summaryrefslogtreecommitdiff
path: root/fs
AgeCommit message (Collapse)Author
2008-06-05asn1: additional sanity checking during BER decodingChris Wright
- Don't trust a length which is greater than the working buffer. An invalid length could cause overflow when calculating buffer size for decoding oid. - An oid length of zero is invalid and allows for an off-by-one error when decoding oid because the first subid actually encodes first 2 subids. - A primitive encoding may not have an indefinite length. Thanks to Wei Wang from McAfee for report. Cc: Steven French <sfrench@us.ibm.com> Cc: stable@kernel.org Acked-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-06-04cifs endianness fixesAl Viro
__le16 fields used as host-endian. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Acked-by: Steve French <smfrench@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-05-30[PATCH 3/3] ocfs2/net: Silence build warningsSunil Mushran
This patch silences the build warnings concerning o2net_init_nst() and friends when building without CONFIG_DEBUG_FS enabled. Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-05-30[PATCH 2/3] ocfs2/dlm: Silence build warningsSunil Mushran
This patch silences the build warnings concerning dlm_debug_init() and friends when building without CONFIG_DEBUG_FS enabled. Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-05-30[PATCH 1/3] ocfs2/net: Silence build warningsSunil Mushran
This patch silences the build warnings concerning o2net_debugfs_init() and friends when building without CONFIG_DEBUG_FS enabled. Signed-off-by: Sunil Mushran <sunil.mushran@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-05-30ocfs2: Rename 'user_stack' plugin structure to 'ocfs2_user_plugin'Joel Becker
The static structure describing the userspace cluster plugin for ocfs2 was named 'user_stack', which is a real pain when people are grep(1)ing the tree for the program stack object 'user_stack'. Change the name to something distinct and namespaced. Signed-off-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com>
2008-05-28splice: handle try_to_release_page() failureJens Axboe
splice currently assumes that try_to_release_page() always suceeds, but it can return failure. If it does, we cannot steal the page. Acked-by: Mingming Cao <cmm@us.ibm.com Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2008-05-28splice: fix sendfile() issue with relayTom Zanussi
Splice isn't always incrementing the ppos correctly, which broke relay splice. Signed-off-by: Tom Zanussi <zanussi@comcast.net> Tested-by: Dan Williams <dan.j.williams@intel.com> Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
2008-05-26posix timers: discard SI_TIMER signals on execOleg Nesterov
Based on Roland's patch. This approach was suggested by Austin Clements from the very beginning, and then by Linus. As Austin pointed out, the execing task can be killed by SI_TIMER signal because exec flushes the signal handlers, but doesn't discard the pending signals generated by posix timers. Perhaps not a bug, but people find this surprising. See http://bugzilla.kernel.org/show_bug.cgi?id=10460 Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru> Cc: Austin Clements <amdragon+kernelbugzilla@mit.edu> Cc: Roland McGrath <roland@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-05-24proc: proc_get_inode() should get module only onceDenis V. Lunev
Any file under /proc/net opened more than once leaked the refcounter on the module it belongs to. The problem is that module_get is called for each file opening while module_put is called only when /proc inode is destroyed. So, lets put module counter if we are dealing with already initialised inode. Addresses http://bugzilla.kernel.org/show_bug.cgi?id=10737 Signed-off-by: Denis V. Lunev <den@openvz.org> Cc: David Miller <davem@davemloft.net> Cc: Patrick McHardy <kaber@trash.net> Acked-by: Pavel Emelyanov <xemul@openvz.org> Acked-by: Robert Olsson <robert.olsson@its.uu.se> Acked-by: Eric W. Biederman <ebiederm@xmission.com> Reported-by: Roland Kletzing <devzero@web.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-05-24mm: fix atomic_t overflow in vmAlan Cox
