glusterfs.git/libglusterfs, branch v7.7 open-behind: rewrite of internal logic 2020-06-15T10:53:24+00:00 Xavi Hernandez xhernandez@redhat.com 2020-05-12T21:54:54+00:00 dcbf54581717d10cf82cdce9bc08415ba1e1d19b There was a critical flaw in the previous implementation of open-behind. When an open is done in the background, it's necessary to take a reference on the fd_t object because once we "fake" the open answer, the fd could be destroyed. However as long as there's a reference, the release function won't be called. So, if the application closes the file descriptor without having actually opened it, there will always remain at least 1 reference, causing a leak. To avoid this problem, the previous implementation didn't take a reference on the fd_t, so there were races where the fd could be destroyed while it was still in use. To fix this, I've implemented a new xlator cbk that gets called from fuse when the application closes a file descriptor. The whole logic of handling background opens have been simplified and it's more efficient now. Only if the fop needs to be delayed until an open completes, a stub is created. Otherwise no memory allocations are needed. Correctly handling the close request while the open is still pending has added a bit of complexity, but overall normal operation is simpler. Change-Id: I6376a5491368e0e1c283cc452849032636261592 Fixes: #1225 Signed-off-by: Xavi Hernandez <xhernandez@redhat.com> 
There was a critical flaw in the previous implementation of open-behind.

When an open is done in the background, it's necessary to take a
reference on the fd_t object because once we "fake" the open answer,
the fd could be destroyed. However as long as there's a reference,
the release function won't be called. So, if the application closes
the file descriptor without having actually opened it, there will
always remain at least 1 reference, causing a leak.

To avoid this problem, the previous implementation didn't take a
reference on the fd_t, so there were races where the fd could be
destroyed while it was still in use.

To fix this, I've implemented a new xlator cbk that gets called from
fuse when the application closes a file descriptor.

The whole logic of handling background opens have been simplified and
it's more efficient now. Only if the fop needs to be delayed until an
open completes, a stub is created. Otherwise no memory allocations are
needed.

Correctly handling the close request while the open is still pending
has added a bit of complexity, but overall normal operation is simpler.

Change-Id: I6376a5491368e0e1c283cc452849032636261592
Fixes: #1225
Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
tests: skip tests on absence of reflink in xfs 2020-06-10T10:27:33+00:00 Pranith Kumar K pkarampu@redhat.com 2020-05-06T12:06:20+00:00 ea31f9a7838548dfb759e30a58957d29cd59f87e Fixes: #1223 Change-Id: I36cb72d920ffd77405051546615c5262c392daef Signed-off-by: Pranith Kumar K <pkarampu@redhat.com> 
Fixes: #1223
Change-Id: I36cb72d920ffd77405051546615c5262c392daef
Signed-off-by: Pranith Kumar K <pkarampu@redhat.com>
utime: resolve an issue of permission denied logs 2020-04-07T11:14:40+00:00 Amar Tumballi amar@kadalu.io 2020-03-03T19:16:08+00:00 0a67613d683cd07aea8d91243db7ef2298f25921 In case where uid is not set to be 0, there are possible errors from acl xlator. So, set `uid = 0;` with pid indicating this is set from UTIME activity. The message "E [MSGID: 148002] [utime.c:146:gf_utime_set_mdata_setxattr_cbk] 0-dev_SNIP_data-utime: dict set of key for set-ctime-mdata failed [Permission denied]" repeated 2 times between [2019-12-19 21:27:55.042634] and [2019-12-19 21:27:55.047887] Change-Id: Ieadf329835a40a13ac0bf908dac776e66954466c Updates: #832 Signed-off-by: Amar Tumballi <amar@kadalu.io> (cherry picked from commit eb916c057036db8289b41265797e5dce066d1512) 
In case where uid is not set to be 0, there are possible errors
from acl xlator. So, set `uid = 0;` with pid indicating this is
set from UTIME activity.

