The branch, v4-11-stable has been updated
via 9c32d5a99c1 VERSION: Disable GIT_SNAPSHOT for the 4.11.16 release.
via 578fed57f0b WHATSNEW: Add release notes for Samba 4.11.16.
via f5135703e5f s3: modules: vfs_glusterfs: Fix leak of char **lines
onto mem_ctx on return.
via 28db03fbe0e s3-vfs_glusterfs: refuse connection when write-behind
xlator is present
via f214862ef7a docs-xml/manpages: Add warning about write-behind
translator for vfs_glusterfs
via 4352c99b18f ctdb-common: Avoid aliasing errors during code
optimization
via 34af9efc6ba VERSION: Bump version up to 4.11.16.
via 31e26fe4b2e Merge tag 'samba-4.11.15' into v4-11-test
via 76c7e432b14 VERSION: Bump version up to 4.11.15...
from 1819097773a VERSION: Disable GIT_SNAPSHOT for the 4.11.15 release.
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-11-stable
- Log -----------------------------------------------------------------
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 75 ++++++++++++++++++++++++++++-
ctdb/common/system_socket.c | 31 ++++++------
docs-xml/manpages/vfs_glusterfs.8.xml | 22 +++++++++
source3/modules/vfs_glusterfs.c | 91 +++++++++++++++++++++++++++++++++++
5 files changed, 204 insertions(+), 17 deletions(-)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index ecef401fc0e..d9245529268 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=11
-SAMBA_VERSION_RELEASE=15
+SAMBA_VERSION_RELEASE=16
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 8869edcdc87..914e3cc3bf9 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,3 +1,75 @@
+ ===============================
+ Release Notes for Samba 4.11.16
+ November 04, 2020
+ ===============================
+
+
+This is an extraordinary release of the Samba 4.11 release series to address
the
+following issues:
+
+ o BUG 14537: ctdb-common: Avoid aliasing errors during code optimization.
+ o BUG 14486: vfs_glusterfs: Avoid data corruption with the write-behind
+ translator.
+
+
+=======
+Details
+=======
+
+The GlusterFS write-behind performance translator, when used with Samba, could
+be a source of data corruption. The translator, while processing a write call,
+immediately returns success but continues writing the data to the server in the
+background. This can cause data corruption when two clients relying on Samba to
+provide data consistency are operating on the same file.
+
+The write-behind translator is enabled by default on GlusterFS.
+The vfs_glusterfs plugin will check for the presence of the translator and
+refuse to connect if detected. Please disable the write-behind translator for
+the GlusterFS volume to allow the plugin to connect to the volume.
+
+
+Changes since 4.11.15
+---------------------
+
+o Jeremy Allison <j...@samba.org>
+ * BUG 14486: s3: modules: vfs_glusterfs: Fix leak of char
+ **lines onto mem_ctx on return.
+
+o Günther Deschner <g...@samba.org>
+ * BUG 14486: s3-vfs_glusterfs: Refuse connection when write-behind xlator is
+ present.
+
+o Amitay Isaacs <ami...@gmail.com>
+ * BUG 14537: ctdb-common: Avoid aliasing errors during code optimization.
+
+o Sachin Prabhu <spra...@redhat.com>
+ * BUG 14486: docs-xml/manpages: Add warning about write-behind translator
for
+ vfs_glusterfs.
