Update patches for RX sequence ID bug

7 files changed, 100 insertions, 26 deletions

diff --git a/.SRCINFO b/.SRCINFO
index f4f354ee1381..bbabe52108f0 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,7 +1,7 @@
 pkgbase = openafs
 	pkgdesc = Open source implementation of the AFS distributed file system
 	pkgver = 1.8.6
-	pkgrel = 2
+	pkgrel = 3
 	url = http://www.openafs.org
 	install = openafs.install
 	arch = i686
@@ -24,13 +24,15 @@ pkgbase = openafs
 	source = 0002-Adjust-RedHat-config-and-service-files.patch
 	source = 0003-rx-rx_InitHost-do-not-overwrite-RAND_bytes-rx_nextCi.patch
 	source = 0004-rx-update_nextCid-overflow-handling-is-broken.patch
+	source = 0005-Remove-overflow-check-from-update_nextCid.patch
 	sha256sums = 8b4e9d3180f1ecd752753da17ac630df04eb7007c90a921a5f6403c0339d2945
 	sha256sums = e34fa28d9ee06b47d080e4ed0c1f55fe2629ce974f1a7a7ec60dd6e87a9d21e9
 	sha256sums = 18d7b0173bbffbdc212f4e58c5b3ce369adf868452aabc3485f2a6a2ddb35d68
-	sha256sums = 2bbc1e89cb1032c6dcdeb482db3578993f83ce40bf03c413886484cf1dc84b43
-	sha256sums = 3b1029fda091177834f9fec79967164d9c3172b2bdca2190c2555bd2dd1b1e9b
-	sha256sums = f13225033ad18c74cc21316aeae50d3a325fb9e88e38b0d76c470714ce83da1c
-	sha256sums = 506d090da582910f6e69c8dbbb3e78a9afbaed689f1057cae71c7dd923999f8f
+	sha256sums = 5a64f667ef5c63a0b54e859ccde0a69f6d883bfadfa5ce4b3e0a98e613764258
+	sha256sums = 30cd5cb67782161a8510039c14479a02252e3bb80fdf23795753ddb7f1aeadf7
+	sha256sums = 302cf63380e43145949f6e91e9510fdc8ed94de915b90975212a5bdb55bb9259
+	sha256sums = 3ab566be3b11bcd8e59d7809ee4e73e3b7206b7cf21097d5cf55675543c2b785
+	sha256sums = 94dea81621ba41b7b1122d977c60d66431b64bead0d6796ef322b04196579e63
 
 pkgname = openafs
 
diff --git a/0001-Temporary-fix-for-compilation-with-GCC-10.patch b/0001-Temporary-fix-for-compilation-with-GCC-10.patch
index 1038fdc06ec2..c0a6d6acfaf3 100644
--- a/0001-Temporary-fix-for-compilation-with-GCC-10.patch
+++ b/0001-Temporary-fix-for-compilation-with-GCC-10.patch
@@ -1,7 +1,7 @@
 From 81c4f50914bd0f696a0a6c356982e97594bd2c77 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20La=C3=9F?= <lass@mail.uni-paderborn.de>
 Date: Tue, 19 May 2020 16:17:01 +0200
-Subject: [PATCH 1/4] Temporary fix for compilation with GCC 10
+Subject: [PATCH 1/5] Temporary fix for compilation with GCC 10
 
 See:
 * https://bugs.gentoo.org/706738
diff --git a/0002-Adjust-RedHat-config-and-service-files.patch b/0002-Adjust-RedHat-config-and-service-files.patch
index a952ce511885..327d1da67e31 100644
--- a/0002-Adjust-RedHat-config-and-service-files.patch
+++ b/0002-Adjust-RedHat-config-and-service-files.patch
@@ -1,7 +1,7 @@
 From c0f5be5ee08d8db59c0c0106bed56f602edf3cad Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Michael=20La=C3=9F?= <lass@mail.uni-paderborn.de>
 Date: Thu, 19 Feb 2015 19:34:00 +0100
-Subject: [PATCH 2/4] Adjust RedHat config and service files
+Subject: [PATCH 2/5] Adjust RedHat config and service files
 
 Basically we reuse upstream's config for RedHat but we change a few things:
 
diff --git a/0003-rx-rx_InitHost-do-not-overwrite-RAND_bytes-rx_nextCi.patch b/0003-rx-rx_InitHost-do-not-overwrite-RAND_bytes-rx_nextCi.patch
index 5535779b024e..39e70918d8b5 100644
--- a/0003-rx-rx_InitHost-do-not-overwrite-RAND_bytes-rx_nextCi.patch
+++ b/0003-rx-rx_InitHost-do-not-overwrite-RAND_bytes-rx_nextCi.patch
@@ -1,7 +1,7 @@
-From c2c8cf8765e9c7ca0b07ae212ff59816f21faf53 Mon Sep 17 00:00:00 2001
+From cf0eaaa6023b89bc2765148b33481dfddc072432 Mon Sep 17 00:00:00 2001
 From: Jeffrey Altman <jaltman@auristor.com>
 Date: Thu, 14 Jan 2021 09:41:39 -0500
-Subject: [PATCH 3/4] rx: rx_InitHost do not overwrite RAND_bytes rx_nextCid
+Subject: [PATCH 3/5] rx: rx_InitHost do not overwrite RAND_bytes rx_nextCid
 
 39b165cdda941181845022c183fea1c7af7e4356 ("Move epoch and cid
 generation into the rx core") introduced the use of RAND_bytes()
@@ -15,7 +15,16 @@ At Thu, 14 Jan 2021 08:25:36 GMT the IBM inherited calculation
 overflows the value CID range.   This triggers broken overflow
 logic in update_nextCid().
 
