glusterfs.git/xlators/nfs/server/src/auth-cache.c, branch v5.3 Land part 2 of clang-format changes 2018-09-12T12:22:45+00:00 Gluster Ant bugzilla-bot@gluster.org 2018-09-12T12:22:45+00:00 e16868dede6455cab644805af6fe1ac312775e13 Change-Id: Ia84cc24c8924e6d22d02ac15f611c10e26db99b4 Signed-off-by: Nigel Babu <nigelb@redhat.com> 
Change-Id: Ia84cc24c8924e6d22d02ac15f611c10e26db99b4
Signed-off-by: Nigel Babu <nigelb@redhat.com>
nfs: Reference count export items 2017-12-08T22:33:20+00:00 Shreyas Siravara sshreyas@fb.com 2017-12-07T16:00:16+00:00 1926cada4a7acf48aa7cbf5ef8bb8942ae10b522 Export items are used in the auth cache and need to be reference counted to avoid use-after free bugs. Change-Id: I5cdcdc1cc6abad26c7077d66a14f263da07678ac BUG: 1522847 Signed-off-by: Shreyas Siravara <sshreyas@fb.com> 
Export items are used in the auth cache and need to be reference
counted to avoid use-after free bugs.

Change-Id: I5cdcdc1cc6abad26c7077d66a14f263da07678ac
BUG: 1522847
Signed-off-by: Shreyas Siravara <sshreyas@fb.com>
refcount: return pointer to the structure instead of a counter 2016-12-11T08:47:05+00:00 Niels de Vos ndevos@redhat.com 2016-11-29T15:51:58+00:00 2f0e9ab1ef271132b8b7b1af25e23ac7bb0720c8 There are no real users of the counter. It was thought of a handy tool to track and debug refcounting, but it is not used at all. Some parts of the code would benefit from a pointer getting returned instead. BUG: 1399780 Change-Id: I97e52c48420fed61be942ea27ff4849b803eed12 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/15971 Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: Xavier Hernandez <xhernandez@datalab.es> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> 
There are no real users of the counter. It was thought of a handy tool
to track and debug refcounting, but it is not used at all. Some parts of
the code would benefit from a pointer getting returned instead.

BUG: 1399780
Change-Id: I97e52c48420fed61be942ea27ff4849b803eed12
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/15971
Smoke: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: Xavier Hernandez <xhernandez@datalab.es>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
nfs: fix unused variable warnings/errors 2016-08-23T07:45:52+00:00 Kaleb S. KEITHLEY kkeithle@redhat.com 2016-08-22T16:15:04+00:00 99e2438a1f42abdac316ae0f92497329733a20f3 http://review.gluster.org/14085 fixes a/the "leak" - via the generated rpc/xdr headers - of pragmas that mask these warnings. However 14085 won't pass the smoke test until all the warnings are fixed. Change-Id: I0e872a8025c3b1b5e2aa15d8fe66248e2fd96bf1 BUG: 1369124 Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com> Reviewed-on: http://review.gluster.org/15253 Reviewed-by: Niels de Vos <ndevos@redhat.com> Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> 
http://review.gluster.org/14085 fixes a/the "leak" - via the
generated rpc/xdr headers - of pragmas that mask these warnings.

However 14085 won't pass the smoke test until all the warnings are
fixed.

