OpenAFS Master Repository branch, openafs-devel-1_7_x, updated. openafs-devel-1_7_4-7-g4a7457d

Gerrit Code Review
Thu, 22 Dec 2011 10:41:19 -0800 (PST)

The following commit has been merged in the openafs-devel-1_7_x branch:
commit 282173fc8b9a11f6931064feb110a27e3399f0ea
Author: Jeffrey Altman <>
Date:   Wed Dec 21 21:17:33 2011 -0500

    Windows: Use AuthGroups for extent request error reporting
    The afs redirector current tracks the most recent extent error
    in the File Control Block.  Prior to this patchset the error
    was returned to the requesting thread when the process Id matched
    the most recent Process to issue a request.  This approach resulted
    in a couple of problems.
     1. There are multiple threads that can issue an extent request
        on the same file at the same time representing different processes.
        Resetting the process Id with each new request could clear the
        error prior to its receipt.
     2. The failure may be due to inappropriate permissions.  Permissions
        are not associated with proceses but with Authentication Groups.
    This patchset makes several changes:
     1. It enables the afsd_service to track the active authgroup as
        part of the cm_user_t structure and associates that object with
        the BIOD object to ensure that the active authgroup can be
        reported to the afs redirector.
     2. It modifies the AFSExtentFailureCB structure to include the
        AuthGroup GUID.
     3. It tracks the AuthGroup GUID associated with the extent
        failure in the non-paged file control block.
     4. It converts all tests on Process Id to use AuthGroup instead.
     5. It alters the behavior of error delivery such that reported
        error is only cleared after it has been reported once to a
        thread using the matching AuthGroup.
    These changes make the situation better but not perfect as error
    states can still be lost.  However, it avoids the case most often
    seen in production where two processes (a end user process and an
    anti-malware process) are fighting over a file and the anti-malware
    process has no permission to access the file under its own credentials.
    Tested-by: BuildBot <>
    Reviewed-by: Peter Scott <>
    Reviewed-by: Jeffrey Altman <>
    Tested-by: Jeffrey Altman <>
    (cherry picked from commit b9ca435dcb5433218ecbb37ab41b85dabe0a5912)
    Change-Id: I3f32ffda5cc7091854488aba66a8549ea7470141
    Tested-by: BuildBot <>
    Reviewed-by: Jeffrey Altman <>
    Tested-by: Jeffrey Altman <>

 src/WINNT/afsd/cm_dcache.c                        |    4 +-
 src/WINNT/afsd/cm_dcache.h                        |    1 +
 src/WINNT/afsd/cm_user.h                          |    1 +
 src/WINNT/afsrdr/common/AFSRedirCommonStructs.h   |    2 +
 src/WINNT/afsrdr/common/AFSUserPrototypes.h       |    2 +-
 src/WINNT/afsrdr/common/AFSUserStructs.h          |    2 +
 src/WINNT/afsrdr/kernel/lib/AFSExtentsSupport.cpp |   85 +++++++++++++++------
 src/WINNT/afsrdr/kernel/lib/AFSRead.cpp           |    4 +-
 src/WINNT/afsrdr/kernel/lib/AFSWrite.cpp          |   15 ++--
 src/WINNT/afsrdr/kernel/lib/Include/AFSCommon.h   |    3 +-
 src/WINNT/afsrdr/user/RDRFunction.c               |   14 ++--
 src/WINNT/afsrdr/user/RDRInit.cpp                 |   46 +++++++++++-
 12 files changed, 136 insertions(+), 43 deletions(-)

OpenAFS Master Repository