summaryrefslogtreecommitdiffstats
path: root/xlators/protocol/server
Commit message (Collapse)AuthorAgeFilesLines
* server.c: fix Coverity CID 1399758Yaniv Kaul2019-03-211-1/+2
| | | | | | | | | | | | 1399758 Dereference before null check It was introduced @ commit 67f48bfcc16a38052e6c9ae7c25e69b03b8ae008 updates: bz#789278 Signed-off-by: Yaniv Kaul <ykaul@redhat.com> Change-Id: I1424b008b240691fe2a8924e31c708d0fb4f362d
* glusterfsd: Brick is getting crash at the time of startupMohit Agrawal2019-03-131-5/+5
| | | | | | | | | | | | Problem: Brick is getting crash because graph was not activated at the time of accessing server_conf Solution: To avoid the crash check ctx->active before processing a request Change-Id: Ib112e0eace19189e45f430abdac5511c026bed47 fixes: bz#1687705 Signed-off-by: Mohit Agrawal <moagrawal@redhat.com>
* server.c: use dict_() funcs with key length.Yaniv Kaul2019-02-181-15/+19
| | | | | | | | | | | Changed to use the dict_() funcs which take the key length. This happens to also reduce work under the lock in one case as well. Compile-tested only! updates: bz#1193929 Signed-off-by: Yaniv Kaul <ykaul@redhat.com> Change-Id: I958fcc29e95286fe3c74178cae3f01a8b2db26f2
* protocol/server: Use SERVER_REQ_SET_ERROR correctly for dictsPranith Kumar K2019-02-151-275/+236
| | | | | | | | | | Removed op_errno based SERVER_REQ_SET_ERROR() calls which was dead-code. xdr_to_dict() calls have this check which is used in 4.0 version of xdr-to-dict. fixes bz#1676797 Change-Id: I6f56907c85576f1263a6ec04ed7e37f723b01ac3 Signed-off-by: Pranith Kumar K <pkarampu@redhat.com>
* core: heketi-cli is throwing error "target is busy"Mohit Agrawal2019-01-311-2/+2
| | | | | | | | | | | | | | | | | | | | Problem: When rpc-transport-disconnect happens, server_connection_cleanup_flush_cbk() is supposed to call rpc_transport_unref() after open-files on that transport are flushed per transport.But open-fd-count is maintained in bound_xl->fd_count, which can be incremented/decremented cumulatively in server_connection_cleanup() by all transport disconnect paths. So instead of rpc_transport_unref() happening per transport, it ends up doing it only once after all the files on all the transports for the brick are flushed leading to rpc-leaks. Solution: To avoid races maintain fd_cnt at client instead of maintaining on brick Credits: Pranith Kumar Karampuri Change-Id: I6e8ea37a61f82d9aefb227c5b3ab57a7a36850e6 fixes: bz#1668190 Signed-off-by: Mohit Agrawal <moagrawal@redhat.com>
* core: heketi-cli is throwing error "target is busy"Mohit Agrawal2019-01-241-0/+17
| | | | | | | | | | | | | | | Problem: At the time of deleting block hosting volume through heketi-cli , it is throwing an error "target is busy". cli is throwing an error because brick is not detached successfully and brick is not detached due to race condition to cleanp xprt associated with detached brick Solution: To avoid xprt specifc race condition introduce an atomic flag on rpc_transport Change-Id: Id4ff1fe8375a63be71fb3343f455190a1b8bb6d4 fixes: bz#1668190 Signed-off-by: Mohit Agrawal <moagrawal@redhat.com>
* core: Resolve memory leak for brickMohit Agrawal2019-01-161-0/+2
| | | | | | | | | | | Problem: Some functions are not freeing memory allocated by xdr_to_genric so it has become leak Solution: Call free to avoid leak Change-Id: I3524fe2831d1511d378a032f21467edae3850314 fixes: bz#1656682 Signed-off-by: Mohit Agrawal <moagrawal@redhat.com>
* posix: stack-buffer-overflow reported by asanHarpreet Kaur2018-12-261-1/+2
| | | | | | | | | | | | This patch fixes buffer overflow in $SRC/xlators/storage/posix/src/posix-inode-fd-ops.c Memory access at offset 432 overflows "md5_checksum" variable. SUMMARY: AddressSanitizer: stack-buffer-overflow (/lib64/libasan.so.5+0xb825a) updates: bz#1633930 Change-Id: I46010a09161d02cdf0c69679a334ec1d3d49cffb Signed-off-by: Harpreet Kaur <hlalwani@redhat.com>