+
+
+#######################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 4.1 and newer product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older releases follow:
+----------------------------------------
+
===============================
Release Notes for Samba 4.11.15
October 29, 2020
@@ -88,8 +160,7 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+----------------------------------------------------------------------
===============================
diff --git a/ctdb/common/system_socket.c b/ctdb/common/system_socket.c
index 86cbdaab6ad..39979d7252e 100644
--- a/ctdb/common/system_socket.c
+++ b/ctdb/common/system_socket.c
@@ -67,16 +67,19 @@
/*
uint16 checksum for n bytes
*/
-static uint32_t uint16_checksum(uint16_t *data, size_t n)
+static uint32_t uint16_checksum(uint8_t *data, size_t n)
{
uint32_t sum=0;
+ uint16_t value;
+
while (n>=2) {
- sum += (uint32_t)ntohs(*data);
- data++;
+ memcpy(&value, data, 2);
+ sum += (uint32_t)ntohs(value);
+ data += 2;
n -= 2;
}
if (n == 1) {
- sum += (uint32_t)ntohs(*(uint8_t *)data);
+ sum += (uint32_t)ntohs(*data);
}
return sum;
}
@@ -117,13 +120,13 @@ bool ctdb_sys_have_ip(ctdb_sock_addr *_addr)
/*
* simple TCP checksum - assumes data is multiple of 2 bytes long
*/
-static uint16_t ip_checksum(uint16_t *data, size_t n, struct ip *ip)
+static uint16_t ip_checksum(uint8_t *data, size_t n, struct ip *ip)
{
uint32_t sum = uint16_checksum(data, n);
uint16_t sum2;
- sum += uint16_checksum((uint16_t *)&ip->ip_src, sizeof(ip->ip_src));
- sum += uint16_checksum((uint16_t *)&ip->ip_dst, sizeof(ip->ip_dst));
+ sum += uint16_checksum((uint8_t *)&ip->ip_src, sizeof(ip->ip_src));
+ sum += uint16_checksum((uint8_t *)&ip->ip_dst, sizeof(ip->ip_dst));
sum += ip->ip_p + n;
sum = (sum & 0xFFFF) + (sum >> 16);
sum = (sum & 0xFFFF) + (sum >> 16);
@@ -135,22 +138,22 @@ static uint16_t ip_checksum(uint16_t *data, size_t n,
struct ip *ip)
return sum2;
}
-static uint16_t ip6_checksum(uint16_t *data, size_t n, struct ip6_hdr *ip6)
+static uint16_t ip6_checksum(uint8_t *data, size_t n, struct ip6_hdr *ip6)
{
uint16_t phdr[3];
uint32_t sum = 0;
uint16_t sum2;
uint32_t len;
- sum += uint16_checksum((uint16_t *)(void *)&ip6->ip6_src, 16);
- sum += uint16_checksum((uint16_t *)(void *)&ip6->ip6_dst, 16);
+ sum += uint16_checksum((uint8_t *)&ip6->ip6_src, 16);
+ sum += uint16_checksum((uint8_t *)&ip6->ip6_dst, 16);
len = htonl(n);
phdr[0] = len & UINT16_MAX;
phdr[1] = (len >> 16) & UINT16_MAX;
/* ip6_nxt is only 8 bits, so fits comfortably into a uint16_t */
phdr[2] = htons(ip6->ip6_nxt);
- sum += uint16_checksum(phdr, sizeof(phdr));
+ sum += uint16_checksum((uint8_t *)phdr, sizeof(phdr));
sum += uint16_checksum(data, n);
@@ -316,7 +319,7 @@ static int ip6_na_build(uint8_t *buffer,
sizeof(struct nd_opt_hdr));
memcpy(ea, hwaddr, ETH_ALEN);
- nd_na->nd_na_cksum = ip6_checksum((uint16_t *)nd_na,
+ nd_na->nd_na_cksum = ip6_checksum((uint8_t *)nd_na,
ntohs(ip6->ip6_plen),
ip6);
@@ -556,7 +559,7 @@ static int tcp4_build(uint8_t *buf,
ip4pkt->tcp.th_off = sizeof(ip4pkt->tcp)/sizeof(uint32_t);
/* this makes it easier to spot in a sniffer */
ip4pkt->tcp.th_win = htons(1234);
- ip4pkt->tcp.th_sum = ip_checksum((uint16_t *)&ip4pkt->tcp,
+ ip4pkt->tcp.th_sum = ip_checksum((uint8_t *)&ip4pkt->tcp,
sizeof(ip4pkt->tcp),
&ip4pkt->ip);
@@ -609,7 +612,7 @@ static int tcp6_build(uint8_t *buf,
ip6pkt->tcp.th_off = sizeof(ip6pkt->tcp)/sizeof(uint32_t);
/* this makes it easier to spot in a sniffer */
ip6pkt->tcp.th_win = htons(1234);
- ip6pkt->tcp.th_sum = ip6_checksum((uint16_t *)&ip6pkt->tcp,
+ ip6pkt->tcp.th_sum = ip6_checksum((uint8_t *)&ip6pkt->tcp,
sizeof(ip6pkt->tcp),
&ip6pkt->ip6);
diff --git a/docs-xml/manpages/vfs_glusterfs.8.xml
b/docs-xml/manpages/vfs_glusterfs.8.xml
index cf3b8e5e384..7a4da1af919 100644
--- a/docs-xml/manpages/vfs_glusterfs.8.xml
+++ b/docs-xml/manpages/vfs_glusterfs.8.xml
@@ -161,6 +161,28 @@
</refsect1>
+<refsect1>
+ <title>CAVEATS</title>
+
+ <para>
+ The GlusterFS write-behind performance translator, when used
+ with Samba, could be a source of data corruption. The
+ translator, while processing a write call, immediately returns
+ success but continues writing the data to the server in the
+ background. This can cause data corruption when two clients
+ relying on Samba to provide data consistency are operating on
+ the same file.
