glusterfs.git/xlators/nfs/server/src/acl3.c, branch v3.7.15 nfs / acl3.c, nlm files : port log messages to a new framework 2015-05-06T20:27:32+00:00 Manikandan Selvaganesh mselvaga@redhat.com 2015-04-13T10:56:56+00:00 147ea6693c6037e998c7e0b1b776d92a0b277a99 Backport of http://review.gluster.org/#/c/10217/ Porting log messages to a new framework for acl3.c, nlm4.c, nlmcbk_svc.c Cherry picked from a7f848245ae5b0e4bbe363de13ec1676753352c5 > Change-Id: Iee4daae4fe1460eddf95d285615335b836d7f958 > BUG: 1194640 > Signed-off-by: Manikandan Selvaganesh <mselvaga@redhat.com> > Reviewed-on: http://review.gluster.org/10217 > Tested-by: Gluster Build System <jenkins@build.gluster.com> > Reviewed-by: Niels de Vos <ndevos@redhat.com> Change-Id: Iee4daae4fe1460eddf95d285615335b836d7f958 Signed-off-by: Manikandan Selvaganesh <mselvaga@redhat.com> BUG: 1217722 Reviewed-on: http://review.gluster.org/10549 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> Reviewed-by: Niels de Vos <ndevos@redhat.com> 
        Backport of http://review.gluster.org/#/c/10217/

Porting log messages to a new framework for acl3.c, nlm4.c,
nlmcbk_svc.c

Cherry picked from a7f848245ae5b0e4bbe363de13ec1676753352c5
> Change-Id: Iee4daae4fe1460eddf95d285615335b836d7f958
> BUG: 1194640
> Signed-off-by: Manikandan Selvaganesh <mselvaga@redhat.com>
> Reviewed-on: http://review.gluster.org/10217
> Tested-by: Gluster Build System <jenkins@build.gluster.com>
> Reviewed-by: Niels de Vos <ndevos@redhat.com>

Change-Id: Iee4daae4fe1460eddf95d285615335b836d7f958
Signed-off-by: Manikandan Selvaganesh <mselvaga@redhat.com>
BUG: 1217722
Reviewed-on: http://review.gluster.org/10549
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Avoid conflict between contrib/uuid and system uuid 2015-04-04T17:48:35+00:00 Emmanuel Dreyfus manu@netbsd.org 2015-04-02T13:51:30+00:00 28397cae4102ac3f08576ebaf071ad92683097e8 glusterfs relies on Linux uuid implementation, which API is incompatible with most other systems's uuid. As a result, libglusterfs has to embed contrib/uuid, which is the Linux implementation, on non Linux systems. This implementation is incompatible with systtem's built in, but the symbols have the same names. Usually this is not a problem because when we link with -lglusterfs, libc's symbols are trumped. However there is a problem when a program not linked with -lglusterfs will dlopen() glusterfs component. In such a case, libc's uuid implementation is already loaded in the calling program, and it will be used instead of libglusterfs's implementation, causing crashes. A possible workaround is to use pre-load libglusterfs in the calling program (using LD_PRELOAD on NetBSD for instance), but such a mechanism is not portable, nor is it flexible. A much better approach is to rename libglusterfs's uuid_* functions to gf_uuid_* to avoid any possible conflict. This is what this change attempts. BUG: 1206587 Change-Id: I9ccd3e13afed1c7fc18508e92c7beb0f5d49f31a Signed-off-by: Emmanuel Dreyfus <manu@netbsd.org> Reviewed-on: http://review.gluster.org/10017 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Niels de Vos <ndevos@redhat.com> 
glusterfs relies on Linux uuid implementation, which
API is incompatible with most other systems's uuid. As
a result, libglusterfs has to embed contrib/uuid,
which is the Linux implementation, on non Linux systems.
This implementation is incompatible with systtem's
built in, but the symbols have the same names.

Usually this is not a problem because when we link
with -lglusterfs, libc's symbols are trumped. However
there is a problem when a program not linked with
-lglusterfs will dlopen() glusterfs component. In
such a case, libc's uuid implementation is already
loaded in the calling program, and it will be used
instead of libglusterfs's implementation, causing
crashes.

A possible workaround is to use pre-load libglusterfs
in the calling program (using LD_PRELOAD on NetBSD for
instance), but such a mechanism is not portable, nor
is it flexible. A much better approach is to rename
libglusterfs's uuid_* functions to gf_uuid_* to avoid
any possible conflict. This is what this change attempts.