Change-Id: I0e872a8025c3b1b5e2aa15d8fe66248e2fd96bf1
BUG: 1369124
Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com>
Reviewed-on: http://review.gluster.org/15253
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Smoke: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
all: reduce "inline" usage 2015-09-01T11:55:15+00:00 Jeff Darcy jdarcy@redhat.com 2015-07-28T16:11:12+00:00 0773ca67fdb60a142207759fa6c07a69882ce59c There are three kinds of inline functions: plain inline, extern inline, and static inline. All three have been removed from .c files, except those in "contrib" which aren't our problem. Inlines in .h files, which are overwhelmingly "static inline" already, have generally been left alone. Over time we should be able to "lower" these into .c files, but that has to be done in a case-by-case fashion requiring more manual effort. This part was easy to do automatically without (as far as I can tell) any ill effect. In the process, several pieces of dead code were flagged by the compiler, and were removed. Change-Id: I56a5e614735c9e0a6ee420dab949eac22e25c155 BUG: 1245331 Signed-off-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-on: http://review.gluster.org/11769 Tested-by: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Dan Lambright <dlambrig@redhat.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Reviewed-by: Niels de Vos <ndevos@redhat.com> Reviewed-by: Raghavendra Bhat <raghavendra@redhat.com> Reviewed-by: Venky Shankar <vshankar@redhat.com> 
There are three kinds of inline functions: plain inline, extern inline,
and static inline.  All three have been removed from .c files, except
those in "contrib" which aren't our problem.  Inlines in .h files, which
are overwhelmingly "static inline" already, have generally been left
alone.  Over time we should be able to "lower" these into .c files, but
that has to be done in a case-by-case fashion requiring more manual
effort.  This part was easy to do automatically without (as far as I can
tell) any ill effect.

In the process, several pieces of dead code were flagged by the
compiler, and were removed.

Change-Id: I56a5e614735c9e0a6ee420dab949eac22e25c155
BUG: 1245331
Signed-off-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-on: http://review.gluster.org/11769
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Dan Lambright <dlambrig@redhat.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Reviewed-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-by: Venky Shankar <vshankar@redhat.com>
nfs: refcount each auth_cache_entry and related data_t 2015-06-28T17:37:27+00:00 Niels de Vos ndevos@redhat.com 2015-05-31T14:27:44+00:00 7b51bd636fc5e5e1ae48a4e7cba48d0d20878d15 This makes sure that all the auth_cache_entry structures are only free'd when there is no reference to it anymore. When it is free'd, the associated data_t from the auth_cache->cache_dict gets unref'd too. Upon calling auth_cache_purge(), the auth_cache->cache_dict will free each auth_cache_entry in a secure way. Change-Id: If097cc11838e43599040f5414f82b30fc0fd40c6 BUG: 1226717 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/11023 Reviewed-by: Xavier Hernandez <xhernandez@datalab.es> Tested-by: Gluster Build System <jenkins@build.gluster.com> Tested-by: NetBSD Build System <jenkins@build.gluster.org> 
This makes sure that all the auth_cache_entry structures are only free'd
when there is no reference to it anymore. When it is free'd, the
associated data_t from the auth_cache->cache_dict gets unref'd too.

Upon calling auth_cache_purge(), the auth_cache->cache_dict will free
each auth_cache_entry in a secure way.

Change-Id: If097cc11838e43599040f5414f82b30fc0fd40c6
BUG: 1226717
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/11023
Reviewed-by: Xavier Hernandez <xhernandez@datalab.es>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
nfs: add a gf_lock_t for the auth_cache->cache_dict 2015-06-28T17:37:04+00:00 Niels de Vos ndevos@redhat.com 2015-05-31T12:39:51+00:00 67f7562b5cc9e42774d1dc569471f86f61eef040 This is the 1st step towards implementing reference counters for the auth_cache_entry structure. Access to the structures should always be done atomically, but this can not be guaranteed by the a dict. Change-Id: Ic165221d72f11832177976c989823d861cf12f01 BUG: 1226717 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/11021 Tested-by: NetBSD Build System <jenkins@build.gluster.org> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> 
This is the 1st step towards implementing reference counters for the
auth_cache_entry structure. Access to the structures should always be
done atomically, but this can not be guaranteed by the a dict.

