summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2008-12-13Enforce a minimum SG_IO timeoutLinus Torvalds
commit f2f1fa78a155524b849edf359e42a3001ea652c0 upstream. There's no point in having too short SG_IO timeouts, since if the command does end up timing out, we'll end up through the reset sequence that is several seconds long in order to abort the command that timed out. As a result, shorter timeouts than a few seconds simply do not make sense, as the recovery would be longer than the timeout itself. Add a BLK_MIN_SG_TIMEOUT to match the existign BLK_DEFAULT_SG_TIMEOUT. Suggested-by: Alan Cox <alan@lxorguk.ukuu.org.uk> Acked-by: Tejun Heo <tj@kernel.org> Acked-by: Jens Axboe <jens.axboe@oracle.com> Cc: Jeff Garzik <jeff@garzik.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-13sparc64: Sync FPU state in VIS emulation handler.Hong H. Pham
[ Upstream commit 410d2c8187ed969238ba98008c1d57307a56cfd8 ] Copy the FPU state to the task's thread_info->fpregs for the VIS emulation functions to access. Signed-off-by: Hong H. Pham <hong.pham@windriver.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-13sparc64: Fix VIS emulation bugsJoseph Myers
[ Upstream commit 726c12f57d7e3ff43693d88e13b1ff02464c75d3 ] This patch fixes some bugs in VIS emulation that cause the GCC test failure FAIL: gcc.target/sparc/pdist-3.c execution test for both 32-bit and 64-bit testing on hardware lacking these instructions. The emulation code for the pdist instruction uses RS1(insn) for both source registers rs1 and rs2, which is obviously wrong and leads to the instruction doing nothing (the observed problem), and further inspection of the code shows that RS1 uses a shift of 24 and RD a shift of 25, which clearly cannot both be right; examining SPARC documentation indicates the correct shift for RS1 is 14. This patch fixes the bug if single-stepping over the affected instruction in the debugger, but not if the testcase is run standalone. For that, Wind River has another patch I hope they will send as a followup to this patch submission. Signed-off-by: Joseph Myers <joseph@codesourcery.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-13sparc64: Fix bug in PTRACE_SETFPREGS64 handling.Chris Torek
[ Upstream commit 5769907ade8dda7002b304c03ef9e4ee5c1e0821 ] From: Chris Torek <chris.torek@windriver.com> >The SPARC64 kernel code for PTRACE_SETFPREGS64 appears to be an exact copy >of that for PTRACE_GETFPREGS64. This means that gdbserver and native >64-bit GDB cannot set floating-point registers. It looks like a simple typo. Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-13sparc64: Fix PCI resource mapping on sparc64Max Dmitrichenko
[ Upstream commit 145e1c0023585e0e8f6df22316308ec61c5066b2 ] There is a problem discovered in recent versions of ATI Mach64 driver in X.org on sparc64 architecture. In short, the driver fails to mmap MMIO aperture (PCI resource #2). I've found that kernel's __pci_mmap_make_offset() returns EINVAL. It checks whether user attempts to mmap more than the resource length, which is 0x1000 bytes in our case. But PAGE_SIZE on SPARC64 is 0x2000 and this is what actually is being mmaped. So __pci_mmap_make_offset() failed for this PCI resource. Signed-off-by: Max Dmitrichenko <dmitrmax@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-13sparc64: Fix __copy_{to,from}_user_inatomic defines.Hugh Dickins
[ Upstream commit b270ee8a9fc9547eb781ce9ccd379450bcf9a204 ] Alexander Beregalov reports oops in __bzero() called from copy_from_user_fixup() called from iov_iter_copy_from_user_atomic(), when running dbench on tmpfs on sparc64: its __copy_from_user_inatomic and __copy_to_user_inatomic should be avoiding, not calling, the fixups. Signed-off-by: Hugh Dickins <hugh@veritas.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-13sparc64: Fix offset calculation in compute_size()David S. Miller
[ Upstream commit b270ee8a9fc9547eb781ce9ccd379450bcf9a204 ] The fault address is somewhere inside of the buffer, not before it. Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-13udp: multicast packets need to check namespaceEric Dumazet
[ Upstream commit 920a46115ca3fa88990276d98520abab85495b2d ] Current UDP multicast delivery is not namespace aware. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Acked-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-13pppol2tp: Add missing sock_put() in pppol2tp_release()Frédéric Moulins
