16 Aug, 2008
2 commits
-
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6:
[CIFS] mount of IPC$ breaks with iget patch
[CIFS] remove trailing whitespace
[CIFS] if get root inode fails during mount, cleanup tree connection -
* 'linux-next' of git://git.infradead.org/~dedekind/ubifs-2.6: (29 commits)
UBIFS: xattr bugfixes
UBIFS: remove unneeded check
UBIFS: few commentary fixes
UBIFS: fix budgeting request alignment in xattr code
UBIFS: improve arguments checking in debugging messages
UBIFS: always set i_generation to 0
UBIFS: correct spelling of "thrice".
UBIFS: support splice_write
UBIFS: minor tweaks in commit
UBIFS: reserve more space for index
UBIFS: print pid in dump function
UBIFS: align inode data to eight
UBIFS: improve budgeting checks
UBIFS: correct orphan deletion order
UBIFS: fix typos in comments
UBIFS: do not union creat_sqnum and del_cmtno
UBIFS: optimize deletions
UBIFS: increment commit number earlier
UBIFS: remove another unneeded function parameter
UBIFS: remove unneeded function parameter
...
15 Aug, 2008
3 commits
-
A fuzzed fileystem image failed with OMFS when the extent count was
used in a loop without being checked against the max number of extents.
It also provoked a signed division for an array index that was checked
as if unsigned, leading to index by -1.omfsck will be updated to fix these cases, in the meantime bail out
gracefully.Reported-by: Eric Sesterhenn
Signed-off-by: Bob Copeland
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Testing with a modified fsfuzzer reveals a couple of locations in omfs
where filesystem variables are ultimately used as loop counters with
insufficient sanity checking. In this case, dir->i_size is used to
compute the number of buckets in the directory hash. If too large,
readdir will overrun a buffer.Since it's an invariant that dir->i_size is equal to the sysblock
size, and we already sanity check that, just use that value instead.
This fixes the following oops:BUG: unable to handle kernel paging request at c978e004
IP: [] omfs_readdir+0x18e/0x32f
Oops: 0000 [#1] PREEMPT DEBUG_PAGEALLOC
Modules linked in:Pid: 4796, comm: ls Not tainted (2.6.27-rc2 #12)
EIP: 0060:[] EFLAGS: 00010287 CPU: 0
EIP is at omfs_readdir+0x18e/0x32f
EAX: c978d000 EBX: 00000000 ECX: cbfcfaf8 EDX: cb2cf100
ESI: 00001000 EDI: 00000800 EBP: cb2d3f68 ESP: cb2d3f0c
DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
Process ls (pid: 4796, ti=cb2d3000 task=cb175f40 task.ti=cb2d3000)
Stack: 00000002 00000000 00000000 c018a820 cb2d3f94 cb2cf100 cbfb0000 ffffff10
cbfb3b80 cbfcfaf8 000001c9 00000a09 00000000 00000000 00000000 cbfcfbc8
c9697000 cbfb3b80 22222222 00001000 c08e6cd0 cb2cf100 cbfb3b80 cb2d3f88
Call Trace:
[] ? filldir64+0x0/0xcd
[] ? vfs_readdir+0x56/0x82
[] ? filldir64+0x0/0xcd
[] ? sys_getdents64+0x5e/0xa0
[] ? sysenter_do_call+0x12/0x31
=======================
Code: 00 89 f0 89 f3 0f ac f8 14 81 e3 ff ff 0f 00 48 8d
14 c5 b8 01 00 00 89 45 cc 89 55 f0 e9 8c 01 00 00 8b 4d c8 8b 75 f0 8b
41 18 54 30 04 8b 04 30 31 f6 89 5d dc 89 d1 8b 55 b8 0f c8 0f c9Reported-by: Eric Sesterhenn
Signed-off-by: Bob Copeland
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
write_cache_pages() uses i_mapping->writeback_index to pick up where it
left off the last time a given inode was found by pdflush or
balance_dirty_pages (or anyone else who sets wbc->range_cyclic)alloc_inode() should set it to a sane value so that writeback doesn't
start in the middle of a file. It is somewhat difficult to notice the bug
since write_cache_pages will loop around to the start of the file and the
elevator helps hide the resulting seeks.For whatever reason, Btrfs hits this often. Unpatched, untarring 30
copies of the linux kernel in series runs at 47MB/s on a single sata
drive. With this fix, it jumps to 62MB/s.Signed-off-by: Chris Mason
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
14 Aug, 2008
6 commits
-
Xattr code has not been tested for a while and there were
serveral bugs. One of them is using wrong inode in
'ubifs_jnl_change_xattr()'. The other is a deadlock in
'ubifs_setxattr()': the i_mutex is locked in
'cap_inode_need_killpriv()' path, so deadlock happens when
'ubifs_setxattr()' tries to lock it again.Thanks to Zoltan Sogor for finding these bugs.
