From: Fabian Grünbichler Date: Wed, 22 May 2019 13:37:24 +0000 (+0200) Subject: add patches for Corosync 3.x X-Git-Url: https://git.proxmox.com/?p=corosync-pve.git;a=commitdiff_plain;h=9d5f2a67c77ad9ffa979fb1d3d619df9198e5615 add patches for Corosync 3.x some minor cherry-picks, and two big series: - crypto compatibility for upgrading from Corosync 2.x - cpg callback merging for joinlists Signed-off-by: Fabian Grünbichler --- diff --git a/patches/0005-cfgtool-Improve-link-status-display.patch b/patches/0005-cfgtool-Improve-link-status-display.patch new file mode 100644 index 0000000..d6782f7 --- /dev/null +++ b/patches/0005-cfgtool-Improve-link-status-display.patch @@ -0,0 +1,166 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= +Date: Wed, 22 May 2019 12:24:45 +0200 +Subject: [PATCH] cfgtool: Improve link status display +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry-picked from upstream master + +Signed-off-by: Fabian Grünbichler +--- + .../cfgtool-Improve-link-status-display.patch | 134 ++++++++++++++++++ + debian/patches/series | 1 + + 2 files changed, 135 insertions(+) + create mode 100644 debian/patches/cfgtool-Improve-link-status-display.patch + +diff --git a/debian/patches/cfgtool-Improve-link-status-display.patch b/debian/patches/cfgtool-Improve-link-status-display.patch +new file mode 100644 +index 00000000..93ee9937 +--- /dev/null ++++ b/debian/patches/cfgtool-Improve-link-status-display.patch +@@ -0,0 +1,134 @@ ++From: Christine Caulfield ++Date: Tue, 22 Jan 2019 10:06:29 +0000 ++Subject: cfgtool: Improve link status display ++ ++Now show the nodeids properly, rather than node indexes which were ++annoying and unhelpful. ++ ++Signed-off-by: Christine Caulfield ++Reviewed-by: Jan Friesse ++(cherry picked from commit c0d14485c3ebdeb2332f7c48acd155163e5b7fc1) ++--- ++ tools/Makefile.am | 2 +- ++ tools/corosync-cfgtool.c | 56 ++++++++++++++++++++++++++++++++++++++++++++++-- ++ 2 files changed, 55 insertions(+), 3 deletions(-) ++ ++diff --git a/tools/Makefile.am b/tools/Makefile.am ++index 7a9ab04..0793884 100644 ++--- a/tools/Makefile.am +++++ b/tools/Makefile.am ++@@ -58,7 +58,7 @@ corosync-blackbox: corosync-blackbox.sh ++ ++ corosync_cmapctl_LDADD = $(LIBQB_LIBS) $(top_builddir)/lib/libcmap.la ++ ++-corosync_cfgtool_LDADD = $(LIBQB_LIBS) $(top_builddir)/lib/libcfg.la +++corosync_cfgtool_LDADD = $(LIBQB_LIBS) $(top_builddir)/lib/libcfg.la $(top_builddir)/lib/libcmap.la ++ ++ corosync_cpgtool_LDADD = $(LIBQB_LIBS) $(top_builddir)/lib/libcfg.la \ ++ $(top_builddir)/lib/libcpg.la ++diff --git a/tools/corosync-cfgtool.c b/tools/corosync-cfgtool.c ++index c138085..ed29694 100644 ++--- a/tools/corosync-cfgtool.c +++++ b/tools/corosync-cfgtool.c ++@@ -50,6 +50,7 @@ ++ #include ++ #include ++ #include +++#include ++ ++ #define cs_repeat(result, max, code) \ ++ do { \ ++@@ -75,16 +76,33 @@ enum user_action { ++ ACTION_KILL_NODE, ++ }; ++ +++static int node_compare(const void *aptr, const void *bptr) +++{ +++ uint32_t a,b; +++ +++ a = *(uint32_t *)aptr; +++ b = *(uint32_t *)bptr; +++ +++ return a > b; +++} +++ ++ static int ++ linkstatusget_do (char *interface_name, int brief) ++ { ++ cs_error_t result; ++ corosync_cfg_handle_t handle; +++ cmap_handle_t cmap_handle; ++ unsigned int interface_count; ++ char **interface_names; ++ char **interface_status; +++ uint32_t nodeid_list[KNET_MAX_HOST]; +++ char iter_key[CMAP_KEYNAME_MAXLEN]; ++ unsigned int i; +++ cmap_iter_handle_t iter; ++ unsigned int nodeid; +++ unsigned int node_pos; +++ cmap_value_types_t type; +++ size_t value_len; ++ int rc = 0; ++ int len, s = 0, t; ++ ++@@ -95,6 +113,37 @@ linkstatusget_do (char *interface_name, int brief) ++ exit (1); ++ } ++ +++ result = cmap_initialize (&cmap_handle); +++ if (result != CS_OK) { +++ printf ("Could not initialize corosync cmap API error %d\n", result); +++ exit (1); +++ } +++ /* Get a list of nodes. We do it this way rather than using votequorum as cfgtool +++ * needs to be independent of quorum type +++ */ +++ result = cmap_iter_init(cmap_handle, "nodelist.node.", &iter); +++ if (result != CS_OK) { +++ printf ("Could not get nodelist from cmap. error %d\n", result); +++ exit (1); +++ } +++ +++ while ((cmap_iter_next(cmap_handle, iter, iter_key, &value_len, &type)) == CS_OK) { +++ result = sscanf(iter_key, "nodelist.node.%u.nodeid", &node_pos); +++ if (result != 1) { +++ continue; +++ } +++ if (cmap_get_uint32(cmap_handle, iter_key, &nodeid) == CS_OK) { +++ nodeid_list[s++] = nodeid; +++ } +++ } +++ +++ /* totemknet returns nodes in nodeid order - even though it doesn't tell us +++ what the nodeid is. So sort our node list and we can then look up +++ knet node pos to get an actual nodeid. +++ Yep, I really should have totally rewritten the cfg interface for this. +++ */ +++ qsort(nodeid_list, s, sizeof(uint32_t), node_compare); +++ ++ result = corosync_cfg_local_get(handle, &nodeid); ++ if (result != CS_OK) { ++ printf ("Could not get the local node id, the error is: %d\n", result); ++@@ -134,9 +183,11 @@ linkstatusget_do (char *interface_name, int brief) ++ (!strstr(interface_status[i], "FAULTY"))) { ++ len = strlen(interface_status[i]); ++ printf ("\tstatus:\n"); ++- while(s < len) { +++ while (s < len) { +++ nodeid = nodeid_list[s]; ++ t = interface_status[i][s] - '0'; ++- printf("\t\tnode %d:\t", s++); +++ s++; +++ printf("\t\tnodeid %2d:\t", nodeid); ++ printf("link enabled:%d\t", t&1? 1 : 0); ++ printf("link connected:%d\n", t&2? 1: 0); ++ } ++@@ -157,6 +208,7 @@ linkstatusget_do (char *interface_name, int brief) ++ free(interface_names); ++ } ++ +++ (void)cmap_finalize (cmap_handle); ++ (void)corosync_cfg_finalize (handle); ++ return rc; ++ } +diff --git a/debian/patches/series b/debian/patches/series +index fcba2944..32007175 100644 +--- a/debian/patches/series ++++ b/debian/patches/series +@@ -6,3 +6,4 @@ AC_PROG_SED-is-already-present.patch + Use-the-SED-variable-provided-by-configure.patch + Use-the-AWK-variable-provided-by-configure.patch + pve__only-start-corosync.service-if-conf-exists.patch ++cfgtool-Improve-link-status-display.patch diff --git a/patches/0006-Revert-init-Enable-StopWhenUnneeded.patch b/patches/0006-Revert-init-Enable-StopWhenUnneeded.patch new file mode 100644 index 0000000..2d06245 --- /dev/null +++ b/patches/0006-Revert-init-Enable-StopWhenUnneeded.patch @@ -0,0 +1,63 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= +Date: Wed, 22 May 2019 12:25:28 +0200 +Subject: [PATCH] Revert "init: Enable StopWhenUnneeded" +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry-picked from upstream master + +Signed-off-by: Fabian Grünbichler +--- + .../Revert-init-Enable-StopWhenUnneeded.patch | 31 +++++++++++++++++++ + debian/patches/series | 1 + + 2 files changed, 32 insertions(+) + create mode 100644 debian/patches/Revert-init-Enable-StopWhenUnneeded.patch + +diff --git a/debian/patches/Revert-init-Enable-StopWhenUnneeded.patch b/debian/patches/Revert-init-Enable-StopWhenUnneeded.patch +new file mode 100644 +index 00000000..8b7f240c +--- /dev/null ++++ b/debian/patches/Revert-init-Enable-StopWhenUnneeded.patch +@@ -0,0 +1,31 @@ ++From: Jan Friesse ++Date: Thu, 4 Apr 2019 11:40:19 +0200 ++Subject: Revert "init: Enable StopWhenUnneeded" ++ ++This reverts commit 03d9321bc80887d4578744c26c05d61e2d9d4278. ++ ++Reverted because when corosync service is not enabled and corosync ++is executed by "systemctl start corosync" it is then immediately ++shutdown because of "Unit not needed anymore. Stopping.". ++ ++This is really not expected behavior. ++ ++Signed-off-by: Jan Friesse ++Reviewed-by: Christine Caulfield ++(cherry picked from commit 527e30a8d050c077d8adff2a5aa77d9b683a8f28) ++--- ++ init/corosync.service.in | 1 - ++ 1 file changed, 1 deletion(-) ++ ++diff --git a/init/corosync.service.in b/init/corosync.service.in ++index 28046ca..adf7080 100644 ++--- a/init/corosync.service.in +++++ b/init/corosync.service.in ++@@ -5,7 +5,6 @@ ConditionKernelCommandLine=!nocluster ++ ConditionPathExists=/etc/corosync/corosync.conf ++ Requires=network-online.target ++ After=network-online.target ++-StopWhenUnneeded=yes ++ ++ [Service] ++ EnvironmentFile=-@INITCONFIGDIR@/corosync +diff --git a/debian/patches/series b/debian/patches/series +index 32007175..2caabe1c 100644 +--- a/debian/patches/series ++++ b/debian/patches/series +@@ -7,3 +7,4 @@ Use-the-SED-variable-provided-by-configure.patch + Use-the-AWK-variable-provided-by-configure.patch + pve__only-start-corosync.service-if-conf-exists.patch + cfgtool-Improve-link-status-display.patch ++Revert-init-Enable-StopWhenUnneeded.patch diff --git a/patches/0007-add-crypto-patches.patch b/patches/0007-add-crypto-patches.patch new file mode 100644 index 0000000..4273eb5 --- /dev/null +++ b/patches/0007-add-crypto-patches.patch @@ -0,0 +1,404 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= +Date: Wed, 22 May 2019 12:26:43 +0200 +Subject: [PATCH] add crypto patches +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry-picked from upstream master, to ease in-place upgrade for +clusters running our default configuration + +Signed-off-by: Fabian Grünbichler +--- + ...rypto-re-introduce-secauth-parameter.patch | 62 ++++++++ + .../keygen-Reflect-change-in-knet.patch | 100 +++++++++++++ + ...et-totem.keyfile-and-totem.key-to-RO.patch | 44 ++++++ + .../totemconfig-Remove-support-for-3des.patch | 138 ++++++++++++++++++ + debian/patches/series | 4 + + 5 files changed, 348 insertions(+) + create mode 100644 debian/patches/crypto-re-introduce-secauth-parameter.patch + create mode 100644 debian/patches/keygen-Reflect-change-in-knet.patch + create mode 100644 debian/patches/set-totem.keyfile-and-totem.key-to-RO.patch + create mode 100644 debian/patches/totemconfig-Remove-support-for-3des.patch + +diff --git a/debian/patches/crypto-re-introduce-secauth-parameter.patch b/debian/patches/crypto-re-introduce-secauth-parameter.patch +new file mode 100644 +index 00000000..1c5739c1 +--- /dev/null ++++ b/debian/patches/crypto-re-introduce-secauth-parameter.patch +@@ -0,0 +1,62 @@ ++From: =?utf-8?q?Fabian_Gr=C3=BCnbichler?= ++Date: Wed, 10 Apr 2019 09:43:33 +0200 ++Subject: crypto: re-introduce secauth parameter ++MIME-Version: 1.0 ++Content-Type: text/plain; charset="utf-8" ++Content-Transfer-Encoding: 8bit ++ ++with the following semantics: ++- default off ++- implies crypto_hash SHA256 and crypto_cipher AES256 ++- crypto_* have higher precedence ++- only applicable for knet, like crypto_* ++ ++this should make upgrading from Corosync 2.x less painful for users that ++have an explicit secauth=on in their configuration. ++ ++Signed-off-by: Fabian Grünbichler ++Reviewed-by: Jan Friesse ++(cherry picked from commit b97ca8e9f026aaaf2fe9cf697d89803004587f60) ++--- ++ exec/totemconfig.c | 8 ++++++++ ++ man/corosync.conf.5 | 8 ++++++++ ++ 2 files changed, 16 insertions(+) ++ ++diff --git a/exec/totemconfig.c b/exec/totemconfig.c ++index 4f69fd5..1954f76 100644 ++--- a/exec/totemconfig.c +++++ b/exec/totemconfig.c ++@@ -450,6 +450,14 @@ static int totem_get_crypto(struct totem_config *totem_config, const char **erro ++ tmp_model = "nss"; ++ } ++ +++ if (icmap_get_string("totem.secauth", &str) == CS_OK) { +++ if (strcmp(str, "on") == 0) { +++ tmp_cipher = "aes256"; +++ tmp_hash = "sha256"; +++ } +++ free(str); +++ } +++ ++ if (icmap_get_string("totem.crypto_cipher", &str) == CS_OK) { ++ if (strcmp(str, "none") == 0) { ++ tmp_cipher = "none"; ++diff --git a/man/corosync.conf.5 b/man/corosync.conf.5 ++index 216dfc5..b294e11 100644 ++--- a/man/corosync.conf.5 +++++ b/man/corosync.conf.5 ++@@ -224,6 +224,14 @@ transmission is only supported for the knet transport. ++ ++ The default is none. ++ +++.TP +++secauth +++This implies crypto_cipher=aes256 and crypto_hash=sha256, unless those options +++are explicitly set. Encrypted transmission is only supported for the knet +++transport. +++ +++The default is off. +++ ++ .TP ++ keyfile ++ This specifies the fully qualified path to the shared key used to +diff --git a/debian/patches/keygen-Reflect-change-in-knet.patch b/debian/patches/keygen-Reflect-change-in-knet.patch +new file mode 100644 +index 00000000..068f481f +--- /dev/null ++++ b/debian/patches/keygen-Reflect-change-in-knet.patch +@@ -0,0 +1,100 @@ ++From: Jan Friesse ++Date: Tue, 9 Apr 2019 17:09:34 +0200 ++Subject: keygen: Reflect change in knet ++ ++Knet commit 1cb36f0cffd4559971826ca4774a88c5b05882fb reduced minimal ++key length to 1024-bit. Keygen should keep compatibility with already ++released 3.0.[0-1] so default key length should be 2048 bits. It's ++possible to use -s argument to generate shorter key - keygen respects ++minimum/maximum as defined by knet. ++ ++Also fix man page to reflect this change. ++ ++Signed-off-by: Jan Friesse ++Reviewed-by: Christine Caulfield ++(cherry picked from commit c260bce45b1f5b4a82c74513c4b3302d32daf179) ++--- ++ tools/corosync-keygen.c | 4 ++-- ++ man/corosync-keygen.8 | 21 +++++++++------------ ++ 2 files changed, 11 insertions(+), 14 deletions(-) ++ ++diff --git a/tools/corosync-keygen.c b/tools/corosync-keygen.c ++index 40e4d6e..243661a 100644 ++--- a/tools/corosync-keygen.c +++++ b/tools/corosync-keygen.c ++@@ -1,6 +1,6 @@ ++ /* ++ * Copyright (c) 2004 MontaVista Software, Inc. ++- * Copyright (c) 2005-2017 Red Hat, Inc. +++ * Copyright (c) 2005-2019 Red Hat, Inc. ++ * ++ * All rights reserved. ++ * ++@@ -52,7 +52,7 @@ ++ ++ #define DEFAULT_KEYFILE COROSYSCONFDIR "/authkey" ++ ++-#define DEFAULT_KEYFILE_LEN TOTEM_PRIVATE_KEY_LEN_MIN +++#define DEFAULT_KEYFILE_LEN 256 ++ ++ #define DEFAULT_RANDOM_DEV "/dev/urandom" ++ ++diff --git a/man/corosync-keygen.8 b/man/corosync-keygen.8 ++index 0839621..8767ddc 100644 ++--- a/man/corosync-keygen.8 +++++ b/man/corosync-keygen.8 ++@@ -1,5 +1,5 @@ ++ .