* copy_file_range support in GlusterFSRaghavendra Bhat2018-12-126-7/+199
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * libglusterfs changes to add new fop * Fuse changes: - Changes in fuse bridge xlator to receive and send responses * posix changes to perform the op on the backend filesystem * protocol and rpc changes for sending and receiving the fop * gfapi changes for performing the fop * tools: glfs-copy-file-range tool for testing copy_file_range fop - Although, copy_file_range support has been added to the upstream fuse kernel module, no release has been made yet of a kernel which contains the support. It is expected to come in the upcoming release of linux-4.20 So, as of now, executing copy_file_range fop on a fused based filesystem results in fuse kernel module sending read on the source fd and write on the destination fd. Therefore a small gfapi based tool has been written to be able test the copy_file_range fop. This tool is similar (in functionality) to the example program given in copy_file_range man page. So, running regular copy_file_range on a fuse mount point and running gfapi based glfs-copy-file-range tool gives some idea about how fast, the copy_file_range (or reflink) can be. On the local machine this was the result obtained. mount -t glusterfs workstation:new /mnt/glusterfs [root@workstation ~]# cd /mnt/glusterfs/ [root@workstation glusterfs]# ls file [root@workstation glusterfs]# cd [root@workstation ~]# time /tmp/a.out /mnt/glusterfs/file /mnt/glusterfs/new real 0m6.495s user 0m0.000s sys 0m1.439s [root@workstation ~]# time glfs-copy-file-range $(hostname) new /tmp/glfs.log /file /rrr OPEN_SRC: opening /file is success OPEN_DST: opening /rrr is success FSTAT_SRC: fstat on /rrr is success copy_file_range successful real 0m0.309s user 0m0.039s sys 0m0.017s This tool needs following arguments 1) hostname 2) volume name 3) log file path 4) source file path (relative to the gluster volume root) 5) destination file path (relative to the gluster volume root) "glfs-copy-file-range <hostname> <volume> <log file path> <source> <destination>" - Added a testcase as well to run glfs-copy-file-range tool * io-stats changes to capture the fop for profiling * NOTE: - Added conditional check to see whether the copy_file_range syscall is available or not. If not, then return ENOSYS. - Added conditional check for kernel minor version in fuse_kernel.h and fuse-bridge while referring to copy_file_range. And the kernel minor version is kept as it is. i.e. 24. Increment it in future when there is a kernel release which contains the support for copy_file_range fop in fuse kernel module. * The document which contains a writeup on this enhancement can be found at https://docs.google.com/document/d/1BSILbXr_knynNwxSyyu503JoTz5QFM_4suNIh2WwrSc/edit Change-Id: I280069c814dd21ce6ec3be00a884fc24ab692367 updates: #536 Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
* libglusterfs: Move devel headers under glusterfs directoryShyamsundarR2018-12-0512-44/+44
| | | | | | | | | | | | | | | | | | | | | | | | libglusterfs devel package headers are referenced in code using include semantics for a program, this while it works can be better especially when dealing with out of tree xlator builds or in general out of tree devel package usage. Towards this, the following changes are done, - moved all devel headers under a glusterfs directory - Included these headers using system header notation <> in all code outside of libglusterfs - Included these headers using own program notation "" within libglusterfs This change although big, is just moving around the headers and making it correct when including these headers from other sources. This helps us correctly include libglusterfs includes without namespace conflicts. Change-Id: Id2a98854e671a7ee5d73be44da5ba1a74252423b Updates: bz#1193929 Signed-off-by: ShyamsundarR <srangana@redhat.com>
