08 May, 2015
1 commit
-
Our f2fs_acl_create is copied from posix_acl_create in ./fs/posix_acl.c and
modified to avoid deadlock bug when inline_dentry feature is enabled.Dan Carpenter rewrites posix_acl_create in commit 2799563b281f
("fs/posix_acl.c: make posix_acl_create() safer and cleaner") to make this
function more safer, so that we can avoid potential bug in its caller,
especially for ocfs2.Let's back port the patch to f2fs.
Signed-off-by: Chao Yu
Signed-off-by: Jaegeuk Kim
11 Apr, 2015
1 commit
-
Our f2fs_acl_create is copied and modified from posix_acl_create to avoid
deadlock bug when inline_dentry feature is enabled.Now, we got reference leaks in posix_acl_create, and this has been fixed in
commit fed0b588be2f ("posix_acl: fix reference leaks in posix_acl_create")
by Omar Sandoval.
https://lkml.org/lkml/2015/2/9/5Let's fix this issue in f2fs_acl_create too.
Signed-off-by: Chao Yu
Reviewed-by: Changman Lee
Signed-off-by: Jaegeuk Kim
12 Feb, 2015
1 commit
-
Introduced by a6dda0e63e97122ce9e0ba04367e37cca28315fa
"f2fs: use generic posix ACL infrastructure".When testing default acl, gets in recent kernel (3.19.0-rc5),
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:root:rwx
default:mask::rwx
default:other::r-x]# getfacl testdir/
user::rwx
group::rwx
// missing an acl "group:root:rwx" inherited from parent
other::r-x
default:user::rwx
default:group::r-x
default:group:root:rwx
default:mask::rwx
default:other::r-xSigned-off-by: Kinglong Mee
Reviewed-by: Chao Yu
Signed-off-by: Jaegeuk Kim
10 Jan, 2015
1 commit
-
The __f2fs_add_link is covered by cp_rwsem all the time.
This calls init_inode_metadata, which conducts some acl operations including
memory allocation with GFP_KERNEL previously.
But, under memory pressure, f2fs_write_data_page can be called, which also
grabs cp_rwsem too.In this case, this incurs a deadlock pointed by Chao.
Thread #1 Thread #2
down_read
down_write
down_read
-> here down_read should wait forever.Reviewed-by: Chao Yu
Signed-off-by: Jaegeuk Kim
04 Nov, 2014
2 commits
-
Use clear_inode_flag to replace the redundant cond_clear_inode_flag.
Signed-off-by: Gu Zheng
Signed-off-by: Jaegeuk Kim -
Previously, init_inode_metadata does not hold any parent directory's inode
page. So, f2fs_init_acl can grab its parent inode page without any problem.
But, when we use inline_dentry, that page is grabbed during f2fs_add_link,
so that we can fall into deadlock condition like below.INFO: task mknod:11006 blocked for more than 120 seconds.
