summaryrefslogtreecommitdiffstats
path: root/fs
AgeCommit message (Collapse)Author
2008-08-08Merge branch 'master' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6 * 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: [CIFS] list entry can not return null turn cifs_setattr into a multiplexor that calls the correct function move file time and dos attribute setting logic into new function spin off cifs_setattr with unix extensions to its own function [CIFS] Code cleanup in old sessionsetup code [CIFS] cifs_mkdir and cifs_create should respect the setgid bit on parent dir Rename CIFSSMBSetFileTimes to CIFSSMBSetFileInfo and add PID arg change CIFSSMBSetTimes to CIFSSMBSetPathInfo [CIFS] fix trailing whitespace bundle up Unix SET_PATH_INFO args into a struct and change name Fix missing braces in cifs_revalidate() remove locking around tcpSesAllocCount atomic variable [CIFS] properly account for new user= field in SPNEGO upcall string allocation [CIFS] remove level of indentation from decode_negTokenInit [CIFS] cifs send2 not retrying enough in some cases on full socket [CIFS] oid should also be checked against class in cifs asn
2008-08-08[CIFS] list entry can not return nullSteve French
Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-08[NFSD] uninline nfsd4_op_name()Adrian Bunk
There doesn't seem to be a compelling reason why nfsd4_op_name() is marked as "inline": It's only used in a dprintk(), and as long as it has only one caller non-ancient gcc versions anyway inline it automatically. This patch fixes the following compile error with gcc 3.4: ... CC fs/nfsd/nfs4proc.o nfs4proc.c: In function `nfsd4_proc_compound': nfs4proc.c:854: sorry, unimplemented: inlining failed in call to nfs4proc.c:897: sorry, unimplemented: called from here make[3]: *** [fs/nfsd/nfs4proc.o] Error 1 Reported-by: Adrian Bunk <bunk@kernel.org> Signed-off-by: Adrian Bunk <bunk@kernel.org> [ Also made it "const char *" - Linus] Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-08-06turn cifs_setattr into a multiplexor that calls the correct functionJeff Layton
Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-06move file time and dos attribute setting logic into new functionJeff Layton
Break up cifs_setattr further by moving the logic that sets file times and dos attributes into a separate function. This patch also refactors the logic a bit so that when the file is already open then we go ahead and do a SetFileInfo call. SetPathInfo seems to be unreliable when setting times on open files. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-06spin off cifs_setattr with unix extensions to its own functionJeff Layton
Create a new cifs_setattr_unix function to handle a setattr when unix extensions are enabled and have cifs_setattr call it. Also, clean up variable declarations in cifs_setattr. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-06bio: make use of bvec_nr_vecsDenis ChengRq
Since introduced in 7ba1ba12eee, it should be made use of. Signed-off-by: Denis ChengRq <crquan@gmail.com> Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2008-08-06[CIFS] Code cleanup in old sessionsetup codeSteve French
Remove some long lines Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-06[CIFS] cifs_mkdir and cifs_create should respect the setgid bit on parent dirJeff Layton
If a server supports unix extensions but does not support POSIX create routines, then the client will create a new inode with a standard SMB mkdir or create/open call and then will set the mode. When it does this, it does not take the setgid bit on the parent directory into account. This patch has CIFS flip on the setgid bit when the parent directory has it. If the share is mounted with "setuids" then also change the group owner to the gid of the parent. This patch should apply cleanly on top of the setattr cleanup patches that I sent a few weeks ago. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-06Rename CIFSSMBSetFileTimes to CIFSSMBSetFileInfo and add PID argJeff Layton
The new name is more clear since this is also used to set file attributes. We'll need the pid_of_opener arg so that we can pass in filehandles of other pids and spare ourselves an open call. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-06change CIFSSMBSetTimes to CIFSSMBSetPathInfoJeff Layton
CIFSSMBSetTimes is a deceptive name. This function does more that just set file times. Change it to CIFSSMBSetPathInfo, which is closer to its real purpose. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-06[CIFS] fix trailing whitespaceSteve French
