glusterfs.git, branch v3.6.1 GlusterFS is a distributed file-system capable of scaling to several petabytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. api: versioned symbols in libgfapi.so for compatibility 2014-11-07T10:17:56+00:00 Kaleb S. KEITHLEY kkeithle@redhat.com 2014-11-05T15:26:46+00:00 1ffdf112f707a13c9fd74bbf17f99d28f84f0f0c Use versioned symbols to keep libgfapi at libgfapi.so.0.0.0 Some nits uncovered: + there are a couple functions declared that do not have an associated definition, e.g. glfs_truncate(), glfs_caller_specific_init() + there are seven private/internal functions used by heal/src/glfsheal and the gfapi master xlator (glfs-master.c): glfs_loc_touchup(), glfs_active_subvol(), and glfs_subvol_done(), glfs_init_done(), glfs_resolve_at(), glfs_free_from_ctx(), and glfs_new_from_ctx(); which are not declared in glfs.h; + for this initial pass at versioned symbols, we use the earliest version of all public symbols, i.e. those for which there are declarations in glfs.h or glfs-handles.h. Further investigation as we do backports to 3.6, 3.4, and 3.4 will be required to determine if older implementations need to be preserved (forward ported) and their associated alias(es) and symbol version(s) defined. FWIW, we should consider linking all of our libraries with a map, it'll result in a cleaner ABI. Perhaps something for an intern to do or a Google Summer of Code project. Change-Id: Ie3323e62bb125a3b26214153278b4e998804de0e BUG: 1160710 Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com> Reviewed-on: http://review.gluster.org/9055 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Niels de Vos <ndevos@redhat.com> Tested-by: Niels de Vos <ndevos@redhat.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com> 
Use versioned symbols to keep libgfapi at libgfapi.so.0.0.0

Some nits uncovered:

+ there are a couple functions declared that do not have an
  associated definition, e.g. glfs_truncate(), glfs_caller_specific_init()

+ there are seven private/internal functions used by heal/src/glfsheal
  and the gfapi master xlator (glfs-master.c): glfs_loc_touchup(),
  glfs_active_subvol(), and glfs_subvol_done(), glfs_init_done(),
  glfs_resolve_at(), glfs_free_from_ctx(), and glfs_new_from_ctx();
  which are not declared in glfs.h;

+ for this initial pass at versioned symbols, we use the earliest version
  of all public symbols, i.e. those for which there are declarations in
  glfs.h or glfs-handles.h.
  Further investigation as we do backports to 3.6, 3.4, and 3.4
  will be required to determine if older implementations need to
  be preserved (forward ported) and their associated alias(es) and
  symbol version(s) defined.

FWIW, we should consider linking all of our libraries with a map, it'll
result in a cleaner ABI. Perhaps something for an intern to do or a
Google Summer of Code project.

Change-Id: Ie3323e62bb125a3b26214153278b4e998804de0e
BUG: 1160710
Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com>
Reviewed-on: http://review.gluster.org/9055
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Tested-by: Niels de Vos <ndevos@redhat.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
doc: Release Notes for GlusterFS 3.6.0 2014-10-31T13:09:55+00:00 Vijay Bellur vbellur@redhat.com 2014-10-28T17:54:47+00:00 3867bdb496b9a34ab3db06c151e822aa9379b3e9 Signed-off-by: Niels de Vos <ndevos@redhat.com> Signed-off-by: Venky Shankar <vshankar@redhat.com> Signed-off-by: Vijay Bellur <vbellur@redhat.com> Signed-off by: Emmanuel Dreyfus <manu@netbsd.org> Signed-off by: Kaushal Madappa <kmadapp@redhat.com> Signed-off by: Krishnan Parthasarathi <kparthas@redhat.com> Signed-off by: Xavier Hernandez <xhernandez@datalab.es> Signed-off by: Harshavardhana <harsha@harshavardhana.net> Signed-off-by: Ravishankar N <ravishankar@redhat.com> Change-Id: I9973f70eedabf408c452d4018d7521e8b59fb4a7 Reviewed-on: http://review.gluster.org/8993 Reviewed-by: Vijay Bellur <vbellur@redhat.com> Tested-by: Vijay Bellur <vbellur@redhat.com> 
Signed-off-by: Niels de Vos  <ndevos@redhat.com>
Signed-off-by: Venky Shankar <vshankar@redhat.com>
Signed-off-by: Vijay Bellur  <vbellur@redhat.com>
Signed-off by: Emmanuel Dreyfus <manu@netbsd.org>
Signed-off by: Kaushal Madappa <kmadapp@redhat.com>
Signed-off by: Krishnan Parthasarathi <kparthas@redhat.com>
Signed-off by: Xavier Hernandez <xhernandez@datalab.es>
Signed-off by: Harshavardhana <harsha@harshavardhana.net>
Signed-off-by: Ravishankar N <ravishankar@redhat.com>