[ Upstream commit e6358135147807351db3b7782d3e198a1bba8b62 ] pppol2tp_sock_to_session() do sock_hold() if the session to release is not NULL. Signed-off-by: Frédéric Moulins <frederic.moulins@alsatis.com> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-12-13niu: Fix readq implementation when architecture does not provide one.David S. Miller
[ Upstream commit e23a59e1ca6d177a57a7791b3629db93ff1d9813 ] This fixes a TX hang reported by Jesper Dangaard Brouer. When an architecutre cannot provide a fully functional 64-bit atomic readq/writeq, the driver must implement it's own. This is because only the driver can say whether doing something like using two 32-bit reads to implement the full 64-bit read will actually work properly. In particular one of the issues is whether the top 32-bits or the bottom 32-bits of the 64-bit register should be read first. There could be side effects, and in fact that is exactly the problem here. The TX_CS register has counters in the upper 32-bits and state bits in the lower 32-bits. A read clears the state bits. We would read the counter half before the state bit half. That first read would clear the state bits, and then the driver thinks that no interrupts are pending because the interrupt indication state bits are seen clear every time. Fix this by reading the bottom half before the upper half. Tested-by: Jesper Dangaard Brouer <jdb@comx.dk> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-13af_unix: netns: fix problem of return valueJianjun Kong
[ Upstream commit 48dcc33e5e11de0f76b65b113988dbc930d17395 ] fix problem of return value net/unix/af_unix.c: unix_net_init() when error appears, it should return 'error', not always return 0. Signed-off-by: Jianjun Kong <jianjun@zeuux.org> Signed-off-by: David S. Miller <davem@davemloft.net>
2008-12-13libata: improve phantom device detectionTejun Heo
commit 6a6b97d360702b98c02c7fca4c4e088dcf3a2985 upstream. Currently libata uses four methods to detect device presence. 1. PHY status if available. 2. TF register R/W test (only promotes presence, never demotes) 3. device signature after reset 4. IDENTIFY failure detection in SFF state machine Combination of the above works well in most cases but recently there have been a few reports where a phantom device causes unnecessary delay during probe. In both cases, PHY status wasn't available. In one case, it passed #2 and #3 and failed IDENTIFY with ATA_ERR which didn't qualify as #4. The other failed #2 but as it passed #3 and #4, it still caused failure. In both cases, phantom device reported diagnostic failure, so these cases can be safely worked around by considering any !ATA_DRQ IDENTIFY failure as NODEV_HINT if diagnostic failure is set. Signed-off-by: Tejun Heo <tj@kernel.org> Signed-off-by: Jeff Garzik <jgarzik@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05Linux 2.6.27.8v2.6.27.8Greg Kroah-Hartman
2008-12-05jbd: ordered data integrity fixHidehiro Kawai
commit 960a22ae60c8a723bd17da3b929fe0bcea6d007e upstream. In ordered mode, if a file data buffer being dirtied exists in the committing transaction, we write the buffer to the disk, move it from the committing transaction to the running transaction, then dirty it. But we don't have to remove the buffer from the committing transaction when the buffer couldn't be written out, otherwise it would miss the error and the committing transaction would not abort. This patch adds an error check before removing the buffer from the committing transaction. Signed-off-by: Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com> Acked-by: Jan Kara <jack@suse.cz> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Willy Tarreau <w@1wt.eu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext3: fix ext3 block reservation early ENOSPC issueMingming Cao
commit 46d01a225e694f1a4343beea44f1e85105aedd7e upstream. We could run into ENOSPC error on ext3, even when there is free blocks on the filesystem. The problem is triggered in the case the goal block group has 0 free blocks , and the rest block groups are skipped due to the check of "free_blocks < windowsz/2". Current code could fall back to non reservation allocation to prevent early ENOSPC after examing all the block groups with reservation on , but this code was bypassed if the reservation window is turned off already, which is true in this case. This patch fixed two issues: 1) We don't need to turn off block reservation if the goal block group has 0 free blocks left and continue search for the rest of block groups. Current code the intention is to turn off the block reservation if the goal allocation group has a few (some) free blocks left (not enough for make the desired reservation window),to try to allocation in the goal block group, to get better locality. But if the goal blocks have 0 free blocks, it should leave the block reservation on, and continues search for the next block groups,rather than turn off block reservation completely. 2) we don't need to check the window size if the block reservation is off. The problem was originally found and fixed in ext4. Signed-off-by: Mingming Cao <cmm@us.ibm.com> Cc: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Willy Tarreau <w@1wt.eu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext2: fix ext2 block reservation early ENOSPC issueMingming Cao
