyenne Wills + Reviewed-by: Andrew Deason + Reviewed-by: Stephan Wiesand diff --git a/RELNOTES-1.8.2 b/RELNOTES-1.8.2 deleted file mode 100644 index a5a46db..0000000 --- a/RELNOTES-1.8.2 +++ /dev/null @@ -1,34 +0,0 @@ - User-Visible OpenAFS Changes - -OpenAFS 1.8.2 - - All platforms - - * Fix OPENAFS-SA-2018-002: information leakage in RPC output variables - Various RPC routines did not always initialize all output fields, - exposing memory contents to network attackers. The relevant RPCs include - an AFSCB_ RPC, so cache managers are affected as well as servers. - - All server platforms - - * Fix OPENAFS-SA-2018-003: denial of service due to excess resource consumption - Various RPCs were defined as allowing unbounded arrays as input, allowing - an unauthenticated attacker to cause excess memory allocation and tie up - network bandwidth by sending (or claiming to send) large input arrays. - - * Fix OPENAFS-SA-2018-001: unauthenticated volume operations via butc - On systems using the in-tree backup system, the butc process was running - with administrative credentials, but accepted incoming RPCs over - unauthenticated connections; these incoming RPCs in turn triggered - outgoing RPCs using the administrative credentials. Unauthenticated - attackers could construct volue dumps containing arbitrary contents - and cause these dumps to be restored and overwrite arbitrary volume - contents; afterward, the backup database could be restored to its - initial state, hiding evidence of the unauthorized changes. - - Running butc with -localauth now requires authenticated incoming - connections, and the backup utility makes authenticated connections to - the butc. Audit capabilities have been added to the butc RPC handlers. - Command-line arguments are provided to retain the (insecure) historical - behavior until all systems have been upgraded. - diff --git a/RELNOTES-1.8.3pre1 b/RELNOTES-1.8.3pre1 new file mode 100644 index 0000000..5feedbb --- /dev/null +++ b/RELNOTES-1.8.3pre1 @@ -0,0 +1,59 @@ + User-Visible OpenAFS Changes + +OpenAFS 1.8.3 (in progress) + + All platforms + + * Improved diagnostics and error messages (13186 13411 13417) + + * Avoid sending RX packets with random garbage in the userStatus field + (13332) + + * Fixed detection of the RX initialization status (13416) + + * Assorted fixes to avoid segmentation faults and other potential problems + by detecting internal errors rather than letting them go unnoticed + (13329 13372) + + All server platforms + + * Fixed a build problem accidentally introduced in release 1.8.2 (13328) + + * Assorted efficiency improvements in the ubik implementation (13153 13218 + 13188 13353) + + * Fixed locking around transaction list processing in volserver to avoid + segmentation faults and other potential problems (13336 13337) + + * When the volserver attempts to remove a temporary volume after a + transaction, but the volume was already removed, e.g., by the salvager, + this is no longer treated as an error (13235) + + All client platforms + + * Update the CellServDB to the latest version from grand.central.org from + May 14th 2018 (13409) + + * Avoid a panic during