Change-Id: I9973f70eedabf408c452d4018d7521e8b59fb4a7
Reviewed-on: http://review.gluster.org/8993
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Tested-by: Vijay Bellur <vbellur@redhat.com>
cluster/afr: Perform post-op in entry selfheal inside locks 2014-10-31T13:09:28+00:00 Krutika Dhananjay kdhananj@redhat.com 2014-10-31T07:21:15+00:00 e80bfe76b89ae3f40b3258a4ac388f18a0b53034 Backport of: http://review.gluster.org/#/c/9020 Take entrylks in xlator domain before doing post-op (undo-pending) in entry self-heal. This is to prevent a parallel name self-heal on an entry under @fd->inode from reading pending xattrs while it is being modified by SHD after entry sh below, given that name self-heal takes locks ONLY in xlator domain and is free to read pending changelog in the absence of the following locking. Change-Id: I0bc92978efc0741d6e3f2439540d008e31472313 BUG: 1136821 Signed-off-by: Krutika Dhananjay <kdhananj@redhat.com> Reviewed-on: http://review.gluster.org/9030 Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com> Tested-by: Pranith Kumar Karampuri <pkarampu@redhat.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com> Tested-by: Vijay Bellur <vbellur@redhat.com> 
        Backport of: http://review.gluster.org/#/c/9020

Take entrylks in xlator domain before doing post-op (undo-pending) in
entry self-heal. This is to prevent a parallel name self-heal on
an entry under @fd->inode from reading pending xattrs while it is
being modified by SHD after entry sh below, given that
name self-heal takes locks ONLY in xlator domain and is free to read
pending changelog in the absence of the following locking.

Change-Id: I0bc92978efc0741d6e3f2439540d008e31472313
BUG: 1136821
Signed-off-by: Krutika Dhananjay <kdhananj@redhat.com>
Reviewed-on: http://review.gluster.org/9030
Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com>
Tested-by: Pranith Kumar Karampuri <pkarampu@redhat.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Tested-by: Vijay Bellur <vbellur@redhat.com>
features/snapview-server: verify the fs instance in revalidated lookups as well 2014-10-30T18:39:59+00:00 Raghavendra Bhat raghavendra@redhat.com 2014-10-29T12:17:48+00:00 c2326236e9bac86abe1131d34b018c7d5a87813f Change-Id: I691635e60aba72642c3c79d7da472884f1228301 BUG: 1158791 Reviewed-on: http://review.gluster.org/9008 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com> 
Change-Id: I691635e60aba72642c3c79d7da472884f1228301
BUG: 1158791
Reviewed-on: http://review.gluster.org/9008
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
features/snapview-server: check if the reference to the snapshot world is correct before doing any fop 2014-10-30T18:39:15+00:00 Raghavendra Bhat raghavendra@redhat.com 2014-10-09T12:02:48+00:00 2ebb417e7558a35990b7c2784d25fe38ea975d0e The following operations might lead to problems: * Create a file on the glusterfs mount point * Create a snapshot (say "snap1") * Access the contents of the snapshot * Delete the file from the mount point * Delete the snapshot "snap1" * Create a new snapshot "snap1" Now accessing the new snapshot "snap1" gives problems. Because the inode and dentry created for snap1 would not be deleted upon the deletion of the snapshot (as deletion of snapshot is a gluster cli operation, not a fop). So next time upon creation of a new snap with same name, the previous inode and dentry itself will be used. But the inode context contains old information about the glfs_t instance and the handle in the gfapi world. Directly accessing them without proper check leads to ENOTCONN errors. Thus the glfs_t instance should be checked before accessing. If its wrong, then right instance should be obtained by doing the lookup. Change-Id: I975245b8f6b7fea0a90eb5e36e8149d12457ac10 BUG: 1158791 Reviewed-on: http://review.gluster.org/9007 Reviewed-by: Vijay Bellur <vbellur@redhat.com> Tested-by: Vijay Bellur <vbellur@redhat.com> 
The following operations might lead to problems:
* Create a file on the glusterfs mount point
* Create a snapshot (say "snap1")
* Access the contents of the snapshot
* Delete the file from the mount point
* Delete the snapshot "snap1"
* Create a new snapshot "snap1"

Now accessing the new snapshot "snap1" gives problems. Because the inode and
dentry created for snap1 would not be deleted upon the deletion of the snapshot
(as deletion of snapshot is a gluster cli operation, not a fop). So next time
upon creation of a new snap with same name, the previous inode and dentry itself
will be used. But the inode context contains old information about the glfs_t
instance and the handle in the gfapi world. Directly accessing them without
proper check leads to ENOTCONN errors. Thus the glfs_t instance should be
checked before accessing. If its wrong, then right instance should be obtained
by doing the lookup.