* protocol/server: support server.all-squashXie Changlong2018-12-052-19/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | We still use gnfs on our side, so do a little work to support server.all-squash. Just like server.root-squash, it's also a volume wide option. Also see bz#1285126 $ gluster volume set <VOLNAME> server.all-squash on Note: If you enable server.root-squash and server.all-squash at the same time, only server.all-squash works. Please refer to following table +---------------+-----------------+---------------------------+ | |all_squash | no_all_squash | +-------------------------------------------------------------+ | | |anonuid/anongid for root | |root_squash |anonuid/anongid |useruid/usergid for no-root| +-------------------------------------------------------------+ |no_root_squash |anonuid/anongid |useruid/usergid | +-------------------------------------------------------------+ Updates bz#1285126 Signed-off-by: Xie Changlong <xiechanglong@cmss.chinamobile.com> Signed-off-by: Xue Chuanyu <xuechuanyu@cmss.chinamobile.com> Change-Id: Iea043318fe6e9a75fa92b396737985062a26b47e
* rpc: bump up server.event-threadsMilind Changire2018-12-041-1/+1
| | | | | | | | | | | | | | | Problem: A single event-thread causes performance issues in the system. Solution: Bump up event-threads to 2 to make the system more performant. This helps in making the system more responsive and helps avoid the ping-timer-expiry problem as well. However, setting the event-threads to 2 is not the only thing required to avoid ping-timer-expiry issues. Change-Id: Idb0fd49e078db3bd5085dd083b0cdc77b59ddb00 fixes: bz#1653277 Signed-off-by: Milind Changire <mchangir@redhat.com>
* server: Resolve memory leak path in server_initMohit Agrawal2018-12-031-9/+45
| | | | | | | | | | | | | | Problem: 1) server_init does not cleanup allocate resources while it is failed before return error 2) dict leak at the time of graph destroying Solution: 1) free resources in case of server_init is failed 2) Take dict_ref of graph xlator before destroying the graph to avoid leak Change-Id: I9e31e156b9ed6bebe622745a8be0e470774e3d15 fixes: bz#1654917 Signed-off-by: Mohit Agrawal <moagrawal@redhat.com>
* Multiple xlator .h files: remove unused private gf_* memory types.Yaniv Kaul2018-11-301-6/+0
| | | | | | | | | | | | | It seems there were quite a few unused enums (that in turn cause unndeeded memory allocation) in some xlators. I've removed them, hopefully not causing any damage. Compile-tested only! updates: bz#1193929 Signed-off-by: Yaniv Kaul <ykaul@redhat.com> Change-Id: I8252bd763dc1506e2d922496d896cd2fc0886ea7
* rpcsvc: provide each request handler thread its own queueRaghavendra Gowdappa2018-11-291-6/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | A single global per program queue is contended by all request handler threads and event threads. This can lead to high contention. So, reduce the contention by providing each request handler thread its own private queue. Thanks to "Manoj Pillai"<mpillai@redhat.com> for the idea of pairing a single queue with a fixed request-handler-thread and event-thread, which brought down the performance regression due to overhead of queuing significantly. Thanks to "Xavi Hernandez"<xhernandez@redhat.com> for discussion on how to communicate the event-thread death to request-handler-thread. Thanks to "Karan Sandha"<ksandha@redhat.com> for voluntarily running the perf benchmarks to qualify that performance regression introduced by ping-timer-fixes is fixed with this patch and patiently running many iterations of regression tests while RCAing the issue. Thanks to "Milind Changire"<mchangir@redhat.com> for patiently running the many iterations of perf benchmarking tests while RCAing the regression caused by ping-timer-expiry fixes. Change-Id: I578c3fc67713f4234bd3abbec5d3fbba19059ea5 Fixes: bz#1644629 Signed-off-by: Raghavendra Gowdappa <rgowdapp@redhat.com>