Jeff left trailing whitespace in previous patch Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-06bundle up Unix SET_PATH_INFO args into a struct and change nameJeff Layton
We'd like to be able to use the unix SET_PATH_INFO_BASIC args to set file times as well, but that makes the argument list rather long. Bundle up the args for unix SET_PATH_INFO call into a struct. For now, we don't actually use the times fields anywhere. That will be done in a follow-on patch. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-05proc: fix warningsAlexander Beregalov
proc: fix warnings fs/proc/base.c:2429: warning: format '%llu' expects type 'long long unsigned int', but argument 3 has type 'u64' fs/proc/base.c:2429: warning: format '%llu' expects type 'long long unsigned int', but argument 4 has type 'u64' fs/proc/base.c:2429: warning: format '%llu' expects type 'long long unsigned int', but argument 5 has type 'u64' fs/proc/base.c:2429: warning: format '%llu' expects type 'long long unsigned int', but argument 6 has type 'u64' fs/proc/base.c:2429: warning: format '%llu' expects type 'long long unsigned int', but argument 7 has type 'u64' fs/proc/base.c:2429: warning: format '%llu' expects type 'long long unsigned int', but argument 8 has type 'u64' fs/proc/base.c:2429: warning: format '%llu' expects type 'long long unsigned int', but argument 9 has type 'u64' Signed-off-by: Alexander Beregalov <a.beregalov@gmail.com> Acked-by: Andrea Righi <righi.andrea@gmail.com> Cc: Oleg Nesterov <oleg@tv-sign.ru> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-08-05omfs: fix warningAlexander Beregalov
fs/omfs/inode.c:495: warning: format '%llx' expects type 'long long unsigned int', but argument 2 has type 'u64' fs/omfs/inode.c:495: warning: format '%llx' expects type 'long long unsigned int', but argument 3 has type '__be64' Signed-off-by: Alexander Beregalov <a.beregalov@gmail.com> Acked-by: Bob Copeland <me@bobcopeland.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-08-05Fix missing braces in cifs_revalidate()Suresh Jayaraman
Fix missing braces introduced during commit cea218054ad277d6c126890213afde07b4eb1602. Though setting wbrc to 0 keeps this from causing real bug, this should have been there. Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-04fs: rename buffer trylockNick Piggin
Like the page lock change, this also requires name change, so convert the raw test_and_set bitop to a trylock. Signed-off-by: Nick Piggin <npiggin@suse.de> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-08-04mm: rename page trylockNick Piggin
Converting page lock to new locking bitops requires a change of page flag operation naming, so we might as well convert it to something nicer (!TestSetPageLocked_Lock => trylock_page, SetPageLocked => set_page_locked). This also facilitates lockdeping of page lock. Signed-off-by: Nick Piggin <npiggin@suse.de> Acked-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Acked-by: Peter Zijlstra <peterz@infradead.org> Acked-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-08-04Revert "UFS: add const to parser token table"Linus Torvalds
This reverts commit f9247273cb69ba101877e946d2d83044409cc8c5 (and fb2e405fc1fc8b20d9c78eaa1c7fd5a297efde43 - "fix fs/nfs/nfsroot.c compilation" - that fixed a missed conversion). The changes cause problems for at least the sparc build. Let's re-do them when the exact issues are resolved. Requested-by: Andrew Morton <akpm@linux-foundation.org> Requested-by: Steven Whitehouse <swhiteho@redhat.com> Cc: David Miller <davem@davemloft.net> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-08-04remove locking around tcpSesAllocCount atomic variableJeff Layton
