kernel/kernel-generic.git
15 years agoocfs2: Fix build warnings (64-bit types vs long long)
Jan Kara [Tue, 25 Nov 2008 14:31:30 +0000 (15:31 +0100)]
ocfs2: Fix build warnings (64-bit types vs long long)

fs/ocfs2/quota_local.c: In function 'olq_set_dquot':
fs/ocfs2/quota_local.c:844: warning: format '%lld' expects type 'long long int', but argument 7 has type '__le64'
fs/ocfs2/quota_local.c:844: warning: format '%lld' expects type 'long long int', but argument 8 has type '__le64'
fs/ocfs2/quota_local.c:844: warning: format '%lld' expects type 'long long int', but argument 7 has type '__le64'
fs/ocfs2/quota_local.c:844: warning: format '%lld' expects type 'long long int', but argument 8 has type '__le64'
fs/ocfs2/quota_local.c:844: warning: format '%lld' expects type 'long long int', but argument 7 has type '__le64'
fs/ocfs2/quota_local.c:844: warning: format '%lld' expects type 'long long int', but argument 8 has type '__le64'
fs/ocfs2/quota_global.c: In function '__ocfs2_sync_dquot':
fs/ocfs2/quota_global.c:457: warning: format '%lld' expects type 'long long int', but argument 8 has type 's64'
fs/ocfs2/quota_global.c:457: warning: format '%lld' expects type 'long long int', but argument 10 has type 's64'
fs/ocfs2/quota_global.c:457: warning: format '%lld' expects type 'long long int', but argument 8 has type 's64'
fs/ocfs2/quota_global.c:457: warning: format '%lld' expects type 'long long int', but argument 10 has type 's64'
fs/ocfs2/quota_global.c:457: warning: format '%lld' expects type 'long long int', but argument 8 has type 's64'
fs/ocfs2/quota_global.c:457: warning: format '%lld' expects type 'long long int', but argument 10 has type 's64'

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Make ocfs2_get_quota_block() consistent with ocfs2_read_quota_block()
Jan Kara [Tue, 25 Nov 2008 14:31:29 +0000 (15:31 +0100)]
ocfs2: Make ocfs2_get_quota_block() consistent with ocfs2_read_quota_block()

Make function return error status and not buffer pointer so that it's
consistent with ocfs2_read_quota_block().

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Fix oops when extending quota files
Jan Kara [Tue, 25 Nov 2008 14:31:28 +0000 (15:31 +0100)]
ocfs2: Fix oops when extending quota files

We have to mark buffer as uptodate before calling ocfs2_journal_access() and
ocfs2_set_buffer_uptodate() does not do this for us.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Fix ocfs2_read_quota_block() error handling.
Joel Becker [Tue, 25 Nov 2008 14:31:27 +0000 (15:31 +0100)]
ocfs2: Fix ocfs2_read_quota_block() error handling.

ocfs2_bread() has become ocfs2_read_virt_blocks(), with a prototype to
match ocfs2_read_blocks().  The quota code, converting from
ocfs2_bread(), wraps the call to ocfs2_read_virt_blocks() in
ocfs2_read_quota_block().  Unfortunately, the prototype of
ocfs2_read_quota_block() matches the old prototype of ocfs2_bread().

The problem is that ocfs2_bread() returned the buffer head, and callers
assumed that a NULL pointer was indicative of error.  It wasn't.  This
is why ocfs2_bread() took an int*err argument as well.

The new prototype of ocfs2_read_virt_blocks() avoids this error handling
confusion.  Let's change ocfs2_read_quota_block() to match.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Acked-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Add missing initialization
Jan Kara [Tue, 25 Nov 2008 14:31:26 +0000 (15:31 +0100)]
ocfs2: Add missing initialization

Add missing variable initialization to ocfs2_dquot_drop_slow().

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Use BH_JBDPrivateStart instead of BH_Unshadow
Mark Fasheh [Wed, 19 Nov 2008 01:16:47 +0000 (17:16 -0800)]
ocfs2: Use BH_JBDPrivateStart instead of BH_Unshadow

This is safer. We no longer have to worry about tracking changes to
jbd_state_bits.

Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agojbd2: Add BH_JBDPrivateStart
Mark Fasheh [Wed, 19 Nov 2008 01:15:24 +0000 (17:15 -0800)]
jbd2: Add BH_JBDPrivateStart

Add this so that file systems using JBD2 can safely allocate unused b_state
bits.

