26 Sep, 2018
1 commit
-
[ Upstream commit cc57c07343bd071cdf1915a91a24ab7d40c9b590 ]
This patch fixes a bug where configfs_register_group had added
a group in a tree, and userspace has done a rmdir on a dir somewhere
above that group and we hit a kernel crash. The problem is configfs_rmdir
will detach everything under it and unlink groups on the default_groups
list. It will not unlink groups added with configfs_register_group so when
configfs_unregister_group is called to drop its references to the group/items
we crash when we try to access the freed dentrys.The patch just adds a check for if a rmdir has been done above
us and if so just does the unlink part of unregistration.Sorry if you are getting this multiple times. I thouhgt I sent
this to some of you and lkml, but I do not see it.Signed-off-by: Mike Christie
Cc: Christoph Hellwig
Cc: Joel Becker
Signed-off-by: Christoph Hellwig
Signed-off-by: Sasha Levin
Signed-off-by: Greg Kroah-Hartman
09 May, 2016
1 commit
-
Signed-off-by: Al Viro
03 May, 2016
1 commit
-
grab a reference to dentry we'd got the sucker from, and return
that dentry via *wait, rather than just returning the address of
->i_mutex.Signed-off-by: Al Viro
20 Mar, 2016
1 commit
-
Pull vfs updates from Al Viro:
- Preparations of parallel lookups (the remaining main obstacle is the
need to move security_d_instantiate(); once that becomes safe, the
rest will be a matter of rather short series local to fs/*.c- preadv2/pwritev2 series from Christoph
- assorted fixes
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (32 commits)
splice: handle zero nr_pages in splice_to_pipe()
vfs: show_vfsstat: do not ignore errors from show_devname method
dcache.c: new helper: __d_add()
don't bother with __d_instantiate(dentry, NULL)
untangle fsnotify_d_instantiate() a bit
uninline d_add()
replace d_add_unique() with saner primitive
quota: use lookup_one_len_unlocked()
cifs_get_root(): use lookup_one_len_unlocked()
nfs_lookup: don't bother with d_instantiate(dentry, NULL)
kill dentry_unhash()
ceph_fill_trace(): don't bother with d_instantiate(dn, NULL)
autofs4: don't bother with d_instantiate(dentry, NULL) in ->lookup()
configfs: move d_rehash() into configfs_create() for regular files
ceph: don't bother with d_rehash() in splice_dentry()
namei: teach lookup_slow() to skip revalidate
namei: massage lookup_slow() to be usable by lookup_one_len_unlocked()
lookup_one_len_unlocked(): use lookup_dcache()
namei: simplify invalidation logics in lookup_dcache()
namei: change calling conventions for lookup_{fast,slow} and follow_managed()
...
14 Mar, 2016
1 commit
-
... and turn it into d_add in there
Signed-off-by: Al Viro
06 Mar, 2016
1 commit
-
Replace the current NULL-terminated array of default groups with a linked
list. This gets rid of lots of nasty code to size and/or dynamically
allocate the array.While we're at it also provide a conveniant helper to remove the default
groups.Signed-off-by: Christoph Hellwig
Acked-by: Felipe Balbi [drivers/usb/gadget]
Acked-by: Joel Becker
Acked-by: Nicholas Bellinger
Reviewed-by: Sagi Grimberg
23 Jan, 2016
1 commit
-
parallel to mutex_{lock,unlock,trylock,is_locked,lock_nested},
inode_foo(inode) being mutex_foo(&inode->i_mutex).Please, use those for access to ->i_mutex; over the coming cycle
->i_mutex will become rwsem, with ->lookup() done with it held
only shared.Signed-off-by: Al Viro
21 Jan, 2016
1 commit
-
Pull SCSI target updates from Nicholas Bellinger:
"The highlights this round include:- Introduce configfs support for unlocked configfs_depend_item()
(krzysztof + andrezej)
- Conversion of usb-gadget target driver to new function registration
interface (andrzej + sebastian)
- Enable qla2xxx FC target mode support for Extended Logins (himansu +
giridhar)
- Enable qla2xxx FC target mode support for Exchange Offload (himansu +
giridhar)
- Add qla2xxx FC target mode irq affinity notification + selective
command queuing. (quinn + himanshu)
- Fix iscsi-target deadlock in se_node_acl configfs deletion (sagi +
nab)
- Convert se_node_acl configfs deletion + se_node_acl->queue_depth to
proper se_session->sess_kref + target_get_session() usage. (hch +
sagi + nab)
- Fix long-standing race between se_node_acl->acl_kref get and
get_initiator_node_acl() lookup. (hch + nab)
- Fix target/user block-size handling, and make sure netlink reaches
all network namespaces (sheng + andy)Note there is an outstanding bug-fix series for remote I_T nexus port
TMR LUN_RESET has been posted and still being tested, and will likely
become post -rc1 material at this point"* 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending: (56 commits)