Tainted: G OE 3.17.0-rc1+ #13
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
mknod D ffff88003fc94580 0 11006 11004 0x00000000
ffff880007717b10 0000000000000002 ffff88003c323220 ffff880007717fd8
0000000000014580 0000000000014580 ffff88003daecb30 ffff88003c323220
ffff88003fc94e80 ffff88003ffbb4e8 ffff880007717ba0 0000000000000002
Call Trace:
[] ? bit_wait+0x50/0x50
[] io_schedule+0x9d/0x130
[] bit_wait_io+0x2c/0x50
[] __wait_on_bit_lock+0x4b/0xb0
[] __lock_page+0x67/0x70
[] ? autoremove_wake_function+0x40/0x40
[] pagecache_get_page+0x14c/0x1e0
[] get_node_page+0x59/0x130 [f2fs]
[] read_all_xattrs+0x24d/0x430 [f2fs]
[] f2fs_getxattr+0x52/0xe0 [f2fs]
[] f2fs_get_acl+0x41/0x2d0 [f2fs]
[] get_acl+0x47/0x70
[] posix_acl_create+0x5a/0x150
[] f2fs_init_acl+0x29/0xcb [f2fs]
[] init_inode_metadata+0x5d/0x340 [f2fs]
[] f2fs_add_inline_entry+0x12a/0x2e0 [f2fs]
[] __f2fs_add_link+0x45/0x4a0 [f2fs]
[] ? f2fs_new_inode+0x146/0x220 [f2fs]
[] f2fs_mknod+0x86/0xf0 [f2fs]
[] vfs_mknod+0xe1/0x160
[] SyS_mknod+0x1f6/0x200
[] tracesys+0xe1/0xe6Signed-off-by: Jaegeuk Kim
10 Jul, 2014
1 commit
-
kernel side(xx_init_acl), the acl is get/cloned from the parent dir's,
which is credible. So remove the redundant validation check of acl
here.Signed-off-by: Gu Zheng
Signed-off-by: Jaegeuk Kim
07 May, 2014
1 commit
-
This patch passes the "flags" field to the low level setxattr functions
to use XATTR_REPLACE in the following patches.Signed-off-by: Jaegeuk Kim
07 Apr, 2014
1 commit
-
Before setting the acl, call posix_acl_valid() to check if it is
valid or not.Signed-off-by: zhangzhen
Signed-off-by: Jaegeuk Kim
20 Mar, 2014
1 commit
-
This patch should resolve the following possible bug.
RECLAIM_FS-ON-W at:
mark_held_locks+0xb9/0x140
lockdep_trace_alloc+0x85/0xf0
__kmalloc+0x53/0x1d0
read_all_xattrs+0x3d1/0x3f0 [f2fs]
f2fs_getxattr+0x4f/0x100 [f2fs]
f2fs_get_acl+0x4c/0x290 [f2fs]
get_acl+0x4f/0x80
posix_acl_create+0x72/0x180
f2fs_init_acl+0x29/0xcc [f2fs]
__f2fs_add_link+0x259/0x710 [f2fs]
f2fs_create+0xad/0x1c0 [f2fs]
vfs_create+0xed/0x150
do_last+0xd36/0xed0
path_openat+0xc5/0x680
do_filp_open+0x43/0xa0
do_sys_open+0x13c/0x230
SyS_creat+0x1e/0x20
system_call_fastpath+0x16/0x1bSigned-off-by: Jaegeuk Kim
26 Jan, 2014
3 commits
-
f2fs has some weird mode bit handling, so still using the old
chmod code for now.Signed-off-by: Christoph Hellwig
Reviewed-by: Jaegeuk Kim
Signed-off-by: Al Viro -
Rename the current posix_acl_created to __posix_acl_create and add
a fully featured helper to set up the ACLs on file creation that
uses get_acl().Signed-off-by: Christoph Hellwig
Reviewed-by: Jan Kara
Signed-off-by: Al Viro -
Rename the current posix_acl_chmod to __posix_acl_chmod and add
a fully featured ACL chmod helper that uses the ->set_acl inode
operation.Signed-off-by: Christoph Hellwig
Reviewed-by: Jan Kara
Signed-off-by: Al Viro
28 Oct, 2013
2 commits
-
The deadlock is found through the following scenario.
sys_mkdir()
-> f2fs_add_link()
-> __f2fs_add_link()
-> init_inode_metadata()
: lock_page(inode);
-> f2fs_init_acl()
-> f2fs_set_acl()
-> f2fs_setxattr(..., NULL)
: This NULL page incurs a deadlock at update_inode_page().So, likewise f2fs_init_security(), this patch adds a parameter to transfer the
locked inode page to f2fs_setxattr().Found by Linux File System Verification project (linuxtesting.org).
Reported-by: Alexey Khoroshilov
Signed-off-by: Jaegeuk Kim -
This patch cleans up a couple of acl codes.