Signed-off-by: Artem Bityutskiy
-
In looking at network named pipe support on cifs, I noticed that
Dave Howell's iget patch:iget: stop CIFS from using iget() and read_inode()
broke mounts to IPC$ (the interprocess communication share), and don't
handle the error case (when getting info on the root inode fails).Thanks to Gunter who noted a typo in a debug line in the original
version of this patch.CC: David Howells
CC: Gunter Kukkukk
CC: Stable Kernel
Signed-off-by: Steve French -
The patches that are intended to introduce copy-on-write credentials for 2.6.28
require abstraction of access to some fields of the task structure,
particularly for the case of one task accessing another's credentials where RCU
will have to be observed.Introduced here are trivial no-op versions of the desired accessors for current
and other tasks so that other subsystems can start to be converted over more
easily.Wrappers are introduced into a new header (linux/cred.h) for UID/GID,
EUID/EGID, SUID/SGID, FSUID/FSGID, cap_effective and current's subscribed
user_struct. These wrappers are macros because the ordering between header
files mitigates against making them inline functions.linux/cred.h is #included from linux/sched.h.
Further, XFS is modified such that it no longer defines and uses parameterised
versions of current_fs[ug]id(), thus getting rid of the namespace collision
otherwise incurred.Signed-off-by: David Howells
Signed-off-by: James Morris -
* git://oss.sgi.com:8090/xfs/linux-2.6: (45 commits)
[XFS] Fix use after free in xfs_log_done().
[XFS] Make xfs_bmap_*_count_leaves void.
[XFS] Use KM_NOFS for debug trace buffers
[XFS] use KM_MAYFAIL in xfs_mountfs
[XFS] refactor xfs_mount_free
[XFS] don't call xfs_freesb from xfs_unmountfs
[XFS] xfs_unmountfs should return void
[XFS] cleanup xfs_mountfs
[XFS] move root inode IRELE into xfs_unmountfs
[XFS] stop using file_update_time
[XFS] optimize xfs_ichgtime
[XFS] update timestamp in xfs_ialloc manually
[XFS] remove the sema_t from XFS.
[XFS] replace dquot flush semaphore with a completion
[XFS] replace inode flush semaphore with a completion
[XFS] extend completions to provide XFS object flush requirements
[XFS] replace the XFS buf iodone semaphore with a completion
[XFS] clean up stale references to semaphores
[XFS] use get_unaligned_* helpers
[XFS] Fix compile failure in xfs_buf_trace()
... -
Add a dlm_ prefix to the struct names in config.c. This resolves a
conflict with struct node in particular, when include/linux/node.h
happens to be included.Reported-by: Andrew Morton
Signed-off-by: David Teigland -
A couple of unlikely error conditions were missing a kfree on the error
exit path.Reported-by: Juha Leppanen
Signed-off-by: David Teigland
13 Aug, 2008
29 commits
-
Commit d70b67c8bc72ee23b55381bd6a884f4796692f77 fixed VFS and
it never calls FS lookup function in deleted directories now.
We may remove corresponding UBIFS check.Signed-off-by: Artem Bityutskiy
-
Signed-off-by: Artem Bityutskiy
-
Data length has to be aligned in the budgeting request. Code
in xattr.c did not do this.Signed-off-by: Zoltan Sogor
Signed-off-by: Artem Bityutskiy -
Use "if (0) printk()" construct in debugging print macros to
make the debugging messages be checked even if debugging is
off.This patch also removes some unneeded spaces and blank lines.
Signed-off-by: Artem Bityutskiy
-
UBIFS does not presently re-use inode numbers, so leaving
i_generation zero is most appropriate for now.Signed-off-by: Adrian Hunter
Signed-off-by: Artem Bityutskiy -
Signed-off-by: Adrian Hunter
-
Signed-off-by: Zoltan Sogor
Signed-off-by: Artem Bityutskiy -
No functional changes, just lessen the amount of indentations.
Signed-off-by: Artem Bityutskiy
-
At the moment UBIFS reserves twice old index size space for the
index. But this is not enough in some cases, because if the indexing
node are very fragmented and there are many small gaps, while the
dirty index has big znodes - in-the-gaps method would fail.Thus, reserve trise as more, in which case we are guaranteed that
we can commit in any case.Signed-off-by: Artem Bityutskiy
-
Useful when something fails and there are many processes
racing.Signed-off-by: Artem Bityutskiy
-
UBIFS aligns node lengths to 8, so budgeting has to do the
same. Well, direntry, inode, and page budgets are already
aligned, but not inode data budget (e.g., data in special
devices or symlinks). Do this for inode data as well.
