summaryrefslogtreecommitdiffstats
path: root/fs/udf/super.c
AgeCommit message (Collapse)Author
2012-07-10udf: Improve table length check to avoid possible overflowJan Kara
When a partition table length is corrupted to be close to 1 << 32, the check for its length may overflow on 32-bit systems and we will think the length is valid. Later on the kernel can crash trying to read beyond end of buffer. Fix the check to avoid possible overflow. CC: stable@vger.kernel.org Reported-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: Jan Kara <jack@suse.cz>
2012-07-09udf: Fix memory leak when mountingJan Kara
When we are mounting filesystem, we can load one partition table before finding out that we cannot complete processing of logical volume descriptor and trying the reserve descriptor. Free the table properly before trying the reserve descriptor. Signed-off-by: Jan Kara <jack@suse.cz>
2012-07-09udf: stop using s_dirtArtem Bityutskiy
The UDF file-system does not need the 's_dirt' superblock flag because it does not define the 'write_super()' method. This flag was set to 1 in few places and set to 0 in '->sync_fs()' and was basically useless. Stop using it because it is on its way out. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com> Signed-off-by: Jan Kara <jack@suse.cz>
2012-06-28udf: Fortify loading of sparing tableJan Kara
Add sanity checks when loading sparing table from disk to avoid accessing unallocated memory or writing to it. Signed-off-by: Jan Kara <jack@suse.cz>
2012-06-28udf: Avoid run away loop when partition table length is corruptedJan Kara
Check provided length of partition table so that (possibly maliciously) corrupted partition table cannot cause accessing data beyond current buffer. Signed-off-by: Jan Kara <jack@suse.cz>
2012-06-28udf: Use 'ret' instead of abusing 'i' in udf_load_logicalvol()Jan Kara
Signed-off-by: Jan Kara <jack@suse.cz>
2012-03-28Merge branch 'for_linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs Pull ext3, UDF, and quota fixes from Jan Kara: "A couple of ext3 & UDF fixes and also one improvement in quota locking." * 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs: ext3: fix start and len arguments handling in ext3_trim_fs() udf: Fix deadlock in udf_release_file() udf: Fix file entry logicalBlocksRecorded udf: Fix handling of i_blocks quota: Make quota code not call tty layer with dqptr_sem held udf: Init/maintain file entry checkpoint field ext3: Update ctime in ext3_splice_branch() only when needed ext3: Don't call dquot_free_block() if we don't update anything udf: Remove unnecessary OOM messages
2012-03-20switch open-coded instances of d_make_root() to new helperAl Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-03-20vfs: check i_nlink limits in vfs_{mkdir,rename_dir,link}Al Viro
New field of struct super_block - ->s_max_links. Maximal allowed value of ->i_nlink or 0; in the latter case all checks still need to be done in ->link/->mkdir/->rename instances. Note that this limit applies both to directoris and to non-directories. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-02-29udf: Remove unnecessary OOM messagesJoe Perches
Per call site OOM messages are unnecessary. k.alloc and v.alloc failures use dump_stack(). Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Jan Kara <jack@suse.cz>
2012-01-09Merge branch 'for_linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs * 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs: ext2/3/4: delete unneeded includes of module.h ext{3,4}: Fix potential race when setversion ioctl updates inode udf: Mark LVID buffer as uptodate before marking it dirty ext3: Don't warn from writepage when readonly inode is spotted after error jbd: Remove j_barrier mutex reiserfs: Force inode evictions before umount to avoid crash reiserfs: Fix quota mount option parsing udf: Treat symlink component of type 2 as / udf: Fix deadlock when converting file from in-ICB one to normal one udf: Cleanup calling convention of inode_getblk() ext2: Fix error handling on inode bitmap corruption ext3: Fix error handling on inode bitmap corruption ext3: replace ll_rw_block with other functions ext3: NULL dereference in ext3_evict_inode() jbd: clear revoked flag on buffers before a new transaction started ext3: call ext3_mark_recovery_complete() when recovery is really needed
2012-01-09udf: Mark LVID buffer as uptodate before marking it dirtyJan Kara
When we hit EIO while writing LVID, the buffer uptodate bit is cleared. This then results in an anoying warning from mark_buffer_dirty() when we write the buffer again. So just set uptodate flag unconditionally. Reviewed-by: Namjae Jeon <linkinjeon@gmail.com> Signed-off-by: Jan Kara <jack@suse.cz>
