diff options
Diffstat (limited to 'fs')
40 files changed, 283 insertions, 272 deletions
@@ -810,7 +810,7 @@ config TMPFS config HUGETLBFS bool "HugeTLB file system support" - depends X86 || IA64 || PPC64 || SPARC64 || SUPERH || X86_64 || BROKEN + depends X86 || IA64 || PPC64 || SPARC64 || SUPERH || BROKEN config HUGETLB_PAGE def_bool HUGETLBFS diff --git a/fs/Kconfig.binfmt b/fs/Kconfig.binfmt index 434c19d..175b2e8 100644 --- a/fs/Kconfig.binfmt +++ b/fs/Kconfig.binfmt @@ -57,7 +57,7 @@ config BINFMT_SHARED_FLAT config BINFMT_AOUT tristate "Kernel support for a.out and ECOFF binaries" - depends on (X86 && !X86_64) || ALPHA || ARM || M68K || SPARC32 + depends on X86_32 || ALPHA || ARM || M68K || SPARC32 ---help--- A.out (Assembler.OUTput) is a set of formats for libraries and executables used in the earliest versions of UNIX. Linux used @@ -117,9 +117,6 @@ int notify_change(struct dentry * dentry, struct iattr * attr) struct timespec now; unsigned int ia_valid = attr->ia_valid; - if (!inode) - BUG(); - mode = inode->i_mode; now = current_fs_time(inode->i_sb); diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index 918ccc2..6fa6adc 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -1502,9 +1502,7 @@ static int elf_core_dump(long signr, struct pt_regs * regs, struct file * file) fill_psinfo(psinfo, current->group_leader, current->mm); fill_note(notes +1, "CORE", NT_PRPSINFO, sizeof(*psinfo), psinfo); - fill_note(notes +2, "CORE", NT_TASKSTRUCT, sizeof(*current), current); - - numnote = 3; + numnote = 2; auxv = (elf_addr_t *) current->mm->saved_auxv; diff --git a/fs/buffer.c b/fs/buffer.c index 2066e4c..35fa349 100644 --- a/fs/buffer.c +++ b/fs/buffer.c @@ -1478,8 +1478,10 @@ EXPORT_SYMBOL(__getblk); void __breadahead(struct block_device *bdev, sector_t block, int size) { struct buffer_head *bh = __getblk(bdev, block, size); - ll_rw_block(READA, 1, &bh); - brelse(bh); + if (likely(bh)) { + ll_rw_block(READA, 1, &bh); + brelse(bh); + } } EXPORT_SYMBOL(__breadahead); @@ -1497,7 +1499,7 @@ __bread(struct block_device *bdev, sector_t block, int size) { struct buffer_head *bh = __getblk(bdev, block, size); - if (!buffer_uptodate(bh)) + if (likely(bh) && !buffer_uptodate(bh)) bh = __bread_slow(bh); return bh; } @@ -1637,6 +1639,15 @@ out: } EXPORT_SYMBOL(block_invalidatepage); +int do_invalidatepage(struct page *page, unsigned long offset) +{ + int (*invalidatepage)(struct page *, unsigned long); + invalidatepage = page->mapping->a_ops->invalidatepage; + if (invalidatepage == NULL) + invalidatepage = block_invalidatepage; + return (*invalidatepage)(page, offset); +} + /* * We attach and possibly dirty the buffers atomically wrt * __set_page_dirty_buffers() via private_lock. try_to_free_buffers @@ -2696,7 +2707,7 @@ int block_write_full_page(struct page *page, get_block_t *get_block, * they may have been added in ext3_writepage(). Make them * freeable here, so the page does not leak. */ - block_invalidatepage(page, 0); + do_invalidatepage(page, 0); unlock_page(page); return 0; /* don't care */ } diff --git a/fs/compat_ioctl.c b/fs/compat_ioctl.c index a327e03..43dbcb0 100644 --- a/fs/compat_ioctl.c +++ b/fs/compat_ioctl.c @@ -3046,6 +3046,10 @@ HANDLE_IOCTL(RAW_GETBIND, raw_ioctl) /* Serial */ HANDLE_IOCTL(TIOCGSERIAL, serial_struct_ioctl) HANDLE_IOCTL(TIOCSSERIAL, serial_struct_ioctl) +#ifdef TIOCGLTC +COMPATIBLE_IOCTL(TIOCGLTC) +COMPATIBLE_IOCTL(TIOCSLTC) +#endif /* Usbdevfs */ HANDLE_IOCTL(USBDEVFS_CONTROL32, do_usbdevfs_control) HANDLE_IOCTL(USBDEVFS_BULK32, do_usbdevfs_bulk) @@ -662,7 +662,7 @@ static void add_dquot_ref(struct super_block *sb, int type) restart: file_list_lock(); list_for_each(p, &sb->s_files) { - struct file *filp = list_entry(p, struct file, f_list); + struct file *filp = list_entry(p, struct file, f_u.fu_list); struct inode *inode = filp->f_dentry->d_inode; if (filp->f_mode & FMODE_WRITE && dqinit_needed(inode, type)) { struct dentry *dentry = dget(filp->f_dentry); @@ -630,10 +630,9 @@ static inline int de_thread(struct task_struct *tsk) /* * Account for the thread group leader hanging around: */ - count = 2; - if (thread_group_leader(current)) - count = 1; - else { + count = 1; + if (!thread_group_leader(current)) { + count = 2; /* * The SIGALRM timer survives the exec, but needs to point * at us as the new group leader now. We have a race with @@ -642,8 +641,10 @@ static inline int de_thread(struct task_struct *tsk) * before we can safely let the old group leader die. */ sig->real_timer.data = (unsigned long)current; + spin_unlock_irq(lock); if (del_timer_sync(&sig->real_timer)) add_timer(&sig->real_timer); + spin_lock_irq(lock); } while (atomic_read(&sig->count) > count) { sig->group_exit_task = current; @@ -655,7 +656,6 @@ static inline int de_thread(struct task_struct *tsk) } sig->group_exit_task = NULL; sig->notify_count = 0; - sig->real_timer.data = (unsigned long)current; spin_unlock_irq(lock); /* @@ -1417,19 +1417,16 @@ static void zap_threads (struct mm_struct *mm) static void coredump_wait(struct mm_struct *mm) { DECLARE_COMPLETION(startup_done); + int core_waiters; - mm->core_waiters++; /* let other threads block */ mm->core_startup_done = &startup_done; - /* give other threads a chance to run: */ - yield(); - zap_threads(mm); - if (--mm->core_waiters) { - up_write(&mm->mmap_sem); + core_waiters = mm->core_waiters; + up_write(&mm->mmap_sem); + + if (core_waiters) wait_for_completion(&startup_done); - } else - up_write(&mm->mmap_sem); BUG_ON(mm->core_waiters); } @@ -1463,11 +1460,21 @@ int do_coredump(long signr, int exit_code, struct pt_regs * regs) current->fsuid = 0; /* Dump root private */ } mm->dumpable = 0; - init_completion(&mm->core_done); + + retval = -EAGAIN; spin_lock_irq(¤t->sighand->siglock); - current->signal->flags = SIGNAL_GROUP_EXIT; - current->signal->group_exit_code = exit_code; + if (!(current->signal->flags & SIGNAL_GROUP_EXIT)) { + current->signal->flags = SIGNAL_GROUP_EXIT; + current->signal->group_exit_code = exit_code; + retval = 0; + } spin_unlock_irq(¤t->sighand->siglock); + if (retval) { + up_write(&mm->mmap_sem); + goto fail; + } + + init_completion(&mm->core_done); coredump_wait(mm); /* diff --git a/fs/ext2/inode.c b/fs/ext2/inode.c index fdba4d1..e7d3f05 100644 --- a/fs/ext2/inode.c +++ b/fs/ext2/inode.c @@ -440,6 +440,10 @@ static int ext2_alloc_branch(struct inode *inode, * the pointer to new one, then send parent to disk. */ bh = sb_getblk(inode->i_sb, parent); + if (!bh) { + err = -EIO; + break; + } lock_buffer(bh); memset(bh->b_data, 0, blocksize); branch[n].bh = bh; diff --git a/fs/ext3/balloc.c b/fs/ext3/balloc.c index 0213db4..7992d21 100644 --- a/fs/ext3/balloc.c +++ b/fs/ext3/balloc.c @@ -20,6 +20,8 @@ #include <linux/quotaops.h> #include <linux/buffer_head.h> +#include "bitmap.h" + /* * balloc.c contains the blocks allocation and deallocation routines */ @@ -1010,7 +1012,7 @@ retry: * allocation within the reservation window. * * This will avoid keeping on searching the reservation list again and - * again when someboday is looking for a free block (without + * again when somebody is looking for a free block (without * reservation), and there are lots of free blocks, but they are all * being reserved. * @@ -1416,12 +1418,12 @@ unsigned long ext3_count_free_blocks(struct super_block *sb) unsigned long bitmap_count, x; struct buffer_head *bitmap_bh = NULL; - lock_super(sb); es = EXT3_SB(sb)->s_es; desc_count = 0; bitmap_count = 0; gdp = NULL; + smp_rmb(); for (i = 0; i < ngroups; i++) { gdp = ext3_get_group_desc(sb, i, NULL); if (!gdp) @@ -1440,7 +1442,6 @@ unsigned long ext3_count_free_blocks(struct super_block *sb) brelse(bitmap_bh); printk("ext3_count_free_blocks: stored = %u, computed = %lu, %lu\n", le32_to_cpu(es->s_free_blocks_count), desc_count, bitmap_count); - unlock_super(sb); return bitmap_count; #else desc_count = 0; diff --git a/fs/ext3/bitmap.c b/fs/ext3/bitmap.c index 6c419b9..5b4ba3e 100644 --- a/fs/ext3/bitmap.c +++ b/fs/ext3/bitmap.c @@ -8,7 +8,7 @@ */ #include <linux/buffer_head.h> - +#include "bitmap.h" static int nibblemap[] = {4, 3, 3, 2, 3, 2, 2, 1, 3, 2, 2, 1, 2, 1, 1, 0}; diff --git a/fs/ext3/bitmap.h b/fs/ext3/bitmap.h new file mode 100644 index 0000000..6ee503a --- /dev/null +++ b/fs/ext3/bitmap.h @@ -0,0 +1,8 @@ +/* linux/fs/ext3/bitmap.c + * + * Copyright (C) 2005 Simtec Electronics + * Ben Dooks <ben@simtec.co.uk> + * +*/ + +extern unsigned long ext3_count_free (struct buffer_head *, unsigned int ); diff --git a/fs/ext3/ialloc.c b/fs/ext3/ialloc.c index 6549945..df3f517 100644 --- a/fs/ext3/ialloc.c +++ b/fs/ext3/ialloc.c @@ -26,6 +26,7 @@ #include <asm/byteorder.h> +#include "bitmap.h" #include "xattr.h" #include "acl.h" @@ -704,7 +705,6 @@ unsigned long ext3_count_free_inodes (struct super_block * sb) unsigned long bitmap_count, x; struct buffer_head *bitmap_bh = NULL; - lock_super (sb); es = EXT3_SB(sb)->s_es; desc_count = 0; bitmap_count = 0; @@ -727,7 +727,6 @@ unsigned long ext3_count_free_inodes (struct super_block * sb) brelse(bitmap_bh); printk("ext3_count_free_inodes: stored = %u, computed = %lu, %lu\n", le32_to_cpu(es->s_free_inodes_count), desc_count, bitmap_count); - unlock_super(sb); return desc_count; #else desc_count = 0; diff --git a/fs/ext3/inode.c b/fs/ext3/inode.c index 8b38f22..5d9b00e 100644 --- a/fs/ext3/inode.c +++ b/fs/ext3/inode.c @@ -491,7 +491,7 @@ static unsigned long ext3_find_goal(struct inode *inode, long block, * the same format as ext3_get_branch() would do. We are calling it after * we had read the existing part of chain and partial points to the last * triple of that (one with zero ->key). Upon the exit we have the same - * picture as after the successful ext3_get_block(), excpet that in one + * picture as after the successful ext3_get_block(), except that in one * place chain is disconnected - *branch->p is still zero (we did not * set the last link), but branch->key contains the number that should * be placed into *branch->p to fill that gap. @@ -523,7 +523,6 @@ static int ext3_alloc_branch(handle_t *handle, struct inode *inode, if (!nr) break; branch[n].key = cpu_to_le32(nr); - keys = n+1; /* * Get buffer_head for parent block, zero it out @@ -531,6 +530,9 @@ static int ext3_alloc_branch(handle_t *handle, struct inode *inode, * parent to disk. */ bh = sb_getblk(inode->i_sb, parent); + if (!bh) + break; + keys = n+1; branch[n].bh = bh; lock_buffer(bh); BUFFER_TRACE(bh, "call get_create_access"); @@ -864,6 +866,10 @@ struct buffer_head *ext3_getblk(handle_t *handle, struct inode * inode, if (!