commit d707d31c972b657dfc2efefd0b99cc4e14223dab upstream. We could run into ENOSPC error on ext2, even when there is free blocks on the filesystem. The problem is triggered in the case the goal block group has 0 free blocks , and the rest block groups are skipped due to the check of "free_blocks < windowsz/2". Current code could fall back to non reservation allocation to prevent early ENOSPC after examing all the block groups with reservation on , but this code was bypassed if the reservation window is turned off already, which is true in this case. This patch fixed two issues: 1) We don't need to turn off block reservation if the goal block group has 0 free blocks left and continue search for the rest of block groups. Current code the intention is to turn off the block reservation if the goal allocation group has a few (some) free blocks left (not enough for make the desired reservation window),to try to allocation in the goal block group, to get better locality. But if the goal blocks have 0 free blocks, it should leave the block reservation on, and continues search for the next block groups,rather than turn off block reservation completely. 2) we don't need to check the window size if the block reservation is off. The problem was originally found and fixed in ext4. Signed-off-by: Mingming Cao <cmm@us.ibm.com> Cc: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Willy Tarreau <w@1wt.eu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext3: don't try to resize if there are no reserved gdt blocks leftJosef Bacik
commit 972fbf779832e5ad15effa7712789aeff9224c37 upstream. When trying to resize a ext3 fs and you run out of reserved gdt blocks, you get an error that doesn't actually tell you what went wrong, it just says that the gdb it picked is not correct, which is the case since you don't have any reserved gdt blocks left. This patch adds a check to make sure you have reserved gdt blocks to use, and if not prints out a more relevant error. Signed-off-by: Josef Bacik <jbacik@redhat.com> Cc: <linux-ext4@vger.kernel.org> Cc: Andreas Dilger <adilger@sun.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Willy Tarreau <w@1wt.eu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext3: Fix duplicate entries returned from getdents() system callTheodore Ts'o
commit 8c9fa93d51123c5540762b1a9e1919d6f9c4af7c upstream. Fix a regression caused by commit 6a897cf4, "ext3: fix ext3_dx_readdir hash collision handling", where deleting files in a large directory (requiring more than one getdents system call), results in some filenames being returned twice. This was caused by a failure to update info->curr_hash and info->curr_minor_hash, so that if the directory had gotten modified since the last getdents() system call (as would be the case if the user is running "rm -r" or "git clean"), a directory entry would get returned twice to the userspace. This patch fixes the bug reported by Markus Trippelsdorf at: http://bugzilla.kernel.org/show_bug.cgi?id=11844 Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Tested-by: Markus Trippelsdorf <markus@trippelsdorf.de> Cc: Willy Tarreau <w@1wt.eu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext3: fix ext3_dx_readdir hash collision handlingEugene Dashevsky
commit 6a897cf447a83c9c3fd1b85a1e525c02d6eada7d upstream. This fixes a bug where readdir() would return a directory entry twice if there was a hash collision in an hash tree indexed directory. [akpm@linux-foundation.org: coding-style fixes] Signed-off-by: Eugene Dashevsky <eugene@ibrix.com> Signed-off-by: Mike Snitzer <msnitzer@ibrix.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Cc: Willy Tarreau <w@1wt.eu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: add checksum calculation when clearing UNINIT flag in ext4_new_inodeFrederic Bohe
