summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* fs/exec.c: make bprm_mm_init() staticYuanhan Liu2013-02-262-2/+1
| | | | | | | | There is only one user of bprm_mm_init, and it's inside the same file. Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* ocfs2/dlm: use GFP_ATOMIC inside a spin_lockDan Carpenter2013-02-261-1/+1
| | | | | | | | | | | My static checker complains that this is called with a spin_lock held in dlm_master_requery_handler() from dlmrecovery.c. Probably the reason we have not received any bug reports about this is that recovery is not a common operation. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Joel Becker <jlbec@evilplan.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* ocfs2: fix possible use-after-free with AIOJan Kara2013-02-261-1/+1
| | | | | | | | | | | | | | | | Running AIO is pinning inode in memory using file reference. Once AIO is completed using aio_complete(), file reference is put and inode can be freed from memory. So we have to be sure that calling aio_complete() is the last thing we do with the inode. Signed-off-by: Jan Kara <jack@suse.cz> Acked-by: Jeff Moyer <jmoyer@redhat.com> Acked-by: Joel Becker <jlbec@evilplan.org> Cc: Mark Fasheh <mfasheh@suse.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* ocfs2: Fix oops in ocfs2_fast_symlink_readpage() code pathSunil Mushran2013-02-261-1/+1
| | | | | | | | | Commit ea022dfb3c2a4680483b00eb2fecc9fc4f6091d1 was missing a var init. Reported-and-Tested-by: Vincent Etienne <vetienne@aprogsys.com> Signed-off-by: Sunil Mushran <sunil.mushran@gmail.com> Signed-off-by: Joel Becker <jlbec@evilplan.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* get_empty_filp()/alloc_file() leave both ->f_pos and ->f_version zeroAl Viro2013-02-263-4/+0
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* target: writev() on single-element vector is pointlessAl Viro2013-02-262-45/+17
| | | | | | | | | | ... in other news: filp_open() can't return a struct file with NULL dentry filp_open() can't return a struct file negative dentry filp_close() of something that never had been in any descriptor tables is pointless - fput() is all you need Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* export kernel_write(), convert open-coded instancesAl Viro2013-02-265-61/+24
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* fs: encode_fh: return FILEID_INVALID if invalid fid_typeNamjae Jeon2013-02-2612-21/+21
| | | | | | | | | | | | | This patch is a follow up on below patch: [PATCH] exportfs: add FILEID_INVALID to indicate invalid fid_type commit: 216b6cbdcbd86b1db0754d58886b466ae31f5a63 Signed-off-by: Namjae Jeon <namjae.jeon@samsung.com> Signed-off-by: Vivek Trivedi <t.vivek@samsung.com> Acked-by: Steven Whitehouse <swhiteho@redhat.com> Acked-by: Sage Weil <sage@inktank.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* kill f_vfsmntAl Viro2013-02-265-6/+5
| | | | | | very few users left... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* vfs: kill FS_REVAL_DOT by adding a d_weak_revalidate dentry opJeff Layton2013-02-2612-16/+84
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The following set of operations on a NFS client and server will cause server# mkdir a client# cd a server# mv a a.bak client# sleep 30 # (or whatever the dir attrcache timeout is) client# stat . stat: cannot stat `.': Stale NFS file handle Obviously, we should not be getting an ESTALE error back there since the inode still exists on the server. The problem is that the lookup code will call d_revalidate on the dentry that "." refers to, because NFS has FS_REVAL_DOT set. nfs_lookup_revalidate will see that the parent directory has changed and will try to reverify the dentry by redoing a LOOKUP. That of course fails, so the lookup code returns ESTALE. The problem here is that d_revalidate is really a bad fit for this case. What we really want to know at this point is whether the inode is still good or not, but we don't really care what name it goes by or whether the dcache is still valid. Add a new d_op->d_weak_revalidate operation and have complete_walk call that instead of d_revalidate. The intent there is to allow for a "weaker" d_revalidate that just checks to see whether the inode is still good. This is also gives us an opportunity to kill off the FS_REVAL_DOT special casing. [AV: changed method name, added note in porting, fixed confusion re having it possibly called from RCU mode (it won't be)] Cc: NeilBrown <neilb@suse.de> Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* nfsd: handle vfs_getattr errors in acl protocolJ. Bruce Fields2013-02-264-9/+24
| | | | | | | | | | | We're currently ignoring errors from vfs_getattr. The correct thing to do is to do the stat in the main service procedure not in the response encoding. Reported-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: J. Bruce Fields <bfields@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* switch vfs_getattr() to struct pathAl Viro2013-02-2614-35/+40
