Al Viro [Sun, 16 Jun 2013 15:08:36 +0000 (19:08 +0400)]
fanotify: quit wanking with FASYNC in ->release()
... especially since there's no way to get that sucker
on the list fsnotify_fasync() works with - the only thing
adding to it is fsnotify_fasync() itself and it's never
called for fanotify files while they are opened.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sun, 16 Jun 2013 15:05:07 +0000 (19:05 +0400)]
comedi: quit wanking with FASYNC in ->release()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sun, 16 Jun 2013 13:25:12 +0000 (17:25 +0400)]
more open-coded file_inode() calls
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 15 Jun 2013 07:37:47 +0000 (11:37 +0400)]
kill find_inode_number()
the only remaining caller (in ncpfs) is guaranteed to return 0 -
we only hit it if we'd just checked that there's no dentry with
such name.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 19 Jun 2013 09:21:03 +0000 (13:21 +0400)]
coda: don't bother with find_inode_number()
the fallback it's using for dcache misses is actually the
same value we would've used for inumber anyway.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 15 Jun 2013 07:33:10 +0000 (11:33 +0400)]
proc_fill_cache(): clean up, get rid of pointless find_inode_number() use
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 15 Jun 2013 07:15:20 +0000 (11:15 +0400)]
proc_fill_cache(): just make instantiate_t return int
all instances always return ERR_PTR(-E...) or NULL, anyway
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 15 Jun 2013 06:45:10 +0000 (10:45 +0400)]
proc_pid_readdir(): stop wanking with proc_fill_cache() for /proc/self
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 15 Jun 2013 06:26:35 +0000 (10:26 +0400)]
proc_fill_cache(): kill pointless check
we'd just checked that child->d_inode is non-NULL, for fuck sake!
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 15 Jun 2013 01:53:23 +0000 (05:53 +0400)]
ncpfs: don't bother with EBUSY on removal of busy directories
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 15 Jun 2013 01:49:36 +0000 (05:49 +0400)]
don't call file_pos_write() if vfs_{read,write}{,v}() fails
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
David Howells [Thu, 13 Jun 2013 22:37:55 +0000 (23:37 +0100)]
SELinux: Institute file_path_has_perm()
Create a file_path_has_perm() function that is like path_has_perm() but
instead takes a file struct that is the source of both the path and the
inode (rather than getting the inode from the dentry in the path). This
is then used where appropriate.
This will be useful for situations like unionmount where it will be
possible to have an apparently-negative dentry (eg. a fallthrough) that is
open with the file struct pointing to an inode on the lower fs.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
David Howells [Thu, 13 Jun 2013 22:37:49 +0000 (23:37 +0100)]
Replace a bunch of file->dentry->d_inode refs with file_inode()
Replace a bunch of file->dentry->d_inode refs with file_inode().
In __fput(), use file->f_inode instead so as not to be affected by any tricks
that file_inode() might grow.