(cherry picked from commit 23712a9c28b9f80a8cf70c8490358d5f562d2465) When initializing an uninitialized block group in ext4_new_inode(), its block group checksum must be re-calculated. This fixes a race when several threads try to allocate a new inode in an UNINIT'd group. There is some question whether we need to be initializing the block bitmap in ext4_new_inode() at all, but for now, if we are going to init the block group, let's eliminate the race. Signed-off-by: Frederic Bohe <frederic.bohe@bull.net> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: Mark the buffer_heads as dirty and uptodate after prepare_writeAneesh Kumar K.V
(cherry picked from commit ed9b3e3379731e9f9d2f73f3d7fd9e7d2ce3df4a) We need to make sure we mark the buffer_heads as dirty and uptodate so that block_write_full_page write them correctly. This fixes mmap corruptions that can occur in low memory situations. Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: calculate journal credits correctlyTheodore Ts'o
(cherry picked from commit ac51d83705c2a38c71f39cde99708b14e6212a60) This fixes a 2.6.27 regression which was introduced in commit a02908f1. We weren't passing the chunk parameter down to the two subections, ext4_indirect_trans_blocks() and ext4_ext_index_trans_blocks(), with the result that massively overestimate the amount of credits needed by ext4_da_writepages, especially in the non-extents case. This causes failures especially on /boot partitions, which tend to be small and non-extent using since GRUB doesn't handle extents. This patch fixes the bug reported by Joseph Fannin at: http://bugzilla.kernel.org/show_bug.cgi?id=11964 Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: wait on all pending commits in ext4_sync_fs()Theodore Ts'o
(cherry picked from commit 14ce0cb411c88681ab8f3a4c9caa7f42e97a3184) In ext4_sync_fs, we only wait for a commit to finish if we started it, but there may be one already in progress which will not be synced. In the case of a data=ordered umount with pending long symlinks which are delayed due to a long list of other I/O on the backing block device, this causes the buffer associated with the long symlinks to not be moved to the inode dirty list in the second phase of fsync_super. Then, before they can be dirtied again, kjournald exits, seeing the UMOUNT flag and the dirty pages are never written to the backing block device, causing long symlink corruption and exposing new or previously freed block data to userspace. To ensure all commits are synced, we flush all journal commits now when sync_fs'ing ext4. Signed-off-by: Arthur Jones <ajones@riverbed.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Cc: Eric Sandeen <sandeen@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: Convert to host order before using the values.Aneesh Kumar K.V
(cherry picked from commit d94e99a64c3beece22dbfb2b335771a59184eb0a) Use le16_to_cpu to read the s_reserved_gdt_blocks values from super block. Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05jbd2: don't give up looking for space so easily in __jbd2_log_wait_for_spaceTheodore Ts'o
(cherry picked from commit 8c3f25d8950c3e9fe6c9849f88679b3f2a071550) Commit 23f8b79e introducd a regression because it assumed that if there were no transactions ready to be checkpointed, that no progress could be made on making space available in the journal, and so the journal should be aborted. This assumption is false; it could be the case that simply calling jbd2_cleanup_journal_tail() will recover the necessary space, or, for small journals, the currently committing transaction could be responsible for chewing up the required space in the log, so we need to wait for the currently committing transaction to finish before trying to force a checkpoint operation. This patch fixes a bug reported by Mihai Harpau at: https://bugzilla.redhat.com/show_bug.cgi?id=469582 This patch fixes a bug reported by François Valenduc at: http://bugzilla.kernel.org/show_bug.cgi?id=11840 Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Cc: Duane Griffin <duaneg@dghda.com> Cc: Toshiyuki Okajima <toshi.okajima@jp.fujitsu.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: Fix duplicate entries returned from getdents() system callTheodore Ts'o