* libglusterfs: rename macros roof and floor to not conflict with math.hRaghavendra Gowdappa2018-11-282-2/+2
| | | | | | Change-Id: I666eeb63ebd000711b3f793b948d4e0c04b1a242 Signed-off-by: Raghavendra Gowdappa <rgowdapp@redhat.com> Updates: bz#1644629
* core: create a constant for default network timeoutXavi Hernandez2018-11-231-1/+1
| | | | | | | | | | A new constant named GF_NETWORK_TIMEOUT has been defined and all references to the hard-coded timeout of 42 seconds have been replaced with this constant. Change-Id: Id30f5ce4f1230f9288d9e300538624bcf1a6da27 fixes: bz#1652852 Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
* all: fix the format string exceptionsAmar Tumballi2018-11-051-1/+1
| | | | | | | | | | | | | | | | Currently, there are possibilities in few places, where a user-controlled (like filename, program parameter etc) string can be passed as 'fmt' for printf(), which can lead to segfault, if the user's string contains '%s', '%d' in it. While fixing it, makes sense to make the explicit check for such issues across the codebase, by making the format call properly. Fixes: CVE-2018-14661 Fixes: bz#1644763 Change-Id: Ib547293f2d9eb618594cbff0df3b9c800e88bde4 Signed-off-by: Amar Tumballi <amarts@redhat.com>
* protocol: remove the option 'verify-volfile-checksum'Amar Tumballi2018-11-052-270/+4
| | | | | | | | | | | | | | | | 'getspec' operation is not used between 'client' and 'server' ever since we have off-loaded volfile management to glusterd, ie, at least 7 years. No reason to keep the dead code! The removed option had no meaning, as glusterd didn't provide a way to set (or unset) this option. So, no regression should be observed from any of the existing glusterfs deployment, supported or unsupported. Updates: CVE-2018-14653 Updates: bz#1644756 Change-Id: I4a2e0f673c5bcd4644976a61dbd2d37003a428eb Signed-off-by: Amar Tumballi <amarts@redhat.com>
* server: don't allow '/' in basenameAmar Tumballi2018-11-051-4/+17
| | | | | | | | | | | | | | | | Server stack needs to have all the sort of validation, assuming clients can be compromized. It is possible for a compromized client to send basenames with paths with '/', and with that create files without permission on server. By sanitizing the basename, and not allowing anything other than actual directory as the parent for any entry creation, we can mitigate the effects of clients not able to exploit the server. Fixes: CVE-2018-14651 Fixes: bz#1644755 Change-Id: I5dc0da0da2713452ff2b65ac2ddbccf1a267dc20 Signed-off-by: Amar Tumballi <amarts@redhat.com>
* server-protocol: set the frame type to TYPE_FOPAmar Tumballi2018-10-291-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will allow proper printing of exact 'fop' type to be logged in string, not number, during backtraces. Considering this was not done on brick processes, we have no easy way to glance and understand which fops were pending. What gets changed: After a crash, most of the core-dumps logged were of the form: ``` pending frames: frame : type(0) op(18) frame : type(0) op(18) frame : type(0) op(28) ``` would change to ``` pending frames: frame : type(1) op(SETXATTR) frame : type(1) op(SETXATTR) frame : type(1) op(READDIR) ``` updates: bz#1639599 Change-Id: I0e3d2a8dee9cfde7ed0112a948f5213f546efb80 Signed-off-by: Amar Tumballi <amarts@redhat.com>
* protocol/server: added check for positve value in server-handshake.cArjun Sharma2018-10-211-2/+3
| | | | | | | | This patch fixes CID 1124651 Change-Id: I6f33954f08cfdd7cb4236f9a81ec7980f81d19e7 updates: bz#789278 Signed-off-by: Arjun <arjsharm@redhat.com>
