1. 29 4月, 2008 1 次提交
  2. 28 4月, 2008 2 次提交
  3. 26 4月, 2008 1 次提交
    • J
      locks: don't call ->copy_lock methods on return of conflicting locks · 1a747ee0
      J. Bruce Fields 提交于
      The file_lock structure is used both as a heavy-weight representation of
      an active lock, with pointers to reference-counted structures, etc., and
      as a simple container for parameters that describe a file lock.
      
      The conflicting lock returned from __posix_lock_file is an example of
      the latter; so don't call the filesystem or lock manager callbacks when
      copying to it.  This also saves the need for an unnecessary
      locks_init_lock in the nfsv4 server.
      
      Thanks to Trond for pointing out the error.
      Signed-off-by: NJ. Bruce Fields <bfields@citi.umich.edu>
      Cc: Trond Myklebust <Trond.Myklebust@netapp.com>
      1a747ee0
  4. 25 4月, 2008 2 次提交
  5. 22 4月, 2008 1 次提交
  6. 19 4月, 2008 3 次提交
  7. 19 2月, 2008 1 次提交
  8. 15 2月, 2008 1 次提交
  9. 09 2月, 2008 5 次提交
  10. 08 2月, 2008 3 次提交
    • D
      iget: remove iget() and the read_inode() super op as being obsolete · 12debc42
      David Howells 提交于
      Remove the old iget() call and the read_inode() superblock operation it uses
      as these are really obsolete, and the use of read_inode() does not produce
      proper error handling (no distinction between ENOMEM and EIO when marking an
      inode bad).
      
      Furthermore, this removes the temptation to use iget() to find an inode by
      number in a filesystem from code outside that filesystem.
      
      iget_locked() should be used instead.  A new function is added in an earlier
      patch (iget_failed) that is to be called to mark an inode as bad, unlock it
      and release it should the get routine fail.  Mark iget() and read_inode() as
      being obsolete and remove references to them from the documentation.
      
      Typically a filesystem will be modified such that the read_inode function
      becomes an internal iget function, for example the following:
      
      	void thingyfs_read_inode(struct inode *inode)
      	{
      		...
      	}
      
      would be changed into something like:
      
      	struct inode *thingyfs_iget(struct super_block *sp, unsigned long ino)
      	{
      		struct inode *inode;
      		int ret;
      
      		inode = iget_locked(sb, ino);
      		if (!inode)
      			return ERR_PTR(-ENOMEM);
      		if (!(inode->i_state & I_NEW))
      			return inode;
      
      		...
      		unlock_new_inode(inode);
      		return inode;
      	error:
      		iget_failed(inode);
      		return ERR_PTR(ret);
      	}
      
      and then thingyfs_iget() would be called rather than iget(), for example:
      
      	ret = -EINVAL;
      	inode = iget(sb, ino);
      	if (!inode || is_bad_inode(inode))
      		goto error;
      
      becomes:
      
      	inode = thingyfs_iget(sb, ino);
      	if (IS_ERR(inode)) {
      		ret = PTR_ERR(inode);
      		goto error;
      	}
      
      Note that is_bad_inode() does not need to be called.  The error returned by
      thingyfs_iget() should render it unnecessary.
      Signed-off-by: NDavid Howells <dhowells@redhat.com>
      Acked-by: NChristoph Hellwig <hch@lst.de>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      12debc42
    • D
      iget: introduce a function to register iget failure · b46980fe
      David Howells 提交于
      Introduce a function to register failure in an inode construction path.  This
      includes marking the inode under construction as bad, unlocking it and
      releasing it.
      Signed-off-by: NDavid Howells <dhowells@redhat.com>
      Acked-by: NChristoph Hellwig <hch@lst.de>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      b46980fe
    • E
      VFS: swap do_ioctl and vfs_ioctl names · deb21db7
      Erez Zadok 提交于
      Rename old vfs_ioctl to do_ioctl, because the comment above it clearly
      indicates that it is an internal function not to be exported to modules;
      therefore it should have a more traditional do_XXX name.  The new do_ioctl
      is exported in fs.h but not to modules.
      
      Rename the old do_ioctl to vfs_ioctl because the names vfs_XXX should
      preferably be reserved to callable VFS functions which modules may call, as
      many other vfs_XXX functions already do.  Export the new vfs_ioctl to GPL
      modules so others can use it (including Unionfs and eCryptfs).  Add DocBook
      for new vfs_ioctl.
      