\"/* ++-.\" * Copyright (C) 2010-2017 Red Hat, Inc. +++.\" * Copyright (C) 2010-2019 Red Hat, Inc. ++ .\" * ++ .\" * All rights reserved. ++ .\" * ++@@ -31,7 +31,7 @@ ++ .\" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF ++ .\" * THE POSSIBILITY OF SUCH DAMAGE. ++ .\" */ ++-.TH COROSYNC-KEYGEN 8 2017-07-03 +++.TH COROSYNC-KEYGEN 8 2019-04-09 ++ .SH NAME ++ corosync-keygen \- Generate an authentication key for Corosync. ++ .SH SYNOPSIS ++@@ -69,7 +69,7 @@ Random number source file. Default is /dev/urandom. As an example /dev/random ma ++ used when really superb randomness is needed. ++ .TP ++ .B -s size ++-Size of the generated key in bytes. Default is 1024 bytes. Allowed range is <1024, 4096>. +++Size of the generated key in bytes. Default is 256 bytes. Allowed range is <128, 4096>. ++ .TP ++ .TP ++ .B -l ++@@ -84,7 +84,7 @@ Generate the key. ++ .nf ++ # corosync-keygen ++ Corosync Cluster Engine Authentication key generator. ++-Gathering 8192 bits for key from /dev/urandom. +++Gathering 2048 bits for key from /dev/urandom. ++ Writing corosync key to /etc/corosync/authkey ++ .fi ++ ++@@ -101,15 +101,12 @@ Writing corosync key to /tmp/authkey. ++ Generate superb key using /dev/random ++ .nf ++ # corosync-keygen -r /dev/random ++-Corosync Cluster Engine Authentication key generator. ++-Gathering 8192 bits for key from /dev/random. +++Gathering 2048 bits for key from /dev/random. ++ Press keys on your keyboard to generate entropy. ++-Press keys on your keyboard to generate entropy (7928 bits still needed). ++-Press keys on your keyboard to generate entropy (7880 bits still needed). ++- ... ++-Press keys on your keyboard to generate entropy (104 bits still needed). ++-Press keys on your keyboard to generate entropy (56 bits still needed). ++-Press keys on your keyboard to generate entropy (8 bits still needed). +++Press keys on your keyboard to generate entropy (1128 bits still needed). +++Press keys on your keyboard to generate entropy (504 bits still needed). +++Press keys on your keyboard to generate entropy (128 bits still needed). +++Press keys on your keyboard to generate entropy (32 bits still needed). ++ Writing corosync key to /etc/corosync/authkey. ++ .fi ++ +diff --git a/debian/patches/set-totem.keyfile-and-totem.key-to-RO.patch b/debian/patches/set-totem.keyfile-and-totem.key-to-RO.patch +new file mode 100644 +index 00000000..9daad20b +--- /dev/null ++++ b/debian/patches/set-totem.keyfile-and-totem.key-to-RO.patch +@@ -0,0 +1,44 @@ ++From: =?utf-8?q?Fabian_Gr=C3=BCnbichler?= ++Date: Wed, 3 Apr 2019 21:57:30 +0200 ++Subject: set totem.keyfile and totem.key to RO ++MIME-Version: 1.0 ++Content-Type: text/plain; charset="utf-8" ++Content-Transfer-Encoding: 8bit ++ ++so that we get the nice log message when attempting to modify them at ++runtime, just like for totem.crypto_* and co. ++ ++Signed-off-by: Fabian Grünbichler ++Reviewed-by: Jan Friesse ++(cherry picked from commit 03fba21503f1b8395519190cc537f63100e995f5) ++--- ++ exec/cfg.c | 2 ++ ++ exec/main.c | 2 ++ ++ 2 files changed, 4 insertions(+) ++ ++diff --git a/exec/cfg.c b/exec/cfg.c ++index dec7dbf..9aeba0c 100644 ++--- a/exec/cfg.c +++++ b/exec/cfg.c ++@@ -578,6 +578,8 @@ static void remove_ro_entries(icmap_map_t temp_map) ++ delete_and_notify_if_changed(temp_map, "totem.secauth"); ++ delete_and_notify_if_changed(temp_map, "totem.crypto_hash"); ++ delete_and_notify_if_changed(temp_map, "totem.crypto_cipher"); +++ delete_and_notify_if_changed(temp_map, "totem.keyfile"); +++ delete_and_notify_if_changed(temp_map, "totem.key"); ++ delete_and_notify_if_changed(temp_map, "totem.version"); ++ delete_and_notify_if_changed(temp_map, "totem.threads"); ++ delete_and_notify_if_changed(temp_map, "totem.ip_version"); ++diff --git a/exec/main.c b/exec/main.c ++index 8554036..06a519c 100644 ++--- a/exec/main.c +++++ b/exec/main.c ++@@ -1036,6 +1036,8 @@ static void set_icmap_ro_keys_flag (void) ++ */ ++ icmap_set_ro_access("totem.crypto_cipher", CS_FALSE, CS_TRUE); ++ icmap_set_ro_access("totem.crypto_hash", CS_FALSE, CS_TRUE); +++ icmap_set_ro_access("totem.keyfile", CS_FALSE, CS_TRUE); +++ icmap_set_ro_access("totem.key", CS_FALSE, CS_TRUE); ++ icmap_set_ro_access("totem.secauth", CS_FALSE, CS_TRUE); ++ icmap_set_ro_access("totem.ip_version", CS_FALSE, CS_TRUE); ++ icmap_set_ro_access("totem.rrp_mode", CS_FALSE, CS_TRUE); +diff --git a/debian/patches/totemconfig-Remove-support-for-3des.patch b/debian/patches/totemconfig-Remove-support-for-3des.patch +new file mode 100644 +index 00000000..c46f137f +--- /dev/null ++++ b/debian/patches/totemconfig-Remove-support-for-3des.patch +@@ -0,0 +1,138 @@ ++From: Jan Friesse ++Date: Thu, 11 Apr 2019 08:23:29 +0200 ++Subject: totemconfig: Remove support for 3des ++ ++Triple DES is considered as a "weak cipher" since 2016 so there is ++really no need to support it in the corosync. Thanks to bug in ++Corosync/Knet/NSS which caused 3des to not work at all, ++no matter what library was used, we can just remove support for 3des ++without braking the compatibility. ++ ++Also fix coroparse so: ++- totem.crypto_type is removed (this is 1.x construct which was not used ++even in 2.x) ++- Add checking of totem.crypto_model. ++- Enumarate possible values for crypto_model, crypto_cipher and ++crypto_hash error messages ++ ++Signed-off-by: Jan Friesse ++Reviewed-by: Christine Caulfield ++(cherry picked from commit d05636b738e3cb1cd7a491e4ef492cd44a8bf6a9) ++--- ++ exec/coroparse.c | 21 ++++++++++----------- ++ exec/totemconfig.c | 3 --- ++ conf/lenses/corosync.aug | 4 ++-- ++ man/corosync.conf.5 | 6 +++--- ++ 4 files changed, 15 insertions(+), 19 deletions(-) ++ ++diff --git a/exec/coroparse.c b/exec/coroparse.c ++index bee0a8c..16e0257 100644 ++--- a/exec/coroparse.c +++++ b/exec/coroparse.c ++@@ -1,5 +1,5 @@ ++ /* ++- * Copyright (c) 2006-2018 Red Hat, Inc. +++ * Copyright (c) 2006-2019 Red Hat, Inc. ++ * ++ * All rights reserved. ++ * ++@@ -747,13 +747,11 @@ static int main_config_parser_cb(const char *path, ++ return (0); ++ } ++ } ++- if (strcmp(path, "totem.crypto_type") == 0) { +++ if (strcmp(path, "totem.crypto_model") == 0) { ++ if ((strcmp(value, "nss") != 0) && ++- (strcmp(value, "aes256") != 0) && ++- (strcmp(value, "aes192") != 0) && ++- (strcmp(value, "aes128") != 