2012-01-06vfs: switch ->show_options() to struct dentry *Al Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-01-03udf: propagate umode_tAl Viro
note re mount options: fmask and dmask are explicitly truncated to 12bit, UDF_INVALID_MODE just needs to be guaranteed to differ from any such value. And umask is used only in &= with umode_t, so we ignore other bits anyway. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-01-03vfs: fix the stupidity with i_dentry in inode destructorsAl Viro
Seeing that just about every destructor got that INIT_LIST_HEAD() copied into it, there is no point whatsoever keeping this INIT_LIST_HEAD in inode_init_once(); the cost of taking it into inode_init_always() will be negligible for pipes and sockets and negative for everything else. Not to mention the removal of boilerplate code from ->destroy_inode() instances... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-10-31udf: Cleanup metadata flags handlingJan Kara
Use simple ->s_flags variable instead of u8 variable for each flag. Signed-off-by: Jan Kara <jack@suse.cz>
2011-10-31udf: Skip mirror metadata FE loading when metadata FE is okNamjae Jeon
It is not necessary to load mirror metadata FE when metadata FE is OK. So try to read it only the first time udf_get_pblock_meta25() fails to map the block from metadata FE. Signed-off-by: Ashish Sangwan <ashishsangwan2@gmail.com> Signed-off-by: Namjae Jeon <linkinjeon@gmail.com> Signed-off-by: Jan Kara <jack@suse.cz>
2011-10-31udf: Neaten udf_debug usesJoe Perches
Just whitespace and argument alignment. Introduce some checkpatch warnings that deserve to be ignored. Reviewed-by: NamJae Jeon <linkinjeon@gmail.com> Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Jan Kara <jack@suse.cz>
2011-10-31udf: Neaten logging output, use vsprintf extension %pVJoe Perches
Use %pV and remove a static buffer to save some text space and fix possible issues when several processes call error reporting function in parallel. Also change error level from KERN_CRIT to KERN_ERR. Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Jan Kara <jack@suse.cz>
2011-10-31udf: Convert printks to pr_<level>Joe Perches
Use the current logging styles. Convert a few printks that should have been udf_warn and udf_err. Coalesce formats. Add #define pr_fmt. Move an #include "udfdecls.h" above other includes in udftime.c so pr_fmt works correctly. Strip prefixes from conversions as appropriate. Reorder logging definitions in udfdecl.h Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Jan Kara <jack@suse.cz>
2011-10-10udf: Rename udf_warning to udf_warnJoe Perches
Rename udf_warning to udf_warn for consistency with normal logging uses of pr_warn. Rename function udf_warning to _udf_warn. Remove __func__ from uses and move __func__ to a new udf_warn macro that calls _udf_warn. Add \n's to uses of udf_warn, remove \n from _udf_warn. Coalesce formats. Reviewed-by: NamJae Jeon <linkinjeon@gmail.com> Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Jan Kara <jack@suse.cz>
2011-10-10udf: Rename udf_error to udf_errJoe Perches
Rename udf_error to udf_err for consistency with normal logging uses of pr_err. Rename function udf_err to _udf_err. Remove __func__ from uses and move __func__ to a new udf_err macro that calls _udf_err. Some of the udf_error uses had \n terminations, some did not so standardize \n's to udf_err uses, remove \n from _udf_err function. Coalesce udf_err formats. One message prefixed with udf_read_super is now prefixed with udf_fill_super. Reviewed-by: NamJae Jeon <linkinjeon@gmail.com> Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Jan Kara <jack@suse.cz>
2011-10-10udf: Promote some debugging messages to udf_errorJoe Perches
If there is a problem with a scratched disc or loader, it's valuable to know which error occurred. Convert some debug messages to udf_error, neaten those messages too. Add the calculated tag checksum and the read checksum to error message. Make udf_error a public function and move the logging prototypes together. Original-patch-by: NamJae Jeon <linkinjeon@gmail.com> Reviewed-by: NamJae Jeon <linkinjeon@gmail.com> Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Jan Kara <jack@suse.cz>