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* default SET_PERSONALITY() in linux/elf.hAl Viro2013-02-2617-54/+5
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* ceph: prepopulate inodes only when request is abortedSage Weil2013-02-261-2/+38
| | | | | | | | | | If r_aborted is true, we do not hold the dir i_mutex, and cannot touch the dcache. However, we still need to update the inodes with the state returned by the MDS. Reported-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Sage Weil <sage@inktank.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* d_hash_and_lookup(): export, switch open-coded instancesAl Viro2013-02-264-24/+18
| | | | | | | | * calling conventions change - ERR_PTR() is returned on ->d_hash() errors; NULL is just for dcache miss now. * exported, open-coded instances in ncpfs and cifs converted. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* 9p: switch v9fs_set_create_acl() to inode+fid, do it before d_instantiate()Al Viro2013-02-263-35/+33
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* 9p: split dropping the acls from v9fs_set_create_acl()Al Viro2013-02-263-21/+28
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* 9p: switch v9fs_acl_chmod() from dentry to inode+fidAl Viro2013-02-263-16/+13
| | | | | | caller has both, might as well pass them explicitly. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* 9p: switch v9fs_set_acl() from dentry to fidAl Viro2013-02-261-5/+12
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* 9p: lift the call of set_cached_acl() into the callers of v9fs_set_acl()Al Viro2013-02-261-4/+3
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* 9p: add fid-based variant of v9fs_xattr_set()Al Viro2013-02-262-15/+20
| | | | | | ... making v9fs_xattr_set() a wrapper for it. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* tegra: don't wank with d_find_alias()Al Viro2013-02-261-9/+3
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* lirc: get rid of bogus checksAl Viro2013-02-261-10/+1
| | | | | | | | file argument is a struct file being passed to ->open() or already opened; none of the checks in lirc_get_pdata() can fail. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* hugetlb_file_setup(): use d_alloc_pseudo()Al Viro2013-02-261-4/+15
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* shmem_setup_file(): use d_alloc_pseudo() instead of d_alloc()Al Viro2013-02-261-4/+15
| | | | | | | | | Note that provided ->d_dname() reproduces what we used to get for those guys in e.g. /proc/self/maps; it might be a good idea to change that to something less ugly, but for now let's keep the existing user-visible behaviour Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* oprofilefs: add missing ->i_mutex locking in object creationAl Viro2013-02-221-3/+13
| | | | | | | Right now it's safe only during initial mount *and* functions are asking to be abused for dynamic adding of objects. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* spufs_mkdir(): don't d_add() on negative parentAl Viro2013-02-221-43/+21
| | | | | | | NOTE: this really needs testing - I could've easily fucked up refcounting in there. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* hostfs: directory methods have no business in non-directory inode_operationsAl Viro2013-02-221-8/+0
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* xenfs: switch to pure simple_fill_super()Al Viro2013-02-221-55/+11
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* __d_materialise_unique() is too genericAl Viro2013-02-221-14/+5
| | | | | | | Its first argument is always non-root, while the second one is always root. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* fs: Fix possible use-after-free with AIOJan Kara2013-02-221-1/+1
| | | | | | | | | | | | | | | Running AIO is pinning inode in memory using file reference. Once AIO is completed using aio_complete(), file reference is put and inode can be freed from memory. So we have to be sure that calling aio_complete() is the last thing we do with the inode. CC: Christoph Hellwig <hch@infradead.org> CC: Jens Axboe <axboe@kernel.dk> CC: Jeff Moyer <jmoyer@redhat.com> CC: stable@vger.kernel.org Acked-by: Jeff Moyer <jmoyer@redhat.com> Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* constify d_lookup() argumentsAl Viro2013-02-222-2/+2
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* constify __d_lookup() argumentsAl Viro2013-02-222-2/+2
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* lookup_slow: get rid of name argumentAl Viro2013-02-221-4/+3
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* lookup_fast: get rid of name argumentAl Viro2013-02-221-5/+5
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* get rid of name and type arguments of walk_component()Al Viro2013-02-221-10/+8
| | | | | | ... always can be found in nameidata now. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* link_path_walk(): move assignments to nd->last/nd->last_type upAl Viro2013-02-221-12/+10