0) && ++- (strcmp(value, "3des") != 0)) { ++- *error_string = "Invalid crypto type"; +++ (strcmp(value, "openssl") != 0)) { +++ *error_string = "Invalid crypto model. " +++ "Should be nss or openssl"; ++ ++ return (0); ++ } ++@@ -762,9 +760,9 @@ static int main_config_parser_cb(const char *path, ++ if ((strcmp(value, "none") != 0) && ++ (strcmp(value, "aes256") != 0) && ++ (strcmp(value, "aes192") != 0) && ++- (strcmp(value, "aes128") != 0) && ++- (strcmp(value, "3des") != 0)) { ++- *error_string = "Invalid cipher type"; +++ (strcmp(value, "aes128") != 0)) { +++ *error_string = "Invalid cipher type. " +++ "Should be none, aes256, aes192 or aes128"; ++ ++ return (0); ++ } ++@@ -776,7 +774,8 @@ static int main_config_parser_cb(const char *path, ++ (strcmp(value, "sha256") != 0) && ++ (strcmp(value, "sha384") != 0) && ++ (strcmp(value, "sha512") != 0)) { ++- *error_string = "Invalid hash type"; +++ *error_string = "Invalid hash type. " +++ "Should be none, md5, sha1, sha256, sha384 or sha512"; ++ ++ return (0); ++ } ++diff --git a/exec/totemconfig.c b/exec/totemconfig.c ++index d57562a..4f69fd5 100644 ++--- a/exec/totemconfig.c +++++ b/exec/totemconfig.c ++@@ -463,9 +463,6 @@ static int totem_get_crypto(struct totem_config *totem_config, const char **erro ++ if (strcmp(str, "aes128") == 0) { ++ tmp_cipher = "aes128"; ++ } ++- if (strcmp(str, "3des") == 0) { ++- tmp_cipher = "3des"; ++- } ++ free(str); ++ } ++ ++diff --git a/conf/lenses/corosync.aug b/conf/lenses/corosync.aug ++index 39334f1..edeb4fb 100644 ++--- a/conf/lenses/corosync.aug +++++ b/conf/lenses/corosync.aug ++@@ -51,8 +51,8 @@ let totem = ++ |kv "rrp_mode" /none|active|passive/ ++ |kv "vsftype" /none|ykd/ ++ |kv "secauth" /on|off/ ++- |kv "crypto_type" /nss|aes256|aes192|aes128|3des/ ++- |kv "crypto_cipher" /none|nss|aes256|aes192|aes128|3des/ +++ |kv "crypto_model" /nss|openssl/ +++ |kv "crypto_cipher" /none|nss|aes256|aes192|aes128/ ++ |kv "crypto_hash" /none|md5|sha1|sha256|sha384|sha512/ ++ |kv "transport" /udp|iba|udpu/ ++ |kv "version" Rx.integer ++diff --git a/man/corosync.conf.5 b/man/corosync.conf.5 ++index dd6f3ba..216dfc5 100644 ++--- a/man/corosync.conf.5 +++++ b/man/corosync.conf.5 ++@@ -1,6 +1,6 @@ ++ .\"/* ++ .\" * Copyright (c) 2005 MontaVista Software, Inc. ++-.\" * Copyright (c) 2006-2018 Red Hat, Inc. +++.\" * Copyright (c) 2006-2019 Red Hat, Inc. ++ .\" * ++ .\" * All rights reserved. ++ .\" * ++@@ -32,7 +32,7 @@ ++ .\" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF ++ .\" * THE POSSIBILITY OF SUCH DAMAGE. ++ .\" */ ++-.TH COROSYNC_CONF 5 2019-01-10 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual" +++.TH COROSYNC_CONF 5 2019-04-11 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual" ++ .SH NAME ++ corosync.conf - corosync executive configuration file ++ ++@@ -218,7 +218,7 @@ The default is none. ++ .TP ++ crypto_cipher ++ This specifies which cipher should be used to encrypt all messages. ++-Valid values are none (no encryption), aes256, aes192, aes128 and 3des. +++Valid values are none (no encryption), aes256, aes192 and aes128. ++ Enabling crypto_cipher, requires also enabling of crypto_hash. Encrypted ++ transmission is only supported for the knet transport. ++ +diff --git a/debian/patches/series b/debian/patches/series +index 2caabe1c..6f18c886 100644 +--- a/debian/patches/series ++++ b/debian/patches/series +@@ -8,3 +8,7 @@ Use-the-AWK-variable-provided-by-configure.patch + pve__only-start-corosync.service-if-conf-exists.patch + cfgtool-Improve-link-status-display.patch + Revert-init-Enable-StopWhenUnneeded.patch ++set-totem.keyfile-and-totem.key-to-RO.patch ++keygen-Reflect-change-in-knet.patch ++totemconfig-Remove-support-for-3des.patch ++crypto-re-introduce-secauth-parameter.patch diff --git a/patches/0008-CPG-callback-merging.patch b/patches/0008-CPG-callback-merging.patch new file mode 100644 index 0000000..2b8d946 --- /dev/null +++ b/patches/0008-CPG-callback-merging.patch @@ -0,0 +1,858 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= +Date: Wed, 22 May 2019 12:27:19 +0200 +Subject: [PATCH] CPG callback merging +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +cherry-picked from upstream PR 468. + +this series aims to minimize callback calls in case of cluster cold +starts or re-joining after network partitions, which cause a huge spike +in network load on bigger clusters running pmxcfs. + +Signed-off-by: Fabian Grünbichler +--- + .../cpg-Add-CPG_REASON_UNDEFINED.patch | 152 +++++++++++++ + ...more-comments-to-notify_lib_joinlist.patch | 193 +++++++++++++++++ + ...illing-of-member_list-to-subfunction.patch | 130 ++++++++++++ + ...ify_lib_joinlist-drop-conn-parameter.patch | 112 ++++++++++ + ...-confchg-event-per-group-on-joinlist.patch | 199 ++++++++++++++++++ + debian/patches/series | 5 + + 6 files changed, 791 insertions(+) + create mode 100644 debian/patches/cpg-Add-CPG_REASON_UNDEFINED.patch + create mode 100644 debian/patches/cpg-Add-more-comments-to-notify_lib_joinlist.patch + create mode 100644 debian/patches/cpg-Move-filling-of-member_list-to-subfunction.patch + create mode 100644 debian/patches/cpg-notify_lib_joinlist-drop-conn-parameter.patch + create mode 100644 debian/patches/cpg-send-single-confchg-event-per-group-on-joinlist.patch + +diff --git a/debian/patches/cpg-Add-CPG_REASON_UNDEFINED.patch b/debian/patches/cpg-Add-CPG_REASON_UNDEFINED.patch +new file mode 100644 +index 00000000..a69b53ac +--- /dev/null ++++ b/debian/patches/cpg-Add-CPG_REASON_UNDEFINED.patch +@@ -0,0 +1,152 @@ ++From: Jan Friesse ++Date: Tue, 16 Apr 2019 12:52:31 +0200 ++Subject: cpg: Add CPG_REASON_UNDEFINED ++ ++Previously the reason field for the member_list items ++in cpg_totem_confchg_fn was unset what may be little confusing. ++ ++Solution is to add a special value CPG_REASON_UNDEFINED and use it for ++the member_list items. ++ ++Signed-off-by: Jan Friesse ++Reviewed-by: Christine Caulfield ++(cherry picked from commit 41f9e966bb1cfa70d0f6ec1ce46d9c845845b599) ++--- ++ include/corosync/cpg.h | 3 ++- ++ man/cpg_initialize.3.in | 18 ++++++++++-------- ++ man/cpg_model_initialize.3.in | 18 ++++++++++-------- ++ exec/cpg.c | 3 ++- ++ 4 files changed, 24 insertions(+), 18 deletions(-) ++ ++diff --git a/include/corosync/cpg.h b/include/corosync/cpg.h ++index 5ebd478..600bbf7 100644 ++--- a/include/corosync/cpg.h +++++ b/include/corosync/cpg.h ++@@ -1,5 +1,5 @@ ++ /* ++- * Copyright (c) 2006-2011 Red Hat, Inc. +++ * Copyright (c) 2006-2019 Red Hat, Inc. ++ * ++ * All rights reserved. ++ * ++@@ -80,6 +80,7 @@ typedef enum { ++ * @brief The cpg_reason_t enum ++ */ ++ typedef enum { +++ CPG_REASON_UNDEFINED = 0, ++ CPG_REASON_JOIN = 1, ++ CPG_REASON_LEAVE = 2, ++ CPG_REASON_NODEDOWN = 3, ++diff --git a/man/cpg_initialize.3.in b/man/cpg_initialize.3.in ++index bdecc1e..38c7de5 100644 ++--- a/man/cpg_initialize.3.in +++++ b/man/cpg_initialize.3.in ++@@ -1,5 +1,5 @@ ++ .