1. 18 1月, 2011 2 次提交
  2. 14 1月, 2011 1 次提交
  3. 13 1月, 2011 1 次提交
  4. 07 1月, 2011 1 次提交
    • N
      fs: dcache reduce branches in lookup path · fb045adb
      Nick Piggin 提交于
      Reduce some branches and memory accesses in dcache lookup by adding dentry
      flags to indicate common d_ops are set, rather than having to check them.
      This saves a pointer memory access (dentry->d_op) in common path lookup
      situations, and saves another pointer load and branch in cases where we
      have d_op but not the particular operation.
      
      Patched with:
      
      git grep -E '[.>]([[:space:]])*d_op([[:space:]])*=' | xargs sed -e 's/\([^\t ]*\)->d_op = \(.*\);/d_set_d_op(\1, \2);/' -e 's/\([^\t ]*\)\.d_op = \(.*\);/d_set_d_op(\&\1, \2);/' -i
      Signed-off-by: NNick Piggin <npiggin@kernel.dk>
      fb045adb
  5. 29 10月, 2010 2 次提交
  6. 05 10月, 2010 2 次提交
    • A
      BKL: Remove BKL from ecryptfs · 18dfe89d
      Arnd Bergmann 提交于
      The BKL is only used in fill_super, which is protected by the superblocks
      s_umount rw_semaphorei, and in fasync, which does not do anything that
      could require the BKL. Therefore it is safe to remove the BKL entirely.
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Cc: Dustin Kirkland <kirkland@canonical.com>
      Cc: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
      Cc: ecryptfs-devel@lists.launchpad.net
      18dfe89d
    • J
      BKL: Explicitly add BKL around get_sb/fill_super · db719222
      Jan Blunck 提交于
      This patch is a preparation necessary to remove the BKL from do_new_mount().
      It explicitly adds calls to lock_kernel()/unlock_kernel() around
      get_sb/fill_super operations for filesystems that still uses the BKL.
      
      I've read through all the code formerly covered by the BKL inside
      do_kern_mount() and have satisfied myself that it doesn't need the BKL
      any more.
      
      do_kern_mount() is already called without the BKL when mounting the rootfs
      and in nfsctl. do_kern_mount() calls vfs_kern_mount(), which is called
      from various places without BKL: simple_pin_fs(), nfs_do_clone_mount()
      through nfs_follow_mountpoint(), afs_mntpt_do_automount() through
      afs_mntpt_follow_link(). Both later functions are actually the filesystems
      follow_link inode operation. vfs_kern_mount() is calling the specified
      get_sb function and lets the filesystem do its job by calling the given
      fill_super function.
      
      Therefore I think it is safe to push down the BKL from the VFS to the
      low-level filesystems get_sb/fill_super operation.
      
      [arnd: do not add the BKL to those file systems that already
             don't use it elsewhere]
      Signed-off-by: NJan Blunck <jblunck@infradead.org>
      Signed-off-by: NArnd Bergmann <arnd@arndb.de>
      Cc: Matthew Wilcox <matthew@wil.cx>
      Cc: Christoph Hellwig <hch@infradead.org>
      db719222
  7. 22 5月, 2010 3 次提交
    • A
      Ban ecryptfs over ecryptfs · 4403158b
      Al Viro 提交于
      This is a seriously simplified patch from Eric Sandeen; copy of
      rationale follows:
      ===
        mounting stacked ecryptfs on ecryptfs has been shown to lead to bugs
        in testing.  For crypto info in xattr, there is no mechanism for handling
        this at all, and for normal file headers, we run into other trouble:
      
        BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
        IP: [<ffffffffa015b0b3>] ecryptfs_d_revalidate+0x43/0xa0 [ecryptfs]
        ...
      
        There doesn't seem to be any good usecase for this, so I'd suggest just
        disallowing the configuration.
      
