Eric Lee / smarc-fsl-linux-kernel

07 Feb, 2016

1 commit

  • 1f55c718c   pty: make sure super_block is still valid in final /dev/tty close ... Browse Code »

    Considering current pty code and multiple devpts instances, it's possible
    to umount a devpts file system while a program still has /dev/tty opened
    pointing to a previosuly closed pty pair in that instance. In the case all
    ptmx and pts/N files are closed, umount can be done. If the program closes
    /dev/tty after umount is done, devpts_kill_index will use now an invalid
    super_block, which was already destroyed in the umount operation after
    running ->kill_sb. This is another "use after free" type of issue, but now
    related to the allocated super_block instance.

    To avoid the problem (warning at ida_remove and potential crashes) for
    this specific case, I added two functions in devpts which grabs additional
    references to the super_block, which pty code now uses so it makes sure
    the super block structure is still valid until pty shutdown is done.
    I also moved the additional inode references to the same functions, which
    also covered similar case with inode being freed before /dev/tty final
    close/shutdown.

    Signed-off-by: Herton R. Krzesinski
    Cc: stable@vger.kernel.org # 2.6.29+
    Reviewed-by: Peter Hurley
    Signed-off-by: Greg Kroah-Hartman

    Herton R. Krzesinski
     

23 Jan, 2016

1 commit

  • 5955102c9   wrappers for ->i_mutex access ... Browse Code »

    parallel to mutex_{lock,unlock,trylock,is_locked,lock_nested},
    inode_foo(inode) being mutex_foo(&inode->i_mutex).

    Please, use those for access to ->i_mutex; over the coming cycle
    ->i_mutex will become rwsem, with ->lookup() done with it held
    only shared.

    Signed-off-by: Al Viro

    Al Viro
     

01 Jul, 2015

1 commit

  • 9ce71148b   devpts: if initialization failed, don't crash when opening /dev/ptmx ... Browse Code »

    If devpts failed to initialize, it would store an ERR_PTR in the global
    devpts_mnt. A subsequent open of /dev/ptmx would call devpts_new_index,
    which would dereference devpts_mnt and crash.

    Avoid storing invalid values in devpts_mnt; leave it NULL instead. Make
    both devpts_new_index and devpts_pty_new fail gracefully with ENODEV in
    that case, which then becomes the return value to the userspace open call
    on /dev/ptmx.

    [akpm@linux-foundation.org: remove unneeded static]
    Signed-off-by: Josh Triplett
    Reported-by: Fengguang Wu
    Reviewed-by: Peter Hurley
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Josh Triplett
     

16 Apr, 2015

1 commit

07 Jun, 2014

1 commit

  • 04541a2f3   fs/devpts/inode.c: convert printk to pr_foo() ... Browse Code »

    Also convert spaces to tabs (checkpatch warnings) if (!dentry) KERN_NOTICE
    converted to pr_err (like if (!inode) error process)

    [akpm@linux-foundation.org: use KBUILD_MODNAME, per Joe]
    Signed-off-by: Fabian Frederick
    Cc: Joe Perches
    Cc: "Theodore Ts'o"
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Fabian Frederick
     

13 Mar, 2014

1 commit

  • 02b9984d6   fs: push sync_filesystem() down to the file system's remount_fs() ... Browse Code »

    Previously, the no-op "mount -o mount /dev/xxx" operation when the
    file system is already mounted read-write causes an implied,
    unconditional syncfs(). This seems pretty stupid, and it's certainly
    documented or guaraunteed to do this, nor is it particularly useful,
    except in the case where the file system was mounted rw and is getting
    remounted read-only.

    However, it's possible that there might be some file systems that are
    actually depending on this behavior. In most file systems, it's
    probably fine to only call sync_filesystem() when transitioning from
    read-write to read-only, and there are some file systems where this is
    not needed at all (for example, for a pseudo-filesystem or something
    like romfs).

