glusterfs.git/xlators/system, branch v3.9.0rc2 system/posix-acl: Unwind with NULL xdata on error 2016-09-14T04:43:59+00:00 Pranith Kumar K pkarampu@redhat.com 2016-09-08T00:13:20+00:00 31629c943597ab1ae05948f7ad1051b53d7577ab In posix-acl when there are errors xdata that comes as part of input is used to unwind which can be used as response xdata which may lead to problems as the keys in the input will match with keys in the output but the values the response xdata may expect can be completely different. For example, we see that dht sends DHT_IATT_IN_XDATA_KEY in setxattr which will be unwound with the same key in the xdata-response which dht thinks is valid response and fills stbuf with invalid values leading to EIO > BUG: 1374093 > Change-Id: I6b77a1fa1ee99cb62e181e1db2e6fea73f6eaaa3 > Signed-off-by: Pranith Kumar K <pkarampu@redhat.com> > Reviewed-on: http://review.gluster.org/15421 > Smoke: Gluster Build System <jenkins@build.gluster.org> > NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> > CentOS-regression: Gluster Build System <jenkins@build.gluster.org> > Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> > Reviewed-by: Niels de Vos <ndevos@redhat.com> (cherry picked from commit c9271ff14d3efa8279cf67907548b3f43970d4fb) Change-Id: I6b77a1fa1ee99cb62e181e1db2e6fea73f6eaaa3 BUG: 1374639 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/15474 Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com> 
In posix-acl when there are errors xdata that comes as part of input is used to
unwind which can be used as response xdata which may lead to problems as the
keys in the input will match with keys in the output but the values the
response xdata may expect can be completely different.

For example, we see that dht sends DHT_IATT_IN_XDATA_KEY in setxattr
which will be unwound with the same key in the xdata-response which
dht thinks is valid response and fills stbuf with invalid values
leading to EIO

> BUG: 1374093
> Change-Id: I6b77a1fa1ee99cb62e181e1db2e6fea73f6eaaa3
> Signed-off-by: Pranith Kumar K <pkarampu@redhat.com>
> Reviewed-on: http://review.gluster.org/15421
> Smoke: Gluster Build System <jenkins@build.gluster.org>
> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
> CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
> Reviewed-by: Niels de Vos <ndevos@redhat.com>
(cherry picked from commit c9271ff14d3efa8279cf67907548b3f43970d4fb)

Change-Id: I6b77a1fa1ee99cb62e181e1db2e6fea73f6eaaa3
BUG: 1374639
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/15474
Smoke: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com>
__inode_ctx_put: fix mem leak on failure 2016-06-01T13:28:48+00:00 Prasanna Kumar Kalever prasanna.kalever@redhat.com 2016-05-23T09:01:51+00:00 a04eaf366779a0632e5b9cdd6d63de0eb62f7449 up on failure case __inode_ctx_put need to free the allocated memory Indirect leak of 104 byte(s) in 1 object(s) allocated from: #0 0x496669 in __interceptor_calloc (/usr/local/sbin/glusterfsd+0x496669) #1 0x7f8a288522f9 in __gf_calloc libglusterfs/src/mem-pool.c:117 #2 0x7f8a17235962 in __posix_acl_ctx_get xlators/system/posix-acl/src/posix-acl.c:308 Change-Id: I0ce6da3967c55931a70f77d8551ccf52e4cdfda3 BUG: 1338733 Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com> Reviewed-on: http://review.gluster.org/14505 Tested-by: Prasanna Kumar Kalever <pkalever@redhat.com> Smoke: Gluster Build System <jenkins@build.gluster.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Jeff Darcy <jdarcy@redhat.com> 
up on failure case __inode_ctx_put need to free the allocated memory

Indirect leak of 104 byte(s) in 1 object(s) allocated from:
    #0 0x496669 in __interceptor_calloc (/usr/local/sbin/glusterfsd+0x496669)
    #1 0x7f8a288522f9 in __gf_calloc libglusterfs/src/mem-pool.c:117
    #2 0x7f8a17235962 in __posix_acl_ctx_get xlators/system/posix-acl/src/posix-acl.c:308