scsi: qla2xxxx: avoid type mismatch in comparison
target/user: Make sure netlink would reach all network namespaces
target: Obtain se_node_acl->acl_kref during get_initiator_node_acl
target: Convert ACL change queue_depth se_session reference usage
iscsi-target: Fix potential dead-lock during node acl delete
ib_srpt: Convert acl lookup to modern get_initiator_node_acl usage
tcm_fc: Convert acl lookup to modern get_initiator_node_acl usage
tcm_fc: Wait for command completion before freeing a session
target: Fix a memory leak in target_dev_lba_map_store()
target: Support aborting tasks with a 64-bit tag
usb/gadget: Remove set-but-not-used variables
target: Remove an unused variable
target: Fix indentation in target_core_configfs.c
target/user: Allow user to set block size before enabling device
iser-target: Fix non negative ERR_PTR isert_device_get usage
target/fcoe: Add tag support to tcm_fc
qla2xxx: Check for online flag instead of active reset when transmitting responses
qla2xxx: Set all queues to 4k
qla2xxx: Disable ZIO at start time.
qla2xxx: Move atioq to a different lock to reduce lock contention
...
04 Jan, 2016
1 commit
-
ConfigFS lacked binary attributes up until now. This patch
introduces support for binary attributes in a somewhat similar
manner of sysfs binary attributes albeit with changes that
fit the configfs usage model.Problems that configfs binary attributes fix are everything that
requires a binary blob as part of the configuration of a resource,
such as bitstream loading for FPGAs, DTBs for dynamically created
devices etc.Look at Documentation/filesystems/configfs/configfs.txt for internals
and howto use them.This patch is against linux-next as of today that contains
Christoph's configfs rework.Signed-off-by: Pantelis Antoniou
[hch: folded a fix from Geert Uytterhoeven ]
[hch: a few tiny updates based on review feedback]
Signed-off-by: Christoph Hellwig
21 Dec, 2015
4 commits
-
This change is necessary for the SCSI target usb gadget composed with
configfs. In this case configfs will be used for two different purposes:
to compose a usb gadget and to configure the target part. If an instance
of tcm function is created in $CONFIGFS_ROOT/usb_gadget//functions
a tpg can be created in $CONFIGFS_ROOT/target/usb_gadget//, but after
a tpg is created the tcm function must not be removed until its
corresponding tpg is gone. While the configfs_depend/undepend_item() are
meant exactly for creating this kind of dependencies, they are not suitable
if the other kernel subsystem happens to be another subsystem in configfs,
so this patch adds unlocked versions meant for configfs callbacks.Above description has been provided by:
Andrzej PietrasiewiczIn configfs_depend_item() we have to consider two possible cases:
1) When we are called to depend another item in the same subsystem
as caller
In this case we should skip locking configfs root as we know
that configfs is in valid state and our subsystem will not
be unregistered during this call.2) When we are called to depend item in different subsystem than
our caller
In this case we are also sure that configfs is in valid state
but we have to lock root of configfs to avoid unregistration
of target's subsystem. As it is other than caller's subsystem,
there may be nothing what protects us against unregistration
of that subsystem.Signed-off-by: Krzysztof Opasiak
Cc: Joel Becker
Cc: Christoph Hellwig
Signed-off-by: Nicholas Bellinger -
configfs_depend_item() is quite complicated and should
be split up into smaller functions. This also allow to
share this code with other functions.Signed-off-by: Krzysztof Opasiak
Cc: Joel Becker
Cc: Christoph Hellwig
Signed-off-by: Nicholas Bellinger -
configfs_depend_item() is quite complicated and should
be split up into smaller functions. This also allow to
share this code with other functions.Signed-off-by: Krzysztof Opasiak
Cc: Joel Becker
Cc: Christoph Hellwig
Signed-off-by: Nicholas Bellinger -
subsys parameter is never used by configfs_undepend_item()
so there is no point in passing it to this function.Signed-off-by: Krzysztof Opasiak
Cc: Joel Becker
Cc: Christoph Hellwig
Signed-off-by: Nicholas Bellinger
21 Nov, 2015
1 commit
-
This patchset introduces IIO software triggers, offers a way of configuring
them via configfs and adds the IIO hrtimer based interrupt source to be used
with software triggers.The architecture is now split in 3 parts, to remove all IIO trigger specific
parts from IIO configfs core:(1) IIO configfs - creates the root of the IIO configfs subsys.