Change-Id: I975245b8f6b7fea0a90eb5e36e8149d12457ac10
BUG: 1158791
Reviewed-on: http://review.gluster.org/9007
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Tested-by: Vijay Bellur <vbellur@redhat.com>
logrotate: gluster logrotate config should not be global 2014-10-30T08:54:07+00:00 Lalatendu Mohanty lmohanty@redhat.com 2014-10-29T19:35:59+00:00 b7a7f54e626023f1a31d89e69270b2a231b71477 Issue : Previously glusterfs logrotate config file pollutes global config. So moved the directives inside the curly braces, so they don't pollute the global config state. Change-Id: I8836893dfcdf457d9c5d766612d687bfce64e2ae BUG: 1158456 "Signed-off-by: Lalatendu Mohanty <lmohanty@redhat.com>" "Reviewed-on: http://review.gluster.org/8994" "Reviewed-by: Niels de Vos <ndevos@redhat.com>" "Tested-by: Gluster Build System <jenkins@build.gluster.com>" (cherry picked from commit a5d73daabf6df95bc73b186d92f3e2d1239a6f8a) Signed-off-by: Lalatendu Mohanty <lmohanty@redhat.com> Reviewed-on: http://review.gluster.org/9000 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com> 
Issue : Previously glusterfs logrotate config file pollutes
global config. So moved the directives inside the curly braces,
 so they don't pollute the global config state.

Change-Id: I8836893dfcdf457d9c5d766612d687bfce64e2ae
BUG: 1158456
"Signed-off-by: Lalatendu Mohanty <lmohanty@redhat.com>"
"Reviewed-on: http://review.gluster.org/8994"
"Reviewed-by: Niels de Vos <ndevos@redhat.com>"
"Tested-by: Gluster Build System <jenkins@build.gluster.com>"
(cherry picked from commit a5d73daabf6df95bc73b186d92f3e2d1239a6f8a)
Signed-off-by: Lalatendu Mohanty <lmohanty@redhat.com>
Reviewed-on: http://review.gluster.org/9000
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
socket: disallow CBC cipher modes 2014-10-29T11:37:55+00:00 Jeff Darcy jdarcy@redhat.com 2014-10-21T20:54:48+00:00 ab017cabfb547f423fd0d9702865edcb91b58c53 This is related to CVE-2014-3566 a.k.a. POODLE. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566 POODLE is specific to CBC cipher modes in SSLv3. Because there is no way to prevent SSLv3 fallback on a system with an unpatched version of OpenSSL, users of such systems can only be protected by disallowing CBC modes. The default cipher-mode specification in our code has been changed accordingly. Users can still set their own cipher modes if they wish. To support them, the ssl-authz.t test script provides an example of how to combine the CBC exclusion with other criteria in a script. Change-Id: Ib1fa547082fbb7de9df94ffd182b1800d6e354e5 BUG: 1157659 Signed-off-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-on: http://review.gluster.org/8962 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com> Reviewed-on: http://review.gluster.org/8987 Reviewed-by: Niels de Vos <ndevos@redhat.com> Tested-by: Niels de Vos <ndevos@redhat.com> 
This is related to CVE-2014-3566 a.k.a. POODLE.

	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3566

POODLE is specific to CBC cipher modes in SSLv3.  Because there is no
way to prevent SSLv3 fallback on a system with an unpatched version of
OpenSSL, users of such systems can only be protected by disallowing CBC
modes.  The default cipher-mode specification in our code has been
changed accordingly.  Users can still set their own cipher modes if they
wish.  To support them, the ssl-authz.t test script provides an example
of how to combine the CBC exclusion with other criteria in a script.