The global tcpSesAllocCount variable is an atomic already and doesn't really need the extra locking around it. Remove the locking and just use the atomic_inc_return and atomic_dec_return functions to make sure we access it correctly. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-03Merge branch 'for_linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 * 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: ext4: remove write-only variables from ext4_ordered_write_end ext4: unexport jbd2_journal_update_superblock ext4: Cleanup whitespace and other miscellaneous style issues ext4: improve ext4_fill_flex_info() a bit ext4: Cleanup the block reservation code path ext4: don't assume extents can't cross block groups when truncating ext4: Fix lack of credits BUG() when deleting a badly fragmented inode ext4: Fix ext4_ext_journal_restart() ext4: fix ext4_da_write_begin error path jbd2: don't abort if flushing file data failed ext4: don't read inode block if the buffer has a write error ext4: Don't allow lg prealloc list to be grow large. ext4: Convert the usage of NR_CPUS to nr_cpu_ids. ext4: Improve error handling in mballoc ext4: lock block groups when initializing ext4: sync up block and inode bitmap reading functions ext4: Allow read/only mounts with corrupted block group checksums ext4: Fix data corruption when writing to prealloc area
2008-08-02ext4: remove write-only variables from ext4_ordered_write_endEric Sandeen
The variables 'from' and 'to' are not used anywhere. Signed-off-by: Eric Sandeen <sandeen@redhat.com> Acked-by: Mingming Cao <cmm@us.ibm.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
2008-08-02fat: Fix allow_utime optionOGAWA Hirofumi
FAT has to handle the newly introduced ATTR_TIMES_SET for allow_utime option. Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-08-01Merge branch 'for-linus' of git://oss.sgi.com:8090/xfs/xfs-pullLinus Torvalds
* 'for-linus' of git://oss.sgi.com:8090/xfs/xfs-pull: (64 commits) [XFS] Remove vn_revalidate calls in xfs. [XFS] Now that xfs_setattr is only used for attributes set from ->setattr [XFS] xfs_setattr currently doesn't just handle the attributes set through [XFS] fix use after free with external logs or real-time devices [XFS] A bug was found in xfs_bmap_add_extent_unwritten_real(). In a [XFS] fix compilation without CONFIG_PROC_FS [XFS] s/XFS_PURGE_INODE/IRELE/g s/VN_HOLD(XFS_ITOV())/IHOLD()/ [XFS] fix mount option parsing in remount [XFS] Disable queue flag test in barrier check. [XFS] streamline init/exit path [XFS] Fix up problem when CONFIG_XFS_POSIX_ACL is not set and yet we still [XFS] Don't assert if trying to mount with blocksize > pagesize [XFS] Don't update mtime on rename source [XFS] Allow xfs_bmbt_split() to fallback to the lowspace allocator [XFS] Restore the lowspace extent allocator algorithm [XFS] use minleft when allocating in xfs_bmbt_split() [XFS] attrmulti cleanup [XFS] Check for invalid flags in xfs_attrlist_by_handle. [XFS] Fix CI lookup in leaf-form directories [XFS] Use the generic xattr methods. ...
2008-08-01Merge branch 'upstream-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/mfasheh/ocfs2 * 'upstream-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mfasheh/ocfs2: [PATCH] ocfs2: Release mutex in error handling code [PATCH] ocfs2: Fix oops when racing files truncates with writes into an mmap region [PATCH 2/2] ocfs2: Fix race between mount and recovery [PATCH 1/2] ocfs2: Add counter in struct ocfs2_dinode to track journal replays [PATCH] configfs: Convenience macros for attribute definition. [PATCH] configfs: Pin configfs subsystems separately from new config_items. [PATCH] configfs: Fix open directory making rmdir() fail [PATCH] configfs: Lock new directory inodes before removing on cleanup after failure [PATCH] configfs: Prevent userspace from creating new entries under attaching directories [PATCH] configfs: Fix failing symlink() making rmdir() fail [PATCH] configfs: Fix symlink() to a removing item [PATCH] configfs: Include linux/err.h in linux/configfs.h
2008-08-01Merge git://git.infradead.org/mtd-2.6Linus Torvalds
* git://git.infradead.org/mtd-2.6: [MTD] [NAND] drivers/mtd/nand/nandsim.c: fix printk warnings [MTD] [NAND] Blackfin NFC Driver: Cleanup the error exit path of bf5xx_nand_probe function [MTD] [NAND] Blackfin NFC Driver: use standard dev_err() rather than printk() [MTD] [NAND] Blackfin NFC Driver: enable Blackfin nand HWECC support by default [MTD] [NAND] Blackfin NFC Driver: add proper devinit/devexit markings to probe/remove functions [MTD] [NAND] Blackfin NFC Driver: add support for the ECC layout the Blackfin bootrom uses [MTD] [NAND] Blackfin NFC Driver: fix bug - hw ecc calc by making sure we extract 11 bits from each register instead of 10 [MTD] [NAND] Blackfin NFC Driver: fix bug - do not clobber the status from the first 256 bytes if operating on 512 pages [MTD] [NAND] diskonchip.c fix sparse endian warnings [MTD] [NAND] drivers/mtd/nand/nandsim.c needs div64.h [JFFS2] Fix allocation of summary buffer Fix rename of at91_nand -> atmel_nand [MTD] [NOR] drivers/mtd/chips/jedec_probe.c: fix Am29DL800BB device ID [MTD] MTD_DEBUG always does compile-time typechecks [MTD] DataFlash: bugfix, binary page sizes now handled [MTD] [NAND] fsl_elbc_nand.c: fix printk warning [MTD] [NAND] nandsim: support random page read command [MTD] [NAND] fix subpage read for small page NAND
