Eric Lee / smarc-fsl-linux-kernel

17 Dec, 2018

1 commit

  • 56926f913   ocfs2: fix potential use after free ... Browse Code »

    [ Upstream commit 164f7e586739d07eb56af6f6d66acebb11f315c8 ]

    ocfs2_get_dentry() calls iput(inode) to drop the reference count of
    inode, and if the reference count hits 0, inode is freed. However, in
    this function, it then reads inode->i_generation, which may result in a
    use after free bug. Move the put operation later.

    Link: http://lkml.kernel.org/r/1543109237-110227-1-git-send-email-bianpan2016@163.com
    Fixes: 781f200cb7a("ocfs2: Remove masklog ML_EXPORT.")
    Signed-off-by: Pan Bian
    Reviewed-by: Andrew Morton
    Cc: Mark Fasheh
    Cc: Joel Becker
    Cc: Junxiao Bi
    Cc: Joseph Qi
    Cc: Changwei Ge
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds
    Signed-off-by: Sasha Levin

    Pan Bian
     

29 May, 2017

1 commit

  • 7585d12f6   ocfs2: Use ERR_CAST() to avoid cross-structure cast ... Browse Code »

    When trying to propagate an error result, the error return path attempts
    to retain the error, but does this with an open cast across very different
    types, which the upcoming structure layout randomization plugin flags as
    being potentially dangerous in the face of randomization. This is a false
    positive, but what this code actually wants to do is use ERR_CAST() to
    retain the error value.

    Cc: Mark Fasheh
    Cc: Joel Becker
    Signed-off-by: Kees Cook

    Kees Cook
     

27 Apr, 2015

1 commit

  • 9ec3a646f   Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs ... Browse Code »

    Pull fourth vfs update from Al Viro:
    "d_inode() annotations from David Howells (sat in for-next since before
    the beginning of merge window) + four assorted fixes"

    * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
    RCU pathwalk breakage when running into a symlink overmounting something
    fix I_DIO_WAKEUP definition
    direct-io: only inc/dec inode->i_dio_count for file systems
    fs/9p: fix readdir()
    VFS: assorted d_backing_inode() annotations
    VFS: fs/inode.c helpers: d_inode() annotations
    VFS: fs/cachefiles: d_backing_inode() annotations
    VFS: fs library helpers: d_inode() annotations
    VFS: assorted weird filesystems: d_inode() annotations
    VFS: normal filesystems (and lustre): d_inode() annotations
    VFS: security/: d_inode() annotations
    VFS: security/: d_backing_inode() annotations
    VFS: net/: d_inode() annotations
    VFS: net/unix: d_backing_inode() annotations
    VFS: kernel/: d_inode() annotations
    VFS: audit: d_backing_inode() annotations
    VFS: Fix up some ->d_inode accesses in the chelsio driver
    VFS: Cachefiles should perform fs modifications on the top layer only
    VFS: AF_UNIX sockets should call mknod on the top layer only

    Linus Torvalds
     

16 Apr, 2015

1 commit

15 Apr, 2015

1 commit

  • 023d4ea35   ocfs2: fix possible uninitialized variable access ... Browse Code »

    In ocfs2_local_alloc_find_clear_bits and ocfs2_get_dentry, variable
    numfound and set may be uninitialized and then used in tracepoint. In
    ocfs2_xattr_block_get and ocfs2_delete_xattr_in_bucket, variable block_off
    and xv may be uninitialized and then used in the following logic due to
    unchecked return value.

    This patch fixes these possible issues.

    Signed-off-by: Joseph Qi
    Cc: Mark Fasheh
    Cc: Joel Becker
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Joseph Qi
     

26 Feb, 2013

1 commit

30 May, 2012

1 commit

  • b0b0382bb   ->encode_fh() API change ... Browse Code »

    pass inode + parent's inode or NULL instead of dentry + bool saying
    whether we want the parent or not.

    NOTE: that needs ceph fix folded in.

    Signed-off-by: Al Viro

    Al Viro
     

14 Mar, 2011

1 commit

  • 5fe0c2378   exportfs: Return the minimum required handle size ... Browse Code »

    The exportfs encode handle function should return the minimum required
    handle size. This helps user to find out the handle size by passing 0
    handle size in the first step and then redoing to the call again with
    the returned handle size value.

    Acked-by: Serge Hallyn
    Signed-off-by: Aneesh Kumar K.V
    Signed-off-by: Al Viro

    Aneesh Kumar K.V
     

07 Mar, 2011

1 commit

  • c1e8d35ef   ocfs2: Remove EXIT from masklog. ... Browse Code »
    43

    mlog_exit is used to record the exit status of a function.
    But because it is added in so many functions, if we enable it,
    the system logs get filled up quickly and cause too much I/O.
    So actually no one can open it for a production system or even
    for a test.

    This patch just try to remove it or change it. So:
    1. if all the error paths already use mlog_errno, it is just removed.
    Otherwise, it will be replaced by mlog_errno.
    2. if it is used to print some return value, it is replaced with
    mlog(0,...).
    mlog_exit_ptr is changed to mlog(0.
    All those mlog(0,...) will be replaced with trace events later.

    Signed-off-by: Tao Ma

    Tao Ma
     

24 Feb, 2011

1 commit

21 Feb, 2011

1 commit

  • ef6b689b6   ocfs2: Remove ENTRY from masklog. ... Browse Code »

    ENTRY is used to record the entry of a function.
    But because it is added in so many functions, if we enable it,
    the system logs get filled up quickly and cause too much I/O.
    So actually no one can open it for a production system or even
    for a test.

    So for mlog_entry_void, we just remove it.
    for mlog_entry(...), we replace it with mlog(0,...), and they
    will be replace by trace event later.

