summaryrefslogtreecommitdiffstats
path: root/fs
Commit message (Collapse)AuthorAgeFilesLines
* eCryptfs: Fix min function comparison warningTyler Hicks2009-04-271-1/+1
| | | | | | | | | This warning shows up on 64 bit builds: fs/ecryptfs/inode.c:693: warning: comparison of distinct pointer types lacks a cast Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
* ecryptfs: fix printk format warningRandy Dunlap2009-04-271-1/+1
| | | | | | | | | fs/ecryptfs/inode.c:670: warning: format '%d' expects type 'int', but argument 3 has type 'size_t' Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com> Cc: Dustin Kirkland <kirkland@canonical.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
* bio: fix memcpy corruption in bio_copy_user_iov()FUJITA Tomonori2009-04-281-0/+3
| | | | | | | | | | st driver uses blk_rq_map_user() in order to just build a request out of page frames. In this case, map_data->offset is a non zero value and iov[0].iov_base is NULL. We need to increase nr_pages for that. Cc: stable@kernel.org Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp> Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
* Merge git://git.kernel.org/pub/scm/linux/kernel/git/mason/btrfs-unstableLinus Torvalds2009-04-2717-337/+281
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/mason/btrfs-unstable: Btrfs: look for acls during btrfs_read_locked_inode Btrfs: fix acl caching Btrfs: Fix a bunch of printk() warnings. Btrfs: Fix a trivial warning using max() of u64 vs ULL. Btrfs: remove unused btrfs_bit_radix slab Btrfs: ratelimit IO error printks Btrfs: remove #if 0 code Btrfs: When shrinking, only update disk size on success Btrfs: fix deadlocks and stalls on dead root removal Btrfs: fix fallocate deadlock on inode extent lock Btrfs: kill btrfs_cache_create Btrfs: don't export symbols Btrfs: simplify makefile Btrfs: try to keep a healthy ratio of metadata vs data block groups
| * Btrfs: look for acls during btrfs_read_locked_inodeChris Mason2009-04-271-0/+62
| | | | | | | | | | | | | | | | This changes btrfs_read_locked_inode() to peek ahead in the btree for acl items. If it is certain a given inode has no acls, it will set the in memory acl fields to null to avoid acl lookups completely. Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: fix acl cachingChris Mason2009-04-272-7/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Linus noticed the btrfs code to cache acls wasn't properly caching a NULL acl when the inode didn't have any acls. This meant the common case of no acls resulted in expensive btree searches every time the kernel checked permissions (which is quite often). This is a modified version of Linus' original patch: Properly set initial acl fields to BTRFS_ACL_NOT_CACHED in the inode. This forces an acl lookup when permission checks are done. Fix btrfs_get_acl to avoid lookups and locking when the inode acls fields are set to null. Fix btrfs_get_acl to use the right return value from __btrfs_getxattr when deciding to cache a NULL acl. It was storing a NULL acl when __btrfs_getxattr return -ENOENT, but __btrfs_getxattr was actually returning -ENODATA for this case. Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: Fix a bunch of printk() warnings.Joel Becker2009-04-275-23/+40
| | | | | | | | | | | | | | | | Just happened to notice a bunch of %llu vs u64 warnings. Here's a patch to cast them all. Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: Fix a trivial warning using max() of u64 vs ULL.Joel Becker2009-04-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | A small warning popped up on ia64 because inode-map.c was comparing a u64 object id with the ULL FIRST_FREE_OBJECTID. My first thought was that all the OBJECTID constants should contain the u64 cast because btrfs code deals entirely in u64s. But then I saw how large that was, and figured I'd just fix the max() call. Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: remove unused btrfs_bit_radix slabChris Mason2009-04-271-8/+0
| | | | | | | | Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: ratelimit IO error printksChris Mason2009-04-272-17/+31
| | | | | | | | | | | | | | | | | | | | | | Btrfs has printks for various IO errors, including bad checksums and mismatches between what we expect the block headers to contain and what we actually find on the disk. Longer term we need a real reporting mechanism for this, but for now printk is going to have to do. Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: remove #if 0 codeChris Mason2009-04-273-188/+1