(cherry picked from commit 3c37fc86d20fe35be656f070997d62f75c2e4874) Fix a regression caused by commit d0156417, "ext4: fix ext4_dx_readdir hash collision handling", where deleting files in a large directory (requiring more than one getdents system call), results in some filenames being returned twice. This was caused by a failure to update info->curr_hash and info->curr_minor_hash, so that if the directory had gotten modified since the last getdents() system call (as would be the case if the user is running "rm -r" or "git clean"), a directory entry would get returned twice to the userspace. Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> This patch fixes the bug reported by Markus Trippelsdorf at: http://bugzilla.kernel.org/show_bug.cgi?id=11844 Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Tested-by: Markus Trippelsdorf <markus@trippelsdorf.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: Do mballoc init before doing filesystem recoveryAneesh Kumar K.V
(cherry picked from commit c2774d84fd6cab2bfa2a2fae0b1ca8d8ebde48a2) During filesystem recovery we may be doing a truncate which expects some of the mballoc data structures to be initialized. So do ext4_mb_init before recovery. Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: Free ext4_prealloc_space using kmem_cache_freeAneesh Kumar K.V
(cherry picked from commit 688f05a01983711a4e715b1d6e15a89a89c96a66) We should use kmem_cache_free to free memory allocated via kmem_cache_alloc Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: fix xattr deadlockKalpak Shah
(cherry picked from commit 4d20c685fa365766a8f13584b4c8178a15ab7103) ext4_xattr_set_handle() eventually ends up calling ext4_mark_inode_dirty() which tries to expand the inode by shifting the EAs. This leads to the xattr_sem being downed again and leading to a deadlock. This patch makes sure that if ext4_xattr_set_handle() is in the call-chain, ext4_mark_inode_dirty() will not expand the inode. Signed-off-by: Kalpak Shah <kalpak.shah@sun.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05jbd2: Fix buffer head leak when writing the commit blockTheodore Ts'o
(cherry picked from commit 45a90bfd90c1215bf824c0f705b409723f52361b) Also make sure the buffer heads are marked clean before submitting bh for writing. The previous code was marking the buffer head dirty, which would have forced an unneeded write (and seek) to the journal for no good reason. Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05jbd2: abort instead of waiting for nonexistent transactionDuane Griffin
(cherry picked from commit 23f8b79eae8a74e42a006ffa7c456e295c7e1c0d) The __jbd2_log_wait_for_space function sits in a loop checkpointing transactions until there is sufficient space free in the journal. However, if there are no transactions to be processed (e.g. because the free space calculation is wrong due to a corrupted filesystem) it will never progress. Check for space being required when no transactions are outstanding and abort the journal instead of endlessly looping. This patch fixes the bug reported by Sami Liedes at: http://bugzilla.kernel.org/show_bug.cgi?id=10976 Signed-off-by: Duane Griffin <duaneg@dghda.com> Cc: Sami Liedes <sliedes@cc.hut.fi> Cc: <linux-ext4@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4/jbd2: Avoid WARN() messages when failing to write to the superblockTheodore Ts'o
(cherry picked from commit 914258bf2cb22bf4336a1b1d90c551b4b11ca5aa) This fixes some very common warnings reported by kerneloops.org Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: Renumber EXT4_IOC_MIGRATETheodore Ts'o
(cherry picked from commit 8eea80d52b9d87cfd771055534bd2c24f73704d7) Pick an ioctl number for EXT4_IOC_MIGRATE that won't conflict with other ext4 ioctl's. Since there haven't been any major userspace users of this ioctl, we can afford to change this now, to avoid potential problems later. Also, reorder the ioctl numbers in ext4.h to avoid this sort of mistake in the future. Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: elevate write count for migrate ioctlAneesh Kumar K.V
(cherry picked from commit 2a43a878001cc5cb7c3c7be2e8dad0a1aeb939b0) The migrate ioctl writes to the filsystem, so we need to elevate the write count. Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: add missing unlock in ext4_check_descriptors() on error pathLi Zefan
(cherry picked from commit 7ee1ec4ca30c6df8e989615cdaacb75f2af4fa6b) If there group descriptors are corrupted we need unlock the block group lock before returning from the function; else we will oops when freeing a spinlock which is still being held. Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05jbd2: fix /proc setup for devices that contain '/' in their namesTheodore Ts'o