The message "E [MSGID: 148002] [utime.c:146:gf_utime_set_mdata_setxattr_cbk] 0-dev_SNIP_data-utime: dict set of key for set-ctime-mdata failed [Permission denied]" repeated 2 times between [2019-12-19 21:27:55.042634] and [2019-12-19 21:27:55.047887]

Change-Id: Ieadf329835a40a13ac0bf908dac776e66954466c
Updates: #832
Signed-off-by: Amar Tumballi <amar@kadalu.io>
(cherry picked from commit eb916c057036db8289b41265797e5dce066d1512)
events: fix IPv6 memory corruption 2020-03-17T06:02:42+00:00 Xavi Hernandez xhernandez@redhat.com 2020-01-14T12:28:47+00:00 d17860ab2fb06984a0e7bf1740326c4b0f398c5c When an event was generated and the target host was resolved to an IPv6 address, there was a memory overflow when that address was copied to a fixed IPv4 structure (IPv6 addresses are longer than IPv4 ones). This fix correctly handles IPv4 and IPv6 addresses returned by getaddrinfo() Backport of: > Change-Id: I5864a0c6e6f1b405bd85988529570140cf23b250 > Fixes: bz#1790870 > Signed-off-by: Xavi Hernandez <xhernandez@redhat.com> Change-Id: I5864a0c6e6f1b405bd85988529570140cf23b250 Fixes: #1030 Signed-off-by: Xavi Hernandez <xhernandez@redhat.com> 
When an event was generated and the target host was resolved to an IPv6
address, there was a memory overflow when that address was copied to a
fixed IPv4 structure (IPv6 addresses are longer than IPv4 ones).

This fix correctly handles IPv4 and IPv6 addresses returned by
getaddrinfo()

Backport of:
> Change-Id: I5864a0c6e6f1b405bd85988529570140cf23b250
> Fixes: bz#1790870
> Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>

Change-Id: I5864a0c6e6f1b405bd85988529570140cf23b250
Fixes: #1030
Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
eventsapi: Set IPv4/IPv6 family based on input IP 2020-03-16T08:11:11+00:00 Aravinda VK avishwan@redhat.com 2019-09-16T04:34:26+00:00 f3b85b01e4b61a52598a6789c61997c5dad65bf0 server.sin_family was set to AF_INET while creating socket connection, this was failing if the input address is IPv6(`::1`). With this patch, sin_family is set by reading the ai_family of `getaddrinfo` result. Backport of: > Fixes: bz#1752330 > Change-Id: I499f957b432842fa989c698f6e5b25b7016084eb > Signed-off-by: Aravinda VK <avishwan@redhat.com> Fixes: bz#1807785 Change-Id: I499f957b432842fa989c698f6e5b25b7016084eb Signed-off-by: Aravinda VK <avishwan@redhat.com> 
server.sin_family was set to AF_INET while creating socket connection,
this was failing if the input address is IPv6(`::1`).

With this patch, sin_family is set by reading the ai_family of
`getaddrinfo` result.

Backport of:
> Fixes: bz#1752330
> Change-Id: I499f957b432842fa989c698f6e5b25b7016084eb
> Signed-off-by: Aravinda VK <avishwan@redhat.com>

Fixes: bz#1807785
Change-Id: I499f957b432842fa989c698f6e5b25b7016084eb
Signed-off-by: Aravinda VK <avishwan@redhat.com>
core: fix memory pool management races 2020-02-25T17:02:58+00:00 Xavi Hernandez xhernandez@redhat.com 2020-02-07T09:19:57+00:00 9542e65cd342b4fb579dcaa60d31819a3fc1271a Objects allocated from a per-thread memory pool keep a reference to it to be able to return the object to the pool when not used anymore. The object holding this reference can have a long life cycle that could survive a glfs_fini() call. This means that it's unsafe to destroy memory pools from glfs_fini(). Another side effect of destroying memory pools from glfs_fini() is that the TLS variable that points to one of those pools cannot be reset for all alive threads. This means that any attempt to allocate memory from those threads will access already free'd memory, which is very dangerous. To fix these issues, mem_pools_fini() doesn't destroy pool lists anymore. They should be destroyed when the library is unloaded or the process is terminated, but this cannot be done right now because gluster doesn't stop other threads before calling exit(), which could cause some races. This patch is the backport of 2 master patches: > Change-Id: Ib189a5510ab6bdac78983c6c65a022e9634b0965 > Fixes: bz#1801684 > Signed-off-by: Xavi Hernandez <xhernandez@redhat.com> > > Change-Id: Id7cfb4407fcf208e28f03a7c3cdc3ef9c1f3bf9b > Fixes: bz#1801684 > Signed-off-by: Xavi Hernandez <xhernandez@redhat.com> Change-Id: Id7cfb4407fcf208e28f03a7c3cdc3ef9c1f3bf9b Fixes: bz#1805668 Signed-off-by: Xavi Hernandez <xhernandez@redhat.com> 
Objects allocated from a per-thread memory pool keep a reference to it
to be able to return the object to the pool when not used anymore. The
object holding this reference can have a long life cycle that could
survive a glfs_fini() call.