2008-08-01[CIFS] properly account for new user= field in SPNEGO upcall string allocationJeff Layton
...it doesn't look like it's being accounted for at the moment. Also try to reorganize the calculation to make it a little more evident what each piece means. This should probably go to the stable series as well... Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-08-01[PATCH] pass struct path * to do_add_mount()Al Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-01[PATCH] switch mtd and dm-table to lookup_bdev()Al Viro
No need to open-code it... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-01[patch 3/4] vfs: remove unused nameidata argument of may_create()Miklos Szeredi
Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-01[PATCH] devpts: switch to IDAAlexey Dobriyan
Devpts code wants just numbers for tty indexes. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-01[PATCH 2/2] proc: switch inode number allocation to IDAAlexey Dobriyan
proc doesn't use "associate pointer with id" feature of IDR, so switch to IDA. NOTE, NOTE, NOTE: Do not apply if release_inode_number() still mantions MAX_ID_MASK! Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-01[PATCH 1/2] proc: fix inode number bogorithmeticAlexey Dobriyan
Id which proc gets from IDR for inode number and id which proc removes from IDR do not match. E.g. 0x11a transforms into 0x8000011a. Which stayed unnoticed for a long time because, surprise, idr_remove() masks out that high bit before doing anything. All of this due to "| ~MAX_ID_MASK" in release_inode_number(). I still don't understand how it's supposed to work, because "| ~MASK" is not an inversion for "& MAX" operation. So, use just one nice, working addition. Make start offset unsigned int, while I'm at it. It's longness is not used anywhere. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-01[PATCH] fix bdev leak in block_dev.c do_open()Al Viro
Callers expect it to drop reference to bdev on all failure exits. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-01[PATCH] fix races and leaks in vfs_quota_on() usersAl Viro
* new helper: vfs_quota_on_path(); equivalent of vfs_quota_on() sans the pathname resolution. * callers of vfs_quota_on() that do their own pathname resolution and checks based on it are switched to vfs_quota_on_path(); that way we avoid the races. * reiserfs leaked dentry/vfsmount references on several failure exits. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-01[PATCH] clean dup2() up a bitAl Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-01[PATCH] merge locate_fd() and get_unused_fd()Al Viro
New primitive: alloc_fd(start, flags). get_unused_fd() and get_unused_fd_flags() become wrappers on top of it. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-01Re: BUG at security/selinux/avc.c:883 (was: Re: linux-next: TreeStephen Smalley
for July 17: early crash on x86-64) SELinux needs MAY_APPEND to be passed down to the security hook. Otherwise, we get permission denials when only append permission is granted by policy even if the opening process specified O_APPEND. Shows up as a regression in the ltp selinux testsuite, fixed by this patch. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-08-01[JFFS2] Fix allocation of summary bufferDavid Woodhouse
We can't use vmalloc for the buffer we use for writing summaries, because some drivers may want to DMA from it. So limit the size to 64KiB and use kmalloc for it instead. Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
2008-07-31[PATCH] ocfs2: Release mutex in error handling codeJulia Lawall
The mutex is released on a successful return, so it would seem that it should be released on an error return as well. The semantic patch finds this problem is as follows: (http://www.emn.fr/x-info/coccinelle/) // <smpl> @@ expression l; @@ mutex_lock(l); ... when != mutex_unlock(l) when any when strict ( if (...) { ... when != mutex_unlock(l) + mutex_unlock(l); return ...; } | mutex_unlock(l); ) // </smpl> Signed-off-by: Julia Lawall <julia@diku.dk> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-07-31[PATCH] ocfs2: Fix oops when racing files truncates with writes into an mmap ↵Sunil Mushran