        Based on a patch originally, I believe, from Mike Halcrow.
      ===
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      4403158b
    • A
      Clean ecryptfs ->get_sb() up · 2ccde7c6
      Al Viro 提交于
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      2ccde7c6
    • A
      fix a couple of ecryptfs leaks · decabd66
      Al Viro 提交于
      First of all, get_sb_nodev() grabs anon dev minor and we
      never free it in ecryptfs ->kill_sb().  Moreover, on one
      of the failure exits in ecryptfs_get_sb() we leak things -
      it happens before we set ->s_root and ->put_super() won't
      be called in that case.  Solution: kill ->put_super(), do
      all that stuff in ->kill_sb().  And use kill_anon_sb() instead
      of generic_shutdown_super() to deal with anon dev leak.
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      decabd66
  8. 22 4月, 2010 1 次提交
  9. 30 3月, 2010 1 次提交
    • T
      include cleanup: Update gfp.h and slab.h includes to prepare for breaking... · 5a0e3ad6
      Tejun Heo 提交于
      include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
      
      percpu.h is included by sched.h and module.h and thus ends up being
      included when building most .c files.  percpu.h includes slab.h which
      in turn includes gfp.h making everything defined by the two files
      universally available and complicating inclusion dependencies.
      
      percpu.h -> slab.h dependency is about to be removed.  Prepare for
      this change by updating users of gfp and slab facilities include those
      headers directly instead of assuming availability.  As this conversion
      needs to touch large number of source files, the following script is
      used as the basis of conversion.
      
        http://userweb.kernel.org/~tj/misc/slabh-sweep.py
      
      The script does the followings.
      
      * Scan files for gfp and slab usages and update includes such that
        only the necessary includes are there.  ie. if only gfp is used,
        gfp.h, if slab is used, slab.h.
      
      * When the script inserts a new include, it looks at the include
        blocks and try to put the new include such that its order conforms
        to its surrounding.  It's put in the include block which contains
        core kernel includes, in the same order that the rest are ordered -
        alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
        doesn't seem to be any matching order.
      
      * If the script can't find a place to put a new include (mostly
        because the file doesn't have fitting include block), it prints out
        an error message indicating which .h file needs to be added to the
        file.
      
      The conversion was done in the following steps.
      
      1. The initial automatic conversion of all .c files updated slightly
         over 4000 files, deleting around 700 includes and adding ~480 gfp.h
         and ~3000 slab.h inclusions.  The script emitted errors for ~400
         files.
      
      2. Each error was manually checked.  Some didn't need the inclusion,
         some needed manual addition while adding it to implementation .h or
         embedding .c file was more appropriate for others.  This step added
         inclusions to around 150 files.
      
      3. The script was run again and the output was compared to the edits
         from #2 to make sure no file was left behind.
      
      4. Several build tests were done and a couple of problems were fixed.
         e.g. lib/decompress_*.c used malloc/free() wrappers around slab
         APIs requiring slab.h to be added manually.
      
      5. The script was run on all .h files but without automatically
         editing them as sprinkling gfp.h and slab.h inclusions around .h
         files could easily lead to inclusion dependency hell.  Most gfp.h
         inclusion directives were ignored as stuff from gfp.h was usually
         wildly available and often used in preprocessor macros.  Each
         slab.h inclusion directive was examined and added manually as
         necessary.
      
      6. percpu.h was updated not to include slab.h.
      
      7. Build test were done on the following configurations and failures
         were fixed.  CONFIG_GCOV_KERNEL was turned off for all tests (as my
         distributed build env didn't work with gcov compiles) and a few
         more options had to be turned off depending on archs to make things
         build (like ipr on powerpc/64 which failed due to missing writeq).
      
         * x86 and x86_64 UP and SMP allmodconfig and a custom test config.
         * powerpc and powerpc64 SMP allmodconfig
         * sparc and sparc64 SMP allmodconfig
         * ia64 SMP allmodconfig
         * s390 SMP allmodconfig
         * alpha SMP allmodconfig
         * um on x86_64 SMP allmodconfig
      
      8. percpu.h modifications were reverted so that it could be applied as
         a separate patch and serve as bisection point.
      