    Signed-off-by: "Theodore Ts'o"
    Cc: linux-fsdevel@vger.kernel.org
    Cc: Christoph Hellwig
    Cc: Artem Bityutskiy
    Cc: Adrian Hunter
    Cc: Evgeniy Dushistov
    Cc: Jan Kara
    Cc: OGAWA Hirofumi
    Cc: Anders Larsen
    Cc: Phillip Lougher
    Cc: Kees Cook
    Cc: Mikulas Patocka
    Cc: Petr Vandrovec
    Cc: xfs@oss.sgi.com
    Cc: linux-btrfs@vger.kernel.org
    Cc: linux-cifs@vger.kernel.org
    Cc: samba-technical@lists.samba.org
    Cc: codalist@coda.cs.cmu.edu
    Cc: linux-ext4@vger.kernel.org
    Cc: linux-f2fs-devel@lists.sourceforge.net
    Cc: fuse-devel@lists.sourceforge.net
    Cc: cluster-devel@redhat.com
    Cc: linux-mtd@lists.infradead.org
    Cc: jfs-discussion@lists.sourceforge.net
    Cc: linux-nfs@vger.kernel.org
    Cc: linux-nilfs@vger.kernel.org
    Cc: linux-ntfs-dev@lists.sourceforge.net
    Cc: ocfs2-devel@oss.oracle.com
    Cc: reiserfs-devel@vger.kernel.org

    Theodore Ts'o
     

13 Nov, 2013

1 commit

  • 66da0e1f9   devpts: plug the memory leak in kill_sb ... Browse Code »

    When devpts is unmounted, there may be a no-longer-used IDR tree hanging
    off the superblock we are about to kill. This needs to be cleaned up
    before destroying the SB.

    The leak is usually not a big deal because unmounting devpts is typically
    done when shutting down the whole machine. However, shutting down an LXC
    container instead of a physical machine exposes the problem (the garbage
    is detectable with kmemleak).

    Signed-off-by: Ilija Hadzic
    Cc: Sukadev Bhattiprolu
    Cc:
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Ilija Hadzic
     

27 Jan, 2013

1 commit

  • ec2aa8e8d   userns: Allow the userns root to mount of devpts ... Browse Code »

    - The context in which devpts is mounted has no effect on the creation
    of ptys as the /dev/ptmx interface has been used by unprivileged
    users for many years.

    - Only support unprivileged mounts in combination with the newinstance
    option to ensure that mounting of /dev/pts in a user namespace will
    not allow the options of an existing mount of devpts to be modified.

    - Create /dev/pts/ptmx as the root user in the user namespace that
    mounts devpts so that it's permissions to be changed.

    Acked-by: Serge Hallyn
    Signed-off-by: "Eric W. Biederman"

    Eric W. Biederman
     

23 Oct, 2012

4 commits

  • 1dcb8e6d1   TTY: devpts, document devpts inode operations ... Browse Code »

    Add kernel-doc texts for some devpts functions, i.e. document them.

    Signed-off-by: Jiri Slaby
    Acked-by: Alan Cox
    Signed-off-by: Greg Kroah-Hartman

    Jiri Slaby
     
  • f11afb612   TTY: devpts, do not set driver_data ... Browse Code »

    The goal is to stop setting and using tty->driver_data in devpts code.
    It should be used solely by the driver's code, pty in this case.

    Now driver_data are managed only in the pty driver. devpts_pty_new is
    switched to accept what we used to dig out of tty_struct, i.e. device
    node number and index.

    This also removes a note about driver_data being set outside of the
    driver.

    Signed-off-by: Jiri Slaby
    Acked-by: Alan Cox
    Signed-off-by: Greg Kroah-Hartman

    Jiri Slaby
     
  • 162b97cfa   TTY: devpts, return created inode from devpts_pty_new ... Browse Code »

    The goal is to stop setting and using tty->driver_data in devpts code.
    It should be used solely by the driver's code, pty in this case.

    For the cleanup of layering, we will need the inode created in
    devpts_pty_new to be stored into slave's driver_data. So we convert
    devpts_pty_new to return the inode or an ERR_PTR-encoded error in case
    of failure.

    The move of 'inode = new_inode(sb);' from declarators to the code is
    only cosmetical, but it makes the code easier to read.

    Signed-off-by: Jiri Slaby
    Acked-by: Alan Cox
    Signed-off-by: Greg Kroah-Hartman

    Jiri Slaby
     
  • 8fcbaa2b7   TTY: devpts, don't care about TTY in devpts_get_tty ... Browse Code »

    The goal is to stop setting and using tty->driver_data in devpts code.
    It should be used solely by the driver's code, pty in this case.