    Signed-off-by: Tao Ma

    Tao Ma
     

13 Jan, 2011

1 commit

07 Jan, 2011

1 commit

  • fb045adb9   fs: dcache reduce branches in lookup path ... Browse Code »

    Reduce some branches and memory accesses in dcache lookup by adding dentry
    flags to indicate common d_ops are set, rather than having to check them.
    This saves a pointer memory access (dentry->d_op) in common path lookup
    situations, and saves another pointer load and branch in cases where we
    have d_op but not the particular operation.

    Patched with:

    git grep -E '[.>]([[:space:]])*d_op([[:space:]])*=' | xargs sed -e 's/\([^\t ]*\)->d_op = \(.*\);/d_set_d_op(\1, \2);/' -e 's/\([^\t ]*\)\.d_op = \(.*\);/d_set_d_op(\&\1, \2);/' -i

    Signed-off-by: Nick Piggin

    Nick Piggin
     

26 Jan, 2010

1 commit

22 Apr, 2009

1 commit

04 Apr, 2009

1 commit

  • 6ca497a83   ocfs2: fix rare stale inode errors when exporting via nfs ... Browse Code »

    For nfs exporting, ocfs2_get_dentry() returns the dentry for fh.
    ocfs2_get_dentry() may read from disk when the inode is not in memory,
    without any cross cluster lock. this leads to the file system loading a
    stale inode.

    This patch fixes above problem.

    Solution is that in case of inode is not in memory, we get the cluster
    lock(PR) of alloc inode where the inode in question is allocated from (this
    causes node on which deletion is done sync the alloc inode) before reading
    out the inode itsself. then we check the bitmap in the group (the inode in
    question allcated from) to see if the bit is clear. if it's clear then it's
    stale. if the bit is set, we then check generation as the existing code
    does.

    We have to read out the inode in question from disk first to know its alloc
    slot and allot bit. And if its not stale we read it out using ocfs2_iget().
    The second read should then be from cache.

    And also we have to add a per superblock nfs_sync_lock to cover the lock for
    alloc inode and that for inode in question. this is because ocfs2_get_dentry()
    and ocfs2_delete_inode() lock on them in reverse order. nfs_sync_lock is locked
    in EX mode in ocfs2_get_dentry() and in PR mode in ocfs2_delete_inode(). so
    that mutliple ocfs2_delete_inode() can run concurrently in normal case.

    [mfasheh@suse.com: build warning fixes and comment cleanups]
    Signed-off-by: Wengang Wang
    Acked-by: Joel Becker
    Signed-off-by: Mark Fasheh

    wengang wang
     

23 Oct, 2008

1 commit

26 Jan, 2008

2 commits

22 Oct, 2007

2 commits

  • 396551644   exportfs: make struct export_operations const ... Browse Code »

    Now that nfsd has stopped writing to the find_exported_dentry member we an
    mark the export_operations const

    Signed-off-by: Christoph Hellwig
    Cc: Neil Brown
    Cc: "J. Bruce Fields"
    Cc:
    Cc: Dave Kleikamp
    Cc: Anton Altaparmakov
    Cc: David Chinner
    Cc: Timothy Shimmin
    Cc: OGAWA Hirofumi
    Cc: Hugh Dickins
    Cc: Chris Mason
    Cc: Jeff Mahoney
    Cc: "Vladimir V. Saveliev"
    Cc: Steven Whitehouse
    Cc: Mark Fasheh
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Christoph Hellwig
     
  • 644f9ab3b   ocfs2: new export ops ... Browse Code »

    OCFS2 has it's own 64bit-firendly filehandle format so we can't use the
    generic helpers here. I'll add a struct for the types later.

    Signed-off-by: Christoph Hellwig
    Cc: Neil Brown
    Cc: "J. Bruce Fields"
    Cc: Mark Fasheh
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Christoph Hellwig
     

13 Oct, 2007

1 commit

  • be94d1170   ocfs2: Provide convenience function for ino lookup ... Browse Code »

    A couple paths which needed to just match a parent dir + name pair to an
    inode number were a bit messy because they had to deal with
    ocfs2_find_files_on_disk() which returns a larger number of values. Provide
    a convenience function, ocfs2_lookup_ino_from_name() which internalizes all
    the extra accounting.

    Signed-off-by: Mark Fasheh
    Reviewed-by: Joel Becker

    Mark Fasheh
     

03 May, 2007

1 commit

22 Jan, 2007

1 commit

02 Dec, 2006

1 commit

25 Sep, 2006

2 commits

  • 24c19ef40   ocfs2: Remove i_generation from inode lock names ... Browse Code »

    OCFS2 puts inode meta data in the "lock value block" provided by the DLM.
    Typically, i_generation is encoded in the lock name so that a deleted inode
    on and a new one in the same block don't share the same lvb.

    Unfortunately, that scheme means that the read in ocfs2_read_locked_inode()
    is potentially thrown away as soon as the meta data lock is taken - we
    cannot encode the lock name without first knowing i_generation, which
    requires a disk read.

    This patch encodes i_generation in the inode meta data lvb, and removes the
    value from the inode meta data lock name. This way, the read can be covered
    by a lock, and at the same time we can distinguish between an up to date and
    a stale LVB.

    This will help cold-cache stat(2) performance in particular.

    Since this patch changes the protocol version, we take the opportunity to do
    a minor re-organization of two of the LVB fields.

    Signed-off-by: Mark Fasheh

    Mark Fasheh
     
  • 379dfe9d0   ocfs2: Hook rest of the file system into dentry locking API ... Browse Code »

    Actually replace the vote calls with the new dentry operations. Make any
    necessary adjustments to get the scheme to work.

    Signed-off-by: Mark Fasheh

    Mark Fasheh
     

25 Mar, 2006

1 commit

04 Jan, 2006

1 commit