*errp && buffer_mapped(&dummy)) { struct buffer_head *bh; bh = sb_getblk(inode->i_sb, dummy.b_blocknr); + if (!bh) { + *errp = -EIO; + goto err; + } if (buffer_new(&dummy)) { J_ASSERT(create != 0); J_ASSERT(handle != 0); @@ -896,6 +902,7 @@ struct buffer_head *ext3_getblk(handle_t *handle, struct inode * inode, } return bh; } +err: return NULL; } diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c index 50378d8..b3c690a 100644 --- a/fs/ext3/namei.c +++ b/fs/ext3/namei.c @@ -36,6 +36,8 @@ #include <linux/quotaops.h> #include <linux/buffer_head.h> #include <linux/smp_lock.h> + +#include "namei.h" #include "xattr.h" #include "acl.h" diff --git a/fs/ext3/namei.h b/fs/ext3/namei.h new file mode 100644 index 0000000..f2ce2b0 --- /dev/null +++ b/fs/ext3/namei.h @@ -0,0 +1,8 @@ +/* linux/fs/ext3/namei.h + * + * Copyright (C) 2005 Simtec Electronics + * Ben Dooks <ben@simtec.co.uk> + * +*/ + +extern struct dentry *ext3_get_parent(struct dentry *child); diff --git a/fs/ext3/resize.c b/fs/ext3/resize.c index 57f7910..1be78b4b 100644 --- a/fs/ext3/resize.c +++ b/fs/ext3/resize.c @@ -118,6 +118,8 @@ static struct buffer_head *bclean(handle_t *handle, struct super_block *sb, int err; bh = sb_getblk(sb, blk); + if (!bh) + return ERR_PTR(-EIO); if ((err = ext3_journal_get_write_access(handle, bh))) { brelse(bh); bh = ERR_PTR(err); @@ -202,6 +204,10 @@ static int setup_new_group_blocks(struct super_block *sb, ext3_debug("update backup group %#04lx (+%d)\n", block, bit); gdb = sb_getblk(sb, block); + if (!gdb) { + err = -EIO; + goto exit_bh; + } if ((err = ext3_journal_get_write_access(handle, gdb))) { brelse(gdb); goto exit_bh; @@ -643,6 +649,10 @@ static void update_backups(struct super_block *sb, break; bh = sb_getblk(sb, group * bpg + blk_off); + if (!bh) { + err = -EIO; + break; + } ext3_debug("update metadata backup %#04lx\n", (unsigned long)bh->b_blocknr); if ((err = ext3_journal_get_write_access(handle, bh))) diff --git a/fs/ext3/super.c b/fs/ext3/super.c index 097383c..f594989 100644 --- a/fs/ext3/super.c +++ b/fs/ext3/super.c @@ -36,9 +36,12 @@ #include <linux/namei.h> #include <linux/quotaops.h> #include <linux/seq_file.h> + #include <asm/uaccess.h> + #include "xattr.h" #include "acl.h" +#include "namei.h" static int ext3_load_journal(struct super_block *, struct ext3_super_block *); static int ext3_create_journal(struct super_block *, struct ext3_super_block *, @@ -615,7 +618,6 @@ static struct super_operations ext3_sops = { #endif }; -struct dentry *ext3_get_parent(struct dentry *child); static struct export_operations ext3_export_ops = { .get_parent = ext3_get_parent, }; diff --git a/fs/ext3/xattr.c b/fs/ext3/xattr.c index 269c7b9..430de9f 100644 --- a/fs/ext3/xattr.c +++ b/fs/ext3/xattr.c @@ -210,7 +210,7 @@ ext3_xattr_find_entry(struct ext3_xattr_entry **pentry, int name_index, return cmp ? -ENODATA : 0; } -int +static int ext3_xattr_block_get(struct inode *inode, int name_index, const char *name, void *buffer, size_t buffer_size) { @@ -354,7 +354,7 @@ ext3_xattr_list_entries(struct inode *inode, struct ext3_xattr_entry *entry, return buffer_size - rest; } -int +static int ext3_xattr_block_list(struct inode *inode, char *buffer, size_t buffer_size) { struct buffer_head *bh = NULL; @@ -626,7 +626,7 @@ struct ext3_xattr_block_find { struct buffer_head *bh; }; -int +static int ext3_xattr_block_find(struct inode *inode, struct ext3_xattr_info *i, struct ext3_xattr_block_find *bs) { @@ -859,7 +859,7 @@ struct ext3_xattr_ibody_find { struct ext3_iloc iloc; }; -int +static int ext3_xattr_ibody_find(struct inode *inode, struct ext3_xattr_info *i, struct ext3_xattr_ibody_find *is) { diff --git a/fs/fat/dir.c b/fs/fat/dir.c index 895049b..ba82496 100644 --- a/fs/fat/dir.c +++ b/fs/fat/dir.c @@ -222,6 +222,80 @@ fat_shortname2uni(struct nls_table *nls, unsigned char *buf, int buf_size, return len; } +enum { PARSE_INVALID = 1, PARSE_NOT_LONGNAME, PARSE_EOF, }; + +/** + * fat_parse_long - Parse extended directory entry. + * + * This function returns zero on success, negative value on error, or one of + * the following: + * + * %PARSE_INVALID - Directory entry is invalid. + * %PARSE_NOT_LONGNAME - Directory entry does not contain longname. + * %PARSE_EOF - Directory has no more entries. + */ +static int fat_parse_long(struct inode *dir, loff_t *pos, + struct buffer_head **bh, struct msdos_dir_entry **de, + wchar_t **unicode, unsigned char *nr_slots) +{ + struct msdos_dir_slot *ds; + unsigned char id, slot, slots, alias_checksum; + + if (!