(2) IIO software triggers - software trigger implementation, dynamically
creating /config/iio/triggers group.
(3) IIO hrtimer trigger - is the first interrupt source for software triggers
(with syfs to follow). Each trigger type can implement its own set of
attributes.Lockdep seems to be happy with the locking in configfs patch.
This patch (of 5):
We don't want to hardcode default groups at subsystem
creation time. We export:
* configfs_register_group
* configfs_unregister_group
to allow drivers to programatically create/destroy groups
later, after module init time.This is needed for IIO configfs support.
(akpm: the other 4 patches to be merged via the IIO tree)
Signed-off-by: Daniel Baluta
Suggested-by: Lars-Peter Clausen
Reviewed-by: Christoph Hellwig
Acked-by: Joel Becker
Cc: Hartmut Knaack
Cc: Octavian Purdila
Cc: Paul Bolle
Cc: Adriana Reus
Cc: Cristina Opriceana
Cc: Peter Meerwald
Cc: Alexander Viro
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
16 Apr, 2015
2 commits
-
that's the bulk of filesystem drivers dealing with inodes of their own
Signed-off-by: David Howells
Signed-off-by: Al Viro -
Fix inconsistent use of file_inode() vs file->f_path.dentry->d_inode.
Reported-by: Dan Carpenter
Signed-off-by: David Howells
Signed-off-by: Al Viro
18 Feb, 2015
2 commits
-
Signed-off-by: Al Viro
-
... so make it return void and drop the check for it being non-NULL
Signed-off-by: Al Viro
20 Nov, 2014
1 commit
-
Signed-off-by: Al Viro
05 Jun, 2014
2 commits
-
Add pr_fmt based on module name.
Signed-off-by: Fabian Frederick
Cc: Joel Becker
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Signed-off-by: Fabian Frederick
Cc: Joel Becker
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
22 Nov, 2013
1 commit
-
A race window in configfs, it starts from one dentry is UNHASHED and end
before configfs_d_iput is called. In this window, if a lookup happen,
since the original dentry was UNHASHED, so a new dentry will be
allocated, and then in configfs_attach_attr(), sd->s_dentry will be
updated to the new dentry. Then in configfs_d_iput(),
BUG_ON(sd->s_dentry != dentry) will be triggered and system panic.sys_open: sys_close:
... fput
dput
dentry_kill
__d_drop dentry still point
to this dentry.lookup_real
configfs_lookup
configfs_attach_attr---> update sd->s_dentry
to new allocated dentry here.d_kill
configfs_d_iput s_dentry != dentry)
triggered here.To fix it, change configfs_d_iput to not update sd->s_dentry if
sd->s_count > 2, that means there are another dentry is using the sd
beside the one that is going to be put. Use configfs_dirent_lock in
configfs_attach_attr to sync with configfs_d_iput.With the following steps, you can reproduce the bug.
1. enable ocfs2, this will mount configfs at /sys/kernel/config and
fill configure in it.2. run the following script.
while [ 1 ]; do cat /sys/kernel/config/cluster/$your_cluster_name/idle_timeout_ms > /dev/null; done &
while [ 1 ]; do cat /sys/kernel/config/cluster/$your_cluster_name/idle_timeout_ms > /dev/null; done &Signed-off-by: Junxiao Bi
Cc: Joel Becker
Cc: Al Viro
Cc:
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
16 Nov, 2013
1 commit
-
Rename simple_delete_dentry() to always_delete_dentry() and export it.