* servers-helpers.c: reduce clang warnings on dead initialization.Yaniv Kaul2018-10-161-464/+177
| | | | | | | | | | | | Assign a value to a parameter on its definition. Removes tens of clang warnings. Compile-tested only! updates: bz#1193929 Signed-off-by: Yaniv Kaul <ykaul@redhat.com> Change-Id: I828bacb4033111af6162772a554cc5c6b2820169
* all: fix warnings on non 64-bits architecturesXavi Hernandez2018-10-101-2/+2
| | | | | | | | | | When compiling in other architectures there appear many warnings. Some of them are actual problems that prevent gluster to work correctly on those architectures. Change-Id: Icdc7107a2bc2da662903c51910beddb84bdf03c0 fixes: bz#1632717 Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
* rpc: coverity fixesMilind Changire2018-10-091-0/+2
| | | | | | | | | | | | | CID: [1] 1394646 Unchecked return value from library CID: [2] 1394633 Unused value CID: 1382443 Sleeping while holding a lock [This is intentional] [1] https://scan6.coverity.com/reports.htm#v40014/p10714/fileInstanceId=86159112&defectInstanceId=26360786&mergedDefectId=1394646 [2] https://scan6.coverity.com/reports.htm#v40014/p10714/fileInstanceId=86159365&defectInstanceId=26360919&mergedDefectId=1394633 Change-Id: I03086f7a9672c9f50a2bc44cdbce0006c887357b updates: bz#789278 Signed-off-by: Milind Changire <mchangir@redhat.com>
* core: glusterfsd keeping fd open in index xlatorMohit Agrawal2018-10-085-69/+223
| | | | | | | | | | | | | | Problem: Current resource cleanup sequence is not perfect while brick mux is enabled Solution: 1) Destroying xprt after cleanup all fd associated with a client 2) Before call fini for brick xlators ensure no stub should be running on a brick Change-Id: I86195785e428f57d3ef0da3e4061021fafacd435 fixes: bz#1631357 Signed-off-by: Mohit Agrawal <moagrawal@redhat.com>
* protocol/server: NULL pointer dereferencing clang fixShwetha K Acharya2018-09-172-4/+14
| | | | | | | | | | Problem: Access to field fop_length results in null pointer dereferencing. Solution: Added condition checks fix the issue. Change-Id: Id408e3ac62ea9574f0cd9aecce5434add09eb7d0 Updates: bz#1622665 Signed-off-by: Shwetha K Acharya <sacharya@redhat.com>
* Land part 2 of clang-format changesGluster Ant2018-09-128-17399/+17000
| | | | | Change-Id: Ia84cc24c8924e6d22d02ac15f611c10e26db99b4 Signed-off-by: Nigel Babu <nigelb@redhat.com>
* Land clang-format changesGluster Ant2018-09-126-481/+411
| | | | Change-Id: I6f5d8140a06f3c1b2d196849299f8d483028d33b
* protocol: don't use allocaAmar Tumballi2018-09-052-103/+58
| | | | | | | | | | | | current implementation of alloca can cause issues when strings larger than the allocated buffer is passed to the xdr. Hence it makes sense to allow XDR decode functions to deal with memory allocations, which we can free later. Fixes: bz#1625097 Change-Id: I3a05553f5702de9575c244649ca0e5ac9abaac94 Signed-off-by: Amar Tumballi <amarts@redhat.com>
* server-protocol: don't allow '../' path in 'name'Amar Tumballi2018-09-051-0/+12
| | | | | | | | | | | | | This will prevent any arbitrary file creation through glusterfs by modifying the client bits. Also check for the similar flaw inside posix too, so we prevent any changes in layers in-between. Fixes: bz#1625095 Signed-off-by: Amar Tumballi <amarts@redhat.com> Change-Id: Id9fe0ef6e86459e8ed85ab947d977f058c5ae06e
* xlators: add classification flag to someAmar Tumballi2018-09-041-0/+1
| | | | | | | | | Add classification to those translators which has `xlator_api_t` already defined and used. Updates: #430 Change-Id: I9d2772cb2c4ed4ab06aaa546500cf3b7d00bddac Signed-off-by: Amar Tumballi <amarts@redhat.com>
* multiple xlators: move from strlen() to sizeof()Yaniv Kaul2018-08-311-1/+1