This means that it's unsafe to destroy memory pools from glfs_fini().

Another side effect of destroying memory pools from glfs_fini() is that
the TLS variable that points to one of those pools cannot be reset for
all alive threads.  This means that any attempt to allocate memory from
those threads will access already free'd memory, which is very
dangerous.

To fix these issues, mem_pools_fini() doesn't destroy pool lists
anymore. They should be destroyed when the library is unloaded or the
process is terminated, but this cannot be done right now because
gluster doesn't stop other threads before calling exit(), which could
cause some races.

This patch is the backport of 2 master patches:
> Change-Id: Ib189a5510ab6bdac78983c6c65a022e9634b0965
> Fixes: bz#1801684
> Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
>
> Change-Id: Id7cfb4407fcf208e28f03a7c3cdc3ef9c1f3bf9b
> Fixes: bz#1801684
> Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>

Change-Id: Id7cfb4407fcf208e28f03a7c3cdc3ef9c1f3bf9b
Fixes: bz#1805668
Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
volgen: make thin-arbiter name unique in 'pending-xattr' option 2020-02-17T09:52:06+00:00 Amar Tumballi amar@kadalu.io 2020-02-04T17:32:51+00:00 8b45b798a1fec498cdad36c79c5976b607bb1be9 Thin-arbiter module makes use of 'pending-xattr' name for the translator as the filename which gets created in thin-arbiter node. By making this unique, we can host single thin-arbiter node for multiple clusters. Updates: #763 Change-Id: Ib3c732e7e04e6dba229e71ae3e64f1f3cb6d794d Signed-off-by: Amar Tumballi <amar@kadalu.io> (cherry picked from commit 8db8202f716fd24c8c52f8ee5f66e169310dc9b1) 
Thin-arbiter module makes use of 'pending-xattr' name for the translator
as the filename which gets created in thin-arbiter node. By making this
unique, we can host single thin-arbiter node for multiple clusters.

Updates: #763
Change-Id: Ib3c732e7e04e6dba229e71ae3e64f1f3cb6d794d
Signed-off-by: Amar Tumballi <amar@kadalu.io>
(cherry picked from commit 8db8202f716fd24c8c52f8ee5f66e169310dc9b1)
gf-event: Handle unix volfile-servers 2020-02-10T07:31:40+00:00 Pranith Kumar K pkarampu@redhat.com 2019-10-24T06:54:35+00:00 f4f24c8c782bf4fa601f7ef14bbf2e2b6583cd90 Problem: glfsheal program uses unix-socket-based volfile server. volfile server will be the path to socket in this case. gf_event expects this to be hostname in all cases. So getaddrinfo will fail on the unix-socket path, events won't be sent in this case. Fix: In case of unix sockets, default to localhost fixes: bz#1793085 Change-Id: I60d27608792c29d83fb82beb5fde5ef4754bece8 Signed-off-by: Pranith Kumar K <pkarampu@redhat.com> 
Problem:
glfsheal program uses unix-socket-based volfile server.
volfile server will be the path to socket in this case.
gf_event expects this to be hostname in all cases. So getaddrinfo
will fail on the unix-socket path, events won't be sent in this case.