The atomic_t type is 32bit but a 64bit system can have more than 2^32 pages of virtual address space available. Without this we overflow on ludicrously large mappings Signed-off-by: Alan Cox <alan@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-05-24ntfs: le*_add_cpu conversionMarcin Slusarz
replace all: little_endian_variable = cpu_to_leX(leX_to_cpu(little_endian_variable) + expression_in_cpu_byteorder); with: leX_add_cpu(&little_endian_variable, expression_in_cpu_byteorder); generated with semantic patch Signed-off-by: Marcin Slusarz <marcin.slusarz@gmail.com> Acked-by: Anton Altaparmakov <aia21@cantab.net> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-05-24ecryptfs: fix missed mutex_unlockCyrill Gorcunov
Cc: Michael Halcrow <mhalcrow@us.ibm.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-05-24fuse: fix bdi naming conflictMiklos Szeredi
Fuse allocates a separate bdi for each filesystem, and registers them in sysfs with "MAJOR:MINOR" of sb->s_dev (st_dev). This works fine for anon devices normally used by fuse, but can conflict with an already registered BDI for "fuseblk" filesystems, where sb->s_dev represents a real block device. In particularl this happens if a non-partitioned device is being mounted. Fix by registering with a different name for "fuseblk" filesystems. Thanks to Ioan Ionita for the bug report. Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> Reported-by: Ioan Ionita <opslynx@gmail.com> Tested-by: Ioan Ionita <opslynx@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-05-23Merge branch 'for-linus' of git://oss.sgi.com:8090/xfs/xfs-2.6Linus Torvalds
* 'for-linus' of git://oss.sgi.com:8090/xfs/xfs-2.6: [XFS] Fix memory corruption with small buffer reads [XFS] Fix inode list allocation size in writeback. [XFS] Don't allow memory reclaim to wait on the filesystem in inode [XFS] Fix fsync() b0rkage. [XFS] Include linux/random.h in all builds, not just debug builds.
2008-05-23[XFS] Fix memory corruption with small buffer readsChristoph Hellwig
When we have multiple buffers in a single page for a blocksize == pagesize filesystem we might overwrite the page contents if two callers hit it shortly after each other. To prevent that we need to keep the page locked until I/O is completed and the page marked uptodate. Thanks to Eric Sandeen for triaging this bug and finding a reproducible testcase and Dave Chinner for additional advice. This should fix kernel.org bz #10421. Tested-by: Eric Sandeen <sandeen@sandeen.net> SGI-PV: 981813 SGI-Modid: xfs-linux-melb:xfs-kern:31173a Signed-off-by: Christoph Hellwig <hch@infradead.org> Signed-off-by: David Chinner <dgc@sgi.com> Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
2008-05-23[XFS] Fix inode list allocation size in writeback.David Chinner
We only need to allocate space for the number of inodes in the cluster when writing back inodes, not every byte in the inode cluster. This reduces the amount of memory needing to be allocated to 256 bytes instead of 64k. SGI-PV: 981949 SGI-Modid: xfs-linux-melb:xfs-kern:31182a Signed-off-by: David Chinner <dgc@sgi.com> Signed-off-by: Christoph Hellwig <hch@infradead.org> Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
2008-05-23[XFS] Don't allow memory reclaim to wait on the filesystem in inodeDavid Chinner
writeback If we allow memory reclaim to wait on the pages under writeback in inode cluster writeback we could deadlock because we are currently holding the ILOCK on the initial writeback inode which is needed in data I/O completion to change the file size or do unwritten extent conversion before the pages are taken out of writeback state. SGI-PV: 981091 SGI-Modid: xfs-linux-melb:xfs-kern:31015a Signed-off-by: David Chinner <dgc@sgi.com> Signed-off-by: Christoph Hellwig <hch@infradead.org> Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
2008-05-23[XFS] Fix fsync() b0rkage.David Chinner
