From 0d5cadb87e0fa764db7fa0b78d8a6f173cb475a1 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 4 May 2013 14:40:51 -0400 Subject: do_mount(): fix a leak introduced in 3.9 ("mount: consolidate permission checks") Cc: stable@vger.kernel.org Bisected-by: Michael Leun Signed-off-by: Al Viro --- fs/namespace.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'fs') diff --git a/fs/namespace.c b/fs/namespace.c index b4f96a5230a3..b68eef2d592a 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -2284,12 +2284,11 @@ long do_mount(const char *dev_name, const char *dir_name, retval = security_sb_mount(dev_name, &path, type_page, flags, data_page); + if (!retval && !may_mount()) + retval = -EPERM; if (retval) goto dput_out; - if (!may_mount()) - return -EPERM; - /* Default to relatime unless overriden */ if (!(flags & MS_NOATIME)) mnt_flags |= MNT_RELATIME; -- cgit v1.2.3 From e86d35c38e37eb64cb5d11933c42a2a72f16ce23 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 4 May 2013 14:45:54 -0400 Subject: do_coredump(): don't wait for thaw if coredump has already been interrupted Signed-off-by: Al Viro --- fs/coredump.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'fs') diff --git a/fs/coredump.c b/fs/coredump.c index a9abe313e8d5..dafafbafa731 100644 --- a/fs/coredump.c +++ b/fs/coredump.c @@ -654,10 +654,11 @@ void do_coredump(siginfo_t *siginfo) goto close_fail; if (displaced) put_files_struct(displaced); - file_start_write(cprm.file); - core_dumped = !dump_interrupted() && binfmt->core_dump(&cprm); - file_end_write(cprm.file); - + if (!dump_interrupted()) { + file_start_write(cprm.file); + core_dumped = binfmt->core_dump(&cprm); + file_end_write(cprm.file); + } if (ispipe && core_pipe_limit) wait_for_dump_helpers(cprm.file); close_fail: -- cgit v1.2.3 From c0bd14af51a470895448f88edd1315c4fa0b0d27 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 4 May 2013 15:00:54 -0400 Subject: kill fs/read_write.h fs/compat.c doesn't need it anymore, so let's just move the remaining contents (two typedefs) into fs/read_write.c Signed-off-by: Al Viro --- fs/compat.c | 2 -- fs/read_write.c | 5 ++++- fs/read_write.h | 9 --------- 3 files changed, 4 insertions(+), 12 deletions(-) delete mode 100644 fs/read_write.h (limited to 'fs') diff --git a/fs/compat.c b/fs/compat.c index d0560c93973d..93f7d021b716 100644 --- a/fs/compat.c +++ b/fs/compat.c @@ -67,8 +67,6 @@ int compat_printk(const char *fmt, ...) return ret; } -#include "read_write.h" - /* * Not all architectures have sys_utime, so implement this in terms * of sys_utimes. diff --git a/fs/read_write.c b/fs/read_write.c index 605dbbcb1973..90ba3b350e50 100644 --- a/fs/read_write.c +++ b/fs/read_write.c @@ -16,12 +16,15 @@ #include #include #include -#include "read_write.h" #include "internal.h" #include #include +typedef ssize_t (*io_fn_t)(struct file *, char __user *, size_t, loff_t *); +typedef ssize_t (*iov_fn_t)(struct kiocb *, const struct iovec *, + unsigned long, loff_t); + const struct file_operations generic_ro_fops = { .llseek = generic_file_llseek, .read = do_sync_read, diff --git a/fs/read_write.h b/fs/read_write.h deleted file mode 100644 index 0ec530d9305b..000000000000 --- a/fs/read_write.h +++ /dev/null @@ -1,9 +0,0 @@ -/* - * This file is only for sharing some helpers from read_write.c with compat.c. - * Don't use anywhere else. - */ - - -typedef ssize_t (*io_fn_t)(struct file *, char __user *, size_t, loff_t *); -typedef ssize_t (*iov_fn_t)(struct kiocb *, const struct iovec *, - unsigned long, loff_t); -- cgit v1.2.3 From 6b13eb1baa17b8746f96bd536d2897ec86e823d9 Mon Sep 17 00:00:00 2001 From: Han Shen Date: Fri, 12 Apr 2013 16:26:58 -0700 Subject: Removed unused typedef to avoid "unused local typedef" warnings. Fix warnings about unused local typedefs (reported by gcc 4.8). Signed-off-by: Han Shen (shenhan@google.com) Change-Id: I4bccc234f1390daa808d2b309ed112e20c0ac096 Signed-off-by: Al Viro --- fs/compat_ioctl.c | 1 - 1 file changed, 1 deletion(-) (limited to 'fs') diff --git a/fs/compat_ioctl.c b/fs/compat_ioctl.c index 3ced75f765ca..996cdc5abb85 100644 --- a/fs/compat_ioctl.c +++ b/fs/compat_ioctl.c @@ -608,7 +608,6 @@ struct serial_struct32 { static int serial_struct_ioctl(unsigned fd, unsigned cmd, struct serial_struct32 __user *ss32) { - typedef struct serial_struct SS; typedef struct serial_struct32 SS32; int err; struct serial_struct ss; -- cgit v1.2.3 From 61572bb1f40b9bec0acbb4d7bc0f5b33739f1ab1 Mon Sep 17 00:00:00 2001 From: "Yan, Zheng" Date: Mon, 15 Apr 2013 14:13:21 +0800 Subject: fs: remove dentry_lru_prune() When pruning a dentry, its ancestor dentry can also be pruned. But the ancestor dentry does not go through dput(), so it does not get put on the dentry LRU. Hence associating d_prune with removing the dentry from the LRU is the wrong. The fix is remove dentry_lru_prune(). Call file system's d_prune() callback directly when pruning dentries. Signed-off-by: Yan, Zheng Signed-off-by: Al Viro --- fs/dcache.c | 31 +++++++++---------------------- 1 file changed, 9 insertions(+), 22 deletions(-) (limited to 'fs') diff --git a/fs/dcache.c b/fs/dcache.c index e689268046c3..a161ebcab9d2 100644 --- a/fs/dcache.c +++ b/fs/dcache.c @@ -337,23 +337,6 @@ static void dentry_lru_del(struct dentry *dentry) } } -/* - * Remove a dentry that is unreferenced and about to be pruned - * (unhashed and destroyed) from the LRU, and inform the file system. - * This wrapper should be called _prior_ to unhashing a victim dentry. - */ -static void dentry_lru_prune(struct dentry *dentry) -{ - if (!list_empty(&dentry->d_lru)) { - if (dentry->d_flags & DCACHE_OP_PRUNE) - dentry->d_op->d_prune(dentry); - - spin_lock(&dcache_lru_lock); - __dentry_lru_del(dentry); - spin_unlock(&dcache_lru_lock); - } -} - static void dentry_lru_move_list(struct dentry *dentry, struct list_head *list) { spin_lock(&dcache_lru_lock); @@ -486,11 +469,13 @@ relock: if (ref) dentry->d_count--; /* - * if dentry was on the d_lru list delete it from there. * inform the fs via d_prune that this dentry is about to be * unhashed and destroyed. */ - dentry_lru_prune(dentry); + if (dentry->d_flags & DCACHE_OP_PRUNE) + dentry->d_op->d_prune(dentry); + + dentry_lru_del(dentry); /* if it was on the hash then remove it */ __d_drop(dentry); return d_kill(dentry, parent); @@ -919,11 +904,13 @@ static void shrink_dcache_for_umount_subtree(struct dentry *dentry) struct inode *inode; /* - * remove the dentry from the lru, and inform - * the fs that this dentry is about to be + * inform the fs that this dentry is about to be * unhashed and destroyed. */ - dentry_lru_prune(dentry); + if (dentry->d_flags & DCACHE_OP_PRUNE) + dentry->d_op->d_prune(dentry); + + dentry_lru_del(dentry); __d_shrink(dentry); if (dentry->d_count != 0) { -- cgit v1.2.3 From b1983cd897ec06080ec4884989c6a3f1e7ee7dce Mon Sep 17 00:00:00 2001 From: Al Viro Date: Sat, 4 May 2013 15:18:53 -0400 Subject: create_mnt_ns: unidiomatic use of list_add() while list_add(A, B) and list_add(B, A) are equivalent when both A and B are guaranteed to be empty, the usual idiom is list_add(what, where), not the other way round... Not a bug per se, but only by accident and it makes RTFS harder for no good reason. Spotted-by: Rajat Sharma Signed-off-by: Al Viro --- fs/namespace.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'fs') diff --git a/fs/namespace.c b/fs/namespace.c index b68eef2d592a..7b1ca9ba0b0a 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -2463,7 +2463,7 @@ static struct mnt_namespace *create_mnt_ns(struct vfsmount *m) struct mount *mnt = real_mount(m); mnt->mnt_ns = new_ns; new_ns->root = mnt; - list_add(&new_ns->list, &mnt->mnt_list); + list_add(&mnt->mnt_list, &new_ns->list); } else { mntput(m); } -- cgit v1.2.3 From 75fc0cf6af45e5de251caa9421b3c3d1bdc273c8 Mon Sep 17 00:00:00 2001 From: Syam Sidhardhan Date: Fri, 15 Feb 2013 02:24:32 +0530 Subject: proc_devtree: Replace include linux/module.h with linux/export.h Since it uses only THIS_MODULE macro, include is the right to go here. Signed-off-by: Syam Sidhardhan Signed-off-by: Al Viro --- fs/proc/proc_devtree.