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 12 Jun 2013 05:35:33 +0000 (09:35 +0400)]
udf: provide ->tmpfile()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Tue, 11 Jun 2013 08:52:02 +0000 (12:52 +0400)]
ext3 ->tmpfile() support
In this case we do need a bit more than usual, due to orphan
list handling.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Tue, 11 Jun 2013 04:34:36 +0000 (08:34 +0400)]
allow the temp files created by open() to be linked to
O_TMPFILE | O_CREAT => linkat() with AT_SYMLINK_FOLLOW and /proc/self/fd/<n>
as oldpath (i.e. flink()) will create a link
O_TMPFILE | O_CREAT | O_EXCL => ENOENT on attempt to link those guys
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 7 Jun 2013 05:20:27 +0000 (01:20 -0400)]
[O_TMPFILE] it's still short a few helpers, but infrastructure should be OK now...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Tue, 11 Jun 2013 04:23:01 +0000 (08:23 +0400)]
allow build_open_flags() to return an error
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 24 May 2013 00:10:34 +0000 (20:10 -0400)]
lift file_*_write out of do_splice_direct()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 24 May 2013 00:07:11 +0000 (20:07 -0400)]
lift file_*_write out of do_splice_from()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 6 Jun 2013 13:12:33 +0000 (09:12 -0400)]
do_last(): fix missing checks for LAST_BIND case
/proc/self/cwd with O_CREAT should fail with EISDIR. /proc/self/exe, OTOH,
should fail with ENOTDIR when opened with O_DIRECTORY.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 5 Jun 2013 18:09:55 +0000 (14:09 -0400)]
pcm_native: switch to fdget()/fdput()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 23 May 2013 02:22:04 +0000 (22:22 -0400)]
[readdir] constify ->actor
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 23 May 2013 01:44:23 +0000 (21:44 -0400)]
[readdir] ->readdir() is gone
everything's converted to ->iterate()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 23 May 2013 01:23:40 +0000 (21:23 -0400)]
[readdir] convert ecryptfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 23 May 2013 01:15:30 +0000 (21:15 -0400)]
[readdir] convert coda
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 23 May 2013 01:06:00 +0000 (21:06 -0400)]
[readdir] convert ocfs2
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 22 May 2013 22:37:16 +0000 (18:37 -0400)]
[readdir] convert fatfs
... pox upon the idiotic ioctls; life would be much easier without
those.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 22 May 2013 21:07:56 +0000 (17:07 -0400)]
[readdir] convert xfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 22 May 2013 20:48:09 +0000 (16:48 -0400)]
[readdir] convert btrfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 22 May 2013 20:34:19 +0000 (16:34 -0400)]
[readdir] convert hostfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 22 May 2013 20:31:14 +0000 (16:31 -0400)]
[readdir] convert afs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 22 May 2013 19:11:27 +0000 (15:11 -0400)]
[readdir] convert ncpfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 22 May 2013 18:59:39 +0000 (14:59 -0400)]
[readdir] convert hfsplus
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 22 May 2013 18:29:35 +0000 (14:29 -0400)]
[readdir] convert hfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 22 May 2013 17:44:05 +0000 (13:44 -0400)]
[readdir] convert befs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 22 May 2013 20:17:25 +0000 (16:17 -0400)]
[readdir] convert cifs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 18 May 2013 07:15:00 +0000 (03:15 -0400)]
[readdir] convert freevxfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 18 May 2013 07:03:58 +0000 (03:03 -0400)]
[readdir] convert fuse
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 18 May 2013 06:58:57 +0000 (02:58 -0400)]
[readdir] convert hpfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 18 May 2013 02:58:58 +0000 (22:58 -0400)]
reiserfs: switch reiserfs_readdir_dentry to inode
... and clean the callers up a bit
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 18 May 2013 02:45:29 +0000 (22:45 -0400)]
reiserfs: is_privroot_deh() needs only directory inode, actually
... and that - only to get the superblock. Privroot is a directory
and we don't allow hardlinks to those...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 18 May 2013 02:42:17 +0000 (22:42 -0400)]
[readdir] convert reiserfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 18 May 2013 01:22:31 +0000 (21:22 -0400)]
[readdir] convert ntfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 18 May 2013 01:11:59 +0000 (21:11 -0400)]