trimed down version of commit 05496769e5da83ce22ed97345afd9c7b71d6bd24 upstream. Some devices such as "cciss/c0d0p9" will cause jbd2 setup and teardown failures when /proc filenames are created with embedded slashes. This is a slimmed down version of commit 05496769, with the stack reduction aspects of the patch omitted to meet the -stable criteria. Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: fix #11321: create /proc/ext4/*/stats more carefullyAlexey Dobriyan
(cherry picked from commit 899fc1a4cf404747de2666534d508804597ee22f) ext4 creates per-suberblock directory in /proc/ext4/ . Name used as basis is taken from bdevname, which, surprise, can contain slash. However, proc while allowing to use proc_create("a/b", parent) form of PDE creation, assumes that parent/a was already created. bdevname in question is 'cciss/c0d0p9', directory is not created and all this stuff goes directly into /proc (which is real bug). Warning comes when _second_ partition is mounted. http://bugzilla.kernel.org/show_bug.cgi?id=11321 Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05ext4: Update flex_bg free blocks and free inodes counters when resizing.Frederic Bohe
(cherry picked from commit c62a11fd9555007b1caab83b5bcbb443a43e32bb) This fixes a bug which prevented the newly created inodes after a resize from being used on filesystems with flex_bg. Signed-off-by: Frederic Bohe <frederic.bohe@bull.net> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05cifs: fix check for dead tcon in smb_initSteve French
commit bfb59820ee46616a7bdb4af6b8f7e109646de6ec upstream This was recently changed to check for need_reconnect, but should actually be a check for a tidStatus of CifsExiting. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com> Cc: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05cifs: prevent cifs_writepages() from skipping unwritten pagesDave Kleikamp
commit b066a48c9532243894f93a06ca5a0ee2cc21a8dc upstream prevent cifs_writepages() from skipping unwritten pages Fixes a data corruption under heavy stress in which pages could be left dirty after all open instances of a inode have been closed. In order to write contiguous pages whenever possible, cifs_writepages() asks pagevec_lookup_tag() for more pages than it may write at one time. Normally, it then resets index just past the last page written before calling pagevec_lookup_tag() again. If cifs_writepages() can't write the first page returned, it wasn't resetting index, and the next call to pagevec_lookup_tag() resulted in skipping all of the pages it previously returned, even though cifs_writepages() did nothing with them. This can result in data loss when the file descriptor is about to be closed. This patch ensures that index gets set back to the next returned page so that none get skipped. Signed-off-by: Dave Kleikamp <shaggy@linux.vnet.ibm.com> Acked-by: Jeff Layton <jlayton@redhat.com> Cc: Shirish S Pargaonkar <shirishp@us.ibm.com> Signed-off-by: Steve French <sfrench@us.ibm.com> Cc: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05cifs: Fix check for tcon seal setting and fix oops on failed mount from ↵Steve French
earlier patch commit ab3f992983062440b4f37c666dac66d987902d91 upstream set tcon->ses earlier If the inital tree connect fails, we'll end up calling cifs_put_smb_ses with a NULL pointer. Fix it by setting the tcon->ses earlier. Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com> Cc: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05cifs: Fix build breakSteve French
commit c2b3382cd4d6c6adef1347e81f20e16c93a39feb upstream Signed-off-by: Steve French <sfrench@us.ibm.com> Cc: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05cifs: reinstate sharing of tree connectionsJeff Layton
commit f1987b44f642e96176adc88b7ce23a1d74806f89 upstream Use a similar approach to the SMB session sharing. Add a list of tcons attached to each SMB session. Move the refcount to non-atomic. Protect all of the above with the cifs_tcp_ses_lock. Add functions to properly find and put references to the tcons. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com> Cc: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05cifs: minor cleanup to cifs_mountSteve French
commit d82c2df54e2f7e447476350848d8eccc8d2fe46a upstream Signed-off-by: Steve French <sfrench@us.ibm.com> Cc: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05cifs: reinstate sharing of SMB sessions sans racesJeff Layton