| | | | | | | | | | | | Btrfs had some old code sitting around under #if 0, this drops it. Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: When shrinking, only update disk size on successChris Ball2009-04-272-11/+27
| | | | | | | | | | | | | | | | | | | | Previously, we updated a device's size prior to attempting a shrink operation. This patch moves the device resizing logic to only happen if the shrink completes successfully. In the process, it introduces a new field to btrfs_device -- disk_total_bytes -- to track the on-disk size. Signed-off-by: Chris Ball <cjb@laptop.org> Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: fix deadlocks and stalls on dead root removalChris Mason2009-04-241-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After a transaction commit, the old root of the subvol btrees are sent through snapshot removal. This is what actually frees up any blocks replaced by COW, and anything the old blocks pointed to. Snapshot deletion will pause when a transaction commit has started, which helps to avoid a huge amount of delayed reference count updates piling up as the transaction is trying to close. But, this pause happens after the snapshot deletion process has asked other procs on the system to throttle back a bit so that it can make progress. We don't want to throttle everyone while we're waiting for the transaction commit, it leads to deadlocks in the user transaction ioctls used by Ceph and makes things slower in general. This patch changes things to avoid the throttling while we sleep. Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: fix fallocate deadlock on inode extent lockChris Mason2009-04-245-17/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The btrfs fallocate call takes an extent lock on the entire range being fallocated, and then runs through insert_reserved_extent on each extent as they are allocated. The problem with this is that btrfs_drop_extents may decide to try and take the same extent lock fallocate was already holding. The solution used here is to push down knowledge of the range that is already locked going into btrfs_drop_extents. It turns out that at least one other caller had the same bug. Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: kill btrfs_cache_createChristoph Hellwig2009-04-243-43/+28
| | | | | | | | | | | | | | Just use kmem_cache_create directly. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: don't export symbolsChristoph Hellwig2009-04-241-6/+0
| | | | | | | | | | | | | | | | Currently the extent_map code is only for btrfs so don't export it's symbols. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: simplify makefileChristoph Hellwig2009-04-241-17/+2
| | | | | | | | | | | | | | | | Get rid of the hacks for building out of tree, and always use += for assigning to the object lists. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Chris Mason <chris.mason@oracle.com>
| * Btrfs: try to keep a healthy ratio of metadata vs data block groupsJosef Bacik2009-04-244-2/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch makes the chunk allocator keep a good ratio of metadata vs data block groups. By default for every 8 data block groups, we'll allocate 1 metadata chunk, or about 12% of the disk will be allocated for metadata. This can be changed by specifying the metadata_ratio mount option. This is simply the number of data block groups that have to be allocated to force a metadata chunk allocation. By making sure we allocate metadata chunks more often, we are less likely to get into situations where the whole disk has been allocated as data block groups. Signed-off-by: Josef Bacik <jbacik@redhat.com> Signed-off-by: Chris Mason <chris.mason@oracle.com>
* | Merge branch 'for_linus' of ↵Linus Torvalds2009-04-272-10/+3
|\ \ | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-quota-2.6 * 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-quota-2.6: ext2: missing unlock in ext2_quota_write() quota: remove obsolete comments in fs/quota/Makefile
| * | ext2: missing unlock in ext2_quota_write()Dan Carpenter2009-04-271-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | The inode->i_mutex should be unlocked. Found by smatch (http://repo.or.cz/w/smatch.git). Compile tested. Signed-off-by: Dan Carpenter <error27@gmail.com> Signed-off-by: Jan Kara <jack@suse.cz>
| * | quota: remove obsolete comments in fs/quota/MakefileChristoph Hellwig2009-04-271-9/+0
| | | | | | | | | | | | | | | | | | | | | | | | Get rid of useless comments and the equally useless obj-y initialization. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Jan Kara <jack@suse.cz>