| | | | | | | | | | | | | | | xlators/performance/nl-cache/src/nl-cache.c xlators/performance/md-cache/src/md-cache.c xlators/protocol/server/src/authenticate.c xlators/storage/bd/src/bd-helper.c For const strings, just do compile time size calc instead of runtime. Compile-tested only! Change-Id: I9b98940a38d85321a69436a1871930da367b918a updates: bz#1193929 Signed-off-by: Yaniv Kaul <ykaul@redhat.com>
* clang-scan: fix multiple issuesAmar Tumballi2018-08-314-2/+20
| | | | | | | | | | | * Buffer overflow issue in glusterfsd * Null argument passed to function expecting non-null (event-epoll) * Make sure the op_ret value is set in macro (posix) Updates: bz#1622665 Change-Id: I32b378fc40a5e3ee800c0dfbc13335d44c9db9ac Signed-off-by: Amar Tumballi <amarts@redhat.com>
* coverity: multiple fixesAmar Tumballi2018-08-311-3/+6
| | | | | | | | CID: 1390477, 1124827 updates: bz#789278 Change-Id: I41060d131aec6e58e7267ac8531b29a70f8c4359 Signed-off-by: Amar Tumballi <amarts@redhat.com>
* build: add --enable-asan configure optionsNiels de Vos2018-08-301-1/+1
| | | | | | | | | | | | | | Introduce a `./configure --enable-asan` to build with `-fsanitize=address -fno-omit-frame-pointer` options. This uses the libasan.so shared library, so that needs to be available. While running builds with the ASAN options, several linker issues surfaced and these have been addressed with this change as well. Building with --enable-asan has been tested on Fedora 28. Change-Id: I428a9da70dd8f7d0056cfbe5c398619a571469b2 Updates: #492 Signed-off-by: Niels de Vos <ndevos@redhat.com>
* protocol: coverity fixesBhumika Goyal2018-08-222-4/+2
| | | | | | | | Fixes CID: 1389388 1389320 1274113 1388881 1388623 1124801 1124795 Change-Id: Ia72abc0560c959b0298f42e25abdfc5523755569 updates: bz#789278 Signed-off-by: Bhumika Goyal <bgoyal@redhat.com>
* All: remove memset() before sprintf()Yaniv Kaul2018-08-141-5/+0
| | | | | | | | | | | | It's not needed. There's a good chance the compiler is smart enough to remove it anyway, but it can't hurt - I hope. Compile-tested only! Change-Id: Id7c054e146ba630227affa591007803f3046416b updates: bz#1193929 Signed-off-by: Yaniv Kaul <ykaul@redhat.com>
* build: rename event.h to gf-event.hNiels de Vos2018-07-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Newer FreeBSD versions (noticed with 10.3-RELEASE) provide a event.h file that on occasion gets included instead of the libglusterfs file. When this happens, 'struct event_pool' will not be defined and building will fail with errors like: autoscale-threads.c:18:55: error: incomplete definition of type 'struct event_pool' int thread_count = pool->eventthreadcount; ~~~~^ autoscale-threads.c:17:16: note: forward declaration of 'struct event_pool' struct event_pool *pool = ctx->event_pool; ^ This problem is caused by 'pkg-config --cflags uuid' that adds /usr/local/include to the GF_CPPFLAGS. The use of libuuid is preferred so that the contrib/uuid/ directory can be removed. By renaming event.h to gf-event.h there is no conflict between the different event.h files anymore and compiling on FreeBSD works without issues. Change-Id: Ie69f6b8a4f8f8e9630d39a86693eb74674f0f763 Updates: bz#1607319 Signed-off-by: Niels de Vos <ndevos@redhat.com>
* All: run codespell on the code and fix issues.Yaniv Kaul2018-07-225-8/+8
| | | | | | | | | | | | Please review, it's not always just the comments that were fixed. I've had to revert of course all calls to creat() that were changed to create() ... Only compile-tested! Change-Id: I7d02e82d9766e272a7fd9cc68e51901d69e5aab5 updates: bz#1193929 Signed-off-by: Yaniv Kaul <ykaul@redhat.com>