*unicode) { + *unicode = (wchar_t *)__get_free_page(GFP_KERNEL); + if (!*unicode) { + brelse(*bh); + return -ENOMEM; + } + } +parse_long: + slots = 0; + ds = (struct msdos_dir_slot *)*de; + id = ds->id; + if (!(id & 0x40)) + return PARSE_INVALID; + slots = id & ~0x40; + if (slots > 20 || !slots) /* ceil(256 * 2 / 26) */ + return PARSE_INVALID; + *nr_slots = slots; + alias_checksum = ds->alias_checksum; + + slot = slots; + while (1) { + int offset; + + slot--; + offset = slot * 13; + fat16_towchar(*unicode + offset, ds->name0_4, 5); + fat16_towchar(*unicode + offset + 5, ds->name5_10, 6); + fat16_towchar(*unicode + offset + 11, ds->name11_12, 2); + + if (ds->id & 0x40) + (*unicode)[offset + 13] = 0; + if (fat_get_entry(dir, pos, bh, de) < 0) + return PARSE_EOF; + if (slot == 0) + break; + ds = (struct msdos_dir_slot *)*de; + if (ds->attr != ATTR_EXT) + return PARSE_NOT_LONGNAME; + if ((ds->id & ~0x40) != slot) + goto parse_long; + if (ds->alias_checksum != alias_checksum) + goto parse_long; + } + if ((*de)->name[0] == DELETED_FLAG) + return PARSE_INVALID; + if ((*de)->attr == ATTR_EXT) + goto parse_long; + if (IS_FREE((*de)->name) || ((*de)->attr & ATTR_VOLUME)) + return PARSE_INVALID; + if (fat_checksum((*de)->name) != alias_checksum) + *nr_slots = 0; + + return 0; +} + /* * Return values: negative -> error, 0 -> not found, positive -> found, * value is the total amount of slots, including the shortname entry. @@ -259,68 +333,16 @@ parse_record: if (de->attr != ATTR_EXT && IS_FREE(de->name)) continue; if (de->attr == ATTR_EXT) { - struct msdos_dir_slot *ds; - unsigned char id; - unsigned char slot; - unsigned char slots; - unsigned char sum; - unsigned char alias_checksum; - - if (!unicode) { - unicode = (wchar_t *) - __get_free_page(GFP_KERNEL); - if (!unicode) { - brelse(bh); - return -ENOMEM; - } - } -parse_long: - slots = 0; - ds = (struct msdos_dir_slot *) de; - id = ds->id; - if (!(id & 0x40)) - continue; - slots = id & ~0x40; - if (slots > 20 || !slots) /* ceil(256 * 2 / 26) */ - continue; - nr_slots = slots; - alias_checksum = ds->alias_checksum; - - slot = slots; - while (1) { - int offset; - - slot--; - offset = slot * 13; - fat16_towchar(unicode + offset, ds->name0_4, 5); - fat16_towchar(unicode + offset + 5, ds->name5_10, 6); - fat16_towchar(unicode + offset + 11, ds->name11_12, 2); - - if (ds->id & 0x40) { - unicode[offset + 13] = 0; - } - if (fat_get_entry(inode, &cpos, &bh, &de) < 0) - goto EODir; - if (slot == 0) - break; - ds = (struct msdos_dir_slot *) de; - if (ds->attr != ATTR_EXT) - goto parse_record; - if ((ds->id & ~0x40) != slot) - goto parse_long; - if (ds->alias_checksum != alias_checksum) - goto parse_long; - } - if (de->name[0] == DELETED_FLAG) - continue; - if (de->attr == ATTR_EXT) - goto parse_long; - if (IS_FREE(de->name) || (de->attr & ATTR_VOLUME)) + int status = fat_parse_long(inode, &cpos, &bh, &de, + &unicode, &nr_slots); + if (status < 0) + return status; + else if (status == PARSE_INVALID) continue; - for (sum = 0, i = 0; i < 11; i++) - sum = (((sum&1)<<7)|((sum&0xfe)>>1)) + de->name[i]; - if (sum != alias_checksum) - nr_slots = 0; + else if (status == PARSE_NOT_LONGNAME) + goto parse_record; + else if (status == PARSE_EOF) + goto EODir; } memcpy(work, de->name, sizeof(de->name)); @@ -408,8 +430,8 @@ struct fat_ioctl_filldir_callback { int short_len; }; -static int fat_readdirx(struct inode *inode, struct file *filp, void *dirent, - filldir_t filldir, int short_only, int both) +static int __fat_readdir(struct inode *inode, struct file *filp, void *dirent, + filldir_t filldir, int short_only, int both) { struct super_block *sb = inode->i_sb; struct msdos_sb_info *sbi = MSDOS_SB(sb); @@ -458,9 +480,10 @@ static int fat_readdirx(struct inode *inode, struct file *filp, void *dirent, bh = NULL; GetNew: - long_slots = 0; if (fat_get_entry(inode, &cpos, &bh, &de) == -1) goto EODir; +parse_record: + long_slots = 0; /* Check for long filename entry */ if (isvfat) { if (de->name[0] == DELETED_FLAG) @@ -475,69 +498,18 @@ GetNew: } if (isvfat && de->attr == ATTR_EXT) { - struct msdos_dir_slot *ds; - unsigned char id; - unsigned char slot; - unsigned char slots; - unsigned char sum; - unsigned char alias_checksum; - - if (!unicode) { - unicode = (wchar_t *)__get_free_page(GFP_KERNEL); - if (!unicode) { - filp->f_pos = cpos; - brelse(bh); - ret = -ENOMEM; - goto out; - } - } -ParseLong: - slots = 0; - ds = (struct msdos_dir_slot *) de; - id = ds->id; - if (!