* | | ext4: Do not try to validate extents on special filesTheodore Ts'o2009-04-241-2/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The EXTENTS_FL flag should never be set on special files, but if it is, don't bother trying to validate that the extents tree is valid, since only files, directories, and non-fast symlinks will ever have an extent data structure. We perhaps should flag the filesystem as being corrupted if we see a special file (named pipes, device nodes, Unix domain sockets, etc.) with the EXTENTS_FL flag, but e2fsck doesn't currently check this case, so we'll just ignore this for now, since it's harmless. Without this fix, a special device with the extents flag is flagged as an error by the kernel, so it is impossible to access or delete the inode, but e2fsck doesn't see it as a problem, leading to confused/frustrated users. Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
* | | ext4: Ignore i_file_acl_high unless EXT4_FEATURE_INCOMPAT_64BIT is presentTheodore Ts'o2009-04-241-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Don't try to look at i_file_acl_high unless the INCOMPAT_64BIT feature bit is set. The field is normally zero, but older versions of e2fsck didn't automatically check to make sure of this, so in the spirit of "be liberal in what you accept", don't look at i_file_acl_high unless we are using a 64-bit filesystem. Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
* | | ext4: Fix softlockup caused by illegal i_file_acl value in on-disk inodeTheodore Ts'o2009-04-241-1/+11
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | If the block containing external extended attributes (which is stored in i_file_acl and i_file_acl_high) is larger than the on-disk filesystem, the process which tried to access the extended attributes will endlessly issue kernel printks complaining that "__find_get_block_slow() failed", locking up that CPU until the system is forcibly rebooted. So when we read in the inode, make sure the i_file_acl value is legal, and if not, flag the filesystem as being corrupted. Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
* | ROMFS: Advance destination buffer pointer when reading from a blockdevDavid Howells2009-04-241-0/+1
| | | | | | | | | | | | | | | | | | | | | | RomFS should advance the destination buffer pointer when reading data from a blockdev source (the data may be split over multiple blocks, each requiring its own sb_read() call). Without this, all the data is copied to the beginning of the output buffer. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Michal Simek <monstr@monstr.eu> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | ROMFS: romfs_lookup() shouldn't be doing a partial name comparisonDavid Howells2009-04-243-22/+53
| | | | | | | | | | | | | | | | | | | | romfs_lookup() should be using a routine akin to strcmp() on the backing store, rather than one akin to strncmp(). If it uses the latter, it's liable to match /bin/shutdown when looking up /bin/sh. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Michal Simek <monstr@monstr.eu> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | Merge branch 'for_linus' of ↵Linus Torvalds2009-04-246-28/+42
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 * 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: ext4: Fix potential inode allocation soft lockup in Orlov allocator ext4: Make the extent validity check more paranoid jbd: use SWRITE_SYNC_PLUG when writing synchronous revoke records jbd2: use SWRITE_SYNC_PLUG when writing synchronous revoke records ext4: really print the find_group_flex fallback warning only once
| * | ext4: Fix potential inode allocation soft lockup in Orlov allocatorTheodore Ts'o2009-04-221-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the Orlov allocator is having trouble finding an appropriate block group, the fallback code could loop forever, causing a soft lockup warning in find_group_orlov(): BUG: soft lockup - CPU#0 stuck for 61s! [cp:11728] ... Pid: 11728, comm: cp Not tainted (2.6.30-rc1-dirty #77) Lenovo EIP: 0060:[<c021650e>] EFLAGS: 00000246 CPU: 0 EIP is at ext4_get_group_desc+0x54/0x9d ... Call Trace: [<c0218021>] find_group_orlov+0x2ee/0x334 [<c0120a5f>] ? sched_clock+0x8/0xb [<c02188e3>] ext4_new_inode+0x2cf/0xb1a Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
| * | ext4: Make the extent validity check more paranoidTheodore Ts'o2009-04-221-6/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of just checking that the extent block number is greater or equal than s_first_data_block, make sure it it is not pointing into the block group descriptors, since that is clearly wrong. This helps prevent filesystem from getting very badly corrupted in case an extent block is corrupted. Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