+ </para>
+ <para>
+ The write-behind translator is enabled by default on GlusterFS.
+ The vfs_glusterfs plugin will check for the presence of the
+ translator and refuse to connect if detected.
+ Please disable the write-behind translator for the GlusterFS
+ volume to allow the plugin to connect to the volume.
+ </para>
+</refsect1>
+
+
<refsect1>
<title>VERSION</title>
diff --git a/source3/modules/vfs_glusterfs.c b/source3/modules/vfs_glusterfs.c
index f23a8821add..747176ecebb 100644
--- a/source3/modules/vfs_glusterfs.c
+++ b/source3/modules/vfs_glusterfs.c
@@ -264,6 +264,92 @@ out:
/* Disk Operations */
+static int check_for_write_behind_translator(TALLOC_CTX *mem_ctx,
+ glfs_t *fs,
+ const char *volume)
+{
+ char *buf = NULL;
+ char **lines = NULL;
+ int numlines = 0;
+ int i;
+ char *option;
+ bool write_behind_present = false;
+ size_t newlen;
+ int ret;
+
+ ret = glfs_get_volfile(fs, NULL, 0);
+ if (ret == 0) {
+ DBG_ERR("%s: Failed to get volfile for "
+ "volume (%s): No volfile\n",
+ volume,
+ strerror(errno));
+ return -1;
+ }
+ if (ret > 0) {
+ DBG_ERR("%s: Invalid return %d for glfs_get_volfile for "
+ "volume (%s): No volfile\n",
+ volume,
+ ret,
+ strerror(errno));
+ return -1;
+ }
+
+ newlen = 0 - ret;
+
+ buf = talloc_zero_array(mem_ctx, char, newlen);
+ if (buf == NULL) {
+ return -1;
+ }
+
+ ret = glfs_get_volfile(fs, buf, newlen);
+ if (ret != newlen) {
+ TALLOC_FREE(buf);
+ DBG_ERR("%s: Failed to get volfile for volume (%s)\n",
+ volume, strerror(errno));
+ return -1;
+ }
+
+ option = talloc_asprintf(mem_ctx, "volume %s-write-behind", volume);
+ if (option == NULL) {
+ TALLOC_FREE(buf);
+ return -1;
+ }
+
+ lines = file_lines_parse(buf,
+ newlen,
+ &numlines,
+ mem_ctx);
+ if (lines == NULL || numlines <= 0) {
+ TALLOC_FREE(option);
+ TALLOC_FREE(buf);
+ return -1;
+ }
+
+ for (i=0; i < numlines; i++) {
+ if (strequal(lines[i], option)) {
+ write_behind_present = true;
+ break;
+ }
+ }
+
+ if (write_behind_present) {
+ DBG_ERR("Write behind translator is enabled for "
+ "volume (%s), refusing to connect! "
+ "Please check the vfs_glusterfs(8) manpage for "
+ "further details.\n",
+ volume);
+ TALLOC_FREE(lines);
+ TALLOC_FREE(option);
+ TALLOC_FREE(buf);
+ return -1;
+ }
+
+ TALLOC_FREE(lines);
+ TALLOC_FREE(option);
+ TALLOC_FREE(buf);
+ return 0;
+}
+
static int vfs_gluster_connect(struct vfs_handle_struct *handle,
const char *service,
const char *user)
@@ -348,6 +434,11 @@ static int vfs_gluster_connect(struct vfs_handle_struct
*handle,
goto done;
}
+ ret = check_for_write_behind_translator(tmp_ctx, fs, volume);
+ if (ret < 0) {
+ goto done;
+ }
+
ret = glfs_set_preopened(volume, handle->conn->connectpath, fs);
if (ret < 0) {
DEBUG(0, ("%s: Failed to register volume (%s)\n",
--
Samba Shared Repository