(id & 0x40)) - goto RecEnd; - slots = id & ~0x40; - if (slots > 20 || !slots) /* ceil(256 * 2 / 26) */ + int status = fat_parse_long(inode, &cpos, &bh, &de, + &unicode, &long_slots); + if (status < 0) { + filp->f_pos = cpos; + ret = status; + goto out; + } else if (status == PARSE_INVALID) goto RecEnd; - long_slots = slots; - alias_checksum = ds->alias_checksum; - - slot = slots; - while (1) { - int offset; - - slot--; - offset = slot * 13; - fat16_towchar(unicode + offset, ds->name0_4, 5); - fat16_towchar(unicode + offset + 5, ds->name5_10, 6); - fat16_towchar(unicode + offset + 11, ds->name11_12, 2); - - if (ds->id & 0x40) { - unicode[offset + 13] = 0; - } - if (fat_get_entry(inode, &cpos, &bh, &de) == -1) - goto EODir; - if (slot == 0) - break; - ds = (struct msdos_dir_slot *) de; - if (ds->attr != ATTR_EXT) - goto RecEnd; /* XXX */ - if ((ds->id & ~0x40) != slot) - goto ParseLong; - if (ds->alias_checksum != alias_checksum) - goto ParseLong; - } - if (de->name[0] == DELETED_FLAG) - goto RecEnd; - if (de->attr == ATTR_EXT) - goto ParseLong; - if (IS_FREE(de->name) || (de->attr & ATTR_VOLUME)) - goto RecEnd; - for (sum = 0, i = 0; i < 11; i++) - sum = (((sum&1)<<7)|((sum&0xfe)>>1)) + de->name[i]; - if (sum != alias_checksum) - long_slots = 0; + else if (status == PARSE_NOT_LONGNAME) + goto parse_record; + else if (status == PARSE_EOF) + goto EODir; } if (sbi->options.dotsOK) { @@ -671,7 +643,7 @@ out: static int fat_readdir(struct file *filp, void *dirent, filldir_t filldir) { struct inode *inode = filp->f_dentry->d_inode; - return fat_readdirx(inode, filp, dirent, filldir, 0, 0); + return __fat_readdir(inode, filp, dirent, filldir, 0, 0); } static int fat_ioctl_filldir(void *__buf, const char *name, int name_len, @@ -760,8 +732,8 @@ static int fat_dir_ioctl(struct inode * inode, struct file * filp, down(&inode->i_sem); ret = -ENOENT; if (!IS_DEADDIR(inode)) { - ret = fat_readdirx(inode, filp, &buf, fat_ioctl_filldir, - short_only, both); + ret = __fat_readdir(inode, filp, &buf, fat_ioctl_filldir, + short_only, both); } up(&inode->i_sem); if (ret >= 0) diff --git a/fs/file_table.c b/fs/file_table.c index 86ec8ae..4dc2055 100644 --- a/fs/file_table.c +++ b/fs/file_table.c @@ -56,13 +56,13 @@ void filp_dtor(void * objp, struct kmem_cache_s *cachep, unsigned long dflags) static inline void file_free_rcu(struct rcu_head *head) { - struct file *f = container_of(head, struct file, f_rcuhead); + struct file *f = container_of(head, struct file, f_u.fu_rcuhead); kmem_cache_free(filp_cachep, f); } static inline void file_free(struct file *f) { - call_rcu(&f->f_rcuhead, file_free_rcu); + call_rcu(&f->f_u.fu_rcuhead, file_free_rcu); } /* Find an unused file structure and return a pointer to it. @@ -95,7 +95,7 @@ struct file *get_empty_filp(void) f->f_gid = current->fsgid; rwlock_init(&f->f_owner.lock); /* f->f_version: 0 */ - INIT_LIST_HEAD(&f->f_list); + INIT_LIST_HEAD(&f->f_u.fu_list); return f; over: @@ -225,15 +225,15 @@ void file_move(struct file *file, struct list_head *list) if (!list) return; file_list_lock(); - list_move(&file->f_list, list); + list_move(&file->f_u.fu_list, list); file_list_unlock(); } void file_kill(struct file *file) { - if (!list_empty(&file->f_list)) { + if (!list_empty(&file->f_u.fu_list)) { file_list_lock(); - list_del_init(&file->f_list); + list_del_init(&file->f_u.fu_list); file_list_unlock(); } } @@ -245,7 +245,7 @@ int fs_may_remount_ro(struct super_block *sb) /* Check that no files are currently opened for writing. */ file_list_lock(); list_for_each(p, &sb->s_files) { - struct file *file = list_entry(p, struct file, f_list); + struct file *file = list_entry(p, struct file, f_u.fu_list); struct inode *inode = file->f_dentry->d_inode; /* File with pending delete? */ diff --git a/fs/filesystems.c b/fs/filesystems.c index 44082bf..9f10728 100644 --- a/fs/filesystems.c +++ b/fs/filesystems.c @@ -12,6 +12,7 @@ #include <linux/kmod.h> #include <linux/init.h> #include <linux/module.h> +#include <linux/sched.h> /* for 'current' */ #include <asm/uaccess.h> /* diff --git a/fs/fs-writeback.c b/fs/fs-writeback.c index e94ab39..ffab478 100644 --- a/fs/fs-writeback.c +++ b/fs/fs-writeback.c @@ -230,7 +230,6 @@ __sync_single_inode(struct inode *inode, struct writeback_control *wbc) * The inode is clean, unused */ list_move(&inode->i_list, &inode_unused); - inodes_stat.nr_unused++; } } wake_up_inode(inode); @@ -238,14 +237,20 @@ __sync_single_inode(struct inode *inode, struct writeback_control *wbc) } /* - * Write out an inode's dirty pages. Called under inode_lock. + * Write out an inode's dirty pages. Called under inode_lock. Either the + * caller has ref on the inode (either via __iget or via syscall against an fd) + * or the inode has I_WILL_FREE set (via generic_forget_inode) */ static int -__writeback_single_inode(struct inode *inode, - struct writeback_control *wbc) +__writeback_single_inode(struct inode *inode, struct writeback_control *wbc) { wait_queue_head_t *wqh; + if (!atomic_read(&inode->i_count)) + WARN_ON(!