| * | jbd: use SWRITE_SYNC_PLUG when writing synchronous revoke recordsTheodore Ts'o2009-04-142-10/+12
| | | | | | | | | | | | | | | | | | | | | | | | The revoke records must be written using the same way as the rest of the blocks during the commit process; that is, either marked as synchronous writes or as asynchornous writes. Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
| * | jbd2: use SWRITE_SYNC_PLUG when writing synchronous revoke recordsTheodore Ts'o2009-04-142-10/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | The revoke records must be written using the same way as the rest of the blocks during the commit process; that is, either marked as synchronous writes or as asynchornous writes. Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
| * | ext4: really print the find_group_flex fallback warning only onceChuck Ebbert2009-04-141-1/+2
| | | | | | | | | | | | | | | | | | | | | Missing braces caused the warning to print more than once. Signed-Off-By: Chuck Ebbert <cebbert@redhat.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
* | | Merge branch 'for-linus' of ↵Linus Torvalds2009-04-249-143/+90
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ecryptfs/ecryptfs-2.6: eCryptfs: Larger buffer for encrypted symlink targets eCryptfs: Lock lower directory inode mutex during lookup eCryptfs: Remove ecryptfs_unlink_sigs warnings eCryptfs: Fix data corruption when using ecryptfs_passthrough eCryptfs: Print FNEK sig properly in /proc/mounts eCryptfs: NULL pointer dereference in ecryptfs_send_miscdev() eCryptfs: Copy lower inode attrs before dentry instantiation
| * | | eCryptfs: Larger buffer for encrypted symlink targetsTyler Hicks2009-04-221-6/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using filename encryption with eCryptfs, the value of the symlink in the lower filesystem is encrypted and stored as a Tag 70 packet. This results in a longer symlink target than if the target value wasn't encrypted. Users were reporting these messages in their syslog: [ 45.653441] ecryptfs_parse_tag_70_packet: max_packet_size is [56]; real packet size is [51] [ 45.653444] ecryptfs_decode_and_decrypt_filename: Could not parse tag 70 packet from filename; copying through filename as-is This was due to bufsiz, one the arguments in readlink(), being used to when allocating the buffer passed to the lower inode's readlink(). That symlink target may be very large, but when decoded and decrypted, could end up being smaller than bufsize. To fix this, the buffer passed to the lower inode's readlink() will always be PATH_MAX in size when filename encryption is enabled. Any necessary truncation occurs after the decoding and decrypting. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
| * | | eCryptfs: Lock lower directory inode mutex during lookupTyler Hicks2009-04-221-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch locks the lower directory inode's i_mutex before calling lookup_one_len() to find the appropriate dentry in the lower filesystem. This bug was found thanks to the warning set in commit 2f9092e1. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
| * | | eCryptfs: Remove ecryptfs_unlink_sigs warningsTyler Hicks2009-04-223-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A feature was added to the eCryptfs umount helper to automatically unlink the keys used for an eCryptfs mount from the kernel keyring upon umount. This patch keeps the unrecognized mount option warnings for ecryptfs_unlink_sigs out of the logs. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
| * | | eCryptfs: Fix data corruption when using ecryptfs_passthroughTyler Hicks2009-04-224-32/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ecryptfs_passthrough is a mount option that allows eCryptfs to allow data to be written to non-eCryptfs files in the lower filesystem. The passthrough option was causing data corruption due to it not always being treated as a non-eCryptfs file. The first 8 bytes of an eCryptfs file contains the decrypted file size. This value was being written to the non-eCryptfs files, too. Also, extra 0x00 characters were being written to make the file size a multiple of PAGE_CACHE_SIZE. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