BUG: 1206587
Change-Id: I9ccd3e13afed1c7fc18508e92c7beb0f5d49f31a
Signed-off-by: Emmanuel Dreyfus <manu@netbsd.org>
Reviewed-on: http://review.gluster.org/10017
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
nfs: prevent logging missing 'system.posix_acl_access' xattrs 2015-03-09T04:31:31+00:00 Niels de Vos ndevos@redhat.com 2015-02-27T22:47:26+00:00 f7f446f0a5bc37ba1096604618ab9850341959ef Change http://review.gluster.org/9773 addresses the majority of the logging, but it seems it is still possible to trigger the excessive logging by requesting the ACL on files directly. Lets squash those too. BUG: 1197253 Change-Id: I9e90ddd45f1a39641478f34c69c64dfe1c11c727 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/9781 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Meghana M <mmadhusu@redhat.com> 
Change http://review.gluster.org/9773 addresses the majority of the
logging, but it seems it is still possible to trigger the excessive
logging by requesting the ACL on files directly. Lets squash those too.

BUG: 1197253
Change-Id: I9e90ddd45f1a39641478f34c69c64dfe1c11c727
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/9781
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Meghana M <mmadhusu@redhat.com>
nfs: prevent logging missing 'system.posix_acl_*' xattrs 2015-03-02T07:49:45+00:00 Niels de Vos ndevos@redhat.com 2015-02-27T22:47:26+00:00 4f143bfe4eabc34c5682a3b0421092e5e22ee507 The nfs.log gets spammed with messages that the system.posix_acl_access and system.posix_acl_default xattrs are not set. The logging happens because the dictionary that contains the xattrs is empty/NULL in case the getxattr() did not return any contents for the ACLs. Change-Id: Id31e30635146599915c6d8674a2dde065f348adc BUG: 1197253 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/9773 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Meghana M <mmadhusu@redhat.com> 
The nfs.log gets spammed with messages that the system.posix_acl_access
and system.posix_acl_default xattrs are not set. The logging happens
because the dictionary that contains the xattrs is empty/NULL in case
the getxattr() did not return any contents for the ACLs.

Change-Id: Id31e30635146599915c6d8674a2dde065f348adc
BUG: 1197253
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/9773
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Meghana M <mmadhusu@redhat.com>
nfs: nfs3_stat_to_fattr3() improvement 2015-02-28T17:30:03+00:00 Niels de Vos ndevos@redhat.com 2015-02-27T14:30:04+00:00 32dd227726ce60b2e60b8df61ca174d96a1b8b34 During a review of backorti http://review.gluster.org/9170, Kaleb points out: ick, return-by-value. About 50% slower than passing a pointer to the target struct. Change-Id: I4464e6a4e50d82d446a834892d0308332b7c32d0 BUG: 1197142 Reported-by: Kaleb KEITHLEY <kkeithle@redhat.com> Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/9772 Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> 
During a review of backorti http://review.gluster.org/9170, Kaleb points
out:

    ick, return-by-value. About 50% slower than passing a pointer to the
    target struct.

Change-Id: I4464e6a4e50d82d446a834892d0308332b7c32d0
BUG: 1197142
Reported-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/9772
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
gNFS: Allow reading ACLs even without read permissions on the file. 2014-11-13T19:58:00+00:00 Meghana Madhusudhan mmadhusu@redhat.com 2014-11-10T09:50:51+00:00 878b30420891c8b00043391cdce90930eaf18795 When root-squash is enabled or when no permissions are given to a file, NFS threw permission errors. According to the kernel-nfs behaviour, no permissions are required to read ACLs. When no ACLs are set, the system call sys_lgetxattr fails and returns a ENODATA error. This translates to ESERVERFAULT error in NFS. Fuse makes an exception to this error and returns a success case. Similar changes are made here to achieve the expected behaviour. Change-Id: I46b8f5911114eb087a3f8ca4e921b6b41e83f3b3 BUG: 1161092 Signed-off-by: Meghana Madhusudhan <mmadhusu@redhat.com> Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/9085 Tested-by: Gluster Build System <jenkins@build.gluster.com> 
When root-squash is enabled or when no permissions are given to
a file, NFS threw permission errors. According to the kernel-nfs
behaviour, no permissions are required to read ACLs.

When no ACLs are set, the system call sys_lgetxattr fails and
returns a ENODATA error. This translates to ESERVERFAULT error
in NFS. Fuse makes an exception to this error and returns a success
case. Similar changes are made here to achieve the expected behaviour.

Change-Id: I46b8f5911114eb087a3f8ca4e921b6b41e83f3b3
BUG: 1161092
Signed-off-by: Meghana Madhusudhan <mmadhusu@redhat.com>
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/9085
Tested-by: Gluster Build System <jenkins@build.gluster.com>
gNFS: Fix memory leak in setacl code path 2014-09-08T13:01:24+00:00 Santosh Kumar Pradhan spradhan@redhat.com 2014-09-08T11:14:23+00:00 5c869aea79c0f304150eac014c7177e74ce0852e If ACL is set on a file in Gluster NFS mount (setfacl command), and it succeed, then the NFS call state data is leaked. Though all the failure code path frees up the memory. Impact: There is a OOM kill i.e. vdsm invoked oom-killer during rebalance and Killed process 4305, UID 0, (glusterfs nfs process) FIX: Make sure to deallocate the memory for call state in acl3_setacl_cbk() using nfs3_call_state_wipe(); Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com> Change-Id: I9caa3f851e49daaba15be3eec626f1f2dd8e45b3 BUG: 1139195 Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com> Reviewed-on: http://review.gluster.org/8651 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Niels de Vos <ndevos@redhat.com> 
If ACL is set on a file in Gluster NFS mount (setfacl command),
and it succeed, then the NFS call state data is leaked. Though
all the failure code path frees up the memory.