-Change-Id: Ib7283def1ded9792d394133a3969a6d86f3a6123
+Reviewed-on: https://gerrit.openafs.org/14491
+Reviewed-by: Andrew Deason <adeason@sinenomine.net>
+Tested-by: Andrew Deason <adeason@sinenomine.net>
+Reviewed-by: Jeffrey Hutzelman <jhutz@cmu.edu>
+Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
+Tested-by: Mark Vitale <mvitale@sinenomine.net>
+Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
+(cherry picked from commit a3bc7ff1501d51ceb3b39d9caed62c530a804473)
+
+Change-Id: If5f7d4ba1cacc6978c83fd512653fbaa0c1559d8
 ---
  src/rx/rx.c | 3 ---
  1 file changed, 3 deletions(-)
diff --git a/0004-rx-update_nextCid-overflow-handling-is-broken.patch b/0004-rx-update_nextCid-overflow-handling-is-broken.patch
index 1a18527312bb..cd9cf2a2b72b 100644
--- a/0004-rx-update_nextCid-overflow-handling-is-broken.patch
+++ b/0004-rx-update_nextCid-overflow-handling-is-broken.patch
@@ -1,12 +1,14 @@
-From 9700cbf1784ea722dd2a7fed88f4f76cd7491564 Mon Sep 17 00:00:00 2001
+From 9dbe1e09f2b8eea9164ddce756614cd9462e7784 Mon Sep 17 00:00:00 2001
 From: Jeffrey Altman <jaltman@auristor.com>
 Date: Thu, 14 Jan 2021 09:57:13 -0500
-Subject: [PATCH 4/4] rx: update_nextCid overflow handling is broken
+Subject: [PATCH 4/5] rx: update_nextCid overflow handling is broken
 
 The overflow handling in update_nextCid() produces a rx_nextCid
-value of 0x80000001 which itself is an overflow.   When used
-to construct the first call of a new connection the connection
-id for the call becomes 0x80000002.
+value of 0x80000001 which itself is out of the valid range.   When
+used to construct the first call of a new connection the connection
+id for the call becomes 0x80000002, and all subsequent connections
+also trigger the overflow handling and thus also receive connection
+id 0x80000002.
 
 If the same connection id is used for multiple connections from
 the same endpoint the accepting rx peer will be very confused.
@@ -15,8 +17,10 @@ When authenticated connections are used, the CHALLENGE/RESPONSE
 will fail because of a mismatch in the connection's callNumber
 array.
 
-All communication from a broken initiator to any rx peer will
-fail.
+If an initiator makes only a single connection to a given rx peer,
+that connection would succeed, but once multiple connections are
+initiated all communication from a broken initiator to any rx peer
+will fail.
 
 The incorrect overflow calculation was introduced by
 39b165cdda941181845022c183fea1c7af7e4356 ("Move epoch and cid
@@ -26,7 +30,13 @@ This change corrects the overflow value to become
 