      [akpm@linux-foundation.org: fix build]
      Signed-off-by: NErez Zadok <ezk@cs.sunysb.edu>
      Cc: Christoph Hellwig <hch@lst.de>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      deb21db7
  11. 07 2月, 2008 4 次提交
  12. 04 2月, 2008 1 次提交
  13. 03 2月, 2008 1 次提交
  14. 29 1月, 2008 2 次提交
  15. 25 1月, 2008 1 次提交
  16. 22 10月, 2007 1 次提交
    • C
      exportfs: make struct export_operations const · 39655164
      Christoph Hellwig 提交于
      Now that nfsd has stopped writing to the find_exported_dentry member we an
      mark the export_operations const
      Signed-off-by: NChristoph Hellwig <hch@lst.de>
      Cc: Neil Brown <neilb@suse.de>
      Cc: "J. Bruce Fields" <bfields@fieldses.org>
      Cc: <linux-ext4@vger.kernel.org>
      Cc: Dave Kleikamp <shaggy@austin.ibm.com>
      Cc: Anton Altaparmakov <aia21@cantab.net>
      Cc: David Chinner <dgc@sgi.com>
      Cc: Timothy Shimmin <tes@sgi.com>
      Cc: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
      Cc: Hugh Dickins <hugh@veritas.com>
      Cc: Chris Mason <mason@suse.com>
      Cc: Jeff Mahoney <jeffm@suse.com>
      Cc: "Vladimir V. Saveliev" <vs@namesys.com>
      Cc: Steven Whitehouse <swhiteho@redhat.com>
      Cc: Mark Fasheh <mark.fasheh@oracle.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      39655164
  17. 21 10月, 2007 1 次提交
  18. 20 10月, 2007 3 次提交
  19. 19 10月, 2007 1 次提交
  20. 17 10月, 2007 5 次提交
    • S
      Implement file posix capabilities · b5376771
      Serge E. Hallyn 提交于
      Implement file posix capabilities.  This allows programs to be given a
      subset of root's powers regardless of who runs them, without having to use
      setuid and giving the binary all of root's powers.
      
      This version works with Kaigai Kohei's userspace tools, found at
      http://www.kaigai.gr.jp/index.php.  For more information on how to use this
      patch, Chris Friedhoff has posted a nice page at
      http://www.friedhoff.org/fscaps.html.
      
      Changelog:
      	Nov 27:
      	Incorporate fixes from Andrew Morton
      	(security-introduce-file-caps-tweaks and
      	security-introduce-file-caps-warning-fix)
      	Fix Kconfig dependency.
      	Fix change signaling behavior when file caps are not compiled in.
      
      	Nov 13:
      	Integrate comments from Alexey: Remove CONFIG_ ifdef from
      	capability.h, and use %zd for printing a size_t.
      
      	Nov 13:
      	Fix endianness warnings by sparse as suggested by Alexey
      	Dobriyan.
      
      	Nov 09:
      	Address warnings of unused variables at cap_bprm_set_security
      	when file capabilities are disabled, and simultaneously clean
      	up the code a little, by pulling the new code into a helper
      	function.
      
      	Nov 08:
      	For pointers to required userspace tools and how to use
      	them, see http://www.friedhoff.org/fscaps.html.
      
      	Nov 07:
      	Fix the calculation of the highest bit checked in
      	check_cap_sanity().
      
      	Nov 07:
      	Allow file caps to be enabled without CONFIG_SECURITY, since
      	capabilities are the default.
      	Hook cap_task_setscheduler when !CONFIG_SECURITY.
      	Move capable(TASK_KILL) to end of cap_task_kill to reduce
      	audit messages.
      
      	Nov 05:
      	Add secondary calls in selinux/hooks.c to task_setioprio and
      	task_setscheduler so that selinux and capabilities with file
      	cap support can be stacked.
      
      	Sep 05:
      	As Seth Arnold points out, uid checks are out of place
      	for capability code.
      
      	Sep 01:
      	Define task_setscheduler, task_setioprio, cap_task_kill, and
      	task_setnice to make sure a user cannot affect a process in which
      	they called a program with some fscaps.
      
      	One remaining question is the note under task_setscheduler: are we
      	ok with CAP_SYS_NICE being sufficient to confine a process to a
      	cpuset?
      
      	It is a semantic change, as without fsccaps, attach_task doesn't
      	allow CAP_SYS_NICE to override the uid equivalence check.  But since
      	it uses security_task_setscheduler, which elsewhere is used where
      	CAP_SYS_NICE can be used to override the uid equivalence check,
      	fixing it might be tough.
      
      	     task_setscheduler
      		 note: this also controls cpuset:attach_task.  Are we ok with
      		     CAP_SYS_NICE being used to confine to a cpuset?
      	     task_setioprio
      	     task_setnice
      		 sys_setpriority uses this (through set_one_prio) for another
      		 process.  Need same checks as setrlimit
      
      	Aug 21:
      	Updated secureexec implementation to reflect the fact that
      	euid and uid might be the same and nonzero, but the process
      	might still have elevated caps.
      
      	Aug 15:
      	Handle endianness of xattrs.
      	Enforce capability version match between kernel and disk.
      	Enforce that no bits beyond the known max capability are
      	set, else return -EPERM.
      	With this extra processing, it may be worth reconsidering
      	doing all the work at bprm_set_security rather than
      	d_instantiate.
      