cache initialization when allocating the required + memory fails (13307) + + * Add back the packet counters and timestamps to "vos status" output + which had been missing since release 1.8.0 (13421) + + * Correctly handle errors encountered while reading data from the server + and writing it to the cache, e.g., due to a full cache partition (13443) + + * Avoid a panic due to a recoverable error while flushing cache items + (13503) + + Linux clients + + * Support mainline kernels 4.20 and 5.0 and distribution kernels with + backports from those (13405 13406 13440 13441 13442) + + * DKMS-related fixes in Red Hat packaging (13438 13479) + + macOS + + * Support building and packaging on macOS 10.14 "Mojave" (13412 13413) + diff --git a/openafs-1.8.2-doc.tar.bz2 b/openafs-1.8.2-doc.tar.bz2 deleted file mode 100644 index 790372f..0000000 --- a/openafs-1.8.2-doc.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b9b6ae396952b888192bc3e70d11b13779f8af16965ea8a003cb5f98abb7c826 -size 3801937 diff --git a/openafs-1.8.2-doc.tar.bz2.md5 b/openafs-1.8.2-doc.tar.bz2.md5 deleted file mode 100644 index 3b4509b..0000000 --- a/openafs-1.8.2-doc.tar.bz2.md5 +++ /dev/null @@ -1 +0,0 @@ -3661375b0925446416c09a97c605acbf /home/kaduk/openafs/1.8.2/openafs-1.8.2-doc.tar.bz2 diff --git a/openafs-1.8.2-doc.tar.bz2.sha256 b/openafs-1.8.2-doc.tar.bz2.sha256 deleted file mode 100644 index 36fb538..0000000 --- a/openafs-1.8.2-doc.tar.bz2.sha256 +++ /dev/null @@ -1 +0,0 @@ -b9b6ae396952b888192bc3e70d11b13779f8af16965ea8a003cb5f98abb7c826 openafs-1.8.2-doc.tar.bz2 diff --git a/openafs-1.8.2-src.tar.bz2 b/openafs-1.8.2-src.tar.bz2 deleted file mode 100644 index e05ebd8..0000000 --- a/openafs-1.8.2-src.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:25fd3e4261a72a2cbdd40367e5f981895d80c32aaf309a5842aecc739dd3138e -size 15109003 diff --git a/openafs-1.8.2-src.tar.bz2.md5 b/openafs-1.8.2-src.tar.bz2.md5 deleted file mode 100644 index bc0cf86..0000000 --- a/openafs-1.8.2-src.tar.bz2.md5 +++ /dev/null @@ -1 +0,0 @@ -19f97a11b13e6da51a6dac56d1c42289 /home/kaduk/openafs/1.8.2/openafs-1.8.2-src.tar.bz2 diff --git a/openafs-1.8.2-src.tar.bz2.sha256 b/openafs-1.8.2-src.tar.bz2.sha256 deleted file mode 100644 index c45dabe..0000000 --- a/openafs-1.8.2-src.tar.bz2.sha256 +++ /dev/null @@ -1 +0,0 @@ -25fd3e4261a72a2cbdd40367e5f981895d80c32aaf309a5842aecc739dd3138e openafs-1.8.2-src.tar.bz2 diff --git a/openafs-1.8.3pre1-doc.tar.bz2 b/openafs-1.8.3pre1-doc.tar.bz2 new file mode 100644 index 0000000..8924e1c --- /dev/null +++ b/openafs-1.8.3pre1-doc.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:495e09a585a63e645437ecf42d43d2cfde3874de6e9c1d90cc7e41deb6309acd +size 3846539 diff --git a/openafs-1.8.3pre1-doc.tar.bz2.md5 b/openafs-1.8.3pre1-doc.tar.bz2.md5 new file mode 100644 index 0000000..e7377b3 --- /dev/null +++ b/openafs-1.8.3pre1-doc.tar.bz2.md5 @@ -0,0 +1 @@ +c0f7a24287d38d48445dac2d59abcd85 openafs-1.8.3pre1-doc.tar.bz2 diff --git a/openafs-1.8.3pre1-doc.tar.bz2.sha256 b/openafs-1.8.3pre1-doc.tar.bz2.sha256 new file mode 100644 index 0000000..484ad3b --- /dev/null +++ b/openafs-1.8.3pre1-doc.tar.bz2.sha256 @@ -0,0 +1 @@ +495e09a585a63e645437ecf42d43d2cfde3874de6e9c1d90cc7e41deb6309acd openafs-1.8.3pre1-doc.tar.bz2 diff --git a/openafs-1.8.3pre1-src.tar.bz2 b/openafs-1.8.3pre1-src.tar.bz2 new file mode 100644 index 0000000..5823f92 --- /dev/null +++ b/openafs-1.8.3pre1-src.