Change-Id: I0ce6da3967c55931a70f77d8551ccf52e4cdfda3
BUG: 1338733
Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com>
Reviewed-on: http://review.gluster.org/14505
Tested-by: Prasanna Kumar Kalever <pkalever@redhat.com>
Smoke: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
posix_acl: create inode ctx for posix_acl_get 2016-04-11T15:37:36+00:00 vmallika vmallika@redhat.com 2016-04-11T10:14:16+00:00 65575da24088ba4602b94db649be12376b87484f Change-Id: Ibe5b00cd4b5d896133adc61f65094d783c492ed4 BUG: 1325822 Signed-off-by: vmallika <vmallika@redhat.com> Reviewed-on: http://review.gluster.org/13961 Smoke: Gluster Build System <jenkins@build.gluster.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Jeff Darcy <jdarcy@redhat.com> 
Change-Id: Ibe5b00cd4b5d896133adc61f65094d783c492ed4
BUG: 1325822
Signed-off-by: vmallika <vmallika@redhat.com>
Reviewed-on: http://review.gluster.org/13961
Smoke: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
posix_acl: skip acl_permits for special clients 2016-04-06T12:08:26+00:00 vmallika vmallika@redhat.com 2016-04-02T06:32:22+00:00 1546572b7d46c1aee906608140c843160a529937 Change-Id: I3f478b7e4ecab517200f50eb09f65a634c029437 BUG: 1320818 Signed-off-by: vmallika <vmallika@redhat.com> Reviewed-on: http://review.gluster.org/13894 Smoke: Gluster Build System <jenkins@build.gluster.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> CentOS-regression: Gluster Build System <jenkins@build.gluster.com> 
Change-Id: I3f478b7e4ecab517200f50eb09f65a634c029437
BUG: 1320818
Signed-off-by: vmallika <vmallika@redhat.com>
Reviewed-on: http://review.gluster.org/13894
Smoke: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
storage/posix: send proper iatt attributes for the root inode 2016-03-26T16:33:48+00:00 Raghavendra Bhat raghavendra@redhat.com 2016-03-14T19:10:17+00:00 06d50c1c00fe35c6bc2192a392b8a749984f3efc * changes in posix to send proper iatt attributes for the root directory when ancestry is built. Before posix was filling only the gfid and the inode type in the iatt structure keeping rest of the fields zeros. This was cached by posix-acl and used to send EACCES when some fops came on that object if the uid of the caller is same as the uid of the object on the disk. * getting and setting inode_ctx in function 'posix_acl_ctx_get' is not atomic and can lead to memory leak when there are multiple looups for an inode at same time. This patch fix this problem * Linking an inode in posix_build_ancestry, can cause a race in posix_acl. When parent inode is linked in posix_build_ancestry, and before it reaches posix_acl_readdirp_cbkc, reate/lookup can come on a leaf-inode, as parent-inode-ctx not yet updated in posix_acl_readdirp_cbk, create/lookup can fail with EACCESS. So do the inode linking in the quota xlator Change-Id: I3101eefb65551cc4162c4ff2963be1b73deacd6d BUG: 1320818 Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com> Reviewed-on: http://review.gluster.org/13730 Tested-by: Vijaikumar Mallikarjuna <vmallika@redhat.com> Smoke: Gluster Build System <jenkins@build.gluster.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Raghavendra G <rgowdapp@redhat.com> 
* changes in posix to send proper iatt attributes for the root directory
  when ancestry is built. Before posix was filling only the gfid and the
  inode type in the iatt structure keeping rest of the fields zeros. This
  was cached by posix-acl and used to send EACCES when some fops came on
  that object if the uid of the caller is same as the uid of the object on
  the disk.

* getting and setting inode_ctx in function 'posix_acl_ctx_get' is not atomic
  and can lead to memory leak when there are multiple looups for an
  inode at same time. This patch fix this problem

* Linking an inode in posix_build_ancestry, can cause a race in
  posix_acl.
  When parent inode is linked in posix_build_ancestry, and before
  it reaches posix_acl_readdirp_cbkc, reate/lookup can
  come on a leaf-inode, as parent-inode-ctx not yet updated
  in posix_acl_readdirp_cbk, create/lookup can fail
  with EACCESS. So do the inode linking in the quota xlator