      	Aug 10:
      	Always call getxattr at bprm_set_security, rather than
      	caching it at d_instantiate.
      
      [morgan@kernel.org: file-caps clean up for linux/capability.h]
      [bunk@kernel.org: unexport cap_inode_killpriv]
      Signed-off-by: NSerge E. Hallyn <serue@us.ibm.com>
      Cc: Stephen Smalley <sds@tycho.nsa.gov>
      Cc: James Morris <jmorris@namei.org>
      Cc: Chris Wright <chrisw@sous-sol.org>
      Cc: Andrew Morgan <morgan@kernel.org>
      Signed-off-by: NAndrew Morgan <morgan@kernel.org>
      Signed-off-by: NAdrian Bunk <bunk@kernel.org>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      b5376771
    • J
      introduce I_SYNC · 1c0eeaf5
      Joern Engel 提交于
      I_LOCK was used for several unrelated purposes, which caused deadlock
      situations in certain filesystems as a side effect.  One of the purposes
      now uses the new I_SYNC bit.
      
      Also document the various bits and change their order from historical to
      logical.
      
      [bunk@stusta.de: make fs/inode.c:wake_up_inode() static]
      Signed-off-by: NJoern Engel <joern@wohnheim.fh-wedel.de>
      Cc: Dave Kleikamp <shaggy@linux.vnet.ibm.com>
      Cc: David Chinner <dgc@sgi.com>
      Cc: Anton Altaparmakov <aia21@cam.ac.uk>
      Cc: Al Viro <viro@ftp.linux.org.uk>
      Cc: Christoph Hellwig <hch@infradead.org>
      Signed-off-by: NAdrian Bunk <bunk@stusta.de>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      1c0eeaf5
    • F
      writeback: fix ntfs with sb_has_dirty_inodes() · 08d8e974
      Fengguang Wu 提交于
      NTFS's if-condition on dirty inodes is not complete.  Fix it with
      sb_has_dirty_inodes().
      
      Cc: Anton Altaparmakov <aia21@cantab.net>
      Cc: Ken Chen <kenchen@google.com>
      Signed-off-by: NFengguang Wu <wfg@mail.ustc.edu.cn>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      08d8e974
    • K
      writeback: fix periodic superblock dirty inode flushing · 0e0f4fc2
      Ken Chen 提交于
      Current -mm tree has bucketful of bug fixes in periodic writeback path.
      However, we still hit a glitch where dirty pages on a given inode aren't
      completely flushed to the disk, and system will accumulate large amount of
      dirty pages beyond what dirty_expire_interval is designed for.
      
      The problem is __sync_single_inode() will move an inode to sb->s_dirty list
      even when there are more pending dirty pages on that inode.  If there is
      another inode with a small number of dirty pages, we hit a case where the loop
      iteration in wb_kupdate() terminates prematurely because wbc.nr_to_write > 0.
      Thus leaving the inode that has large amount of dirty pages behind and it has
      to wait for another dirty_writeback_interval before we flush it again.  We
      effectively only write out MAX_WRITEBACK_PAGES every dirty_writeback_interval.
      If the rate of dirtying is sufficiently high, the system will start
      accumulate a large number of dirty pages.
      
      So fix it by having another sb->s_more_io list on which to park the inode
      while we iterate through sb->s_io and to allow each dirty inode which resides
      on that sb to have an equal chance of flushing some amount of dirty pages.
      Signed-off-by: NKen Chen <kenchen@google.com>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      0e0f4fc2
    • M
      Fix f_version type: should be u64 instead of unsigned long · 2b47c361
      Mathieu Desnoyers 提交于
      Fix f_version type: should be u64 instead of long
      
      There is a type inconsistency between struct inode i_version and struct file
      f_version.
      
      fs.h:
      
      struct inode
        u64                     i_version;
      
      and
      
      struct file
        unsigned long           f_version;
      
      Users do:
      
      fs/ext3/dir.c:
      
      if (filp->f_version != inode->i_version) {
      
      So why isn't f_version a u64 ? It becomes a problem if versions gets
      higher than 2^32 and we are on an architecture where longs are 32 bits.
      
      This patch changes the f_version type to u64, and updates the users accordingly.
      
      It applies to 2.6.23-rc2-mm2.
      Signed-off-by: NMathieu Desnoyers <mathieu.desnoyers@polymtl.ca>
      Cc: Martin Bligh <mbligh@google.com>
      Cc: "Randy.Dunlap" <rdunlap@xenotime.net>
      Cc: Al Viro <viro@ftp.linux.org.uk>
      Cc: <linux-ext4@vger.kernel.org>
      Cc: Mark Fasheh <mark.fasheh@oracle.com>
      Cc: Christoph Hellwig <hch@lst.de>
      Cc: "J. Bruce Fields" <bfields@fieldses.org>
      Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
      Signed-off-by: NAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      2b47c361