In this case, we add it so that Ocfs2 can define a single bit for tracking
the validation state of a buffer.

Acked-by: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Enable quota accounting on mount, disable on umount
Jan Kara [Thu, 21 Aug 2008 18:13:17 +0000 (20:13 +0200)]
ocfs2: Enable quota accounting on mount, disable on umount

Enable quota usage tracking on mount and disable it on umount. Also
add support for quota on and quota off quotactls and usrquota and
grpquota mount options. Add quota features among supported ones.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Implement quota recovery
Jan Kara [Mon, 20 Oct 2008 21:50:38 +0000 (23:50 +0200)]
ocfs2: Implement quota recovery

Implement functions for recovery after a crash. Functions just
read local quota file and sync info to global quota file.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Periodic quota syncing
Mark Fasheh [Mon, 20 Oct 2008 13:36:47 +0000 (15:36 +0200)]
ocfs2: Periodic quota syncing

This patch creates a work queue for periodic syncing of locally cached quota
information to the global quota files. We constantly queue a delayed work
item, to get the periodic behavior.

Signed-off-by: Mark Fasheh <mfasheh@suse.com>
Acked-by: Jan Kara <jack@suse.cz>
15 years agoocfs2: Add quota calls for allocation and freeing of inodes and space
Jan Kara [Thu, 9 Oct 2008 17:38:40 +0000 (19:38 +0200)]
ocfs2: Add quota calls for allocation and freeing of inodes and space

Add quota calls for allocation and freeing of inodes and space, also update
estimates on number of needed credits for a transaction. Move out inode
allocation from ocfs2_mknod_locked() because vfs_dq_init() must be called
outside of a transaction.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Implementation of local and global quota file handling
Jan Kara [Mon, 25 Aug 2008 17:56:50 +0000 (19:56 +0200)]
ocfs2: Implementation of local and global quota file handling

For each quota type each node has local quota file. In this file it stores
changes users have made to disk usage via this node. Once in a while this
information is synced to global file (and thus with other nodes) so that
limits enforcement at least aproximately works.

Global quota files contain all the information about usage and limits. It's
mostly handled by the generic VFS code (which implements a trie of structures
inside a quota file). We only have to provide functions to convert structures
from on-disk format to in-memory one. We also have to provide wrappers for
various quota functions starting transactions and acquiring necessary cluster
locks before the actual IO is really started.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Mark system files as not subject to quota accounting
Jan Kara [Thu, 21 Aug 2008 16:22:30 +0000 (18:22 +0200)]
ocfs2: Mark system files as not subject to quota accounting

Mark system files as not subject to quota accounting. This prevents
possible recursions into quota code and thus deadlocks.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Assign feature bits and system inodes to quota feature and quota files
Jan Kara [Wed, 20 Aug 2008 13:43:36 +0000 (15:43 +0200)]
ocfs2: Assign feature bits and system inodes to quota feature and quota files

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Support nested transactions
Jan Kara [Wed, 27 Aug 2008 20:30:28 +0000 (22:30 +0200)]
ocfs2: Support nested transactions

OCFS2 can easily support nested transactions. We just have to
take care and not spoil statistics acquire semaphore unnecessarily.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Implement function for scanning active dquots
Jan Kara [Mon, 20 Oct 2008 15:05:00 +0000 (17:05 +0200)]
quota: Implement function for scanning active dquots

OCFS2 needs to scan all active dquots once in a while and sync quota
information among cluster nodes. Provide a helper function for it so
that it does not have to reimplement internally a list which VFS
already has. Moreover this function is probably going to be useful
for other clustered filesystems if they decide to use VFS quotas.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Add helpers to allow ocfs2 specific quota initialization, freeing and recovery
Jan Kara [Fri, 10 Oct 2008 14:12:23 +0000 (16:12 +0200)]
quota: Add helpers to allow ocfs2 specific quota initialization, freeing and recovery

OCFS2 needs to peek whether quota structure is already in memory so
that it can avoid expensive cluster locking in that case. Similarly
when freeing dquots, it checks whether it is the last quota structure
user or not. Finally, it needs to get reference to dquot structure for
specified id and quota type when recovering quota file after crash.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Update version number
Jan Kara [Thu, 30 Oct 2008 08:17:52 +0000 (09:17 +0100)]
quota: Update version number