Change-Id: I3101eefb65551cc4162c4ff2963be1b73deacd6d
BUG: 1320818
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-on: http://review.gluster.org/13730
Tested-by: Vijaikumar Mallikarjuna <vmallika@redhat.com>
Smoke: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
access-control : remove spurious error message from the posix_setxattr_cbk 2016-02-09T14:33:18+00:00 Jiffin Tony Thottan jthottan@gmail.com 2016-02-01T05:32:37+00:00 b72172f4516ff5627f15168213a54b171463803f A check for dictionary is required before calling handling_other_acl_related_xattr() in posix_setxattr_cbk(). Otherwise following message will be poped up on every settxattr call. [2016-01-31 17:38:48.027792] I [dict.c:473:dict_get] (-->/usr/lib/x86_64-linux-gnu/glusterfs/3.7.6/xlator/system/posix-acl.so (posix_acl_setxattr_cbk+0x26) [0x7f2334c5c166] --> /usr/lib/x86_64-linux-gnu/glusterfs/3.7.6/xlator/system/posix-acl.so (handling_other_acl_related_xattr+0xb0) [0x7f2334c5c0f0] -->/usr/lib/x86_64-linux-gnu/libglusterfs.so.0(dict_get+0x93) [0x7f233c04b0c3] ) 0-dict: !this || key=system.posix_acl_default [Invalid argument] Change-Id: I93f7e0f764c94dce38bdde95a68341f69a52122d BUG: 1303501 Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com> Reviewed-on: http://review.gluster.org/13325 Smoke: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> CentOS-regression: Gluster Build System <jenkins@build.gluster.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Jeff Darcy <jdarcy@redhat.com> 
A check for dictionary is required before calling handling_other_acl_related_xattr()
in posix_setxattr_cbk(). Otherwise following message will be poped up on every settxattr
call.

[2016-01-31 17:38:48.027792] I [dict.c:473:dict_get]
 (-->/usr/lib/x86_64-linux-gnu/glusterfs/3.7.6/xlator/system/posix-acl.so
(posix_acl_setxattr_cbk+0x26) [0x7f2334c5c166] -->
/usr/lib/x86_64-linux-gnu/glusterfs/3.7.6/xlator/system/posix-acl.so
(handling_other_acl_related_xattr+0xb0) [0x7f2334c5c0f0]
-->/usr/lib/x86_64-linux-gnu/libglusterfs.so.0(dict_get+0x93)
[0x7f233c04b0c3] ) 0-dict: !this ||
key=system.posix_acl_default [Invalid argument]

Change-Id: I93f7e0f764c94dce38bdde95a68341f69a52122d
BUG: 1303501
Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
Reviewed-on: http://review.gluster.org/13325
Smoke: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
build: export minimum symbols from xlators for correct resolution 2015-12-22T17:15:01+00:00 Kaleb S KEITHLEY kkeithle@redhat.com 2015-12-18T12:44:45+00:00 e62c0fe19b113d42db5e0f80fa7cbb82f2f88190 Revisiting http://review.gluster.org/#/c/11814/, which unintentionally introduced warnings from libtool about the xlator .so names. According to [1], the -module option must appear in the Makefile.am file(s); if -module is defined in a macro, e.g. in configure(.ac), then libtool will not recognize that this is a module and will emit a warning. [1] http://www.gnu.org/software/automake/manual/automake.html#Libtool-Modules Change-Id: Ifa5f9327d18d139597791c305aa10cc4410fb078 BUG: 1248669 Signed-off-by: Kaleb S KEITHLEY <kkeithle@redhat.com> Reviewed-on: http://review.gluster.org/13003 Tested-by: NetBSD Build System <jenkins@build.gluster.org> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: soumya k <skoduri@redhat.com> Reviewed-by: Niels de Vos <ndevos@redhat.com> 
Revisiting http://review.gluster.org/#/c/11814/, which unintentionally
introduced warnings from libtool about the xlator .so names.

According to [1], the -module option must appear in the Makefile.am
file(s); if -module is defined in a macro, e.g. in configure(.ac),
then libtool will not recognize that this is a module and will emit a
warning.

[1]
http://www.gnu.org/software/automake/manual/automake.html#Libtool-Modules

Change-Id: Ifa5f9327d18d139597791c305aa10cc4410fb078
BUG: 1248669
Signed-off-by: Kaleb S KEITHLEY <kkeithle@redhat.com>
Reviewed-on: http://review.gluster.org/13003
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: soumya k <skoduri@redhat.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
build: export minimum symbols from xlators for correct resolution 2015-09-24T14:37:42+00:00 Kaleb S. KEITHLEY kkeithle@redhat.com 2015-07-31T18:11:15+00:00 1d82db506d1cd5b20d14820d89033de2e4a14210 We've been lucky that we haven't had any symbol collisions until now. Now we have a collision between the snapview-client's svc_lookup() and libntirpc's svc_lookup() with nfs-ganesha's FSAL_GLUSTER and libgfapi. As a short term solution all the snapview-client's FOP methods were changed to static scope. See http://review.gluster.org/11805. This works in snapview-client because all the FOP methods are defined in a single source file. This solution doesn't work for other xlators with FOP methods defined in multiple source files. To address this we link with libtool's '-export-symbols $symbol-file' (a wrapper around `ld --version-script ...` --- on linux anyway) and only export the minimum required symbols from the xlator sharedlib. N.B. the libtool man page says that the symbol file should be named foo.sym, thus the rename of *.exports to *.sym. While foo.exports worked, we will follow the documentation. Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com> BUG: 1248669 Change-Id: I1de68b3e3be58ae690d8bfb2168bfc019983627c Reviewed-on: http://review.gluster.org/11814 Tested-by: NetBSD Build System <jenkins@build.gluster.org> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: soumya k <skoduri@redhat.com> Reviewed-by: Niels de Vos <ndevos@redhat.com> 
We've been lucky that we haven't had any symbol collisions until now.
Now we have a collision between the snapview-client's svc_lookup() and
libntirpc's svc_lookup() with nfs-ganesha's FSAL_GLUSTER and libgfapi.