* server: Set ssl-allow option in options table and rename IDPrashanth Pai2018-07-111-1/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change explicitly adds 'ssl-allow' options to the server xlator's options table so that glusterd2 can see it as a settable option. This change also marks 'auth.allow' and 'auth.reject' options as a settable. Glusterd2 doesn't maintain a separate volume options table. Glusterd2 dynamically loads shared objects of xlators to read their option table and other information. Glusterd2 reads 'xlator_api_t' if available. If that's not available, it falls back to reading just the options table directly. In glusterd2, volume set operations are performed by users on keys of the format <xlator>.<option-name>. Glusterd2 uses xlator name set in 'xlator_api_t.identifier'. If that's not present it will use the shared object's file name as xlator name. Hence, it is important for 'xlator_api_t.identifier' to be set properly, and in this case, the proper value is "server". This name shall be used by users as prefix while setting volume options implemented in server xlator. The name will also be used in volfile. A user in glusterd2 can authorize a client over TLS as follows: $ glustercli volume set <volname> server.ssl-allow <client1-CN>[,<clientN-CN>] gd2 References: https://github.com/gluster/glusterd2/issues/971 https://github.com/gluster/glusterd2/issues/214 https://github.com/gluster/glusterd2/pull/967 Updates: bz#1193929 Change-Id: I59ef58acb8d51917e6365a83be03e79ae7c5ad17 Signed-off-by: Prashanth Pai <ppai@redhat.com>
* glusterfs: Brick process is crash at the time of call server_first_lookupMohit Agrawal2018-07-091-3/+11
| | | | | | | | | | | | | | | | | | | | Problem: Brick process is getting crash while executing test case tests/bugs/core/bug-1432542-mpx-restart-crash.t Solution: At the time of initiating connection with brick process by client brick process call server_setvolume.If cleanup thread has set cleanup_starting flag after check flag by server_setvolume then a brick process can crash at the time of calling lookup on brick root.To avoid crash check cleanup_starting flag before just call server_first_lookup BUG: 1597627 Change-Id: I12542c124c76429184df34a04c1eae1a30052ca7 fixes: bz#1597627 Signed-off-by: Mohit Agrawal <moagrawa@redhat.com> Note: To test the patch executing test case tests/bugs/core/bug-1432542-mpx-restart-crash.t in a loop around 100 times
* protocol/server: Fix xdata leak in seek fopPranith Kumar K2018-06-111-2/+1
| | | | | | Change-Id: I6125283ed22c04564f0b77bb7a50579a83e02eb0 fixes: bz#1589691 Signed-off-by: Pranith Kumar K <pkarampu@redhat.com>
* glusterfs: Resolve brick crashes at the time of inode_unrefMohit Agrawal2018-05-152-7/+14
| | | | | | | | | | | | | | | Problem: Sometimes brick process is getting crash at the time of calling inode_unref in fd_destroy Solution: Brick process is getting crash because inode is already free by xlator_mem_cleanup call by server_rpc_notify.To resolve the same move code specific to call transport_unref in last in free_state. BUG: 1577574 Change-Id: Ia517c230d68af4e929b6b753e4c374a26c39dc1a fixes: bz#1577574 Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
* Glusterfsd: brick crash during get-statehari gowtham2018-05-111-2/+5
| | | | | | | | | | | The xprt's dereferencing wasn't checked before using it for the strcmp, which caused the segfault and crashed the brick process. fix: Check every deferenced variable before using it. Change-Id: I7f705d1c88a124e8219bb877156fadb17ecf11c3 fixes: bz#1575864 Signed-off-by: hari gowtham <hgowtham@redhat.com>
* protocol/server: don't assume there would be a volfile idAmar Tumballi2018-05-081-1/+9
| | | | | | | | | | | | | | | | | | | | | Earlier glusterfs never had an assumption someone would start it with right arguments, and brick processes would be spawned by a management layer. It just assume the role based on the volfile. Other than volfile, no other arguments should be technically mandatory for working of glusterfs. With this patch, that assumption holds true. Updates: github issue # 352 A note on why this particular issue for this basic sanity? As per the design of thin-arbiter/tie-breaker, it can be started independently on any machine, without need of glusterd. So, similar to 'glusterd', we should be able to spawn a process with any translator without options/volume id etc. fixes: bz#1569399 Change-Id: I5c0650fe0bfde35ad94ccba60e63f6cdcd1ae5ff Signed-off-by: Amar Tumballi <amarts@redhat.com>