2011-01-11Merge branch 'for_linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-udf-2.6 * 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-udf-2.6: UDF: Close small mem leak in udf_find_entry() udf: Fix directory corruption after extent merging udf: Protect udf_file_aio_write from possible races udf: Remove unnecessary bkl usages udf: Use of s_alloc_mutex to serialize udf_relocate_blocks() execution udf: Replace bkl with the UDF_I(inode)->i_data_sem for protect udf_inode_info struct udf: Remove BKL from free space counting functions udf: Call udf_add_free_space() for more blocks at once in udf_free_blocks() udf: Remove BKL from udf_put_super() and udf_remount_fs() udf: Protect default inode credentials by rwlock udf: Protect all modifications of LVID with s_alloc_mutex udf: Move handling of uniqueID into a helper function and protect it by a s_alloc_mutex udf: Remove BKL from udf_update_inode udf: Convert UDF_SB(sb)->s_flags to use bitops fs/udf: Add printf format/argument verification fs/udf: Use vzalloc (Evil merge: this also removes the BKL dependency from the Kconfig file)
2011-01-07fs: icache RCU free inodesNick Piggin
RCU free the struct inode. This will allow: - Subsequent store-free path walking patch. The inode must be consulted for permissions when walking, so an RCU inode reference is a must. - sb_inode_list_lock to be moved inside i_lock because sb list walkers who want to take i_lock no longer need to take sb_inode_list_lock to walk the list in the first place. This will simplify and optimize locking. - Could remove some nested trylock loops in dcache code - Could potentially simplify things a bit in VM land. Do not need to take the page lock to follow page->mapping. The downsides of this is the performance cost of using RCU. In a simple creat/unlink microbenchmark, performance drops by about 10% due to inability to reuse cache-hot slab objects. As iterations increase and RCU freeing starts kicking over, this increases to about 20%. In cases where inode lifetimes are longer (ie. many inodes may be allocated during the average life span of a single inode), a lot of this cache reuse is not applicable, so the regression caused by this patch is smaller. The cache-hot regression could largely be avoided by using SLAB_DESTROY_BY_RCU, however this adds some complexity to list walking and store-free path walking, so I prefer to implement this at a later date, if it is shown to be a win in real situations. I haven't found a regression in any non-micro benchmark so I doubt it will be a problem. Signed-off-by: Nick Piggin <npiggin@kernel.dk>
2011-01-06udf: Remove unnecessary bkl usagesAlessio Igor Bogani
The udf_readdir(), udf_lookup(), udf_create(), udf_mknod(), udf_mkdir(), udf_rmdir(), udf_link(), udf_get_parent() and udf_unlink() seems already adequately protected by i_mutex held by VFS invoking calls. The udf_rename() instead should be already protected by lock_rename again by VFS. The udf_ioctl(), udf_fill_super() and udf_evict_inode() don't requires any further protection. This work was supported by a hardware donation from the CE Linux Forum. Signed-off-by: Alessio Igor Bogani <abogani@texware.it> Signed-off-by: Jan Kara <jack@suse.cz>
2011-01-06udf: Replace bkl with the UDF_I(inode)->i_data_sem for protect ↵Alessio Igor Bogani
udf_inode_info struct Replace bkl with the UDF_I(inode)->i_data_sem rw semaphore in udf_release_file(), udf_symlink(), udf_symlink_filler(), udf_get_block(), udf_block_map(), and udf_setattr(). The rule now is that any operation on regular file's or symlink's extents (or generally allocation information including goal block) needs to hold i_data_sem. This work was supported by a hardware donation from the CE Linux Forum. Signed-off-by: Alessio Igor Bogani <abogani@texware.it> Signed-off-by: Jan Kara <jack@suse.cz>
2011-01-06udf: Remove BKL from free space counting functionsJan Kara
udf_count_free_bitmap() does not need BKL because bitmaps are in a fixed place on disk and so we can count set bits without serialization. udf_count_free_table() is now protected by s_alloc_mutex instead of BKL to get a consistent view of free space extents. Signed-off-by: Jan Kara <jack@suse.cz>
2011-01-06udf: Remove BKL from udf_put_super() and udf_remount_fs()Jan Kara
udf_put_super() does not need BKL because the filesystem is shut down so there's nothing to race with. The credential changes in udf_remount_fs() and LVID changes are now protected by dedicated locks so we can remove BKL from this function as well. Signed-off-by: Jan Kara <jack@suse.cz>
2011-01-06udf: Protect default inode credentials by rwlockJan Kara
Superblock carries credentials (uid, gid, etc.) which are used as default values in __udf_read_inode() when media does not provide these. These credentials can change during remount so we protect them by a rwlock so that each inode gets a consistent set of credentials. Signed-off-by: Jan Kara <jack@suse.cz>
2011-01-06udf: Protect all modifications of LVID with s_alloc_mutexJan Kara