region This patch fixes an oops that is reproduced when one races writes to a mmap-ed region with another process truncating the file. Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-07-31[PATCH 2/2] ocfs2: Fix race between mount and recoverySunil Mushran
As the fs recovery is asynchronous, there is a small chance that another node can mount (and thus recover) the slot before the recovery thread gets to it. If this happens, the recovery thread will block indefinitely on the journal/slot lock as that lock will be held for the duration of the mount (by design) by the node assigned to that slot. The solution implemented is to keep track of the journal replays using a recovery generation in the journal inode, which will be incremented by the thread replaying that journal. The recovery thread, before attempting the blocking lock on the journal/slot lock, will compare the generation on disk with what it has cached and skip recovery if it does not match. This bug appears to have been inadvertently introduced during the mount/umount vote removal by mainline commit 34d024f84345807bf44163fac84e921513dde323. In the mount voting scheme, the messaging would indirectly indicate that the slot was being recovered. Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-07-31[PATCH 1/2] ocfs2: Add counter in struct ocfs2_dinode to track journal replaysSunil Mushran
This patch renames the ij_pad to ij_recovery_generation in struct ocfs2_dinode. This will be used to keep count of journal replays after an unclean shutdown. Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-07-31[PATCH] configfs: Pin configfs subsystems separately from new config_items.Joel Becker
configfs_mkdir() creates a new item by calling its parent's ->make_item/group() functions. Once that object is created, configfs_mkdir() calls try_module_get() on the new item's module. If it succeeds, the module owning the new item cannot be unloaded, and configfs is safe to reference the item. If the item and the subsystem it belongs to are part of the same module, the subsystem is also pinned. This is the common case. However, if the subsystem is made up of multiple modules, this may not pin the subsystem. Thus, it would be possible to unload the toplevel subsystem module while there is still a child item. Thus, we now try_module_get() the subsystem's module. This only really affects children of the toplevel subsystem group. Deeper children already have their parents pinned. Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-07-31[PATCH] configfs: Fix open directory making rmdir() failLouis Rilling
When checking for user-created elements under an item to be removed by rmdir(), configfs_detach_prep() counts fake configfs_dirents created by dir_open() as user-created and fails when finding one. It is however perfectly valid to remove a directory that is open. Simply make configfs_detach_prep() skip fake configfs_dirent, like it already does for attributes, and like detach_groups() does. Signed-off-by: Louis Rilling <louis.rilling@kerlabs.com> Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-07-31[PATCH] configfs: Lock new directory inodes before removing on cleanup after ↵Louis Rilling
failure Once a new configfs directory is created by configfs_attach_item() or configfs_attach_group(), a failure in the remaining initialization steps leads to removing a directory which inode the VFS may have already accessed. This commit adds the necessary inode locking to safely remove configfs directories while cleaning up after a failure. As an advantage, the locking rules of populate_groups() and detach_groups() become the same: the caller must have the group's inode mutex locked. Signed-off-by: Louis Rilling <louis.rilling@kerlabs.com> Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-07-31[PATCH] configfs: Prevent userspace from creating new entries under ↵Louis Rilling
