14 Mar, 2016
17 commits
-
First of all, don't bother calling it if inode is NULL -
that makes inode argument unused. Moreover, do it *before*
dropping ->d_lock, not right after that (and don't bother
grabbing ->d_lock in it, of course).Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
new primitive: d_exact_alias(dentry, inode). If there is an unhashed
dentry with the same name/parent and given inode, rehash, grab and
return it. Otherwise, return NULL. The only caller of d_add_unique()
switched to d_exact_alias() + d_splice_alias().Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
the last user is gone
Signed-off-by: Al Viro
-
... and use d_add(dn, NULL) in case we need to hash a negative
unhashed rather than using d_rehash() directly.Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
... and turn it into d_add in there
Signed-off-by: Al Viro
-
d_splice_alias() guarantees that it'll be always hashed
Signed-off-by: Al Viro
-
... and make mountpoint_last() use it. That makes all
candidates for lookup with parent locked shared go
through lookup_slow().Signed-off-by: Al Viro
-
Return dentry and don't pass nameidata or path; lift crossing mountpoints
into the caller.Signed-off-by: Al Viro
-
No need to lock parent just because of ->d_revalidate() on child;
contrary to the stale comment, lookup_dcache() *can* be used without
locking the parent. Result can be moved as soon as we return, of
course, but the same is true for lookup_one_len_unlocked() itself.Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
Have lookup_fast() return 1 on success and 0 on "need to fall back";
lookup_slow() and follow_managed() return positive (1) on success.Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
06 Mar, 2016
3 commits
-
... and kill need_lookup thing
Signed-off-by: Al Viro
-
bugger off on negatives a bit earlier, simplify the tests
Signed-off-by: Al Viro
-
for the sake of namei.c fixes
01 Mar, 2016
1 commit
-
Games with ordering and barriers are way too brittle. Just
bump ->d_seq before and after updating ->d_inode and ->d_flags
type bits, so that verifying ->d_seq would guarantee they are
coherent.Cc: stable@vger.kernel.org # v3.13+
Signed-off-by: Al Viro
28 Feb, 2016
6 commits
-
... or we risk seeing a bogus value of d_is_symlink() there.
Cc: stable@vger.kernel.org # v4.2+
Signed-off-by: Al Viro -
... otherwise d_is_symlink() above might have nothing to do with
the inode value we've got.Cc: stable@vger.kernel.org # v4.2+
Signed-off-by: Al Viro -
both do_last() and walk_component() risk picking a NULL inode out
of dentry about to become positive, *then* checking its flags and
seeing that it's not negative anymore and using (already stale by
then) value they'd fetched earlier. Usually ends up oopsing soon
after that...Cc: stable@vger.kernel.org # v3.13+
Signed-off-by: Al Viro -
... into returning a positive to path_openat(), which would interpret that
as "symlink had been encountered" and proceed to corrupt memory, etc.
It can only happen due to a bug in some ->open() instance or in some LSM
hook, etc., so we report any such event *and* make sure it doesn't trick
us into further unpleasantness.Cc: stable@vger.kernel.org # v3.6+, at least
Signed-off-by: Al Viro -
-EBADF is a rather confusing error if an operations is not supported,
and nfsd gets rather upset about it.Signed-off-by: Christoph Hellwig
Signed-off-by: Al Viro -
The delete opration can allocate additional space on the HPFS filesystem
due to btree split. The HPFS driver checks in advance if there is
available space, so that it won't corrupt the btree if we run out of space
during splitting.If there is not enough available space, the HPFS driver attempted to
truncate the file, but this results in a deadlock since the commit
7dd29d8d865efdb00c0542a5d2c87af8c52ea6c7 ("HPFS: Introduce a global mutex
and lock it on every callback from VFS").This patch removes the code that tries to truncate the file and -ENOSPC is
returned instead. If the user hits -ENOSPC on delete, he should try to
delete other files (that are stored in a leaf btree node), so that the
delete operation will make some space for deleting the file stored in
non-leaf btree node.Reported-by: Al Viro
Signed-off-by: Mikulas Patocka
Cc: stable@vger.kernel.org # 2.6.39+
Signed-off-by: Al Viro
23 Feb, 2016
2 commits
-
the last time it was getting something other than NULL as
crypt_stat had been back in 2009...Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
20 Feb, 2016
4 commits
-
propagate_one(m) calculates "type" argument for copy_tree() like this:
> if (m->mnt_group_id == last_dest->mnt_group_id) {
> type = CL_MAKE_SHARED;
> } else {
> type = CL_SLAVE;
> if (IS_MNT_SHARED(m))
> type |= CL_MAKE_SHARED;
> }The "type" argument then governs clone_mnt() behavior with respect to flags
and mnt_master of new mount. When we iterate through a slave group, it is
possible that both current "m" and "last_dest" are not shared (although,
both are slaves, i.e. have non-NULL mnt_master-s). Then the comparison
above erroneously makes new mount shared and sets its mnt_master to
last_source->mnt_master. The patch fixes the problem by handling zero
mnt_group_id-s as though they are unequal.The similar problem exists in the implementation of "else" clause above
when we have to ascend upward in the master/slave tree by calling:> last_source = last_source->mnt_master;
> last_dest = last_source->mnt_parent;proper number of times. The last step is governed by
"n->mnt_group_id != last_dest->mnt_group_id" condition that may lie if
both are zero. The patch fixes this case in the same way as the former one.[AV: don't open-code an obvious helper...]