   1 << RX_CIDSHIFT
 
-Change-Id: If36e3aa581d557cc0f4d2d478f84a6593224c3cc
+Reviewed-on: https://gerrit.openafs.org/14492
+Reviewed-by: Andrew Deason <adeason@sinenomine.net>
+Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
+Tested-by: Benjamin Kaduk <kaduk@mit.edu>
+(cherry picked from commit 2c0a3901cbfcb231b7b67eb0899a3133516f33c8)
+
+Change-Id: I74d70706ddf99022bed639891cb610fba9ef863d
 ---
  src/rx/rx.c | 5 ++---
  1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/0005-Remove-overflow-check-from-update_nextCid.patch b/0005-Remove-overflow-check-from-update_nextCid.patch
new file mode 100644
index 000000000000..4f8537068eb3
--- /dev/null
+++ b/0005-Remove-overflow-check-from-update_nextCid.patch
@@ -0,0 +1,49 @@
+From ad49f820fec917e361ff4cd3fb999cfa956b010e Mon Sep 17 00:00:00 2001
+From: Benjamin Kaduk <kaduk@mit.edu>
+Date: Thu, 14 Jan 2021 10:20:59 -0800
+Subject: [PATCH 5/5] Remove overflow check from update_nextCid
+
+The rx_nextCid global has been an unsigned type since
+http://gerrit.openafs.org/11106 (which was actually merged before
+the refactoring of overflow check to avoid signed integer overflow)
+and thus there is no need to avoid signed overflow.  The per-connection
+cid has been unsigned since the IBM import.
+
+The natural unsigned behavior on overflow of wrapping is the desired
+behvaior here, so just remove the extra logic and always increment.
+
+Reviewed-on: https://gerrit.openafs.org/14496
+Reviewed-by: Jeffrey Hutzelman <jhutz@cmu.edu>
+Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
+Tested-by: Benjamin Kaduk <kaduk@mit.edu>
+(cherry picked from commit 43ef1f2a5d80aa1c3f5b4831ada8e776ac0c7d13)
+
+Change-Id: I64fabe5229039f7af040902ed2e6f03dba7bc14d
+---
+ src/rx/rx.c | 6 ++----
+ 1 file changed, 2 insertions(+), 4 deletions(-)
+
+diff --git a/src/rx/rx.c b/src/rx/rx.c
+index 5d5953120..c713fefd8 100644
+--- a/src/rx/rx.c
++++ b/src/rx/rx.c
+@@ -6644,14 +6644,12 @@ rxi_CancelGrowMTUEvent(struct rx_call *call)
+ }
+ 
+ /*
+- * Increment the counter for the next connection ID, handling overflow.
++ * Increment the counter for the next connection ID.
++ * Wrapping on unsigned integer overflow is the intended behavior.
+  */
+ static void
+ update_nextCid(void)
+ {
+-    /* Overflow is technically undefined behavior; avoid it. */
+-    if (rx_nextCid > MAX_AFS_INT32 - (1 << RX_CIDSHIFT))
+-	rx_nextCid = 0;
+     rx_nextCid += 1 << RX_CIDSHIFT;
+ }
+ 
+-- 
+2.30.0
+
diff --git a/PKGBUILD b/PKGBUILD
index 07d2bb0b98ca..a2e5e1530600 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -6,7 +6,7 @@
 
 pkgname=openafs
 pkgver=1.8.6
-pkgrel=2
+pkgrel=3
 pkgdesc="Open source implementation of the AFS distributed file system"
 arch=('i686' 'x86_64' 'armv7h')
 url="http://www.openafs.org"
@@ -27,14 +27,16 @@ source=(http://openafs.org/dl/openafs/${pkgver}/${pkgname}-${pkgver}-src.tar.bz2
         0001-Temporary-fix-for-compilation-with-GCC-10.patch
         0002-Adjust-RedHat-config-and-service-files.patch
         0003-rx-rx_InitHost-do-not-overwrite-RAND_bytes-rx_nextCi.patch
-        0004-rx-update_nextCid-overflow-handling-is-broken.patch)
+        0004-rx-update_nextCid-overflow-handling-is-broken.patch
+        0005-Remove-overflow-check-from-update_nextCid.patch)
 sha256sums=('8b4e9d3180f1ecd752753da17ac630df04eb7007c90a921a5f6403c0339d2945'
             'e34fa28d9ee06b47d080e4ed0c1f55fe2629ce974f1a7a7ec60dd6e87a9d21e9'
             '18d7b0173bbffbdc212f4e58c5b3ce369adf868452aabc3485f2a6a2ddb35d68'
-            '2bbc1e89cb1032c6dcdeb482db3578993f83ce40bf03c413886484cf1dc84b43'
-            '3b1029fda091177834f9fec79967164d9c3172b2bdca2190c2555bd2dd1b1e9b'
-            'f13225033ad18c74cc21316aeae50d3a325fb9e88e38b0d76c470714ce83da1c'
-            '506d090da582910f6e69c8dbbb3e78a9afbaed689f1057cae71c7dd923999f8f')
+            '5a64f667ef5c63a0b54e859ccde0a69f6d883bfadfa5ce4b3e0a98e613764258'
+            '30cd5cb67782161a8510039c14479a02252e3bb80fdf23795753ddb7f1aeadf7'
+            '302cf63380e43145949f6e91e9510fdc8ed94de915b90975212a5bdb55bb9259'
+            '3ab566be3b11bcd8e59d7809ee4e73e3b7206b7cf21097d5cf55675543c2b785'
+            '94dea81621ba41b7b1122d977c60d66431b64bead0d6796ef322b04196579e63')
 
 # If you need the kauth tools set this to 1. But be aware that these tools
 # are considered insecure since 2003! This also affects the PAM libs.
@@ -50,10 +52,12 @@ prepare() {
   patch -p1 < "${srcdir}/0002-Adjust-RedHat-config-and-service-files.patch"
 
   # Fix RX bug triggered after 14.01.2021 08:25:36 UTC
-  # https://gerrit.openafs.org/#/c/14491/
-  # https://gerrit.openafs.org/#/c/14492/
+  # https://gerrit.openafs.org/#/c/14493/
+  # https://gerrit.openafs.org/#/c/14494/
+  # https://gerrit.openafs.org/#/c/14497/
   patch -p1 < "${srcdir}"/0003-rx-rx_InitHost-do-not-overwrite-RAND_bytes-rx_nextCi.patch
   patch -p1 < "${srcdir}"/0004-rx-update_nextCid-overflow-handling-is-broken.patch
+  patch -p1 < "${srcdir}"/0005-Remove-overflow-check-from-update_nextCid.patch
 
   # Only needed when changes to configure were made
   ./regen.sh -q