udf_open_lvid() and udf_close_lvid() were modifying LVID without s_alloc_mutex. Since they can be called from remount, the modification could race with other filesystem modifications of LVID so protect them by s_alloc_mutex just to be sure. Signed-off-by: Jan Kara <jack@suse.cz>
2011-01-06udf: Move handling of uniqueID into a helper function and protect it by a ↵Jan Kara
s_alloc_mutex uniqueID handling has been duplicated in three places. Move it into a common helper. Since we modify an LVID buffer with uniqueID update, we take sbi->s_alloc_mutex to protect agaist other modifications of the structure. Signed-off-by: Jan Kara <jack@suse.cz>
2011-01-06fs/udf: Use vzallocJoe Perches
Signed-off-by: Joe Perches <joe@perches.com> Signed-off-by: Jan Kara <jack@suse.cz>
2010-10-29new helper: mount_bdev()Al Viro
... and switch of the obvious get_sb_bdev() users to ->mount() Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2010-10-04BKL: Explicitly add BKL around get_sb/fill_superJan Blunck
This patch is a preparation necessary to remove the BKL from do_new_mount(). It explicitly adds calls to lock_kernel()/unlock_kernel() around get_sb/fill_super operations for filesystems that still uses the BKL. I've read through all the code formerly covered by the BKL inside do_kern_mount() and have satisfied myself that it doesn't need the BKL any more. do_kern_mount() is already called without the BKL when mounting the rootfs and in nfsctl. do_kern_mount() calls vfs_kern_mount(), which is called from various places without BKL: simple_pin_fs(), nfs_do_clone_mount() through nfs_follow_mountpoint(), afs_mntpt_do_automount() through afs_mntpt_follow_link(). Both later functions are actually the filesystems follow_link inode operation. vfs_kern_mount() is calling the specified get_sb function and lets the filesystem do its job by calling the given fill_super function. Therefore I think it is safe to push down the BKL from the VFS to the low-level filesystems get_sb/fill_super operation. [arnd: do not add the BKL to those file systems that already don't use it elsewhere] Signed-off-by: Jan Blunck <jblunck@infradead.org> Signed-off-by: Arnd Bergmann <arnd@arndb.de> Cc: Matthew Wilcox <matthew@wil.cx> Cc: Christoph Hellwig <hch@infradead.org>
2010-08-10Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: (96 commits) no need for list_for_each_entry_safe()/resetting with superblock list Fix sget() race with failing mount vfs: don't hold s_umount over close_bdev_exclusive() call sysv: do not mark superblock dirty on remount sysv: do not mark superblock dirty on mount btrfs: remove junk sb_dirt change BFS: clean up the superblock usage AFFS: wait for sb synchronization when needed AFFS: clean up dirty flag usage cifs: truncate fallout mbcache: fix shrinker function return value mbcache: Remove unused features add f_flags to struct statfs(64) pass a struct path to vfs_statfs update VFS documentation for method changes. All filesystems that need invalidate_inode_buffers() are doing that explicitly convert remaining ->clear_inode() to ->evict_inode() Make ->drop_inode() just return whether inode needs to be dropped fs/inode.c:clear_inode() is gone fs/inode.c:evict() doesn't care about delete vs. non-delete paths now ... Fix up trivial conflicts in fs/nilfs2/super.c
2010-08-09switch udf to ->evict_inode()Al Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2010-08-02udf: super.c Fix warning: variable 'sbi' set but not usedJustin P. Mattock
This fixes this warning when building the kernel: CC fs/udf/super.o fs/udf/super.c: In function 'udf_load_sequence': fs/udf/super.c:1582:22: warning: variable 'sbi' set but not used Please have a look, when you have time and let me know. Signed-off-by: Justin P. Mattock <justinmattock@gmail.com> Signed-off-by: Jan Kara <jack@suse.cz>
2010-05-24udf: Remove dead quota codeJan Kara
Quota on UDF is non-functional at least since 2.6.16 (I'm too lazy to do more archeology) because it does not provide .quota_write and .quota_read functions and thus quotaon(8) just returns EINVAL. Since nobody complained for all those years and quota support is not even in UDF standard just nuke it. Signed-off-by: Jan Kara <jack@suse.cz>
2010-05-24quota: rename default quotactl methods to dquot_Christoph Hellwig
Follow the dquot_* style used elsewhere in dquot.c. [Jan Kara: Fixed up missing conversion of ext2] Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Jan Kara <jack@suse.cz>
2010-05-24quota: explicitly set ->dq_op and ->s_qcopChristoph Hellwig
Only set the quota operation vectors if the filesystem actually supports quota instead of doing it for all filesystems in alloc_super(). [Jan Kara: Export dquot_operations and vfs_quotactl_ops] Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Jan Kara <jack@suse.cz>