Change-Id: Ic165221d72f11832177976c989823d861cf12f01
BUG: 1226717
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/11021
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
nfs: Authentication performance improvements 2015-06-16T12:15:03+00:00 Shreyas Siravara sshreyas@fb.com 2015-06-12T20:11:35+00:00 a9f58cd6cfc29a47af868fff29ce3133b9f9efe5 When file operations are sent to the NFS server, authorized filehandles are cached using the exportid, mountid, gfid and host as the key to the cache. This meant that any file OR directory will always fail on the *first* fop to that filehandle since the cache used the gfid as part of the key to the cache. However, if an export is authorized, this effectively means that ALL subdirectories and files in the export directory are authorized per the permissions of the export. This results slow times to walking a directory structure over an NFS mount. Change-Id: Iad811ad7255b454d1712e75a637478401d40791e BUG: 1232165 Signed-off-by: Shreyas Siravara <sshreyas@fb.com> Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/11245 Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> 
When file operations are sent to the NFS server, authorized filehandles
are cached using the exportid, mountid, gfid and host as the key to the
cache. This meant that any file OR directory will always fail on the
*first* fop to that filehandle since the cache used the gfid as part of
the key to the cache. However, if an export is authorized, this
effectively means that ALL subdirectories and files in the export
directory are authorized per the permissions of the export. This results
slow times to walking a directory structure over an NFS mount.

Change-Id: Iad811ad7255b454d1712e75a637478401d40791e
BUG: 1232165
Signed-off-by: Shreyas Siravara <sshreyas@fb.com>
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/11245
Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
nfs: allocate and return the hashkey for the auth_cache_entry 2015-06-03T19:50:56+00:00 Niels de Vos ndevos@redhat.com 2015-05-31T20:29:11+00:00 b8b59fea7822f9ab1e10d7a3f730354fe82a6097 The allocation of the hashkey was never returned to the calling function. Allocating it with alloca() puts it on the stack, returning from the function makes the pointer invalid. Functions that are annotated with "inline" and call alloca(), will not always be inlined. Returning a pointer allocated with alloca() is in those cases not correct. One such confirmation was provided by GCC developer Alexandre Oliva: - http://gcc.gnu.org/ml/gcc-help/2004-04/msg00158.html It is more correct to call GF_MALLOC() and GF_FREE() for the hashkey. If this would result in preformance hit, we can always think of using alloca() again and turn make_hashkey() into a macro (yuck). Change-Id: Ia86a1f79d33240af4713bfb92f702b0ee6e87eb7 BUG: 1226714 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/11019 Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> Reviewed-by: soumya k <skoduri@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> 
The allocation of the hashkey was never returned to the calling
function.

Allocating it with alloca() puts it on the stack, returning from the
function makes the pointer invalid. Functions that are annotated with
"inline" and call alloca(), will not always be inlined. Returning a
pointer allocated with alloca() is in those cases not correct. One such
confirmation was provided by GCC developer Alexandre Oliva:
 - http://gcc.gnu.org/ml/gcc-help/2004-04/msg00158.html

It is more correct to call GF_MALLOC() and GF_FREE() for the hashkey. If
this would result in preformance hit, we can always think of using
alloca() again and turn make_hashkey() into a macro (yuck).

Change-Id: Ia86a1f79d33240af4713bfb92f702b0ee6e87eb7
BUG: 1226714
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/11019
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
Reviewed-by: soumya k <skoduri@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
nfs: allocate the auth_cache->cache_dict on auth_cache_init() 2015-05-07T22:03:57+00:00 Niels de Vos ndevos@redhat.com 2015-05-06T08:28:56+00:00 eb8847703b8560a045e7ed0336f895bcceda98ea It seems possible that auth_cache->cache_dict is not always allocated before it is accessed. Instead of allocating the dict upon the 1st access, just create it in auth_cache_init(). Change-Id: I00e60522478b433cb0aae0c1f0948eac544dfd2b URL: http://thread.gmane.org/gmane.comp.file-systems.gluster.devel/10710 BUG: 1143880 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/10600 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> Tested-by: NetBSD Build System 
It seems possible that auth_cache->cache_dict is not always allocated
before it is accessed. Instead of allocating the dict upon the 1st
access, just create it in auth_cache_init().

Change-Id: I00e60522478b433cb0aae0c1f0948eac544dfd2b
URL: http://thread.gmane.org/gmane.comp.file-systems.gluster.devel/10710
BUG: 1143880
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/10600
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
Tested-by: NetBSD Build System