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'fs') diff --git a/fs/proc/proc_devtree.c b/fs/proc/proc_devtree.c index 505afc950e0a..106a83570630 100644 --- a/fs/proc/proc_devtree.c +++ b/fs/proc/proc_devtree.c @@ -12,7 +12,7 @@ #include #include #include -#include +#include #include #include #include -- cgit v1.2.3 From 9ed53b12a9a60f4d52228335e76cbbdf0c7e37fb Mon Sep 17 00:00:00 2001 From: Wei Yongjun Date: Tue, 12 Mar 2013 00:10:50 +0800 Subject: vfs: use list_move instead of list_del/list_add Using list_move() instead of list_del() + list_add(). Signed-off-by: Wei Yongjun Signed-off-by: Al Viro --- fs/dcache.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'fs') diff --git a/fs/dcache.c b/fs/dcache.c index a161ebcab9d2..f09b9085f7d8 100644 --- a/fs/dcache.c +++ b/fs/dcache.c @@ -2397,8 +2397,7 @@ static void __d_materialise_dentry(struct dentry *dentry, struct dentry *anon) dentry->d_parent = dentry; list_del_init(&dentry->d_u.d_child); anon->d_parent = dparent; - list_del(&anon->d_u.d_child); - list_add(&anon->d_u.d_child, &dparent->d_subdirs); + list_move(&anon->d_u.d_child, &dparent->d_subdirs); write_seqcount_end(&dentry->d_seq); write_seqcount_end(&anon->d_seq); -- cgit v1.2.3 From 9dcc5e8a4635d6a0b20273e3db21507ff02764ea Mon Sep 17 00:00:00 2001 From: James Hogan Date: Wed, 27 Mar 2013 10:47:12 +0000 Subject: hostfs: remove "will unlock" comment A "will unlock" comment was added to hostfs in the following commit, along with a spinlock: Commit e9193059b1b3733695d5b80e667778311695aa73 ("hostfs: fix races in dentry_name() and inode_name()"). But the spinlock was subsequently removed in the following commit: Commit ec2447c278ee973d35f38e53ca16ba7f965ae33d ("hostfs: simplify locking"). Since the comment is no longer applicable, remove it. Reported-by: Al Viro Signed-off-by: James Hogan Cc: Nick Piggin Signed-off-by: Al Viro --- fs/hostfs/hostfs_kern.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'fs') diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c index 0f6e52d22b84..95b9c87cb24a 100644 --- a/fs/hostfs/hostfs_kern.c +++ b/fs/hostfs/hostfs_kern.c @@ -121,7 +121,7 @@ static char *dentry_name(struct dentry *dentry) if (!name) return NULL; - return __dentry_name(dentry, name); /* will unlock */ + return __dentry_name(dentry, name); } static char *inode_name(struct inode *ino) -- cgit v1.2.3 From 2b3b9bb03a9fb1e4c72947cc235771c6455ec7c9 Mon Sep 17 00:00:00 2001 From: James Hogan Date: Wed, 27 Mar 2013 10:47:13 +0000 Subject: hostfs: move HOSTFS_SUPER_MAGIC to Move HOSTFS_SUPER_MAGIC to to be with it's magical friends from other file systems. Reported-by: Al Viro Signed-off-by: James Hogan Signed-off-by: Al Viro --- fs/hostfs/hostfs_kern.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'fs') diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c index 95b9c87cb24a..f2372ef80850 100644 --- a/fs/hostfs/hostfs_kern.c +++ b/fs/hostfs/hostfs_kern.c @@ -7,6 +7,7 @@ */ #include +#include #include #include #include @@ -45,8 +46,6 @@ static const struct dentry_operations hostfs_dentry_ops = { static char *root_ino = ""; static int append = 0; -#define HOSTFS_SUPER_MAGIC 0x00c0ffee - static const struct inode_operations hostfs_iops; static const struct inode_operations hostfs_dir_iops; static const struct inode_operations hostfs_link_iops; -- cgit v1.2.3 From 371fdab10033528c42f64fc244c30d67b15e529d Mon Sep 17 00:00:00 2001 From: James Hogan Date: Wed, 27 Mar 2013 10:47:14 +0000 Subject: hostfs: use kmalloc instead of kzalloc The inode info structure is zeroed at allocation with kzalloc, and then all but one of the fields (including the largest, vfs_inode) are initialised explicitly. Switch to using kmalloc and initialise the remaining field too. Reported-by: Al Viro Signed-off-by: James Hogan Signed-off-by: Al Viro --- fs/hostfs/hostfs_kern.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'fs') diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c index f2372ef80850..32f35f187989 100644 --- a/fs/hostfs/hostfs_kern.c +++ b/fs/hostfs/hostfs_kern.c @@ -228,10 +228,11 @@ static struct inode *hostfs_alloc_inode(struct super_block *sb) { struct hostfs_inode_info *hi; - hi = kzalloc(sizeof(*hi), GFP_KERNEL); + hi = kmalloc(sizeof(*hi), GFP_KERNEL); if (hi == NULL) return NULL; hi->fd = -1; + hi->mode = 0; inode_init_once(&hi->vfs_inode); return &hi->vfs_inode; } -- cgit v1.2.3