      Given the fact that I had only a couple of failures from tests on step
      6, I'm fairly confident about the coverage of this conversion patch.
      If there is a breakage, it's likely to be something in one of the arch
      headers which should be easily discoverable easily on most builds of
      the specific arch.
      Signed-off-by: NTejun Heo <tj@kernel.org>
      Guess-its-ok-by: NChristoph Lameter <cl@linux-foundation.org>
      Cc: Ingo Molnar <mingo@redhat.com>
      Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
      5a0e3ad6
  10. 20 1月, 2010 1 次提交
  11. 17 12月, 2009 2 次提交
  12. 09 10月, 2009 1 次提交
  13. 23 9月, 2009 1 次提交
    • T
      eCryptfs: Check for O_RDONLY lower inodes when opening lower files · ac22ba23
      Tyler Hicks 提交于
      If the lower inode is read-only, don't attempt to open the lower file
      read/write and don't hand off the open request to the privileged
      eCryptfs kthread for opening it read/write.  Instead, only try an
      unprivileged, read-only open of the file and give up if that fails.
      This patch fixes an oops when eCryptfs is mounted on top of a read-only
      mount.
      Acked-by: NSerge Hallyn <serue@us.ibm.com>
      Cc: Eric Sandeen <esandeen@redhat.com>
      Cc: Dave Kleikamp <shaggy@linux.vnet.ibm.com>
      Cc: ecryptfs-devel@lists.launchpad.net
      Cc: stable <stable@kernel.org>
      Signed-off-by: NTyler Hicks <tyhicks@linux.vnet.ibm.com>
      ac22ba23
  14. 09 5月, 2009 1 次提交
  15. 22 4月, 2009 2 次提交
    • T
      eCryptfs: Remove ecryptfs_unlink_sigs warnings · e77cc8d2
      Tyler Hicks 提交于
      A feature was added to the eCryptfs umount helper to automatically
      unlink the keys used for an eCryptfs mount from the kernel keyring upon
      umount.  This patch keeps the unrecognized mount option warnings for
      ecryptfs_unlink_sigs out of the logs.
      Signed-off-by: NTyler Hicks <tyhicks@linux.vnet.ibm.com>
      e77cc8d2
    • T
      eCryptfs: Copy lower inode attrs before dentry instantiation · ae6e8459
      Tyler Hicks 提交于
      Copies the lower inode attributes to the upper inode before passing the
      upper inode to d_instantiate().  This is important for
      security_d_instantiate().
      
      The problem was discovered by a user seeing SELinux denials like so:
      
      type=AVC msg=audit(1236812817.898:47): avc:  denied  { 0x100000 } for
      pid=3584 comm="httpd" name="testdir" dev=ecryptfs ino=943872
      scontext=root:system_r:httpd_t:s0
      tcontext=root:object_r:httpd_sys_content_t:s0 tclass=file
      
      Notice target class is file while testdir is really a directory,
      confusing the permission translation (0x100000) due to the wrong i_mode.
      Signed-off-by: NTyler Hicks <tyhicks@linux.vnet.ibm.com>
      ae6e8459
  16. 15 3月, 2009 1 次提交
  17. 07 1月, 2009 1 次提交
    • M
      eCryptfs: Filename Encryption: mount option · 87c94c4d
      Michael Halcrow 提交于
      Enable mount-wide filename encryption by providing the Filename Encryption
      Key (FNEK) signature as a mount option.  Note that the ecryptfs-utils
      userspace package versions 61 or later support this option.
      
      When mounting with ecryptfs-utils version 61 or later, the mount helper
      will detect the availability of the passphrase-based filename encryption
      in the kernel (via the eCryptfs sysfs handle) and query the user
      interactively as to whether or not he wants to enable the feature for the
      mount.  If the user enables filename encryption, the mount helper will
      then prompt for the FNEK signature that the user wishes to use, suggesting
      by default the signature for the mount passphrase that the user has
      already entered for encrypting the file contents.
      
      When not using the mount helper, the user can specify the signature for
      the passphrase key with the ecryptfs_fnek_sig= mount option.  This key
      must be available in the user's keyring.  The mount helper usually takes
      care of this step.  If, however, the user is not mounting with the mount
      helper, then he will need to enter the passphrase key into his keyring
      with some other utility prior to mounting, such as ecryptfs-manager.
      Signed-off-by: NMichael Halcrow <mhalcrow@us.ibm.com>
      Cc: Dustin Kirkland <dustin.kirkland@gmail.com>
      Cc: Eric Sandeen <sandeen@redhat.com>
      Cc: Tyler Hicks <tchicks@us.ibm.com>
      Cc: David Kleikamp <shaggy@us.ibm.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      87c94c4d
  18. 14 11月, 2008 1 次提交
  19. 23 10月, 2008 1 次提交
  20. 17 10月, 2008 1 次提交
  21. 14 10月, 2008 1 次提交
  22. 27 7月, 2008 1 次提交
  23. 25 7月, 2008 5 次提交
  24. 29 4月, 2008 1 次提交
  25. 15 2月, 2008 2 次提交
  26. 07 2月, 2008 3 次提交