Export simple_dentry_operations, while we are at it, and get rid of
their duplicatesSigned-off-by: Al Viro
15 Jul, 2013
1 commit
-
Pull more vfs stuff from Al Viro:
"O_TMPFILE ABI changes, Oleg's fput() series, misc cleanups, including
making simple_lookup() usable for filesystems with non-NULL s_d_op,
which allows us to get rid of quite a bit of ugliness"* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
sunrpc: now we can just set ->s_d_op
cgroup: we can use simple_lookup() now
efivarfs: we can use simple_lookup() now
make simple_lookup() usable for filesystems that set ->s_d_op
configfs: don't open-code d_alloc_name()
__rpc_lookup_create_exclusive: pass string instead of qstr
rpc_create_*_dir: don't bother with qstr
llist: llist_add() can use llist_add_batch()
llist: fix/simplify llist_add() and llist_add_batch()
fput: turn "list_head delayed_fput_list" into llist_head
fs/file_table.c:fput(): add comment
Safer ABI for O_TMPFILE
14 Jul, 2013
1 commit
-
Signed-off-by: Al Viro
10 Jul, 2013
1 commit
-
Pull third set of VFS updates from Al Viro:
"Misc stuff all over the place. There will be one more pile in a
couple of days"This is an "evil merge" that also uses the new d_count helper in
fs/configfs/dir.c, missed by commit 84d08fa888e7 ("helper for reading
->d_count")* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
ncpfs: fix error return code in ncp_parse_options()
locks: move file_lock_list to a set of percpu hlist_heads and convert file_lock_lock to an lglock
seq_file: add seq_list_*_percpu helpers
f2fs: fix readdir incorrectness
mode_t whack-a-mole...
lustre: kill the pointless wrapper
helper for reading ->d_count
29 Jun, 2013
1 commit
-
Signed-off-by: Al Viro
27 Feb, 2013
1 commit
-
Pull vfs pile (part one) from Al Viro:
"Assorted stuff - cleaning namei.c up a bit, fixing ->d_name/->d_parent
locking violations, etc.The most visible changes here are death of FS_REVAL_DOT (replaced with
"has ->d_weak_revalidate()") and a new helper getting from struct file
to inode. Some bits of preparation to xattr method interface changes.Misc patches by various people sent this cycle *and* ocfs2 fixes from
several cycles ago that should've been upstream right then.PS: the next vfs pile will be xattr stuff."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (46 commits)
saner proc_get_inode() calling conventions
proc: avoid extra pde_put() in proc_fill_super()
fs: change return values from -EACCES to -EPERM
fs/exec.c: make bprm_mm_init() static
ocfs2/dlm: use GFP_ATOMIC inside a spin_lock
ocfs2: fix possible use-after-free with AIO
ocfs2: Fix oops in ocfs2_fast_symlink_readpage() code path
get_empty_filp()/alloc_file() leave both ->f_pos and ->f_version zero
target: writev() on single-element vector is pointless
export kernel_write(), convert open-coded instances
fs: encode_fh: return FILEID_INVALID if invalid fid_type
kill f_vfsmnt
vfs: kill FS_REVAL_DOT by adding a d_weak_revalidate dentry op
nfsd: handle vfs_getattr errors in acl protocol
switch vfs_getattr() to struct path
default SET_PERSONALITY() in linux/elf.h
ceph: prepopulate inodes only when request is aborted
d_hash_and_lookup(): export, switch open-coded instances
9p: switch v9fs_set_create_acl() to inode+fid, do it before d_instantiate()
9p: split dropping the acls from v9fs_set_create_acl()
...
23 Feb, 2013
1 commit
-
Signed-off-by: Al Viro
22 Feb, 2013
1 commit
-
The dereference should be moved below the NULL test.
spatch with a semantic match is used to found this.
(http://coccinelle.lip6.fr/)Signed-off-by: Wei Yongjun
Cc: Joel Becker
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
18 Dec, 2012
1 commit
-
But the kernel decided to call it "origin" instead. Fix most of the
sites.Acked-by: Hugh Dickins
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
14 Jul, 2012
1 commit
-
Just the flags; only NFS cares even about that, but there are
legitimate uses for such argument. And getting rid of that
completely would require splitting ->lookup() into a couple
of methods (at least), so let's leave that alone for now...Signed-off-by: Al Viro
21 Mar, 2012
4 commits
-
... and make configfs_mnt static
Signed-off-by: Al Viro
-
no need to play sick games with parent item, internal mount, etc.
Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
just give root directory separate inode_operations without all those
methods...Signed-off-by: Al Viro
04 Jan, 2012
3 commits
-
vfs_mkdir() gets int, but immediately drops everything that might not
fit into umode_t and that's the only caller of ->mkdir()...Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
-
Signed-off-by: Al Viro
28 May, 2011
1 commit
-
configfs does not have problems with references to unlinked directories.
CC: Joel Becker
Signed-off-by: Sage Weil
Signed-off-by: Al Viro