Also, add corresponding debugging checks.Signed-off-by: Artem Bityutskiy
-
Budgeting is a crucial UBIFS subsystem - add more assertions
to improve requests checking. This is not compiled in when
UBIFS debugging is disabled.Signed-off-by: Artem Bityutskiy
-
The debug function that checks orphans, does so using the
TNC mutex. That means it will not see a correct picture
if the inode is removed from the orphan tree before it is
removed from TNC.Signed-off-by: Adrian Hunter
-
Signed-off-by: Adrian Hunter
-
The values in these two fields need to be preserved independently
and so a union cannot be used.Signed-off-by: Adrian Hunter
-
Every time anything is deleted, UBIFS writes the deletion inode
node twice - once in 'ubifs_jnl_update()' and the second time in
'ubifs_jnl_write_inode()'. However, the second write is not needed
if no commit happened after 'ubifs_jnl_update()'. This patch
checks that condition and avoids writing the deletion inode for
the second time.Signed-off-by: Artem Bityutskiy
-
Increment the commit number at the beginnig of the commit, instead
of doing this after the commit. This is needed for further
optimizations.Signed-off-by: Artem Bityutskiy
-
The 'last_reference' parameter of 'pack_inode()' is not really
needed because 'inode->i_nlink' may be tested instead. Zap it.Signed-off-by: Artem Bityutskiy
-
Simplify 'ubifs_jnl_write_inode()' by removing the 'deletion'
parameter which is not really needed because we may test
inode->i_nlink and check whether this is a deletion or not.Signed-off-by: Artem Bityutskiy
-
Orphan inodes are deleted inodes which will disappear after FS
re-mount. There is not need to write orphan inodes back, because
they are not needed on the flash media.So optimize orphans a little by not writing them back. Just mark
them as clean, free the budget, and report success to VFS.Signed-off-by: Artem Bityutskiy
-
We use ubifs_ro_mode() quite a lot, and not in fast-path, so
there is no reason to blow the code up by having it inlined.
Also, we usually want R/O mode change to be seen to other
CPUs as soon as possible, so when we make this a function
call, we will automatically have a memory barrier.Signed-off-by: Adrian Hunter
Signed-off-by: Artem Bityutskiy -
UBI transparently handles write errors by automatically copying
and remapping the affected eraseblock. If UBI is unable to do
that, for example its pool of eraseblocks reserved for bad block
handling is empty, then the error is propagated to UBIFS. UBIFS
must protect the media from falling into an inconsistent state
by immediately switching to read-only mode. In the case of log
updates, this was not being done.Signed-off-by: Adrian Hunter
-
UBIFS recovery testing debug facility simulates media failures.
When simulating an IO error, the error code returned must be
-EIO but it was not always if the user switched off the
debug recovery testing option at the same time.Signed-off-by: Adrian Hunter
-
Although the inode is marked as clean when it is being deleted,
it might stay and be used as orphan, and be marked as dirty.
So we have to free the budget when we delete it.Signed-off-by: Artem Bityutskiy
-
1. Print inode mode in some of debugging messages
2. Add few more useful assertionsSigned-off-by: Artem Bityutskiy
-
The 'ubifs_release_dirty_inode_budget()' was buggy and incorrectly
freed the budget, which led to not freeing all dirty data budget.
This patch fixes that.Also, this patch fixes ubifs_mkdir() which passed 1 in dirty_ino_d,
which makes no sense. Well, it is harmless though.Also, add few more useful assertions. And improve few debugging
messages.Signed-off-by: Artem Bityutskiy
-
We encouredge people to mount using volume name, not device
numbers. So print the name of the mounted UBI volume, not just
IDs.Signed-off-by: Artem Bityutskiy
-
The ticket allocation code got reworked in 2.6.26 and we now free tickets
whereas before we used to cache them so the use-after-free went
undetected.SGI-PV: 985525
SGI-Modid: xfs-linux-melb:xfs-kern:31877a
Signed-off-by: Lachlan McIlroy
Signed-off-by: David Chinner -
xfs_bmap_count_leaves and xfs_bmap_disk_count_leaves always return always
0, make them void.SGI-PV: 981498
SGI-Modid: xfs-linux-melb:xfs-kern:31844a
Signed-off-by: Ruben Porras
Signed-off-by: Donald Douwsma
Signed-off-by: Lachlan McIlroy