| * | | eCryptfs: Print FNEK sig properly in /proc/mountsTyler Hicks2009-04-221-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The filename encryption key signature is not properly displayed in /proc/mounts. The "ecryptfs_sig=" mount option name is displayed for all global authentication tokens, included those for filename keys. This patch checks the global authentication token flags to determine if the key is a FEKEK or FNEK and prints the appropriate mount option name before the signature. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
| * | | eCryptfs: NULL pointer dereference in ecryptfs_send_miscdev()Tyler Hicks2009-04-222-99/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If data is NULL, msg_ctx->msg is set to NULL and then dereferenced afterwards. ecryptfs_send_raw_message() is the only place that ecryptfs_send_miscdev() is called with data being NULL, but the only caller of that function (ecryptfs_process_helo()) is never called. In short, there is currently no way to trigger the NULL pointer dereference. This patch removes the two unused functions and modifies ecryptfs_send_miscdev() to remove the NULL dereferences. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
| * | | eCryptfs: Copy lower inode attrs before dentry instantiationTyler Hicks2009-04-221-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Copies the lower inode attributes to the upper inode before passing the upper inode to d_instantiate(). This is important for security_d_instantiate(). The problem was discovered by a user seeing SELinux denials like so: type=AVC msg=audit(1236812817.898:47): avc: denied { 0x100000 } for pid=3584 comm="httpd" name="testdir" dev=ecryptfs ino=943872 scontext=root:system_r:httpd_t:s0 tcontext=root:object_r:httpd_sys_content_t:s0 tclass=file Notice target class is file while testdir is really a directory, confusing the permission translation (0x100000) due to the wrong i_mode. Signed-off-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
* | | | Merge branch 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6Linus Torvalds2009-04-241-0/+5
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 'for-linus' of git://git390.marist.edu/pub/scm/linux-2.6: [S390] update default configuration. [S390] omit frame pointers on s390 when possible [S390] Use tape_generic_offline directly. [S390] /proc/stat idle field for idle cpus [S390] appldata: avoid deadlock with appldata_mem [S390] ipl: fix compile breakage
| * | | | [S390] /proc/stat idle field for idle cpusMartin Schwidefsky2009-04-231-0/+5
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The cpu idle field in the output of /proc/stat is too small for cpus that have been idle for more than a tick. Add the architecture hook arch_idle_time that allows to add the not accounted idle time of a sleeping cpu without waking the cpu. The s390 implementation of arch_idle_time uses the already existing s390_idle_data per_cpu variable to find the sleep time of a neighboring idle cpu. Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
* | | | Merge git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-2.6-fixesLinus Torvalds2009-04-241-3/+10
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-2.6-fixes: GFS2: Ensure that the inode goal block settings are updated GFS2: Fix bug in block allocation bitops: Add __ffs64 bitop
| * | | | GFS2: Ensure that the inode goal block settings are updatedSteven Whitehouse2009-04-231-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | GFS2 has a goal block associated with each inode indicating the search start position for future block allocations (in fact there are two, but thats for backward compatibility with GFS1 as they are set to identical locations in GFS2). In some circumstances, depending on the ordering of updates to the inode it was possible for the goal block settings to not be updated on disk. This patch ensures that the goal block will always get updated, thus reducing the potential for searching the same (already allocated) blocks again when looking for free space during block allocation. Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
| * | | | GFS2: Fix bug in block allocationSteven Whitehouse2009-04-231-2/+1
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | The new bitfit algorithm was counting from the wrong end of 64 bit words in the bitfield. This fixes it by using __ffs64 instead of fls64 Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
* | | | Merge branch 'for-linus' of git://git.kernel.dk/linux-2.6-blockLinus Torvalds2009-04-241-67/+57