* feature/leases : fixing bugs found while testing glfs_test.tJiffin Tony Thottan2018-05-041-2/+0
| | | | | | Change-Id: Iee8f431601ecda184108a079f665e05902b0f78b updates: #350 Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
* protocol/server : unwind as per op versionAshish Pandey2018-05-031-2/+3
| | | | | | | Change-Id: Id6717640ac14881b490e512c4682e45ffffa7f5b fixes: bz#1570538 BUG: 1570538 Signed-off-by: Ashish Pandey <aspandey@redhat.com>
* server/resolver: don't trust inode-table for RESOLVE_NOTRaghavendra G2018-04-301-4/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There have been known races between fops which add a dentry (like lookup, create, mknod etc) and fops that remove a dentry (like rename, unlink, rmdir etc) due to which stale dentries are left out in inode table even though the dentry doesn't exist on backend. For eg., consider a lookup (parent/bname) and unlink (parent/bname) racing in the following order: * lookup hits storage/posix and finds that dentry exists * unlink removes the dentry on storage/posix * unlink reaches protocol/server where the dentry (parent/bname) is unlinked from the inode * lookup reaches protocol/server and creates a dentry (parent/bname) on the inode Now we've a stale dentry (parent/bname) associated with the inode in itable. This situation is bad for fops like link, create etc which invoke resolver with type RESOLVE_NOT. These fops fail with EEXIST even though there is no such dentry on backend fs. This issue can be solved in two ways: * Enable "dentry fop serializer" xlator [1]. # gluster volume set features.sdfs on * Make sure resolver does a lookup on backend when it finds a dentry in itable and validates the state of itable. - If a dentry is not found, unlink those stale dentries from itable and continue with fop - If dentry is found, fail the fop with EEXIST This patch implements second solution as sdfs is not enabled by default in brick xlator stack. Once sdfs is enabled by default, this patch can be reverted. [1] https://github.com/gluster/glusterfs/issues/397 Change-Id: Ia8bb0cf97f97cb0e72639bce8aadb0f6d3f4a34a updates: bz#1543279 BUG: 1543279 Signed-off-by: Raghavendra G <rgowdapp@redhat.com>
* server/auth: add option for strict authenticationMohammed Rafi KC2018-04-204-4/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When this option is enabled, we will check for a matching username and password, if not found then the connection will be rejected. This also does a checksum validation of volfile The option is invalid when SSL/TLS is in use, at which point the SSL/TLS certificate user name is used to validate and hence authorize the right user. This expects TLS allow rules to be setup correctly rather than the default *. This option is not settable, as a result this cannot be enabled for volumes using the CLI. This is used with the shared storage volume, to restrict access to the same in non-SSL/TLS environments to the gluster peers only. Tested: ./tests/bugs/protocol/bug-1321578.t ./tests/features/ssl-authz.t - Ran tests on volumes with and without strict auth checking (as brick vol file needed to be edited to test, or rather to enable the option) - Ran tests on volumes to ensure existing mounts are disconnected when we enable strict checking Change-Id: I2ac4f0cfa5b59cc789cc5a265358389b04556b59 fixes: bz#1568844 Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com> Signed-off-by: ShyamsundarR <srangana@redhat.com>