xfs_fsync() fails to wait for data I/O completion before checking if the inode is dirty or clean to decide whether to log the inode or not. This misses inode size updates when the data flushed by the fsync() is extending the file. Hence, like fdatasync(), we need to wait for I/o completion first, then check the inode for cleanliness. Doing so makes the behaviour of xfs_fsync() identical for fsync and fdatasync and we *always* use synchronous semantics if the inode is dirty. Therefore also kill the differences and remove the unused flags from the xfs_fsync function and callers. SGI-PV: 981296 SGI-Modid: xfs-linux-melb:xfs-kern:31033a Signed-off-by: David Chinner <dgc@sgi.com> Signed-off-by: Christoph Hellwig <hch@infradead.org> Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
2008-05-22[CIFS] Fix reversed memset argumentsDave Jones
Signed-off-by: Dave Jones <davej@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-05-22Adds username in the upcall key for unattended mounts with keytabIgor Mammedov
Signed-off-by: Igor Mammedov <niallain@gmail.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-05-22[CIFS] Remove redundant NULL checkSteve French
Noticed by Coverity checker. Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-05-21ocfs2 endianness fixesAl Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-05-21ecryptfs fixesAl Viro
memcpy() from userland pointer is a Bad Thing(tm) Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-05-21fix hppfs Makefile breakageAl Viro
Fallout from commit 46d7b522ebf486edbd096965d534cc6465e9e309 ("uml: move hppfs_kern.c to hppfs.c") Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Acked-by: Jeff Dike <jdike@addtoit.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-05-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: (21 commits) [CIFS] Remove debug statement Fix possible access to undefined memory region. [CIFS] Enable DFS support for Windows query path info [CIFS] Enable DFS support for Unix query path info [CIFS] add missing seq_printf to cifs_show_options for hard mount option [CIFS] add more complete mount options to cifs_show_options [CIFS] Add missing defines for DFS CIFSGetDFSRefer cleanup + dfs_referral_level_3 fixed to conform REFERRAL_V3 the MS-DFSC spec. Fixed DFS code to work with new 'build_path_from_dentry', that returns full path if share in the dfs, now. [CIFS] enable parsing for transport encryption mount parm [CIFS] Finishup DFS code [CIFS] BKL-removal: convert CIFS over to unlocked_ioctl [CIFS] suppress duplicate warning [CIFS] Fix paths when share is in DFS to include proper prefix add function to convert access flags to legacy open mode clarify return value of cifs_convert_flags() [CIFS] don't explicitly do a FindClose on rewind when directory search has ended [CIFS] cleanup old checkpatch warnings [CIFS] CIFSSMBPosixLock should return -EINVAL on error fix memory leak in CIFSFindNext ...
2008-05-21[CIFS] Remove debug statementSteve French
Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-05-21Fix possible access to undefined memory region.Igor Mammedov
Signed-off-by: Igor Mammedov <niallain@gmail.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-05-20Merge branch 'for-2.6.26' of git://linux-nfs.org/~bfields/linuxLinus Torvalds
* 'for-2.6.26' of git://linux-nfs.org/~bfields/linux: (25 commits) svcrdma: Verify read-list fits within RPCSVC_MAXPAGES svcrdma: Change svc_rdma_send_error return type to void svcrdma: Copy transport address and arm CQ before calling rdma_accept svcrdma: Set rqstp transport address in rdma_read_complete function svcrdma: Use ib verbs version of dma_unmap svcrdma: Cleanup queued, but unprocessed I/O in svc_rdma_free svcrdma: Move the QP and cm_id destruction to svc_rdma_free svcrdma: Add reference for each SQ/RQ WR svcrdma: Move destroy to kernel thread svcrdma: Shrink scope of spinlock on RQ CQ svcrdma: Use standard Linux lists for context cache svcrdma: Simplify RDMA_READ deferral buffer management svcrdma: Remove unused READ_DONE context flags bit svcrdma: Return error from rdma_read_xdr so caller knows to free context svcrdma: Fix error handling during listening endpoint creation svcrdma: Free context on post_recv error in send_reply svcrdma: Free context on ib_post_recv error svcrdma: Add put of connection ESTABLISHED reference in rdma_cma_handler svcrdma: Fix return value in svc_rdma_send svcrdma: Fix race with dto_tasklet in svc_rdma_send ...