commit 14fbf50d695207754daeb96270b3027a3821121f upstream We do this by abandoning the global list of SMB sessions and instead moving to a per-server list. This entails adding a new list head to the TCP_Server_Info struct. The refcounting for the cifsSesInfo is moved to a non-atomic variable. We have to protect it by a lock anyway, so there's no benefit to making it an atomic. The list and refcount are protected by the global cifs_tcp_ses_lock. The patch also adds a new routines to find and put SMB sessions and that properly take and put references under the lock. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com> Cc: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05cifs: disable sharing session and tcon and add new TCP sharing codeJeff Layton
commit e7ddee9037e7dd43de1ad08b51727e552aedd836 upstream. The code that allows these structs to be shared is extremely racy. Disable the sharing of SMB and tcon structs for now until we can come up with a way to do this that's race free. We want to continue to share TCP sessions, however since they are required for multiuser mounts. For that, implement a new (hopefully race-free) scheme. Add a new global list of TCP sessions, and take care to get a reference to it whenever we're dealing with one. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com> Cc: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05cifs: clean up server protocol handlingSteve French
commit 3ec332ef7a38c2327e18d087d4120a8e3bd3dc6e upstream. We're currently declaring both a sockaddr_in and sockaddr6_in on the stack, but we really only need storage for one of them. Declare a sockaddr struct and cast it to the proper type. Also, eliminate the protocolType field in the TCP_Server_Info struct. It's redundant since we have a sa_family field in the sockaddr anyway. We may need to revisit this if SCTP is ever implemented, but for now this will simplify the code. CIFS over IPv6 also has a number of problems currently. This fixes all of them that I found. Eventually, it would be nice to move more of the code to be protocol independent, but this is a start. Signed-off-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com> Cc: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05cifs: remove unused list, add new cifs sock list to prepare for mount/umount fixSteve French
commit fb396016647ae9de5b3bd8c4ee4f7b9cc7148bd5 upstream. Also adds two lines missing from the previous patch (for the need reconnect flag in the /proc/fs/cifs/DebugData handling) The new global_cifs_sock_list is added, and initialized in init_cifs but not used yet. Jeff Layton will be adding code in to use that and to remove the GlobalTcon and GlobalSMBSession lists. CC: Jeff Layton <jlayton@redhat.com> CC: Shirish Pargaonkar <shirishp@us.ibm.com> Signed-off-by: Steve French <sfrench@us.ibm.com> Cc: Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05cifs: Fix cifs reconnection flagsSteve French
commit 3b7952109361c684caf0c50474da8662ecc81019 upstream [CIFS] Fix cifs reconnection flags In preparation for Jeff's big umount/mount fixes to remove the possibility of various races in cifs mount and linked list handling of sessions, sockets and tree connections, this patch cleans up some repetitive code in cifs_mount, and addresses a problem with ses->status and tcon->tidStatus in which we were overloading the "need_reconnect" state with other status in that field. So the "need_reconnect" flag has been broken out from those two state fields (need reconnect was not mutually exclusive from some of the other possible tid and ses states). In addition, a few exit cases in cifs_mount were cleaned up, and a problem with a tcon flag (for lease support) was not being set consistently for the 2nd mount of the same share CC: Jeff Layton <jlayton@redhat.com> CC: Shirish Pargaonkar <shirishp@us.ibm.com> Signed-off-by: Steve French <sfrench@us.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-12-05net: Fix soft lockups/OOM issues w/ unix garbage collector (CVE-2008-5300)dann frazier
commit 5f23b734963ec7eaa3ebcd9050da0c9b7d143dd3 upstream. This is an implementation of David Miller's suggested fix in: https://bugzilla.redhat.com/show_bug.cgi?id=470201 It has been updated to use wait_event() instead of wait_event_interruptible(). Paraphrasing the description from the above report, it makes sendmsg() block while UNIX garbage collection is in progress. This avoids a situation where child processes continue to queue new FDs over a AF_UNIX socket to a parent which is in the exit path and running garbage collection on these FDs. This contention can result in soft lockups and oom-killing of unrelated processes. Signed-off-by: dann frazier <dannf@hp.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>