As a short term solution all the snapview-client's FOP methods were
changed to static scope. See http://review.gluster.org/11805. This
works in snapview-client because all the FOP methods are defined in
a single source file. This solution doesn't work for other xlators
with FOP methods defined in multiple source files.

To address this we link with libtool's '-export-symbols $symbol-file'
(a wrapper around `ld --version-script ...` --- on linux anyway) and
only export the minimum required symbols from the xlator sharedlib.

N.B. the libtool man page says that the symbol file should be named
foo.sym, thus the rename of *.exports to *.sym. While foo.exports
worked, we will follow the documentation.

Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com>
BUG: 1248669
Change-Id: I1de68b3e3be58ae690d8bfb2168bfc019983627c
Reviewed-on: http://review.gluster.org/11814
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: soumya k <skoduri@redhat.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
dict: dict_set_bin() should never free the pointer on error 2015-07-24T15:09:08+00:00 Niels de Vos ndevos@redhat.com 2015-07-12T10:29:12+00:00 2d2d1fbb201ea81a54d9c9aef28345cb259eb141 dict_set_bin() is handling the pointer that it passed inconsistently. Depending on the errors that can occur, the pointer passed to the dict can be free'd, but there is no guarantee. It is cleaner to have the caller free the pointer that allocated it and dict_set_bin() returned an error. When dict_set_bin() returned success, the given pointer will be free'd when dict_unref() calls data_destroy(). Many callers of dict_set_bin() already take care of free'ing the pointer on error. The ones that did not, are corrected with this change too. Change-Id: I39a4f7ebc0cae6d403baba99307d7ce408f25966 BUG: 1242280 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/11638 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> Reviewed-by: Raghavendra G <rgowdapp@redhat.com> Tested-by: NetBSD Build System <jenkins@build.gluster.org> 
dict_set_bin() is handling the pointer that it passed inconsistently.
Depending on the errors that can occur, the pointer passed to the dict
can be free'd, but there is no guarantee.

It is cleaner to have the caller free the pointer that allocated it and
dict_set_bin() returned an error. When dict_set_bin() returned success,
the given pointer will be free'd when dict_unref() calls data_destroy().

Many callers of dict_set_bin() already take care of free'ing the pointer
on error. The ones that did not, are corrected with this change too.

Change-Id: I39a4f7ebc0cae6d403baba99307d7ce408f25966
BUG: 1242280
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/11638
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
access_control : avoid double unrefing of acl variable in its context. 2015-07-12T10:57:15+00:00 Jiffin Tony Thottan jthottan@redhat.com 2015-07-11T10:17:18+00:00 7f21238bb918a9b6eefcff5d76516a92a9271ae2 In handling_other_acl_related_xattr(), acl variable is unrefered twice after updating the context of access_control translator.So the acl variable stored in the inmemory context will become invalid one. When the variable accessed again , it will result in brick crash. This patch fixes the same. Change-Id: Ib95d2e3d67b0fb20d201244a206379d6261aeb23 BUG: 1242041 Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com> Reviewed-on: http://review.gluster.org/11632 Tested-by: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Niels de Vos <ndevos@redhat.com> Reviewed-by: soumya k <skoduri@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> 
In handling_other_acl_related_xattr(), acl variable is unrefered twice
after updating the context of access_control translator.So the acl variable
stored in the inmemory context will become invalid one. When the variable
accessed again , it will result in brick crash. This patch fixes the same.

Change-Id: Ib95d2e3d67b0fb20d201244a206379d6261aeb23
BUG: 1242041
Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
Reviewed-on: http://review.gluster.org/11632
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Reviewed-by: soumya k <skoduri@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>