attaching directories process 1: process 2: configfs_mkdir("A") attach_group("A") attach_item("A") d_instantiate("A") populate_groups("A") mutex_lock("A") attach_group("A/B") attach_item("A") d_instantiate("A/B") mkdir("A/B/C") do_path_lookup("A/B/C", LOOKUP_PARENT) ok lookup_create("A/B/C") mutex_lock("A/B") ok configfs_mkdir("A/B/C") ok attach_group("A/C") attach_item("A/C") d_instantiate("A/C") populate_groups("A/C") mutex_lock("A/C") attach_group("A/C/D") attach_item("A/C/D") failure mutex_unlock("A/C") detach_groups("A/C") nothing to do mkdir("A/C/E") do_path_lookup("A/C/E", LOOKUP_PARENT) ok lookup_create("A/C/E") mutex_lock("A/C") ok configfs_mkdir("A/C/E") ok detach_item("A/C") d_delete("A/C") mutex_unlock("A") detach_groups("A") mutex_lock("A/B") detach_group("A/B") detach_groups("A/B") nothing since no _default_ group detach_item("A/B") mutex_unlock("A/B") d_delete("A/B") detach_item("A") d_delete("A") Two bugs: 1/ "A/B/C" and "A/C/E" are created, but never removed while their parent are removed in the end. The same could happen with symlink() instead of mkdir(). 2/ "A" and "A/C" inodes are not locked while detach_item() is called on them, which may probably confuse VFS. This commit fixes 1/, tagging new directories with CONFIGFS_USET_CREATING before building the inode and instantiating the dentry, and validating the whole group+default groups hierarchy in a second pass by clearing CONFIGFS_USET_CREATING. mkdir(), symlink(), lookup(), and dir_open() simply return -ENOENT if called in (or linking to) a directory tagged with CONFIGFS_USET_CREATING. This does not prevent userspace from calling stat() successfuly on such directories, but this prevents userspace from adding (children to | symlinking from/to | read/write attributes of | listing the contents of) not validated items. In other words, userspace will not interact with the subsystem on a new item until the new item creation completes correctly. It was first proposed to re-use CONFIGFS_USET_IN_MKDIR instead of a new flag CONFIGFS_USET_CREATING, but this generated conflicts when checking the target of a new symlink: a valid target directory in the middle of attaching a new user-created child item could be wrongly detected as being attached. 2/ is fixed by next commit. Signed-off-by: Louis Rilling <louis.rilling@kerlabs.com> Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-07-31[PATCH] configfs: Fix failing symlink() making rmdir() failLouis Rilling
On a similar pattern as mkdir() vs rmdir(), a failing symlink() may make rmdir() fail for the symlink's parent and the symlink's target as well. failing symlink() making target's rmdir() fail: process 1: process 2: symlink("A/S" -> "B") allow_link() create_link() attach to "B" links list rmdir("B") detach_prep("B") error because of new link configfs_create_link("A", "S") error (eg -ENOMEM) failing symlink() making parent's rmdir() fail: process 1: process 2: symlink("A/D/S" -> "B") allow_link() create_link() attach to "B" links list configfs_create_link("A/D", "S") make_dirent("A/D", "S") rmdir("A") detach_prep("A") detach_prep("A/D") error because of "S" create("S") error (eg -ENOMEM) We cannot use the same solution as for mkdir() vs rmdir(), since rmdir() on the target cannot wait on the i_mutex of the new symlink's parent without risking a deadlock (with other symlink() or sys_rename()). Instead we define a global mutex protecting all configfs symlinks attachment, so that rmdir() can avoid the races above. Signed-off-by: Louis Rilling <louis.rilling@kerlabs.com> Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-07-31[PATCH] configfs: Fix symlink() to a removing itemLouis Rilling
The rule for configfs symlinks is that symlinks always point to valid config_items, and prevent the target from being removed. However, configfs_symlink() only checks that it can grab a reference on the target item, without ensuring that it remains alive until the symlink is correctly attached. This patch makes configfs_symlink() fail whenever the target is being removed, using the CONFIGFS_USET_DROPPING flag set by configfs_detach_prep() and protected by configfs_dirent_lock. This patch introduces a similar (weird?) behavior as with mkdir failures making rmdir fail: if symlink() races with rmdir() of the parent directory (or its youngest user-created ancestor if parent is a default group) or rmdir() of the target directory, and then fails in configfs_create(), this can make the racing rmdir() fail despite the concerned directory having no user-created entry (resp. no symlink pointing to it or one of its default groups) in the end. This behavior is fixed in later patches. Signed-off-by: Louis Rilling <louis.rilling@kerlabs.com> Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-07-31[PATCH] configfs: Include linux/err.h in linux/configfs.hJoel Becker
We now use PTR_ERR() in the ->make_item() and ->make_group() operations. Folks including configfs.h need err.h. Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>