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:95aa3fa70117f34f52a03cdb8abdd99db84850c4fb1067ac7202b049e7f64c2e +size 15080848 diff --git a/openafs-1.8.3pre1-src.tar.bz2.md5 b/openafs-1.8.3pre1-src.tar.bz2.md5 new file mode 100644 index 0000000..551bed4 --- /dev/null +++ b/openafs-1.8.3pre1-src.tar.bz2.md5 @@ -0,0 +1 @@ +f10b5048d256914d401c5b44f1533263 openafs-1.8.3pre1-src.tar.bz2 diff --git a/openafs-1.8.3pre1-src.tar.bz2.sha256 b/openafs-1.8.3pre1-src.tar.bz2.sha256 new file mode 100644 index 0000000..e4b045a --- /dev/null +++ b/openafs-1.8.3pre1-src.tar.bz2.sha256 @@ -0,0 +1 @@ +95aa3fa70117f34f52a03cdb8abdd99db84850c4fb1067ac7202b049e7f64c2e openafs-1.8.3pre1-src.tar.bz2 diff --git a/openafs.changes b/openafs.changes index b02652f..bea3e44 100644 --- a/openafs.changes +++ b/openafs.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Thu Mar 14 08:37:04 UTC 2019 - Christof Hanke + +- update to pre-release 1.8.3pre1 + * fix builds for Linux-kernels 4.20 and 5.0 + * other fixes, see RELNOTES-1.8.3pre1 + ------------------------------------------------------------------- Wed Jan 16 11:28:27 UTC 2019 - christof.hanke@mpcdf.mpg.de diff --git a/openafs.spec b/openafs.spec index b05cd6d..f749416 100644 --- a/openafs.spec +++ b/openafs.spec @@ -56,27 +56,27 @@ # used for %setup only # leave upstream tar-balls untouched for integrity checks. -%define upstream_version 1.8.2 +%define upstream_version 1.8.3pre1 Name: openafs -Version: 1.8.2 +Version: 1.8.3~pre1 Release: 0 Summary: OpenAFS Distributed File System License: IPL-1.0 Group: System/Filesystems Url: http://www.openafs.org/ -Source0: openafs-%{version}-src.tar.bz2 -Source1: openafs-%{version}-doc.tar.bz2 -Source2: openafs-%{version}-src.tar.bz2.md5 -Source3: openafs-%{version}-doc.tar.bz2.md5 -Source4: openafs-%{version}-src.tar.bz2.sha256 -Source5: openafs-%{version}-doc.tar.bz2.sha256 +Source0: openafs-%{upstream_version}-src.tar.bz2 +Source1: openafs-%{upstream_version}-doc.tar.bz2 +Source2: openafs-%{upstream_version}-src.tar.bz2.md5 +Source3: openafs-%{upstream_version}-doc.tar.bz2.md5 +Source4: openafs-%{upstream_version}-src.tar.bz2.sha256 +Source5: openafs-%{upstream_version}-doc.tar.bz2.sha256 Source10: README.SUSE.openafs Source15: logrotate.openafs-server Source16: ld.conf.openafs -Source18: RELNOTES-%{version} +Source18: RELNOTES-%{upstream_version} Source19: ChangeLog Source20: kernel-source.build-modules.sh Source22: sysconfig.openafs-fuse-client @@ -98,8 +98,6 @@ Patch3: dir_layout.patch Patch4: openafs-1.8.x.ncurses6.patch # PATCH-SUSE-SPECIFIC make KMP work again Patch5: add_arch_to_linux_kernel_make.patch -# PATCH-BACKPORT-FROM-UPSTREAM make KMP build for kernel 4.20 -Patch6: Linux-4.20.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build # @@ -309,7 +307,6 @@ done %setup -q -n openafs-%{upstream_version} -T -b 0 -b 1 %patch3 -p1 %patch5 -p1 -%patch6 -p1 %if %{run_regen} %patch4 -p1