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 'for-linus' of git://git.kernel.dk/linux-2.6-block: cfq-iosched: cache prio_tree root in cfqq->p_root cfq-iosched: fix bug with aliased request and cooperation detection cfq-iosched: clear ->prio_trees[] on cfqd alloc block: fix intermittent dm timeout based oops umem: fix request_queue lock warning block: simplify I/O stat accounting pktcdvd.h should include mempool.h cfq-iosched: use the default seek distance when there aren't enough seek samples cfq-iosched: make seek_mean converge more quickly block: make blk_abort_queue() ignore non-request based devices block: include empty disks in /proc/diskstats bio: use bio_kmalloc() in copy/map functions bio: fix bio_kmalloc() block: fix queue bounce limit setting block: fix SG_IO vector request data length handling scatterlist: make sure sg_miter_next() doesn't return 0 sized mappings
| * | | | bio: use bio_kmalloc() in copy/map functionsTejun Heo2009-04-221-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Impact: remove possible deadlock condition There is no reason to use mempool backed allocation for map functions. Also, because kern mapping is used inside LLDs (e.g. for EH), using mempool backed allocation can lead to deadlock under extreme conditions (mempool already consumed by the time a request reached EH and requests are blocked on EH). Switch copy/map functions to bio_kmalloc(). Signed-off-by: Tejun Heo <tj@kernel.org> Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
| * | | | bio: fix bio_kmalloc()Tejun Heo2009-04-221-64/+54
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Impact: fix bio_kmalloc() and its destruction path bio_kmalloc() was broken in two ways. * bvec_alloc_bs() first allocates bvec using kmalloc() and then ignores it and allocates again like non-kmalloc bvecs. * bio_kmalloc_destructor() didn't check for and free bio integrity data. This patch fixes the above problems. kmalloc patch is separated out from bio_alloc_bioset() and allocates the requested number of bvecs as inline bvecs. * bio_alloc_bioset() no longer takes NULL @bs. None other than bio_kmalloc() used it and outside users can't know how it was allocated anyway. * Define and use BIO_POOL_NONE so that pool index check in bvec_free_bs() triggers if inline or kmalloc allocated bvec gets there. * Relocate destructors on top of each allocation function so that how they're used is more clear. Jens Axboe suggested allocating bvecs inline. Signed-off-by: Tejun Heo <tj@kernel.org> Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
* | | | check_unsafe_exec: s/lock_task_sighand/rcu_read_lock/Oleg Nesterov2009-04-241-4/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | write_lock(&current->fs->lock) guarantees we can't wrongly miss LSM_UNSAFE_SHARE, this is what we care about. Use rcu_read_lock() instead of ->siglock to iterate over the sub-threads. We must see all CLONE_THREAD|CLONE_FS threads which didn't pass exit_fs(), it takes fs->lock too. With or without this patch we can miss the freshly cloned thread and set LSM_UNSAFE_SHARE, we don't care. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Acked-by: Roland McGrath <roland@redhat.com> [ Fixed lock/unlock typo - Hugh ] Acked-by: Hugh Dickins <hugh@veritas.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* | | | do_execve() must not clear fs->in_exec if it was set by another threadOleg Nesterov2009-04-242-15/+15
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If do_execve() fails after check_unsafe_exec(), it clears fs->in_exec unconditionally. This is wrong if we race with our sub-thread which also does do_execve: Two threads T1 and T2 and another process P, all share the same ->fs. T1 starts do_execve(BAD_FILE). It calls check_unsafe_exec(), since ->fs is shared, we set LSM_UNSAFE but not ->in_exec. P exits and decrements fs->users. T2 starts do_execve(), calls check_unsafe_exec(), now ->fs is not shared, we set fs->in_exec. T1 continues, open_exec(BAD_FILE) fails, we clear ->in_exec and return to the user-space. T1 does clone(CLONE_FS /* without CLONE_THREAD */). T2 continues without LSM_UNSAFE_SHARE while ->fs is shared with another process. Change check_unsafe_exec() to return res = 1 if we set ->in_exec, and change do_execve() to clear ->in_exec depending on res. When do_execve() suceeds, it is safe to clear ->in_exec unconditionally. It can be set only if we don't share ->fs with another process, and since we already killed all sub-threads either ->in_exec == 0 or we are the only user of this ->fs. Also, we do not need fs->lock to clear fs->in_exec. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Acked-by: Roland McGrath <roland@redhat.com> Acked-by: Hugh Dickins <hugh@veritas.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>