[readdir] convert isofs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 22:08:49 +0000 (18:08 -0400)]
[readdir] convert jffs2
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 22:02:17 +0000 (18:02 -0400)]
[readdir] convert f2fs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 21:51:41 +0000 (17:51 -0400)]
[readdir] convert 9p
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 21:44:42 +0000 (17:44 -0400)]
[readdir] convert affs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 21:30:10 +0000 (17:30 -0400)]
[readdir] convert adfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 21:06:34 +0000 (17:06 -0400)]
[readdir] convert logfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 21:00:34 +0000 (17:00 -0400)]
[readdir] convert jfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 20:52:26 +0000 (16:52 -0400)]
[readdir] convert ceph
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 20:34:50 +0000 (16:34 -0400)]
[readdir] convert nfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 20:08:53 +0000 (16:08 -0400)]
[readdir] convert ext4
and trim the living hell out bogosities in inline dir case
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 19:32:10 +0000 (15:32 -0400)]
[readdir] convert qnx6
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 19:17:59 +0000 (15:17 -0400)]
[readdir] convert qnx4
... and use strnlen() instead of strlen() - it's done on untrusted data,
after all.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Fri, 17 May 2013 19:05:25 +0000 (15:05 -0400)]
[readdir] convert omfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 18:36:14 +0000 (14:36 -0400)]
[readdir] convert nilfs2
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 18:31:02 +0000 (14:31 -0400)]
[readdir] convert sysfs
get rid of the kludges in sysfs_readdir()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 18:14:48 +0000 (14:14 -0400)]
[readdir] convert gfs2
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 17:48:17 +0000 (13:48 -0400)]
[readdir] convert exofs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 17:41:48 +0000 (13:41 -0400)]
[readdir] convert bfs
... and get rid of that ridiculous mutex in bfs_readdir()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 16:07:31 +0000 (12:07 -0400)]
[readdir] convert procfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 05:52:12 +0000 (01:52 -0400)]
[readdir] convert openpromfs
what the hell is op_mutex for, BTW?
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 05:41:10 +0000 (01:41 -0400)]
[readdir] convert efs
* sanity checks belong before risky operation, not after it
* don't quit as soon as we'd found an entry
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 05:28:34 +0000 (01:28 -0400)]
[readdir] convert configfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 05:22:00 +0000 (01:22 -0400)]
[readdir] convert romfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 05:17:58 +0000 (01:17 -0400)]
[readdir] convert squashfs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 05:14:46 +0000 (01:14 -0400)]
[readdir] convert ubifs
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 05:09:37 +0000 (01:09 -0400)]
[readdir] convert udf
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 01:02:48 +0000 (21:02 -0400)]
[readdir] convert ext3
new helper: dir_relax(inode). Call when you are in location that will
_not_ be invalidated by directory modifications (block boundary, in case
of ext*). Returns whether the directory has survived (dropping i_mutex
allows rmdir to kill the sucker; if it returns false to us, ->iterate()
is obviously done)
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 16 May 2013 00:23:06 +0000 (20:23 -0400)]
[readdir] switch dcache_readdir() users to ->iterate()
new helpers - dir_emit_dot(file, ctx, dentry), dir_emit_dotdot(file, ctx),
dir_emit_dots(file, ctx).
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 15 May 2013 22:51:49 +0000 (18:51 -0400)]
[readdir] simple local unixlike: switch to ->iterate()
ext2, ufs, minix, sysv
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 15 May 2013 22:49:12 +0000 (18:49 -0400)]
[readdir] introduce ->iterate(), ctx->pos, dir_emit()
New method - ->iterate(file, ctx). That's the replacement for ->readdir();
it takes callback from ctx->actor, uses ctx->pos instead of file->f_pos and
calls dir_emit(ctx, ...) instead of filldir(data, ...). It does *not*
update file->f_pos (or look at it, for that matter); iterate_dir() does the
update.
Note that dir_emit() takes the offset from ctx->pos (and eventually
filldir_t will lose that argument).