| | | | | | ... and clean the main loop a bit Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* vfs: remove d_path_with_unreachableJeff Layton2013-02-222-32/+0
| | | | | | | The last caller was removed >2 years ago in commit 7b2a69ba7. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* clean shmem_file_setup() a bitAl Viro2013-02-221-10/+9
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* fs: Preserve error code in get_empty_filp(), part 2Anatol Pomozov2013-02-228-22/+19
| | | | | | | | | | | | | | | | | | | | | Allocating a file structure in function get_empty_filp() might fail because of several reasons: - not enough memory for file structures - operation is not allowed - user is over its limit Currently the function returns NULL in all cases and we loose the exact reason of the error. All callers of get_empty_filp() assume that the function can fail with ENFILE only. Return error through pointer. Change all callers to preserve this error code. [AV: cleaned up a bit, carved the get_empty_filp() part out into a separate commit (things remaining here deal with alloc_file()), removed pipe(2) behaviour change] Signed-off-by: Anatol Pomozov <anatol.pomozov@gmail.com> Reviewed-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* propagate error from get_empty_filp() to its callersAl Viro2013-02-223-30/+28
| | | | | | Based on parts from Anatol's patch (the rest is the next commit). Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* new helper: file_inode(file)Al Viro2013-02-22306-717/+696
| | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* mount: consolidate permission checksAl Viro2013-02-221-33/+7
| | | | | | ... and ask for global CAP_SYS_ADMIN only for superblock-level remounts Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* get rid of unprotected dereferencing of mnt->mnt_nsAl Viro2013-02-221-12/+17
| | | | | | | | | | It's safe only under namespace_sem or vfsmount_lock; all places in fs/namespace.c that want mnt->mnt_ns->user_ns actually want to use current->nsproxy->mnt_ns->user_ns (note the calls of check_mnt() in there). Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
* Merge branch 'for-linus' of ↵Linus Torvalds2013-01-206-14/+30
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal Pull misc syscall fixes from Al Viro: - compat syscall fixes (discussed back in December) - a couple of "make life easier for sigaltstack stuff by reducing inter-tree dependencies" - fix up compiler/asmlinkage calling convention disagreement of sys_clone() - misc * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal: sys_clone() needs asmlinkage_protect make sure that /linuxrc has std{in,out,err} x32: fix sigtimedwait x32: fix waitid() switch compat_sys_wait4() and compat_sys_waitid() to COMPAT_SYSCALL_DEFINE switch compat_sys_sigaltstack() to COMPAT_SYSCALL_DEFINE CONFIG_GENERIC_SIGALTSTACK build breakage with asm-generic/syscalls.h Ensure that kernel_init_freeable() is not inlined into non __init code
| * sys_clone() needs asmlinkage_protectAl Viro2013-01-191-2/+4
| | | | | | | | | | Cc: stable@vger.kernel.org Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
| * make sure that /linuxrc has std{in,out,err}Al Viro2013-01-191-0/+4
| | | | | | | | Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
| * x32: fix sigtimedwaitAl Viro2012-12-261-1/+1
| | | | | | | | | | | | | | | | It needs 64bit timespec. As it is, we end up truncating the timeout to whole seconds; usually it doesn't matter, but for having all sub-second timeouts truncated to one jiffy is visibly wrong. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
| * x32: fix waitid()Al Viro2012-12-261-1/+5
| | | | | | | | | | | | | | It needs 64bit rusage and 32bit siginfo. glibc never calls it with non-NULL rusage pointer, or we would've seen breakage already... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
| * switch compat_sys_wait4() and compat_sys_waitid() to COMPAT_SYSCALL_DEFINEAl Viro2012-12-261-6/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Strictly speaking, ppc64 needs it for C ABI compliance. Realistically I would be very surprised if e.g. passing 0xffffffff as 'options' argument to waitid() from 32bit task would cause problems, but yes, it puts us into undefined behaviour territory. ppc64 expects int argument to be passed in 64bit register with bits 31..63 containing the same value. SYSCALL_DEFINE on ppc provides a wrapper that normalizes the value passed from userland; so does COMPAT_SYSCALL_DEFINE. Plain declaration of compat_sys_something() with an int argument obviously doesn't. Again, for wait4 and waitid I would be extremely surprised if gcc started to produce code depending on that value having been properly sign-extended - the argument(s) in question end up passed blindly to sys_wait4 and sys_waitid resp. and normalization for native syscalls takes care of their use there. Still, better to use COMPAT_SYSCALL_DEFINE here than worry about nasal daemons... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>