Signed-off-by: Maxim Patlasov
Signed-off-by: Al Viro -
It forgets kunmap() on a failure exit, but there's really no point keeping
the page kmapped at all - after all, what we are doing is a bunch of memcpy()
into the parts of page, so kmap_atomic()/kunmap_atomic() just around those
memcpy() is enough.Spotted-by: Insu Yun
Signed-off-by: Al Viro -
The code could leak xattrs->lock on error.
Problem introduced with 786534b92f3ce68f4 "tmpfs: listxattr should
include POSIX ACL xattrs".Signed-off-by: Mateusz Guzik
Signed-off-by: Al Viro -
The user-visible impact of the issue is for example that without this
patch sensors-detect breaks when trying to seek in /dev/cpu/0/cpuid.'~0ULL' is a 'unsigned long long' that when converted to a loff_t,
which is signed, gets turned into -1. later in vfs_setpos we have
'if (offset > maxsize)', which makes it always return EINVAL.Fixes: b25472f9b961 ("new helpers: no_seek_end_llseek{,_size}()")
Signed-off-by: Wouter van Kesteren
Reviewed-by: Andreas Dilger
Signed-off-by: Al Viro
15 Feb, 2016
7 commits
-
Pull char/misc driver fixes from Greg KH:
"Here are 3 fixes for some reported issues. Two nvmem driver fixes,
and one mei fix. All have been in linux-next just fine"* tag 'char-misc-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc:
nvmem: qfprom: Specify LE device endianness
nvmem: core: return error for non word aligned access
mei: validate request value in client notify request ioctl -
Pull driver core fix from Greg KH:
"Here is one driver core, well klist, fix for 4.5-rc4.It fixes a problem found in the scsi device list traversal that
probably also could be triggered by other subsystems.The fix has been in linux-next for a while with no reported problems"
* tag 'driver-core-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core:
klist: fix starting point removed bug in klist iterators -
Pull tty/serial fixes from Greg KH:
"Here are a number of small tty and serial driver fixes for 4.5-rc4
that resolve some reported issues.One of them got reverted as it wasn't correct based on testing, and
all have been in linux-next for a while"* tag 'tty-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty:
Revert "8250: uniphier: allow modular build with 8250 console"
pty: make sure super_block is still valid in final /dev/tty close
pty: fix possible use after free of tty->driver_data
tty: Add support for PCIe WCH382 2S multi-IO card
serial/omap: mark wait_for_xmitr as __maybe_unused
serial: omap: Prevent DoS using unprivileged ioctl(TIOCSRS485)
8250: uniphier: allow modular build with 8250 console
tty: Drop krefs for interrupted tty lock -
Pull PHY fixes from Greg KH:
"Here are a couple of PHY driver fixes for 4.5-rc4.A few small phy issues. All have been in linux-next with no reported
issues"* tag 'usb-4.5-rc4' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb:
phy: twl4030-usb: Fix unbalanced pm_runtime_enable on module reload
phy: twl4030-usb: Relase usb phy on unload
phy: core: fix wrong err handle for phy_power_on
phy: Restrict phy-hi6220-usb to HiSilicon arm64 -
Pull perf tooling fixes from Thomas Gleixner:
"Another round of fixes for the perf tooling side:- Prevent a NULL pointer dereference in tracepoint error handling
- Fix a thread handling bug in the intel_pt error handling code
- Search both .eh_frame and .debug_frame sections as toolchains seem
to have random choices of storing the CFI information- Fix the perf state interval output values, which got broken when
fixing the overall output"* 'perf-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
perf stat: Fix interval output values
perf probe: Search both .eh_frame and .debug_frame sections for probe location
perf tools: Fix thread lifetime related segfaut in intel_pt
perf tools: tracepoint_error() can receive e=NULL, robustify it -
Pull lockdep fix from Thomas Gleixner:
"A single fix for the stack trace caching logic in lockdep, where the
duplicate avoidance managed to store no back trace at all"* 'locking-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
locking/lockdep: Fix stack trace caching logic