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 15 May 2013 17:52:59 +0000 (13:52 -0400)]
[readdir] introduce iterate_dir() and dir_context
iterate_dir(): new helper, replacing vfs_readdir().
struct dir_context: contains the readdir callback (and will get more stuff
in it), embedded into whatever data that callback wants to deal with;
eventually, we'll be passing it to ->readdir() replacement instead of
(data,filldir) pair.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sun, 12 May 2013 14:14:07 +0000 (10:14 -0400)]
move linux/loop.h to drivers/block
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sun, 12 May 2013 14:12:11 +0000 (10:12 -0400)]
compat.c: LOOP_CLR_FD is taken care of in loop.c itself...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 11 May 2013 16:39:26 +0000 (12:39 -0400)]
pxa3xx: VM_IO is set by io_remap_pfn_range()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 11 May 2013 16:38:38 +0000 (12:38 -0400)]
au1100fb: VM_IO is set by io_remap_pfn_range()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 11 May 2013 16:37:38 +0000 (12:37 -0400)]
au1200fb: io_remap_pfn_range() sets VM_IO
... and single return is quite sufficient to get out of function, TYVM
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 11 May 2013 16:33:31 +0000 (12:33 -0400)]
vfio: remap_pfn_range() sets all those flags...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 11 May 2013 16:27:16 +0000 (12:27 -0400)]
i810: VM_IO is set by io_remap_pfn_range()
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 11 May 2013 16:23:17 +0000 (12:23 -0400)]
drm: io_remap_pfn_range() sets VM_IO...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 11 May 2013 16:21:55 +0000 (12:21 -0400)]
sparc: __pci_mmap_set_flags() is useless
io_remap_pfn_range() does all we need
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 11 May 2013 16:19:34 +0000 (12:19 -0400)]
mn10300: don't bother with VM_IO
io_remap_pfn_range() sets it
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 11 May 2013 16:18:01 +0000 (12:18 -0400)]
hose_mmap_page_range(): io_remap_pfn_range() will set all those flags...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 11 May 2013 16:15:47 +0000 (12:15 -0400)]
samsung: don't bother with setting VM_IO
io_remap_pfn_range() will set it just fine
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 11 May 2013 16:13:10 +0000 (12:13 -0400)]
consolidate io_remap_pfn_range definitions
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Artem Bityutskiy [Fri, 28 Jun 2013 11:15:15 +0000 (14:15 +0300)]
UBIFS: fix a horrid bug
Al Viro pointed me to the fact that '->readdir()' and '->llseek()' have no
mutual exclusion, which means the 'ubifs_dir_llseek()' can be run while we are
in the middle of 'ubifs_readdir()'.
This means that 'file->private_data' can be freed while 'ubifs_readdir()' uses
it, and this is a very bad bug: not only 'ubifs_readdir()' can return garbage,
but this may corrupt memory and lead to all kinds of problems like crashes an
security holes.
This patch fixes the problem by using the 'file->f_version' field, which
'->llseek()' always unconditionally sets to zero. We set it to 1 in
'ubifs_readdir()' and whenever we detect that it became 0, we know there was a
seek and it is time to clear the state saved in 'file->private_data'.
I tested this patch by writing a user-space program which runds readdir and
seek in parallell. I could easily crash the kernel without these patches, but
could not crash it with these patches.
Cc: stable@vger.kernel.org
Reported-by: Al Viro <viro@zeniv.linux.org.uk>
Tested-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Artem Bityutskiy [Fri, 28 Jun 2013 11:15:14 +0000 (14:15 +0300)]
UBIFS: prepare to fix a horrid bug
Al Viro pointed me to the fact that '->readdir()' and '->llseek()' have no
mutual exclusion, which means the 'ubifs_dir_llseek()' can be run while we are
in the middle of 'ubifs_readdir()'.
First of all, this means that 'file->private_data' can be freed while
'ubifs_readdir()' uses it. But this particular patch does not fix the problem.
This patch is only a preparation, and the fix will follow next.
In this patch we make 'ubifs_readdir()' stop using 'file->f_pos' directly,
because 'file->f_pos' can be changed by '->llseek()' at any point. This may
lead 'ubifs_readdir()' to returning inconsistent data: directory entry names
may correspond to incorrect file positions.