Impact: There is a OOM kill i.e. vdsm invoked oom-killer during
rebalance and Killed process 4305, UID 0, (glusterfs nfs process)

FIX:
Make sure to deallocate the memory for call state in acl3_setacl_cbk()
using nfs3_call_state_wipe();

Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com>

Change-Id: I9caa3f851e49daaba15be3eec626f1f2dd8e45b3
BUG: 1139195
Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com>
Reviewed-on: http://review.gluster.org/8651
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
rpcsvc: Validate RPC procedure number before fetch 2014-05-17T18:56:01+00:00 Santosh Kumar Pradhan spradhan@redhat.com 2014-05-09T09:31:19+00:00 1dd80a2e7762bc72d11a432a1ebd16be181dcb86 While accessing the procedures of given RPC program in, rpcsvc_get_program_vector_sizer(), It was not checking boundary conditions which would cause buffer overflow and subsequently SEGV. Make sure rpcsvc_actor_t arrays have numactors number of actors. FIX: Validate the RPC procedure number before fetching the actor. Special Thanks to: Murray Ketchion, Grant Byers Change-Id: I8b5abd406d47fab8fca65b3beb73cdfe8cd85b72 BUG: 1096020 Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com> Reviewed-on: http://review.gluster.org/7726 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Rajesh Joseph <rjoseph@redhat.com> Reviewed-by: Anand Avati <avati@redhat.com> 
While accessing the procedures of given RPC program in,
rpcsvc_get_program_vector_sizer(), It was not checking boundary
conditions which would cause buffer overflow and subsequently SEGV.

Make sure rpcsvc_actor_t arrays have numactors number of actors.

FIX:
Validate the RPC procedure number before fetching the actor.

Special Thanks to: Murray Ketchion, Grant Byers

Change-Id: I8b5abd406d47fab8fca65b3beb73cdfe8cd85b72
BUG: 1096020
Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com>
Reviewed-on: http://review.gluster.org/7726
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Rajesh Joseph <rjoseph@redhat.com>
Reviewed-by: Anand Avati <avati@redhat.com>
gNFS: Possible NULL pointer dereference 2014-02-07T16:43:59+00:00 Santosh Kumar Pradhan spradhan@redhat.com 2014-02-03T09:42:22+00:00 9f699ccd42712e5b991bd33319caf1e5c902f894 In NFS-ACL code (acl3.c) i.e. acl3svc_setacl(), contol can go to "acl3err" block from setaclargs.mask validation or acl3_validate_gluster_fh() and acl3_map_fh_to_volume() macros. But at this point of time "cs" is yet to be init'd (the macro acl3_handle_call_state_init() is not yet invoked) which can cause a NULL ptr deref. FIX: Refactor the acl3 code. Coverity ID (CID): 1124491 Change-Id: I3aca38770e03ce59d1705653b6d8349e6cc153b2 BUG: 789278 Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com> Reviewed-on: http://review.gluster.org/6890 Reviewed-by: Rajesh Joseph <rjoseph@redhat.com> Reviewed-by: Niels de Vos <ndevos@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com> 
In NFS-ACL code (acl3.c) i.e. acl3svc_setacl(), contol can
go to "acl3err" block from setaclargs.mask validation or
acl3_validate_gluster_fh() and acl3_map_fh_to_volume() macros.
But at this point of time "cs" is yet to be init'd (the macro
acl3_handle_call_state_init() is not yet invoked) which can
cause a NULL ptr deref.

FIX:
Refactor the acl3 code.

Coverity ID (CID): 1124491

Change-Id: I3aca38770e03ce59d1705653b6d8349e6cc153b2
BUG: 789278
Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com>
Reviewed-on: http://review.gluster.org/6890
Reviewed-by: Rajesh Joseph <rjoseph@redhat.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
gNFS: Server sets ACL mask wrongly in GETACL reply 2014-01-13T07:48:15+00:00 Santosh Kumar Pradhan spradhan@redhat.com 2014-01-10T06:27:05+00:00 5a26daaea96aa3f7855b8d75b6568449f5466cc2 FIX: 1. Set the ACL mask what was requested by client 2. Validate the ACL mask in SETACL routine Change-Id: Icb8576a8fe2684e0beaf94e8db6a92bc70bbfe7f BUG: 1051865 Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com> Reviewed-on: http://review.gluster.org/6683 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com> 
FIX:
1. Set the ACL mask what was requested by client
2. Validate the ACL mask in SETACL routine

Change-Id: Icb8576a8fe2684e0beaf94e8db6a92bc70bbfe7f
BUG: 1051865
Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com>
Reviewed-on: http://review.gluster.org/6683
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>