\"/* ++-.\" * Copyright (c) 2006-2009 Red Hat, Inc. +++.\" * Copyright (c) 2006-2019 Red Hat, Inc. ++ .\" * ++ .\" * All rights reserved. ++ .\" * ++@@ -31,7 +31,7 @@ ++ .\" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF ++ .\" * THE POSSIBILITY OF SUCH DAMAGE. ++ .\" */ ++-.TH CPG_INITIALIZE 3 2004-08-31 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual" +++.TH CPG_INITIALIZE 3 2019-04-16 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual" ++ .SH NAME ++ cpg_initialize \- Create a new connection to the CPG service ++ .SH SYNOPSIS ++@@ -132,18 +132,20 @@ struct cpg_address { ++ .IP ++ .PP ++ where nodeid is a 32 bit unique node identifier, pid is the process ID of the process that has joined/left the group ++-or sent the message, and reason is an integer code indicating why the node joined/left the group. +++or sent the message, and reason is an integer code indicating why the node joined/left the group (this value is not +++set for the member_list items). ++ .PP ++ .IP ++ .RS ++ .ne 18 ++ .nf ++ .PP ++-CPG_REASON_JOIN - the process joined a group using cpg_join(). ++-CPG_REASON_LEAVE - the process left a group using cpg_leave() ++-CPG_REASON_NODEDOWN - the process left a group because the node left the cluster. ++-CPG_REASON_NODEUP - the process joined a group because it was already a member of a group on a node that has just joined the cluster ++-CPG_REASON_PROCDOWN - the process left a group without calling cpg_leave() +++CPG_REASON_JOIN - the process joined a group using cpg_join(). +++CPG_REASON_LEAVE - the process left a group using cpg_leave() +++CPG_REASON_NODEDOWN - the process left a group because the node left the cluster. +++CPG_REASON_NODEUP - the process joined a group because it was already a member of a group on a node that has just joined the cluster +++CPG_REASON_PROCDOWN - the process left a group without calling cpg_leave() +++CPG_REASON_UNDEFINED - a special value used for the member_list items ++ .ta ++ .fi ++ .RE ++diff --git a/man/cpg_model_initialize.3.in b/man/cpg_model_initialize.3.in ++index e06325d..17ca16a 100644 ++--- a/man/cpg_model_initialize.3.in +++++ b/man/cpg_model_initialize.3.in ++@@ -1,5 +1,5 @@ ++ .\"/* ++-.\" * Copyright (c) 2010 Red Hat, Inc. +++.\" * Copyright (c) 2010-2019 Red Hat, Inc. ++ .\" * ++ .\" * All rights reserved. ++ .\" * ++@@ -32,7 +32,7 @@ ++ .\" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF ++ .\" * THE POSSIBILITY OF SUCH DAMAGE. ++ .\" */ ++-.TH CPG_MODEL_INITIALIZE 3 2010-04-07 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual" +++.TH CPG_MODEL_INITIALIZE 3 2019-04-16 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual" ++ .SH NAME ++ cpg_model_initialize \- Create a new connection to the CPG service ++ .SH SYNOPSIS ++@@ -166,18 +166,20 @@ struct cpg_address { ++ .IP ++ .PP ++ where nodeid is a 32 bit unique node identifier, pid is the process ID of the process that has joined/left the group ++-or sent the message, and reason is an integer code indicating why the node joined/left the group. +++or sent the message, and reason is an integer code indicating why the node joined/left the group (this value is not +++set for the member_list items). ++ .PP ++ .IP ++ .RS ++ .ne 18 ++ .nf ++ .PP ++-CPG_REASON_JOIN - the process joined a group using cpg_join(). ++-CPG_REASON_LEAVE - the process left a group using cpg_leave() ++-CPG_REASON_NODEDOWN - the process left a group because the node left the cluster. ++-CPG_REASON_NODEUP - the process joined a group because it was already a member of a group on a node that has just joined the cluster ++-CPG_REASON_PROCDOWN - the process left a group without calling cpg_leave() +++CPG_REASON_JOIN - the process joined a group using cpg_join(). +++CPG_REASON_LEAVE - the process left a group using cpg_leave() +++CPG_REASON_NODEDOWN - the process left a group because the node left the cluster. +++CPG_REASON_NODEUP - the process joined a group because it was already a member of a group on a node that has just joined the cluster +++CPG_REASON_PROCDOWN - the process left a group without calling cpg_leave() +++CPG_REASON_UNDEFINED - a special value used for the member_list items ++ .ta ++ .fi ++ .RE ++diff --git a/exec/cpg.c b/exec/cpg.c ++index b7ac579..e39ca34 100644 ++--- a/exec/cpg.c +++++ b/exec/cpg.c ++@@ -1,5 +1,5 @@ ++ /* ++- * Copyright (c) 2006-2015 Red Hat, Inc. +++ * Copyright (c) 2006-2019 Red Hat, Inc. ++ * ++ * All rights reserved. ++ * ++@@ -712,6 +712,7 @@ static int notify_lib_joinlist( ++ if (!founded) { ++ retgi->nodeid = pi->nodeid; ++ retgi->pid = pi->pid; +++ retgi->reason = CPG_REASON_UNDEFINED; ++ retgi++; ++ } ++ } +diff --git a/debian/patches/cpg-Add-more-comments-to-notify_lib_joinlist.patch b/debian/patches/cpg-Add-more-comments-to-notify_lib_joinlist.patch +new file mode 100644 +index 00000000..e32102fa +--- /dev/null ++++ b/debian/patches/cpg-Add-more-comments-to-notify_lib_joinlist.patch +@@ -0,0 +1,193 @@ ++From: Jan Friesse ++Date: Wed, 15 May 2019 17:39:13 +0200 ++Subject: cpg: Add more comments to notify_lib_joinlist ++ ++And make handling of left_list more generic. Also free skiplist ++allocated by joinlist_inform_clients function. Last (but not least) ++remove czechlish founded (should have been pp of "find"). ++ ++Signed-off-by: Jan Friesse ++(cherry picked from commit 10702c7e6c0cf8164ad8f05acb4e334461555973) ++--- ++ exec/cpg.c | 91 +++++++++++++++++++++++++++++++++++++++++--------------------- ++ 1 file changed, 60 insertions(+), 31 deletions(-) ++ ++diff --git a/exec/cpg.c b/exec/cpg.c ++index e04ba57..2ecdc6b 100644 ++--- a/exec/cpg.c +++++ b/exec/cpg.c ++@@ -663,31 +663,37 @@ static int notify_lib_joinlist( ++ int size; ++ char *buf; ++ struct qb_list_head *iter; ++- int count; +++ int member_list_entries; ++ struct res_lib_cpg_confchg_callback *res; ++ mar_cpg_address_t *retgi; +++ int i; ++ ++- count = 0; +++ /* +++ * Find size of member_list (use process_info_list but remove items in left_list) +++ */ +++ member_list_entries = 0; ++ ++ qb_list_for_each(iter, &process_info_list_head) { ++ struct process_info *pi = qb_list_entry (iter, struct process_info, list); +++ ++ if (mar_name_compare (&pi->group, group_name) == 0) { ++- int i; ++- int founded = 0; +++ int in_left_list = 0; ++ ++ for (i = 0; i < left_list_entries; i++) { ++ if (left_list[i].nodeid == pi->nodeid && left_list[i].pid == pi->pid) { ++- founded++; +++ in_left_list = 1; +++ break ; ++ } ++ } ++ ++- if (!founded) ++- count++; +++ if (!in_left_list) { +++ member_list_entries++; +++ } ++ } ++ } ++ ++ size = sizeof(struct res_lib_cpg_confchg_callback) + ++- sizeof(mar_cpg_address_t) * (count + left_list_entries + joined_list_entries); +++ sizeof(mar_cpg_address_t) * (member_list_entries + left_list_entries + joined_list_entries); ++ buf = alloca(size); ++ if (!buf) ++ return CS_ERR_LIBRARY; ++@@ -695,27 +701,30 @@ static int notify_lib_joinlist( ++ res = (struct res_lib_cpg_confchg_callback *)buf; ++ res->joined_list_entries = joined_list_entries; ++ res->left_list_entries = left_list_entries; ++- res->member_list_entries = count; +++ res->member_list_entries = member_list_entries; ++ retgi = res->member_list; ++ res->header.size = size; ++ res->header.id = id; ++ res->header.error = CS_OK; ++ memcpy(&res->group_name, group_name, sizeof(mar_cpg_name_t)); ++ +++ /* +++ * Fill res->memberlist. Use process_info_list but remove items in left_list. +++ */ ++ qb_list_for_each(iter, &process_info_list_head) { ++- struct process_info *pi=qb_list_entry (iter, struct process_info, list); +++ struct process_info *pi = qb_list_entry (iter, struct process_info, list); ++ ++ if (mar_name_compare (&pi->group, group_name) == 0) { ++- int i; ++- int founded = 0; +++ int in_left_list = 0; ++ ++- for (i = 0;i < left_list_entries; i++) { +++ for (i = 0; i < left_list_entries; i++) { ++ if (left_list[i].nodeid == pi->nodeid && left_list[i].pid == pi->pid) { ++- founded++; +++ in_left_list = 1; +++ break ; ++ } ++ } ++ ++- if (!founded) { +++ if (!in_left_list) { ++ retgi->nodeid = pi->nodeid; ++ retgi->pid = pi->pid; ++ retgi->reason = CPG_REASON_UNDEFINED; ++@@ -724,23 +733,30 @@ static int notify_lib_joinlist( ++ } ++ } ++ +++ /* +++ * Fill res->left_list +++ */ ++ if (left_list_entries) { ++ memcpy (retgi, left_list, left_list_entries * sizeof(mar_cpg_address_t)); ++ retgi += left_list_entries; ++ } ++ ++ if (joined_list_entries) { ++- int i; ++- +++ /* +++ * Fill res->joined_list +++ */ ++ memcpy (retgi, joined_list, joined_list_entries * sizeof(mar_cpg_address_t)); ++ retgi += joined_list_entries; ++ ++- for (i=0; i < joined_list_entries; i++) { +++ /* +++ * Update cpd_state for all local joined processes in group +++ */ +++ for (i = 0; i < joined_list_entries; i++) { ++ if (joined_list[i].nodeid == api->totem_nodeid_get()) { ++- qb_list_for_each(iter, &cpg_pd_list_head) { +++ qb_list_for_each(iter, &cpg_pd_list_head) { ++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list); ++- if (mar_name_compare (&cpd->group_name, group_name) == 0 && ++- joined_list[i].pid == cpd->pid) { +++ if (joined_list[i].pid == cpd->pid && +++ mar_name_compare (&cpd->group_name, group_name) == 0) { ++ cpd->cpd_state = CPD_STATE_JOIN_COMPLETED; ++ } ++ } ++@@ -748,6 +764,9 @@ static int notify_lib_joinlist( ++ } ++ } ++ +++ /* +++ * Send notification to all ipc clients joined in group_name +++ */ ++ qb_list_for_each(iter, &cpg_pd_list_head) { ++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list); ++ if (mar_name_compare (&cpd->group_name, group_name) == 0) { ++@@ -760,16 +779,25 @@ static int notify_lib_joinlist( ++ } ++ } ++ ++- if (left_list_entries && ++- left_list[0].nodeid == api->totem_nodeid_get() && ++- left_list[0].reason == CONFCHG_CPG_REASON_LEAVE) { ++- qb_list_for_each(iter, &cpg_pd_list_head) { ++- struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list); ++- if (mar_name_compare (&cpd->group_name, group_name) == 0 && ++- left_list[0].pid == cpd->pid) { ++- cpd->pid = 0; ++- memset (&cpd->group_name, 0, sizeof(cpd->group_name)); ++- cpd->cpd_state = CPD_STATE_UNJOINED; +++ if (left_list_entries) { +++ /* +++ * Zero internal cpd state for all local processes leaving group +++ * (this loop is not strictly needed because left_list always either +++ * contains exactly one process running on local node or more items +++ * but none of them is running on local node) +++ */ +++ for (i = 0; i < joined_list_entries; i++) { +++ if (left_list[i].nodeid == api->totem_nodeid_get() && +++ left_list[i].reason == CONFCHG_CPG_REASON_LEAVE) { +++ qb_list_for_each(iter, &cpg_pd_list_head) { +++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list); +++ if (left_list[i].pid == cpd->pid && +++ mar_name_compare (&cpd->group_name, group_name) == 0) { +++ cpd->pid = 0; +++ memset (&cpd->group_name, 0, sizeof(cpd->group_name)); +++ cpd->cpd_state = CPD_STATE_UNJOINED; +++ } +++ } ++ } ++ } ++ } ++@@ -966,6 +994,7 @@ static void joinlist_inform_clients (void) ++ free(jld); ++ } ++ qb_map_iter_free(miter); +++ qb_map_destroy(group_notify_map); ++ ++ joinlist_remove_zombie_pi_entries (); ++ } +diff --git a/debian/patches/cpg-Move-filling-of-member_list-to-subfunction.patch b/debian/patches/cpg-Move-filling-of-member_list-to-subfunction.patch +new file mode 100644 +index 00000000..9ec65353 +--- /dev/null ++++ b/debian/patches/cpg-Move-filling-of-member_list-to-subfunction.patch +@@ -0,0 +1,130 @@ ++From: Jan Friesse ++Date: Thu, 16 May 2019 14:08:25 +0200 ++Subject: cpg: Move filling of member_list to subfunction ++ ++Signed-off-by: Jan Friesse ++(cherry picked from commit 0c1de94461368b4a924b516b77691e6ec471dcb0) ++--- ++ exec/cpg.c | 86 ++++++++++++++++++++++++++++++++++++-------------------------- ++ 1 file changed, 50 insertions(+), 36 deletions(-) ++ ++diff --git a/exec/cpg.c b/exec/cpg.c ++index 2ecdc6b..98a16a6 100644 ++--- a/exec/cpg.c +++++ b/exec/cpg.c ++@@ -652,26 +652,27 @@ static int notify_lib_totem_membership ( ++ return CS_OK; ++ } ++ ++-static int notify_lib_joinlist( +++/* +++ * Helper function for notify_lib_joinlist which prepares member_list using +++ * process_info_list with removed left_list items. +++ * member_list_entries - When not NULL it contains number of member_list entries +++ * member_list - When not NULL it is used as pointer to start of preallocated +++ * array of members. Pointer is adjusted to the end of array on +++ * exit. +++ */ +++static void notify_lib_joinlist_fill_member_list( ++ const mar_cpg_name_t *group_name, ++- int joined_list_entries, ++- mar_cpg_address_t *joined_list, ++ int left_list_entries, ++- mar_cpg_address_t *left_list, ++- int id) +++ const mar_cpg_address_t *left_list, +++ int *member_list_entries, +++ mar_cpg_address_t **member_list) ++ { ++- int size; ++- char *buf; ++ struct qb_list_head *iter; ++- int member_list_entries; ++- struct res_lib_cpg_confchg_callback *res; ++- mar_cpg_address_t *retgi; ++ int i; ++ ++- /* ++- * Find size of member_list (use process_info_list but remove items in left_list) ++- */ ++- member_list_entries = 0; +++ if (member_list_entries != NULL) { +++ *member_list_entries = 0; +++ } ++ ++ qb_list_for_each(iter, &process_info_list_head) { ++ struct process_info *pi = qb_list_entry (iter, struct process_info, list); ++@@ -687,10 +688,42 @@ static int notify_lib_joinlist( ++ } ++ ++ if (!in_left_list) { ++- member_list_entries++; +++ if (member_list_entries != NULL) { +++ (*member_list_entries)++; +++ } +++ +++ if (member_list != NULL) { +++ (*member_list)->nodeid = pi->nodeid; +++ (*member_list)->pid = pi->pid; +++ (*member_list)->reason = CPG_REASON_UNDEFINED; +++ (*member_list)++; +++ } ++ } ++ } ++ } +++} +++ +++static int notify_lib_joinlist( +++ const mar_cpg_name_t *group_name, +++ int joined_list_entries, +++ mar_cpg_address_t *joined_list, +++ int left_list_entries, +++ mar_cpg_address_t *left_list, +++ int id) +++{ +++ int size; +++ char *buf; +++ struct qb_list_head *iter; +++ int member_list_entries; +++ struct res_lib_cpg_confchg_callback *res; +++ mar_cpg_address_t *retgi; +++ int i; +++ +++ /* +++ * Find size of member_list (use process_info_list but remove items in left_list) +++ */ +++ notify_lib_joinlist_fill_member_list(group_name, left_list_entries, left_list, +++ &member_list_entries, NULL); ++ ++ size = sizeof(struct res_lib_cpg_confchg_callback) + ++ sizeof(mar_cpg_address_t) * (member_list_entries + left_list_entries + joined_list_entries); ++@@ -711,27 +744,8 @@ static int notify_lib_joinlist( ++ /* ++ * Fill res->memberlist. Use process_info_list but remove items in left_list. ++ */ ++- qb_list_for_each(iter, &process_info_list_head) { ++- struct process_info *pi = qb_list_entry (iter, struct process_info, list); ++- ++- if (mar_name_compare (&pi->group, group_name) == 0) { ++- int in_left_list = 0; ++- ++- for (i = 0; i < left_list_entries; i++) { ++- if (left_list[i].nodeid == pi->nodeid && left_list[i].pid == pi->pid) { ++- in_left_list = 1; ++- break ; ++- } ++- } ++- ++- if (!in_left_list) { ++- retgi->nodeid = pi->nodeid; ++- retgi->pid = pi->pid; ++- retgi->reason = CPG_REASON_UNDEFINED; ++- retgi++; ++- } ++- } ++- } +++ notify_lib_joinlist_fill_member_list(group_name, left_list_entries, left_list, +++ NULL, &retgi); ++ ++ /* ++ * Fill res->left_list +diff --git a/debian/patches/cpg-notify_lib_joinlist-drop-conn-parameter.patch b/debian/patches/cpg-notify_lib_joinlist-drop-conn-parameter.patch +new file mode 100644 +index 00000000..e1742bf9 +--- /dev/null ++++ b/debian/patches/cpg-notify_lib_joinlist-drop-conn-parameter.patch +@@ -0,0 +1,112 @@ ++From: =?utf-8?q?Fabian_Gr=C3=BCnbichler?= ++Date: Wed, 15 May 2019 13:45:13 +0200 ++Subject: cpg: notify_lib_joinlist: drop conn parameter ++ ++since it is always set to NULL. ++ ++(cherry picked from commit d5e9723695b2ae63162b238300013d785e875ea7) ++--- ++ exec/cpg.c | 54 ++++++++++++++++++++++++------------------------------ ++ 1 file changed, 24 insertions(+), 30 deletions(-) ++ ++diff --git a/exec/cpg.c b/exec/cpg.c ++index e39ca34..b752cc1 100644 ++--- a/exec/cpg.c +++++ b/exec/cpg.c ++@@ -647,7 +647,6 @@ static int notify_lib_totem_membership ( ++ ++ static int notify_lib_joinlist( ++ const mar_cpg_name_t *group_name, ++- void *conn, ++ int joined_list_entries, ++ mar_cpg_address_t *joined_list, ++ int left_list_entries, ++@@ -728,40 +727,35 @@ static int notify_lib_joinlist( ++ retgi += joined_list_entries; ++ } ++ ++- if (conn) { ++- api->ipc_dispatch_send (conn, buf, size); ++- } else { ++ qb_list_for_each(iter, &cpg_pd_list_head) { ++- struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list); ++- if (mar_name_compare (&cpd->group_name, group_name) == 0) { ++- assert (joined_list_entries <= 1); ++- if (joined_list_entries) { ++- if (joined_list[0].pid == cpd->pid && ++- joined_list[0].nodeid == api->totem_nodeid_get()) { ++- cpd->cpd_state = CPD_STATE_JOIN_COMPLETED; ++- } +++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list); +++ if (mar_name_compare (&cpd->group_name, group_name) == 0) { +++ assert (joined_list_entries <= 1); +++ if (joined_list_entries) { +++ if (joined_list[0].pid == cpd->pid && +++ joined_list[0].nodeid == api->totem_nodeid_get()) { +++ cpd->cpd_state = CPD_STATE_JOIN_COMPLETED; ++ } ++- if (cpd->cpd_state == CPD_STATE_JOIN_COMPLETED || ++- cpd->cpd_state == CPD_STATE_LEAVE_STARTED) { +++ } +++ if (cpd->cpd_state == CPD_STATE_JOIN_COMPLETED || +++ cpd->cpd_state == CPD_STATE_LEAVE_STARTED) { ++ ++- api->ipc_dispatch_send (cpd->conn, buf, size); ++- cpd->transition_counter++; ++- } ++- if (left_list_entries) { ++- if (left_list[0].pid == cpd->pid && ++- left_list[0].nodeid == api->totem_nodeid_get() && ++- left_list[0].reason == CONFCHG_CPG_REASON_LEAVE) { ++- ++- cpd->pid = 0; ++- memset (&cpd->group_name, 0, sizeof(cpd->group_name)); ++- cpd->cpd_state = CPD_STATE_UNJOINED; ++- } +++ api->ipc_dispatch_send (cpd->conn, buf, size); +++ cpd->transition_counter++; +++ } +++ if (left_list_entries) { +++ if (left_list[0].pid == cpd->pid && +++ left_list[0].nodeid == api->totem_nodeid_get() && +++ left_list[0].reason == CONFCHG_CPG_REASON_LEAVE) { +++ +++ cpd->pid = 0; +++ memset (&cpd->group_name, 0, sizeof(cpd->group_name)); +++ cpd->cpd_state = CPD_STATE_UNJOINED; ++ } ++ } ++ } ++ } ++ ++- ++ /* ++ * Traverse thru cpds and send totem membership for cpd, where it is not send yet ++ */ ++@@ -858,7 +852,7 @@ static void downlist_inform_clients (void) ++ } ++ ++ /* send confchg event */ ++- notify_lib_joinlist(&group, NULL, +++ notify_lib_joinlist(&group, ++ 0, NULL, ++ pcd->left_list_entries, ++ pcd->left_list, ++@@ -1157,7 +1151,7 @@ static void do_proc_join( ++ notify_info.nodeid = nodeid; ++ notify_info.reason = reason; ++ ++- notify_lib_joinlist(&pi->group, NULL, +++ notify_lib_joinlist(&pi->group, ++ 1, ¬ify_info, ++ 0, NULL, ++ MESSAGE_RES_CPG_CONFCHG_CALLBACK); ++@@ -1177,7 +1171,7 @@ static void do_proc_leave( ++ notify_info.nodeid = nodeid; ++ notify_info.reason = reason; ++ ++- notify_lib_joinlist(name, NULL, +++ notify_lib_joinlist(name, ++ 0, NULL, ++ 1, ¬ify_info, ++ MESSAGE_RES_CPG_CONFCHG_CALLBACK); +diff --git a/debian/patches/cpg-send-single-confchg-event-per-group-on-joinlist.patch b/debian/patches/cpg-send-single-confchg-event-per-group-on-joinlist.patch +new file mode 100644 +index 00000000..013baaa0 +--- /dev/null ++++ b/debian/patches/cpg-send-single-confchg-event-per-group-on-joinlist.patch +@@ -0,0 +1,199 @@ ++From: =?utf-8?q?Fabian_Gr=C3=BCnbichler?