2008-05-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (27 commits) pktgen: make sure that pktgen_thread_worker has been executed [VLAN]: Propagate selected feature bits to VLAN devices drivers/atm/: remove CVS keywords vlan: Correctly handle device notifications for layered VLAN devices net: Fix call to ->change_rx_flags(dev, IFF_MULTICAST) in dev_change_flags() net_sched: cls_api: fix return value for non-existant classifiers ipsec: Use the correct ip_local_out function ipv6 addrconf: Allow infinite prefix lifetime. ipv6 route: Fix lifetime in netlink. ipv6 addrconf: Fix route lifetime setting in corner case. ndisc: Add missing strategies for per-device retrans timer/reachable time settings. ipv6: Move <linux/in6.h> from header-y to unifdef-y. l2tp: avoid skb truesize bug if headroom is increased wireless: Create 'device' symlink in sysfs wireless, airo: waitbusy() won't delay libertas: fix command timeout after firmware failure mac80211: Add RTNL version of ieee80211_iterate_active_interfaces mac80211 : Association with 11n hidden ssid ap. hostap: fix "registers" registration in procfs isdn/capi: Return proper errnos on module init. ...
2008-05-20[CIFS] Enable DFS support for Windows query path infoSteve French
Final piece for handling DFS in query_path_info, constructing a fake inode for the junction directory which the submount will cover. This handles the non-Unix (Windows etc.) code path. Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-05-20[CIFS] Enable DFS support for Unix query path infoSteve French
Final piece for handling DFS in unix_query_path_info, constructing a fake inode for the junction directory which the submount will cover. Acked-by: Igor Mammedov <niallain@gmail.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-05-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-2.6-fixesLinus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-2.6-fixes: [GFS2] Prefer strlcpy() over snprintf() [GFS2] Fix cast from unsigned int to s64 [GFS2] filesystem consistency error from do_strip
2008-05-19Merge branch 'audit.b51' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current * 'audit.b51' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: [PATCH] list_for_each_rcu must die: audit [patch 1/1] audit_send_reply(): fix error-path memory leak [PATCH] open sessionid permissions
2008-05-19Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: [PATCH] return to old errno choice in mkdir() et.al. [Patch] fs/binfmt_elf.c: fix wrong return values [PATCH] get rid of leak in compat_execve() [Patch] fs/binfmt_elf.c: fix a wrong free [PATCH] avoid multiplication overflows and signedness issues for max_fds [PATCH] dup_fd() part 4 - race fix [PATCH] dup_fd() - part 3 [PATCH] dup_fd() part 2 [PATCH] dup_fd() fixes, part 1 [PATCH] take init_files to fs/file.c
2008-05-19[CIFS] add missing seq_printf to cifs_show_options for hard mount optionSteve French
Also Kari Hurtta noticed a missing check in the same function which is now fixed. CC: Kari Hurtta <hurtta+gmane@siilo.fmi.fi> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-05-19dlm: fix plock dev_write return valueDavid Teigland
The return value on writes to the plock device should be the number of bytes written. It was returning 0 instead when an nfs lock callback was involved. Reported-by: Nathan Straz <nstraz@redhat.com> Signed-off-by: David Teigland <teigland@redhat.com>
2008-05-19dlm: tcp_connect_to_sock should check for -EINVAL, not EINVALMarcin Slusarz
Signed-off-by: Marcin Slusarz <marcin.slusarz@gmail.com> Cc: Christine Caulfield <ccaulfie@redhat.com> Cc: David Teigland <teigland@redhat.com> Cc: cluster-devel@redhat.com Signed-off-by: David Teigland <teigland@redhat.com>
2008-05-19dlm: section mismatch warning fixLeonardo Potenza
Removed the section mismatch message: WARNING: fs/dlm/dlm.o(.init.text+0x132): Section mismatch in reference from the function init_module() to the function .exit.text:dlm_netlink_exit() Since dlm_netlink_exit() is called in the init_dlm() error handling, the __exit annotation has been removed. Signed-off-by: Leonardo Potenza <lpotenza@inwind.it> Signed-off-by: David Teigland <teigland@redhat.com>
2008-05-19dlm: convert connections_lock in a mutexMatthias Kaehlcke