So here we introduce a local variable 'pos', read 'file->f_pose' once at very
the beginning, and then stick to 'pos'. The result of this is that when
'ubifs_dir_llseek()' changes 'file->f_pos' while we are in the middle of
'ubifs_readdir()', the latter "wins".
Cc: stable@vger.kernel.org
Reported-by: Al Viro <viro@zeniv.linux.org.uk>
Tested-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sat, 22 Jun 2013 07:01:38 +0000 (11:01 +0400)]
aout32 coredump compat fix
dump_seek() does SEEK_CUR, not SEEK_SET; native binfmt_aout
handles it correctly (seeks by PAGE_SIZE - sizeof(struct user),
getting the current position to PAGE_SIZE), compat one seeks
by PAGE_SIZE and ends up at PAGE_SIZE + already written...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Thu, 20 Jun 2013 14:58:36 +0000 (18:58 +0400)]
splice: don't pass the address of ->f_pos to methods
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Wed, 19 Jun 2013 08:35:42 +0000 (12:35 +0400)]
mconsole: we'd better initialize pos before passing it to vfs_read()...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Al Viro [Sun, 16 Jun 2013 17:06:06 +0000 (18:06 +0100)]
lseek(fd, n, SEEK_END) does *not* go to eof - n
When you copy some code, you are supposed to read it. If nothing else,
there's a chance to spot and fix an obvious bug instead of sharing it...
X-Song: "I Got It From Agnes", by Tom Lehrer
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
[ Tom Lehrer? You're dating yourself, Al ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Linus Torvalds [Sat, 15 Jun 2013 21:51:07 +0000 (11:51 -1000)]
Linux 3.10-rc6
Linus Torvalds [Sat, 15 Jun 2013 21:49:48 +0000 (11:49 -1000)]
Merge tag 'fixes-for-linus' of git://git./linux/kernel/git/arm/arm-soc
Pull ARM SoC fixes from Olof Johansson:
"These are a little later than I planned on since I got caught up with
handling merges for 3.11 most of the week.
Another week, another batch of fixes for arm-soc platforms.
Again, nothing controversial. A few more than would be ideal, but all
are valid fixes. In particular the prima2 panic patch is critical
since it fixes a problem where multiplatform kernels panic on all but
prima2 hardware."
* tag 'fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc:
ARM: SAMSUNG: pm: Adjust for pinctrl- and DT-enabled platforms
ARM: prima2: fix incorrect panic usage
arm: mvebu: armada-xp-{gp,openblocks-ax3-4}: specify PCIe range
ARM: Kirkwood: handle mv88f6282 cpu in __kirkwood_variant().
ARM: omap3: clock: fix wrong container_of in clock36xx.c
ARM: dts: OMAP5: Fix missing PWM capability to timer nodes
ARM: dts: omap4-panda|sdp: Fix mux for twl6030 IRQ pin and msecure line
ARM: dts: AM33xx: Fix properties on gpmc node
arm: omap2: fix AM33xx hwmod infos for UART2
ARM: OMAP3: Fix iva2_pwrdm settings for 3703
Linus Torvalds [Sat, 15 Jun 2013 21:47:56 +0000 (11:47 -1000)]
Merge git://git./linux/kernel/git/davem/net
Pull networking fixes from David Miller:
1) Fix RTNL locking in batman-adv, from Matthias Schiffer.
2) Don't allow non-passthrough macvlan devices to set NOPROMISC via
netlink, otherwise we can end up with corrupted promisc counter
values on the device. From Michael S Tsirkin.
3) Fix stmmac driver build with debugging defines enabled, from Dinh
Nguyen.
4) Make sure name string we give in socket address in AF_PACKET is NULL
terminated, from Daniel Borkmann.
5) Fix leaking of two uninitialized bytes of memory to userspace in
l2tp, from Guillaume Nault.
6) Clear IPCB(skb) before tunneling otherwise we touch dangling IP
options state and crash. From Saurabh Mohan.