= ++Date: Wed, 8 May 2019 16:31:15 +0200 ++Subject: cpg: send single confchg event per group on joinlist ++MIME-Version: 1.0 ++Content-Type: text/plain; charset="utf-8" ++Content-Transfer-Encoding: 8bit ++ ++using a similar approach to ++ ++43bead364514e8ae2ba00bcf07c460e31d0b1765 "Send one confchg event per CPG group to CPG client" ++ ++which did the same for leave events on a network partition. ++ ++Fixes: #351 ++ ++Signed-off-by: Fabian Grünbichler ++(cherry picked from commit 9c60289b831ef0b138142c3fc39c9a9da8a2ada2) ++--- ++ exec/cpg.c | 97 ++++++++++++++++++++++++++++++++++++++++++++++---------------- ++ 1 file changed, 73 insertions(+), 24 deletions(-) ++ ++diff --git a/exec/cpg.c b/exec/cpg.c ++index b752cc1..e04ba57 100644 ++--- a/exec/cpg.c +++++ b/exec/cpg.c ++@@ -194,6 +194,12 @@ struct join_list_entry { ++ mar_cpg_name_t group_name; ++ }; ++ +++struct join_list_confchg_data { +++ mar_cpg_name_t cpg_group; +++ mar_cpg_address_t join_list[CPG_MEMBERS_MAX]; +++ int join_list_entries; +++}; +++ ++ /* ++ * Service Interfaces required by service_message_handler struct ++ */ ++@@ -312,7 +318,8 @@ static void do_proc_join( ++ const mar_cpg_name_t *name, ++ uint32_t pid, ++ unsigned int nodeid, ++- int reason); +++ int reason, +++ qb_map_t *group_notify_map); ++ ++ static void do_proc_leave( ++ const mar_cpg_name_t *name, ++@@ -723,35 +730,46 @@ static int notify_lib_joinlist( ++ } ++ ++ if (joined_list_entries) { +++ int i; +++ ++ memcpy (retgi, joined_list, joined_list_entries * sizeof(mar_cpg_address_t)); ++ retgi += joined_list_entries; +++ +++ for (i=0; i < joined_list_entries; i++) { +++ if (joined_list[i].nodeid == api->totem_nodeid_get()) { +++ qb_list_for_each(iter, &cpg_pd_list_head) { +++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list); +++ if (mar_name_compare (&cpd->group_name, group_name) == 0 && +++ joined_list[i].pid == cpd->pid) { +++ cpd->cpd_state = CPD_STATE_JOIN_COMPLETED; +++ } +++ } +++ } +++ } ++ } ++ ++ qb_list_for_each(iter, &cpg_pd_list_head) { ++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list); ++ if (mar_name_compare (&cpd->group_name, group_name) == 0) { ++- assert (joined_list_entries <= 1); ++- if (joined_list_entries) { ++- if (joined_list[0].pid == cpd->pid && ++- joined_list[0].nodeid == api->totem_nodeid_get()) { ++- cpd->cpd_state = CPD_STATE_JOIN_COMPLETED; ++- } ++- } ++ if (cpd->cpd_state == CPD_STATE_JOIN_COMPLETED || ++ cpd->cpd_state == CPD_STATE_LEAVE_STARTED) { ++ ++ api->ipc_dispatch_send (cpd->conn, buf, size); ++ cpd->transition_counter++; ++ } ++- if (left_list_entries) { ++- if (left_list[0].pid == cpd->pid && ++- left_list[0].nodeid == api->totem_nodeid_get() && ++- left_list[0].reason == CONFCHG_CPG_REASON_LEAVE) { ++- ++- cpd->pid = 0; ++- memset (&cpd->group_name, 0, sizeof(cpd->group_name)); ++- cpd->cpd_state = CPD_STATE_UNJOINED; ++- } +++ } +++ } +++ +++ if (left_list_entries && +++ left_list[0].nodeid == api->totem_nodeid_get() && +++ left_list[0].reason == CONFCHG_CPG_REASON_LEAVE) { +++ qb_list_for_each(iter, &cpg_pd_list_head) { +++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list); +++ if (mar_name_compare (&cpd->group_name, group_name) == 0 && +++ left_list[0].pid == cpd->pid) { +++ cpd->pid = 0; +++ memset (&cpd->group_name, 0, sizeof(cpd->group_name)); +++ cpd->cpd_state = CPD_STATE_UNJOINED; ++ } ++ } ++ } ++@@ -915,6 +933,11 @@ static void joinlist_inform_clients (void) ++ struct joinlist_msg *stored_msg; ++ struct qb_list_head *iter; ++ unsigned int i; +++ qb_map_t *group_notify_map; +++ qb_map_iter_t *miter; +++ struct join_list_confchg_data *jld; +++ +++ group_notify_map = qb_skiplist_create(); ++ ++ i = 0; ++ qb_list_for_each(iter, &joinlist_messages_head) { ++@@ -931,9 +954,19 @@ static void joinlist_inform_clients (void) ++ } ++ ++ do_proc_join (&stored_msg->group_name, stored_msg->pid, stored_msg->sender_nodeid, ++- CONFCHG_CPG_REASON_NODEUP); +++ CONFCHG_CPG_REASON_NODEUP, group_notify_map); ++ } ++ +++ miter = qb_map_iter_create(group_notify_map); +++ while (qb_map_iter_next(miter, (void **)&jld)) { +++ notify_lib_joinlist(&jld->cpg_group, +++ jld->join_list_entries, jld->join_list, +++ 0, NULL, +++ MESSAGE_RES_CPG_CONFCHG_CALLBACK); +++ free(jld); +++ } +++ qb_map_iter_free(miter); +++ ++ joinlist_remove_zombie_pi_entries (); ++ } ++ ++@@ -1111,13 +1144,15 @@ static void do_proc_join( ++ const mar_cpg_name_t *name, ++ uint32_t pid, ++ unsigned int nodeid, ++- int reason) +++ int reason, +++ qb_map_t *group_notify_map) ++ { ++ struct process_info *pi; ++ struct process_info *pi_entry; ++ mar_cpg_address_t notify_info; ++ struct qb_list_head *list; ++ struct qb_list_head *list_to_add = NULL; +++ int size; ++ ++ if (process_info_find (name, pid, nodeid) != NULL) { ++ return ; ++@@ -1151,10 +1186,24 @@ static void do_proc_join( ++ notify_info.nodeid = nodeid; ++ notify_info.reason = reason; ++ ++- notify_lib_joinlist(&pi->group, ++- 1, ¬ify_info, ++- 0, NULL, ++- MESSAGE_RES_CPG_CONFCHG_CALLBACK); +++ if (group_notify_map == NULL) { +++ notify_lib_joinlist(&pi->group, +++ 1, ¬ify_info, +++ 0, NULL, +++ MESSAGE_RES_CPG_CONFCHG_CALLBACK); +++ } else { +++ struct join_list_confchg_data *jld = qb_map_get(group_notify_map, pi->group.value); +++ if (jld == NULL) { +++ jld = (struct join_list_confchg_data *)calloc(1, sizeof(struct join_list_confchg_data)); +++ memcpy(&jld->cpg_group, &pi->group, sizeof(mar_cpg_name_t)); +++ qb_map_put(group_notify_map, jld->cpg_group.value, jld); +++ } +++ size = jld->join_list_entries; +++ jld->join_list[size].nodeid = notify_info.nodeid; +++ jld->join_list[size].pid = notify_info.pid; +++ jld->join_list[size].reason = notify_info.reason; +++ jld->join_list_entries++; +++ } ++ } ++ ++ static void do_proc_leave( ++@@ -1219,7 +1268,7 @@ static void message_handler_req_exec_cpg_procjoin ( ++ ++ do_proc_join (&req_exec_cpg_procjoin->group_name, ++ req_exec_cpg_procjoin->pid, nodeid, ++- CONFCHG_CPG_REASON_JOIN); +++ CONFCHG_CPG_REASON_JOIN, NULL); ++ } ++ ++ static void message_handler_req_exec_cpg_procleave ( +diff --git a/debian/patches/series b/debian/patches/series +index 6f18c886..324cc365 100644 +--- a/debian/patches/series ++++ b/debian/patches/series +@@ -12,3 +12,8 @@ set-totem.keyfile-and-totem.key-to-RO.patch + keygen-Reflect-change-in-knet.patch + totemconfig-Remove-support-for-3des.patch + crypto-re-introduce-secauth-parameter.patch ++cpg-Add-CPG_REASON_UNDEFINED.patch ++cpg-notify_lib_joinlist-drop-conn-parameter.patch ++cpg-send-single-confchg-event-per-group-on-joinlist.patch ++cpg-Add-more-comments-to-notify_lib_joinlist.patch ++cpg-Move-filling-of-member_list-to-subfunction.patch diff --git a/patches/series b/patches/series index 0f845a0..18e0ab4 100644 --- a/patches/series +++ b/patches/series @@ -2,3 +2,7 @@ 0002-remove-init-script.patch 0003-only-start-corosync.service-if-conf-exists.patch 0004-bsys-disable-augeas-tools.patch +0005-cfgtool-Improve-link-status-display.patch +0006-Revert-init-Enable-StopWhenUnneeded.patch +0007-add-crypto-patches.patch +0008-CPG-callback-merging.patch