The semaphore connections_lock is used as a mutex. Convert it to the mutex API. Signed-off-by: Matthias Kaehlcke <matthias@kaehlcke.net> Cc: Christine Caulfield <ccaulfie@redhat.com> Cc: David Teigland <teigland@redhat.com> Cc: Steven Whitehouse <swhiteho@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: David Teigland <teigland@redhat.com>
2008-05-18nfsd: reorder printk in do_probe_callback to avoid use-after-freeJ. Bruce Fields
We're currently dereferencing the client after we drop our reference count to it. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
2008-05-18Merge branch 'hotfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6Linus Torvalds
* 'hotfixes' of git://git.linux-nfs.org/projects/trondmy/nfs-2.6: SUNRPC: AUTH_SYS "machine creds" shouldn't use negative valued uid/gid nfs: make nfs4_drop_state_owner() static nfs: path_{get,put}() cleanups nfs: replace remaining __FUNCTION__ occurrences nfs/lsm: make NFSv4 set LSM mount options NFSv4: Check the return value of decode_compound_hdr_arg() nfs: fix race in nfs_dirty_request NFS: Ensure that 'noac' and/or 'actimeo=0' turn off attribute caching
2008-05-17[PATCH] open sessionid permissionsSteve Grubb
The current permissions on sessionid are a little too restrictive. Signed-off-by: Steve Grubb <sgrubb@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-05-17[CIFS] add more complete mount options to cifs_show_optionsSteve French
adds various options to cifs_show_options (displayed when you cat /proc/mounts with a cifs mount). I limited the new ones to values that are associated with the mount with the exception of "seal" (which is a per tree connection property, but I thought was important enough to show through). Eventually cifs's parse_mount_options also needs to be rewritten to use the match_token API but that would be a big enough change that I would prefer that changing parse_mount_options wait until next release. Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-05-16[PATCH] return to old errno choice in mkdir() et.al.Al Viro
In case when both EEXIST and EROFS would apply we used to return the former in mkdir(2) and friends. Lest anyone suspects us of being consistent, in the same situation knfsd gave clients nfs_erofs... ro-bind series had switched the syscall side of things to returning -EROFS and immediately broke an application - namely, mkdir -p. Patch restores the original behaviour... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-05-16[Patch] fs/binfmt_elf.c: fix wrong return valuesWANG Cong
create_elf_tables() returns 0 on success. But when strnlen_user() "fails", it returns 0 directly. So this is wrong. Signed-off-by: WANG Cong <wangcong@zeuux.org> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-05-16[PATCH] get rid of leak in compat_execve()Al Viro
Even though copy_compat_strings() doesn't cache the pages, copy_strings_kernel() and stuff indirectly called by e.g. ->load_binary() is doing that, so we need to drop the cache contents in the end. [found by WANG Cong <wangcong@zeuux.org>] Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-05-16[Patch] fs/binfmt_elf.c: fix a wrong freeWANG Cong
In kmalloc failing path, we shouldn't free pointers in 'info', because the struct 'info' is uninitilized when kmalloc is called. And when kmalloc returns NULL, it's needless to kfree it. Signed-off-by: WANG Cong <wangcong@zeuux.org> Cc: Alexander Viro <viro@zeniv.linux.org.uk> Reviewed-by: Pekka Enberg <penberg@cs.helsinki.fi> -- Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-05-16[PATCH] avoid multiplication overflows and signedness issues for max_fdsAl Viro
Limit sysctl_nr_open - we don't want ->max_fds to exceed MAX_INT and we don't want size calculation for ->fd[] to overflow. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2008-05-16[PATCH] dup_fd() part 4 - race fixAl Viro
Parent _can_ be a clone task, contrary to the comment. Moreover, more files could be opened while we allocate a copy, in which case we end up copying only part into new descriptor table. Since what we get _is_ affected by all changes in the old range, we can get rather weird effects - e.g. dup2(0, 1024); close(0); in parallel with fork() resulting in child that sees the effect of close(), but not that of dup2() done just before that close(). What we need is to recalculate the open_count after having reacquired ->file_lock and if external fdtable we'd just allocated is too small for it, free the sucker and redo allocation. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>