Signed-off-by: Jaegeuk Kim
11 Jun, 2013
1 commit
-
This patch adds the support of security labels for f2fs, which will be used
by Linus Security Models (LSMs).Quote from http://en.wikipedia.org/wiki/Linux_Security_Modules:
"Linux Security Modules (LSM) is a framework that allows the Linux kernel to
support a variety of computer security models while avoiding favoritism toward
any single security implementation. The framework is licensed under the terms of
the GNU General Public License and is standard part of the Linux kernel since
Linux 2.6. AppArmor, SELinux, Smack and TOMOYO Linux are the currently accepted
modules in the official kernel.".Signed-off-by: Jaegeuk Kim
10 Apr, 2013
1 commit
-
Signed-off-by: Al Viro
04 Jan, 2013
1 commit
-
This patch resolves Coverity #751303:
>>> CID 753103: Explicit null dereferenced (FORWARD_NULL) Passing null
>>> pointer "value" to function "f2fs_acl_from_disk(char const *, size_t)",
which dereferences it.[Error path]
- value = NULL;
- retval = 0 by f2fs_getxattr();
- f2fs_acl_from_disk(value:NULL, ...);Signed-off-by: Jaegeuk Kim
26 Dec, 2012
1 commit
-
With user namespaces enabled building f2fs fails with:
CC fs/f2fs/acl.o
fs/f2fs/acl.c: In function ‘f2fs_acl_from_disk’:
fs/f2fs/acl.c:85:21: error: ‘struct posix_acl_entry’ has no member named ‘e_id’
make[2]: *** [fs/f2fs/acl.o] Error 1
make[2]: Target `__build' not remade because of errors.e_id is a backwards compatibility field only used for file systems
that haven't been converted to use kuids and kgids. When the posix
acl tag field is neither ACL_USER nor ACL_GROUP assigning e_id is
unnecessary. Remove the assignment so f2fs will build with user
namespaces enabled.Cc: Namjae Jeon
Cc: Amit Sahrawat
Acked-by: Jaegeuk Kim
Signed-off-by: "Eric W. Biederman"
11 Dec, 2012
3 commits
-
There exist two build failures reported by Randy Dunlap as follows.
(on i386)
a. (config-r8857)
ERROR: "f2fs_xattr_advise_handler" [fs/f2fs/f2fs.ko] undefined!Key configs in (config-r8857) are as follows.
CONFIG_F2FS_FS=m
# CONFIG_F2FS_STAT_FS is not set
CONFIG_F2FS_FS_XATTR=y
# CONFIG_F2FS_FS_POSIX_ACL is not setThe error was occurred due to the function location that we made a mistake.
Recently we added a new functionality for users to indicate cold files
explicitly through xattr operations (i.e., f2fs_xattr_advise_handler).This handler should have been added in xattr.c instead of acl.c in order
to avoid an undefined operation like in this case where XATTR is set and
ACL is not set.b. (config-r8855)
fs/f2fs/file.c: In function 'f2fs_vm_page_mkwrite':
fs/f2fs/file.c:97:2: error: implicit declaration of function
'block_page_mkwrite_return'Key config in (config-r8855) is CONFIG_BLOCK.
Obviously, f2fs works on top of the block device so that we should consider
carefully a sort of config dependencies.The reason why this error was occurred was that f2fs_vm_page_mkwrite() calls
block_page_mkwrite_return() which is enalbed only if CONFIG_BLOCK is set.Reported-by: Randy Dunlap
Signed-off-by: Jaegeuk Kim
Acked-by: Randy Dunlap -
As pointed out by Randy Dunlap, this patch removes all usage of "/**" for comment
blocks. Instead, just use "/*".Signed-off-by: Jaegeuk Kim
-
This implements xattr and acl functionalities.
- F2FS uses a node page to contain use extended attributes.
Signed-off-by: Changman Lee
Signed-off-by: Jaegeuk Kim