Fix:
In case of unix sockets, default to localhost

fixes: bz#1793085
Change-Id: I60d27608792c29d83fb82beb5fde5ef4754bece8
Signed-off-by: Pranith Kumar K <pkarampu@redhat.com>
timer: fix event destruction race 2020-01-10T05:36:52+00:00 Xavi Hernandez xhernandez@redhat.com 2019-12-19T10:58:54+00:00 2fc16af00b12b3aa92d373aa1d5a4b9fd6ce6b94 In current timer implementation, each event has an absolute time at which it will be fired. When the first timer of the queue has not elapsed yet, a pthread_cond_timedwait() is used to wait until the expected time. Apparently that's fine. However the time passed to that function was a pointer to the timespec structure contained in the event itself. This is problematic because of how pthread_cond_timedwait() works internally. Simplifying a bit, pthread_cond_timedwait() basically queues itself as a waiter for the given condition variable and releases the mutex. Then it does the timed wait using the passed value. With that in mind, the follwing case is possible: Timer Thread Other Thread ------------ ------------ gf_timer_call_cancel() pthread_mutex_lock() | + pthread_mutex_lock() event = current_event() | pthread_cond_timedwait(&event->at) | + pthread_mutex_unlock() | | + remove_event() | + destroy_event() + timed_wait(&event->at) As we can see, the time is used after it has been destroyed, which means we have a use-after-free problem. This patch fixes the problem by copying the time to a local variable before calling pthread_cond_timedwait() Backport of: > Change-Id: I0f4e8eded24fe3a1276dc75c6cf093bae973d26b > Signed-off-by: Xavi Hernandez <xhernandez@redhat.com> > Fixes: bz#1785208 Change-Id: I0f4e8eded24fe3a1276dc75c6cf093bae973d26b Signed-off-by: Xavi Hernandez <xhernandez@redhat.com> Fixes: bz#1767264 
In current timer implementation, each event has an absolute time at which
it will be fired. When the first timer of the queue has not elapsed yet,
a pthread_cond_timedwait() is used to wait until the expected time.

Apparently that's fine. However the time passed to that function was a
pointer to the timespec structure contained in the event itself. This is
problematic because of how pthread_cond_timedwait() works internally.

Simplifying a bit, pthread_cond_timedwait() basically queues itself as a
waiter for the given condition variable and releases the mutex. Then it
does the timed wait using the passed value.

With that in mind, the follwing case is possible:

   Timer Thread                            Other Thread
   ------------                            ------------

					   gf_timer_call_cancel()
   pthread_mutex_lock()                    |
                                           + pthread_mutex_lock()
   event = current_event()                 |
   pthread_cond_timedwait(&event->at)      |
   + pthread_mutex_unlock()                |
   |                                       + remove_event()
   |                                       + destroy_event()
   + timed_wait(&event->at)

As we can see, the time is used after it has been destroyed, which means
we have a use-after-free problem.

This patch fixes the problem by copying the time to a local variable
before calling pthread_cond_timedwait()

Backport of:
> Change-Id: I0f4e8eded24fe3a1276dc75c6cf093bae973d26b
> Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
> Fixes: bz#1785208

Change-Id: I0f4e8eded24fe3a1276dc75c6cf093bae973d26b
Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
Fixes: bz#1767264
afr: expose cluster.optimistic-change-log to CLI. 2020-01-09T13:22:22+00:00 Ravishankar N ravishankar@redhat.com 2020-01-08T05:41:53+00:00 dc2c94c6df87cb3e97adfff080123db883f7a591 Backport of https://review.gluster.org/#/c/glusterfs/+/23960/ This volume option was not made avaialble to `gluster volume set` CLI. Reported-by: epolakis(https://github.com/kinsu) in https://github.com/gluster/glusterfs/issues/781 fixes: bz#1788785 Change-Id: I7141bdd4e53ee99e22b354edde8d023bfc0b2cd7 Signed-off-by: Ravishankar N <ravishankar@redhat.com> 
Backport of https://review.gluster.org/#/c/glusterfs/+/23960/

This volume option was not made avaialble to `gluster volume set` CLI.

Reported-by: epolakis(https://github.com/kinsu) in
https://github.com/gluster/glusterfs/issues/781

fixes: bz#1788785
Change-Id: I7141bdd4e53ee99e22b354edde8d023bfc0b2cd7
Signed-off-by: Ravishankar N <ravishankar@redhat.com>