(inode->i_state & I_WILL_FREE)); + else + WARN_ON(inode->i_state & I_WILL_FREE); + if ((wbc->sync_mode != WB_SYNC_ALL) && (inode->i_state & I_LOCK)) { list_move(&inode->i_list, &inode->i_sb->s_dirty); return 0; @@ -259,11 +264,9 @@ __writeback_single_inode(struct inode *inode, wqh = bit_waitqueue(&inode->i_state, __I_LOCK); do { - __iget(inode); spin_unlock(&inode_lock); __wait_on_bit(wqh, &wq, inode_wait, TASK_UNINTERRUPTIBLE); - iput(inode); spin_lock(&inode_lock); } while (inode->i_state & I_LOCK); } @@ -541,14 +544,15 @@ void sync_inodes(int wait) } /** - * write_inode_now - write an inode to disk - * @inode: inode to write to disk - * @sync: whether the write should be synchronous or not + * write_inode_now - write an inode to disk + * @inode: inode to write to disk + * @sync: whether the write should be synchronous or not + * + * This function commits an inode to disk immediately if it is dirty. This is + * primarily needed by knfsd. * - * This function commits an inode to disk immediately if it is - * dirty. This is primarily needed by knfsd. + * The caller must either have a ref on the inode or must have set I_WILL_FREE. */ - int write_inode_now(struct inode *inode, int sync) { int ret; diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c index d4c869c..a6f90a6 100644 --- a/fs/fuse/dev.c +++ b/fs/fuse/dev.c @@ -151,9 +151,9 @@ void fuse_release_background(struct fuse_req *req) /* * This function is called when a request is finished. Either a reply * has arrived or it was interrupted (and not yet sent) or some error - * occured during communication with userspace, or the device file was - * closed. It decreases the referece count for the request. In case - * of a background request the referece to the stored objects are + * occurred during communication with userspace, or the device file was + * closed. It decreases the reference count for the request. In case + * of a background request the reference to the stored objects are * released. The requester thread is woken up (if still waiting), and * finally the request is either freed or put on the unused_list * diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index 29f1e9f..70dba72 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -741,13 +741,14 @@ static struct dentry *fuse_lookup(struct inode *dir, struct dentry *entry, if (inode && S_ISDIR(inode->i_mode)) { /* Don't allow creating an alias to a directory */ struct dentry *alias = d_find_alias(inode); - if (alias && !(alias->d_flags & DCACHE_DISCONNECTED)) { + if (alias) { dput(alias); iput(inode); return ERR_PTR(-EIO); } } - return d_splice_alias(inode, entry); + d_add(entry, inode); + return NULL; } static int fuse_setxattr(struct dentry *entry, const char *name, diff --git a/fs/fuse/fuse_i.h b/fs/fuse/fuse_i.h index 24d7615..5cb456f5 100644 --- a/fs/fuse/fuse_i.h +++ b/fs/fuse/fuse_i.h @@ -349,22 +349,22 @@ int fuse_fsync_common(struct file *file, struct dentry *de, int datasync, int isdir); /** - * Initialise file operations on a regular file + * Initialize file operations on a regular file */ void fuse_init_file_inode(struct inode *inode); /** - * Initialise inode operations on regular files and special files + * Initialize inode operations on regular files and special files */ void fuse_init_common(struct inode *inode); /** - * Initialise inode and file operations on a directory + * Initialize inode and file operations on a directory */ void fuse_init_dir(struct inode *inode); /** - * Initialise inode operations on a symlink + * Initialize inode operations on a symlink */ void fuse_init_symlink(struct inode *inode); @@ -411,7 +411,7 @@ struct fuse_req *fuse_get_request(struct fuse_conn *fc); /** * Decrement reference count of a request. If count goes to zero put - * on unused list (preallocated) or free reqest (not preallocated). + * on unused list (preallocated) or free request (not preallocated). */ void fuse_put_request(struct fuse_conn *fc, struct fuse_req *req); @@ -431,7 +431,7 @@ void request_send_noreply(struct fuse_conn *fc, struct fuse_req *req); void request_send_background(struct fuse_conn *fc, struct fuse_req *req); /** - * Release inodes and file assiciated with background request + * Release inodes and file associated with background request */ void fuse_release_background(struct fuse_req *req); @@ -1088,6 +1088,7 @@ static void generic_forget_inode(struct inode *inode) if (inode->i_data.nrpages) truncate_inode_pages(&inode->i_data, 0); clear_inode(inode); + wake_up_inode(inode); destroy_inode(inode); } diff --git a/fs/jffs2/background.c b/fs/jffs2/background.c index 0f22438..8210ac1 100644 --- a/fs/jffs2/background.c +++ b/fs/jffs2/background.c @@ -15,6 +15,7 @@ #include <linux/jffs2.h> #include <linux/mtd/mtd.h> #include <linux/completion.h> +#include <linux/sched.h> #include "nodelist.h" diff --git a/fs/jffs2/wbuf.c b/fs/jffs2/wbuf.c index 996d922..316133c 