    First, here we remove TTY from devpts_get_tty and rename it to
    devpts_get_priv. Note we do not remove type safety, we just shift the
    [implicit] (void *) cast one layer up.

    index was unused in devpts_get_tty, so remove that from the prototype
    too.

    Signed-off-by: Jiri Slaby
    Acked-by: Alan Cox
    Signed-off-by: Greg Kroah-Hartman

    Jiri Slaby
     

14 Jul, 2012

1 commit

  • 9249e17fe   VFS: Pass mount flags to sget() ... Browse Code »
    43

    Pass mount flags to sget() so that it can use them in initialising a new
    superblock before the set function is called. They could also be passed to the
    compare function.

    Signed-off-by: David Howells
    Signed-off-by: Al Viro

    David Howells
     

16 May, 2012

1 commit

22 Mar, 2012

1 commit

  • e2a0883e4   Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs ... Browse Code »

    Pull vfs pile 1 from Al Viro:
    "This is _not_ all; in particular, Miklos' and Jan's stuff is not there
    yet."

    * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (64 commits)
    ext4: initialization of ext4_li_mtx needs to be done earlier
    debugfs-related mode_t whack-a-mole
    hfsplus: add an ioctl to bless files
    hfsplus: change finder_info to u32
    hfsplus: initialise userflags
    qnx4: new helper - try_extent()
    qnx4: get rid of qnx4_bread/qnx4_getblk
    take removal of PF_FORKNOEXEC to flush_old_exec()
    trim includes in inode.c
    um: uml_dup_mmap() relies on ->mmap_sem being held, but activate_mm() doesn't hold it
    um: embed ->stub_pages[] into mmu_context
    gadgetfs: list_for_each_safe() misuse
    ocfs2: fix leaks on failure exits in module_init
    ecryptfs: make register_filesystem() the last potential failure exit
    ntfs: forgets to unregister sysctls on register_filesystem() failure
    logfs: missing cleanup on register_filesystem() failure
    jfs: mising cleanup on register_filesystem() failure
    make configfs_pin_fs() return root dentry on success
    configfs: configfs_create_dir() has parent dentry in dentry->d_parent
    configfs: sanitize configfs_create()
    ...

    Linus Torvalds
     

21 Mar, 2012

1 commit

25 Jan, 2012

2 commits

  • e9aba5158   tty: rework pty count limiting ... Browse Code »

    After adding devpts multiple-insrances sysctl kernel.pty.max limit pty count for
    each devpts instance independently, while kernel.pty.nr shows total pty count.

    This patch restores sysctl kernel.pty.max as global limit (4096 by default),
    adds pty reseve for main devpts (mounted without "newinstance" argument),
    and new sysctl to tune it: kernel.pty.reserve (1024 by default)

    Also it adds devpts mount option "max=%d" to limit pty count for each devpts
    instance independently. (by default NR_UNIX98_PTY_MAX == 2^20)

    Thus devpts instances in containers cannot eat up all available pty even if we didn't
    set any limits, while with "max" argument we can adjust limits more precisely.

    Plus, now open("/dev/ptmx") return -ENOSPC in case lack of pty indexes,
    this is more informative than -EIO.

    Signed-off-by: Konstantin Khlebnikov
    Signed-off-by: Greg Kroah-Hartman

    Konstantin Khlebnikov
     
  • a4834c102   tty: move pty count limiting into devpts ... Browse Code »

    Let's move this stuff to the better place, where we can account pty right in
    tty-indexes managing code.

    Signed-off-by: Konstantin Khlebnikov
    Signed-off-by: Greg Kroah-Hartman

    Konstantin Khlebnikov
     

09 Jan, 2012

1 commit

  • 3850aba74   devpts: fix double-free on mount failure ... Browse Code »

    devpts_kill_sb() is called even if devpts_fill_super() fails;
    we should not do that kfree() in the latter, especially not
    with ->s_fs_info left pointing to freed object. Double kfree()
    is a Bad Thing(tm)...

    Signed-off-by: Al Viro

    Al Viro
     

07 Jan, 2012

1 commit

02 Nov, 2011

2 commits

23 Mar, 2011

1 commit

21 Mar, 2011

1 commit