Change-Id: Ib1fa547082fbb7de9df94ffd182b1800d6e354e5
BUG: 1157659
Signed-off-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-on: http://review.gluster.org/8962
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Reviewed-on: http://review.gluster.org/8987
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Tested-by: Niels de Vos <ndevos@redhat.com>
Avoid spurious EINVAL in posix_readdir() 2014-10-29T09:26:56+00:00 Emmanuel Dreyfus manu@netbsd.org 2014-10-15T12:09:16+00:00 190f43f1818e097a4e4f041c4f56516b067632f0 On non Linux systems, we check that seekdir() succeeds and we return EINVAL if it does not. We need this to avoid infinite loops if some other component in GlusterFS makes an invalid seekdir() usage. This was introduced in this change: http://review.gluster.org/#/c/8760/ But seekdir() also fails when using the offset returned for the last entry, and this is expected behavior. As a result, the seekdir() test produces a spurious EINVAL when reaching end of directory. That error is not propagated to calling process, but it may harm internal GlusterFS processing. At least it produce a spurious error message in brick's log. We fix the problem by remembering the last entry offset in fd private data. When a new posix_readdir() invocation requests that offset, we avoid returning EINVAL. Backport of I4e67a2ea46538aae63eea663dd4aa33b16ad24c7 BUG: 1138897 Change-Id: I4e98294d157f67ae1a1f0ece1562c77d1219da40 Signed-off-by: Emmanuel Dreyfus <manu@netbsd.org> Reviewed-on: http://review.gluster.org/8933 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com> 
On non Linux systems, we check that seekdir() succeeds and we return
EINVAL if it does not. We need this to avoid infinite loops if some
other component in GlusterFS makes an invalid seekdir() usage. This
was introduced in this change: http://review.gluster.org/#/c/8760/

But seekdir() also fails when using the offset returned for the
last entry, and this is expected behavior. As a result, the seekdir()
test produces a spurious EINVAL when reaching end of directory. That
error is not propagated to calling process, but it may harm internal
GlusterFS processing. At least it produce a spurious error message
in brick's log.

We fix the problem by remembering the last entry offset in fd private
data. When a new posix_readdir() invocation requests that offset,
we avoid returning EINVAL.

Backport of I4e67a2ea46538aae63eea663dd4aa33b16ad24c7

BUG: 1138897
Change-Id: I4e98294d157f67ae1a1f0ece1562c77d1219da40
Signed-off-by: Emmanuel Dreyfus <manu@netbsd.org>
Reviewed-on: http://review.gluster.org/8933
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Hooks : Infinite while loop introduced by another change. 2014-10-28T10:21:28+00:00 Meghana Madhusudhan mmadhusu@redhat.com 2014-10-21T14:20:29+00:00 bf6196b876e487c8a37e148b92721f0d85bcfd43 A change made to all the hook scripts introduced an infinite while loop in the script S31ganesha-reset.sh. It resulted in 100% CPU usage by this script. Change-Id: I8133c92d46616b6534fc88158d6dbfca49875f4a BUG: 1157374 Reviewed-on: http://review.gluster.org/8974 Reviewed-by: Raghavendra Talur <rtalur@redhat.com> Reviewed-by: soumya k <skoduri@redhat.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com> Tested-by: Vijay Bellur <vbellur@redhat.com> 
A change made to all the hook scripts introduced an
infinite while loop in the script S31ganesha-reset.sh.
It resulted in 100% CPU usage by this script.

Change-Id: I8133c92d46616b6534fc88158d6dbfca49875f4a
BUG: 1157374
Reviewed-on: http://review.gluster.org/8974
Reviewed-by: Raghavendra Talur <rtalur@redhat.com>
Reviewed-by: soumya k <skoduri@redhat.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Tested-by: Vijay Bellur <vbellur@redhat.com>
ec: Correctly handle xtime extended attribute 2014-10-28T08:40:02+00:00 Xavier Hernandez xhernandez@datalab.es 2014-10-24T13:03:12+00:00 5e9e6c1cc6933c886c8f8334ccee0cc76eb2fcb5 Change-Id: I2bd34f063d6bf1835d5ae57a8e9aa03f3ec3deb3 BUG: 1156405 Signed-off-by: Xavier Hernandez <xhernandez@datalab.es> Reviewed-on: http://review.gluster.org/8976 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Dan Lambright <dlambrig@redhat.com> 
Change-Id: I2bd34f063d6bf1835d5ae57a8e9aa03f3ec3deb3
BUG: 1156405
Signed-off-by: Xavier Hernandez <xhernandez@datalab.es>
Reviewed-on: http://review.gluster.org/8976
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Dan Lambright <dlambrig@redhat.com>