100644 --- a/fs/jffs2/wbuf.c +++ b/fs/jffs2/wbuf.c @@ -18,6 +18,8 @@ #include <linux/mtd/mtd.h> #include <linux/crc32.h> #include <linux/mtd/nand.h> +#include <linux/jiffies.h> + #include "nodelist.h" /* For testing write failures */ diff --git a/fs/msdos/namei.c b/fs/msdos/namei.c index 154f511..626a367 100644 --- a/fs/msdos/namei.c +++ b/fs/msdos/namei.c @@ -454,10 +454,10 @@ static int do_msdos_rename(struct inode *old_dir, unsigned char *old_name, { struct buffer_head *dotdot_bh; struct msdos_dir_entry *dotdot_de; - loff_t dotdot_i_pos; struct inode *old_inode, *new_inode; struct fat_slot_info old_sinfo, sinfo; struct timespec ts; + loff_t dotdot_i_pos, new_i_pos; int err, old_attrs, is_dir, update_dotdot, corrupt = 0; old_sinfo.bh = sinfo.bh = dotdot_bh = NULL; @@ -516,28 +516,24 @@ static int do_msdos_rename(struct inode *old_dir, unsigned char *old_name, if (new_inode) { if (err) goto out; - if (MSDOS_I(new_inode)->i_pos != sinfo.i_pos) { - /* WTF??? Cry and fail. */ - printk(KERN_WARNING "msdos_rename: fs corrupted\n"); - goto out; - } - if (is_dir) { err = fat_dir_empty(new_inode); if (err) goto out; } + new_i_pos = MSDOS_I(new_inode)->i_pos; fat_detach(new_inode); } else { err = msdos_add_entry(new_dir, new_name, is_dir, is_hid, 0, &ts, &sinfo); if (err) goto out; + new_i_pos = sinfo.i_pos; } new_dir->i_version++; fat_detach(old_inode); - fat_attach(old_inode, sinfo.i_pos); + fat_attach(old_inode, new_i_pos); if (is_hid) MSDOS_I(old_inode)->i_attrs |= ATTR_HIDDEN; else @@ -604,7 +600,7 @@ error_inode: fat_attach(old_inode, old_sinfo.i_pos); MSDOS_I(old_inode)->i_attrs = old_attrs; if (new_inode) { - fat_attach(new_inode, sinfo.i_pos); + fat_attach(new_inode, new_i_pos); if (corrupt) corrupt |= fat_sync_inode(new_inode); } else { @@ -1311,9 +1311,6 @@ static inline int may_create(struct inode *dir, struct dentry *child, } /* - * Special case: O_CREAT|O_EXCL implies O_NOFOLLOW for security - * reasons. - * * O_DIRECTORY translates into forcing a directory lookup. */ static inline int lookup_flags(unsigned int f) @@ -1323,9 +1320,6 @@ static inline int lookup_flags(unsigned int f) if (f & O_NOFOLLOW) retval &= ~LOOKUP_FOLLOW; - if ((f & (O_CREAT|O_EXCL)) == (O_CREAT|O_EXCL)) - retval &= ~LOOKUP_FOLLOW; - if (f & O_DIRECTORY) retval |= LOOKUP_DIRECTORY; diff --git a/fs/nfs/inode.c b/fs/nfs/inode.c index f2781ca..fc0f12b 100644 --- a/fs/nfs/inode.c +++ b/fs/nfs/inode.c @@ -1274,14 +1274,12 @@ static int nfs_check_inode_attributes(struct inode *inode, struct nfs_fattr *fat } if ((fattr->valid & NFS_ATTR_FATTR) == 0) { - spin_unlock(&inode->i_lock); return 0; } /* Has the inode gone and changed behind our back? */ if (nfsi->fileid != fattr->fileid || (inode->i_mode & S_IFMT) != (fattr->mode & S_IFMT)) { - spin_unlock(&inode->i_lock); return -EIO; } diff --git a/fs/proc/generic.c b/fs/proc/generic.c index 8a8c344..b638fb5 100644 --- a/fs/proc/generic.c +++ b/fs/proc/generic.c @@ -533,7 +533,7 @@ static void proc_kill_inodes(struct proc_dir_entry *de) */ file_list_lock(); list_for_each(p, &sb->s_files) { - struct file * filp = list_entry(p, struct file, f_list); + struct file * filp = list_entry(p, struct file, f_u.fu_list); struct dentry * dentry = filp->f_dentry; struct inode * inode; struct file_operations *fops; diff --git a/fs/proc/inode.c b/fs/proc/inode.c index effa6c0..e6a818a 100644 --- a/fs/proc/inode.c +++ b/fs/proc/inode.c @@ -156,10 +156,13 @@ struct inode *proc_get_inode(struct super_block *sb, unsigned int ino, WARN_ON(de && de->deleted); + if (de != NULL && !try_module_get(de->owner)) + goto out_mod; + inode = iget(sb, ino); if (!inode) - goto out_fail; - + goto out_ino; + PROC_I(inode)->pde = de; if (de) { if (de->mode) { @@ -171,20 +174,20 @@ struct inode *proc_get_inode(struct super_block *sb, unsigned int ino, inode->i_size = de->size; if (de->nlink) inode->i_nlink = de->nlink; - if (!try_module_get(de->owner)) - goto out_fail; if (de->proc_iops) inode->i_op = de->proc_iops; if (de->proc_fops) inode->i_fop = de->proc_fops; } -out: return inode; -out_fail: +out_ino: + if (de != NULL) + module_put(de->owner); +out_mod: de_put(de); - goto out; + return NULL; } int proc_fill_super(struct super_block *s, void *data, int silent) diff --git a/fs/proc/proc_misc.c b/fs/proc/proc_misc.c index a345355..5b6b0b6 100644 --- a/fs/proc/proc_misc.c +++ b/fs/proc/proc_misc.c @@ -629,12 +629,4 @@ void __init proc_misc_init(void) if (entry) entry->proc_fops = &proc_sysrq_trigger_operations; #endif -#ifdef CONFIG_PPC32 - { - extern struct file_operations ppc_htab_operations; - entry = create_proc_entry("ppc_htab", S_IRUGO|S_IWUSR, NULL); - if (entry) - entry->proc_fops = &ppc_htab_operations; - } -#endif } diff --git a/fs/reiserfs/super.c b/fs/reiserfs/super.c index 44b02fc..42afb5b 100644 --- a/fs/reiserfs/super.c +++ b/fs/reiserfs/super.c @@ -1024,12 +1024,8 @@ static int reiserfs_parse_options(struct super_block *s, char *options, /* strin strcpy(REISERFS_SB(s)->s_qf_names[qtype], arg); *mount_options |= 1 << REISERFS_QUOTA; } else { - if (REISERFS_SB(s)->s_qf_names[qtype]) { - kfree(REISERFS_SB(s)-> - s_qf_names[qtype]); - REISERFS_SB(s)->s_qf_names[qtype] = - NULL; - } + kfree(REISERFS_SB(s)->s_qf_names[qtype]); + REISERFS_SB(s)->s_qf_names[qtype] = NULL; } } if (c == 'f') { @@ -1158,11 +1154,10 @@ static int reiserfs_remount(struct super_block *s, int *mount_flags, char *arg) if (!reiserfs_parse_options (s, arg, &mount_options, &blocks, NULL, &commit_max_age)) { #ifdef CONFIG_QUOTA - for (i = 0; i < MAXQUOTAS; i++) - if (REISERFS_SB(s)->s_qf_names[i]) { - kfree(REISERFS_SB(s)->s_qf_names[i]); - REISERFS_SB(s)->s_qf_names[i] = NULL; - } + for (i = 0; i < MAXQUOTAS; i++) { + kfree(REISERFS_SB(s)->s_qf_names[i]); + REISERFS_SB(s)->s_qf_names[i] = NULL; + } #endif return -EINVAL; } @@ -1940,13 +1935,11 @@ static int reiserfs_fill_super(struct super_block *s, void *data, int silent) brelse(SB_BUFFER_WITH_SB(s)); #ifdef CONFIG_QUOTA for (j = 0; j < MAXQUOTAS; j++) { - if (sbi->s_qf_names[j]) - kfree(sbi->s_qf_names[j]); + kfree(sbi->s_qf_names[j]); + sbi->s_qf_names[j] = NULL; } #endif - if (sbi != NULL) { - kfree(sbi); - } + kfree(sbi); s->s_fs_info = NULL; return errval; diff --git a/fs/reiserfs/xattr_acl.c b/fs/reiserfs/xattr_acl.c index 6703efa..a47ac9a 100644 --- a/fs/reiserfs/xattr_acl.c +++ b/fs/reiserfs/xattr_acl.c @@ -296,8 +296,7 @@ reiserfs_set_acl(struct inode *inode, int type, struct posix_acl *acl) } } - if (value) - kfree(value); + kfree(value); if (!error) { /* Release the old one */ @@ -513,7 +513,7 @@ static void mark_files_ro(struct super_block *sb) struct file *f; file_list_lock(); - list_for_each_entry(f, &sb->s_files, f_list) { + list_for_each_entry(f, &sb->s_files, f_u.fu_list) { if (S_ISREG(f->f_dentry->d_inode->i_mode) && file_count(f)) f->f_mode &= ~FMODE_WRITE; } diff --git a/fs/vfat/namei.c b/fs/vfat/namei.c index 1c6f6b5..ef46939 100644 --- a/fs/vfat/namei.c +++ b/fs/vfat/namei.c @@ -621,8 +621,7 @@ static int vfat_build_slots(struct inode *dir, const unsigned char *name, } /* build the entry of long file name */ - for (cksum = i = 0; i < 11; i++) - cksum = (((cksum&1)<<7)|((cksum&0xfe)>>1)) + msdos_name[i]; + cksum = fat_checksum(msdos_name); *nr_slots = usize / 13; for (ps = slots, i = *nr_slots; i > 0; i--, ps++) { @@ -888,10 +887,10 @@ static int vfat_rename(struct inode *old_dir, struct dentry *old_dentry, { struct buffer_head *dotdot_bh; struct msdos_dir_entry *dotdot_de; - loff_t dotdot_i_pos; struct inode *old_inode, *new_inode; struct fat_slot_info old_sinfo, sinfo; struct timespec ts; + loff_t dotdot_i_pos, new_i_pos; int err, is_dir, update_dotdot, corrupt = 0; old_sinfo.bh = sinfo.bh = dotdot_bh = NULL; @@ -914,31 +913,24 @@ static int vfat_rename(struct inode *old_dir, struct dentry *old_dentry, ts = CURRENT_TIME_SEC; if (new_inode) { - err = vfat_find(new_dir, &new_dentry->d_name, &sinfo); - if (err) - goto out; - if (MSDOS_I(new_inode)->i_pos != sinfo.i_pos) { - /* WTF??? Cry and fail. */ - printk(KERN_WARNING "vfat_rename: fs corrupted\n"); - goto out; - } - if (is_dir) { err = fat_dir_empty(new_inode); if (err) goto out; } + new_i_pos = MSDOS_I(new_inode)->i_pos; fat_detach(new_inode); } else { err = vfat_add_entry(new_dir, &new_dentry->d_name, is_dir, 0, &ts, &sinfo); if (err) goto out; + new_i_pos = sinfo.i_pos; } new_dir->i_version++; fat_detach(old_inode); - fat_attach(old_inode, sinfo.i_pos); + fat_attach(old_inode, new_i_pos); if (IS_DIRSYNC(new_dir)) { err = fat_sync_inode(old_inode); if (err) @@ -1002,7 +994,7 @@ error_inode: fat_detach(old_inode); fat_attach(old_inode, old_sinfo.i_pos); if (new_inode) { - fat_attach(new_inode, sinfo.i_pos); + fat_attach(new_inode, new_i_pos); if (corrupt) corrupt |= fat_sync_inode(new_inode); } else { @@ -143,7 +143,7 @@ getxattr(struct dentry *d, char __user *name, void __user *value, size_t size) if (size) { if (size > XATTR_SIZE_MAX) size = XATTR_SIZE_MAX; - kvalue = kmalloc(size, GFP_KERNEL); + kvalue = kzalloc(size, GFP_KERNEL); if (!kvalue) return -ENOMEM; } @@ -154,11 +154,15 @@ getxattr(struct dentry *d, char __user *name, void __user *value, size_t size) error = -EOPNOTSUPP; if (d->d_inode->i_op && d->d_inode->i_op->getxattr) error = d->d_inode->i_op->getxattr(d, kname, kvalue, size); - else if (!strncmp(kname, XATTR_SECURITY_PREFIX, - sizeof XATTR_SECURITY_PREFIX - 1)) { + + if (!strncmp(kname, XATTR_SECURITY_PREFIX, + sizeof XATTR_SECURITY_PREFIX - 1)) { const char *suffix = kname + sizeof XATTR_SECURITY_PREFIX - 1; - error = security_inode_getsecurity(d->d_inode, suffix, kvalue, - size); + int rv = security_inode_getsecurity(d->d_inode, suffix, kvalue, + size, error); + /* Security module active: overwrite error value */ + if (rv != -EOPNOTSUPP) + error = rv; } if (error > 0) { if (size && copy_to_user(value, kvalue, error)) |