2010-05-24quota: move unmount handling into the filesystemChristoph Hellwig
Currently the VFS calls into the quotactl interface for unmounting filesystems. This means filesystems with their own quota handling can't easily distinguish between user-space originating quotaoff and an unount. Instead move the responsibily of the unmount handling into the filesystem to be consistent with all other dquot handling. Note that we do call dquot_disable a lot later now, e.g. after a sync_filesystem. But this is fine as the quota code does all its writes via blockdev's mapping and that is synced even later. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Jan Kara <jack@suse.cz>
2010-05-24quota: kill the vfs_dq_off and vfs_dq_quota_on_remount wrappersChristoph Hellwig
Instead of having wrappers in the VFS namespace export the dquot_suspend and dquot_resume helpers directly. Also rename vfs_quota_disable to dquot_disable while we're at it. [Jan Kara: Moved dquot_suspend to quotaops.h and made it inline] Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Jan Kara <jack@suse.cz>
2010-05-24quota: move remount handling into the filesystemChristoph Hellwig
Currently do_remount_sb calls into the dquot code to tell it about going from rw to ro and ro to rw. Move this code into the filesystem to not depend on the dquot code in the VFS - note ocfs2 already ignores these calls and handles remount by itself. This gets rid of overloading the quotactl calls and allows to unify the VFS and XFS codepaths in that area later. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Jan Kara <jack@suse.cz>
2009-12-14udf: Try harder when looking for VAT inodeJan Kara
Some disks do not contain VAT inode in the last recorded block as required by the standard but a few blocks earlier (or the number of recorded blocks is wrong). So look for the VAT inode a bit before the end of the media. Signed-off-by: Jan Kara <jack@suse.cz>
2009-07-30udf: Fix loading of VAT inode when drive wrongly reports number of recorded ↵Jan Kara
blocks VAT inode is located in the last block recorded block of the medium. When the drive errorneously reports number of recorded blocks, we failed to load the VAT inode and thus mount the medium. This patch makes kernel try to read VAT inode from the last block of the device if it is different from the last recorded block. Signed-off-by: Jan Kara <jack@suse.cz>
2009-06-11Push BKL down into ->remount_fs()Alessio Igor Bogani
[xfs, btrfs, capifs, shmem don't need BKL, exempt] Signed-off-by: Alessio Igor Bogani <abogani@texware.it> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-06-11push BKL down into ->put_superChristoph Hellwig
Move BKL into ->put_super from the only caller. A couple of filesystems had trivial enough ->put_super (only kfree and NULLing of s_fs_info + stuff in there) to not get any locking: coda, cramfs, efs, hugetlbfs, omfs, qnx4, shmem, all others got the full treatment. Most of them probably don't need it, but I'd rather sort that out individually. Preferably after all the other BKL pushdowns in that area. [AV: original used to move lock_super() down as well; these changes are removed since we don't do lock_super() at all in generic_shutdown_super() now] [AV: fuse, btrfs and xfs are known to need no damn BKL, exempt] Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2009-05-22block: Do away with the notion of hardsect_sizeMartin K. Petersen
Until now we have had a 1:1 mapping between storage device physical block size and the logical block sized used when addressing the device. With SATA 4KB drives coming out that will no longer be the case. The sector size will be 4KB but the logical block size will remain 512-bytes. Hence we need to distinguish between the physical block size and the logical ditto. This patch renames hardsect_size to logical_block_size. Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com> Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2009-04-02udf: Don't write integrity descriptor too oftenJan Kara
We update information in logical volume integrity descriptor after each allocation (as LVID contains free space, number of directories and files on disk etc.). If the filesystem is on some phase change media, this leads to its quick degradation as such media is able to handle only 10000 overwrites or so. We solve the problem by writing new information into LVID only on umount, remount-ro and sync. This solves the problem at the price of longer media inconsistency (previously media became consistent after pdflush flushed dirty LVID buffer) but that should be acceptable. Report by and patch written in cooperation with Rich Coe <Richard.Coe@med.ge.com>. Signed-off-by: Jan Kara <jack@suse.cz>