7) Fix suspend/resume for davinci_mdio by using suspend_late and
resume_early. From Mugunthan V N.
8) Don't tag ip_tunnel_init_net and ip_tunnel_delete_net with
__net_{init,exit}, they can be called outside of those contexts.
From Eric Dumazet.
9) Fix RX length error in sh_eth driver, from Yoshihiro Shimoda.
10) Fix missing sctp_outq initialization in some code paths of SCTP
stack, from Neil Horman.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (21 commits)
sctp: fully initialize sctp_outq in sctp_outq_init
netiucv: Hold rtnl between name allocation and device registration.
tulip: Properly check dma mapping result
net: sh_eth: fix incorrect RX length error if R8A7740
ip_tunnel: remove __net_init/exit from exported functions
drivers: net: davinci_mdio: restore mdio clk divider in mdio resume
drivers: net: davinci_mdio: moving mdio resume earlier than cpsw ethernet driver
net/ipv4: ip_vti clear skb cb before tunneling.
tg3: Wait for boot code to finish after power on
l2tp: Fix sendmsg() return value
l2tp: Fix PPP header erasure and memory leak
bonding: fix igmp_retrans type and two related races
bonding: reset master mac on first enslave failure
packet: packet_getname_spkt: make sure string is always 0-terminated
net: ethernet: stmicro: stmmac: Fix compile error when STMMAC_XMIT_DEBUG used
be2net: Fix 32-bit DMA Mask handling
xen-netback: don't de-reference vif pointer after having called xenvif_put()
macvlan: don't touch promisc without passthrough
batman-adv: Don't handle address updates when bla is disabled
batman-adv: forward late OGMs from best next hop
...
Linus Torvalds [Sat, 15 Jun 2013 05:25:04 +0000 (19:25 -1000)]
Merge branch 'merge' of git://git./linux/kernel/git/benh/powerpc
Pull powerpc fixes from Benjamin Herrenschmidt:
"So here are 3 fixes still for 3.10. Fixes are simple, bugs are nasty
(though not recent regressions, nasty enough) and all targeted at
stable"
* 'merge' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc:
powerpc: Fix missing/delayed calls to irq_work
powerpc: Fix emulation of illegal instructions on PowerNV platform
powerpc: Fix stack overflow crash in resume_kernel when ftracing
David Daney [Fri, 14 Jun 2013 18:13:59 +0000 (11:13 -0700)]
smp.h: Use local_irq_{save,restore}() in !SMP version of on_each_cpu().
Thanks to commit
f91eb62f71b3 ("init: scream bloody murder if interrupts
are enabled too early"), "bloody murder" is now being screamed.
With a MIPS OCTEON config, we use on_each_cpu() in our
irq_chip.irq_bus_sync_unlock() function. This gets called in early as a
result of the time_init() call. Because the !SMP version of
on_each_cpu() unconditionally enables irqs, we get:
WARNING: at init/main.c:560 start_kernel+0x250/0x410()
Interrupts were enabled early
CPU: 0 PID: 0 Comm: swapper Not tainted 3.10.0-rc5-Cavium-Octeon+ #801
Call Trace:
show_stack+0x68/0x80
warn_slowpath_common+0x78/0xb0
warn_slowpath_fmt+0x38/0x48
start_kernel+0x250/0x410
Suggested fix: Do what we already do in the SMP version of
on_each_cpu(), and use local_irq_save/local_irq_restore. Because we
need a flags variable, make it a static inline to avoid name space
issues.
[ Change from v1: Convert on_each_cpu to a static inline function, add
#include <linux/irqflags.h> to avoid build breakage on some files.
on_each_cpu_mask() and on_each_cpu_cond() suffer the same problem as
on_each_cpu(), but they are not causing !SMP bugs for me, so I will
defer changing them to a less urgent patch. ]
Signed-off-by: David Daney <david.daney@cavium.com>
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
projects / platform / kernel / linux-stable.git / log