Increase reported version number of quota support since quota core has changed
significantly. Also remove __DQUOT_NUM_VERSION__ since nobody uses it.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Keep which entries were set by SETQUOTA quotactl
Jan Kara [Thu, 2 Oct 2008 14:48:10 +0000 (16:48 +0200)]
quota: Keep which entries were set by SETQUOTA quotactl

Quota in a clustered environment needs to synchronize quota information
among cluster nodes. This means we have to occasionally update some
information in dquot from disk / network. On the other hand we have to
be careful not to overwrite changes administrator did via SETQUOTA.
So indicate in dquot->dq_flags which entries have been set by SETQUOTA
and quota format can clear these flags when it properly propagated
the changes.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Allow negative usage of space and inodes
Jan Kara [Wed, 1 Oct 2008 16:21:39 +0000 (18:21 +0200)]
quota: Allow negative usage of space and inodes

For clustered filesystems, it can happen that space / inode usage goes
negative temporarily (because some node is allocating another node
is freeing and they are not completely in sync). So let quota code
allow this and change qsize_t so a signed type so that we don't
underflow the variables.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Convert union in mem_dqinfo to a pointer
Jan Kara [Thu, 2 Oct 2008 16:44:14 +0000 (18:44 +0200)]
quota: Convert union in mem_dqinfo to a pointer

Coming quota support for OCFS2 is going to need quite a bit
of additional per-sb quota information. Moreover having fs.h
include all the types needed for this structure would be a
pain in the a**. So remove the union from mem_dqinfo and add
a private pointer for filesystem's use.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Split off quota tree handling into a separate file
Jan Kara [Mon, 22 Sep 2008 03:54:49 +0000 (05:54 +0200)]
quota: Split off quota tree handling into a separate file

There is going to be a new version of quota format having 64-bit
quota limits and a new quota format for OCFS2. They are both
going to use the same tree structure as VFSv0 quota format. So
split out tree handling into a separate file and make size of
leaf blocks, amount of space usable in each block (needed for
checksumming) and structures contained in them configurable
so that the code can be shared.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Move quotaio_v[12].h from include/linux/ to fs/
Jan Kara [Sun, 21 Sep 2008 21:17:53 +0000 (23:17 +0200)]
quota: Move quotaio_v[12].h from include/linux/ to fs/

Since these include files are used only by implementation of quota formats,
there's no need to have them in include/linux/.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Introduce DQUOT_QUOTA_SYS_FILE flag
Jan Kara [Tue, 30 Sep 2008 15:53:37 +0000 (17:53 +0200)]
quota: Introduce DQUOT_QUOTA_SYS_FILE flag

If filesystem can handle quota files as system files hidden from users, we can
skip a lot of cache invalidation, syncing, inode flags setting etc. when
turning quotas on, off and quota_sync. Allow filesystem to indicate that it is
hiding quota files from users by DQUOT_QUOTA_SYS_FILE flag.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Remove compatibility function sb_any_quota_enabled()
Jan Kara [Wed, 20 Aug 2008 16:30:40 +0000 (18:30 +0200)]
quota: Remove compatibility function sb_any_quota_enabled()

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoreiserfs: Use sb_any_quota_loaded() instead of sb_any_quota_enabled().
Jan Kara [Wed, 20 Aug 2008 16:16:36 +0000 (18:16 +0200)]
reiserfs: Use sb_any_quota_loaded() instead of sb_any_quota_enabled().

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoext4: Use sb_any_quota_loaded() instead of sb_any_quota_enabled()
Jan Kara [Wed, 20 Aug 2008 16:14:35 +0000 (18:14 +0200)]
ext4: Use sb_any_quota_loaded() instead of sb_any_quota_enabled()

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoext3: Use sb_any_quota_loaded() instead of sb_any_quota_enabled()
Jan Kara [Wed, 20 Aug 2008 16:11:50 +0000 (18:11 +0200)]
ext3: Use sb_any_quota_loaded() instead of sb_any_quota_enabled()

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Allow to separately enable quota accounting and enforcing limits
Jan Kara [Wed, 20 Aug 2008 15:50:32 +0000 (17:50 +0200)]
quota: Allow to separately enable quota accounting and enforcing limits

Split DQUOT_USR_ENABLED (and DQUOT_GRP_ENABLED) into DQUOT_USR_USAGE_ENABLED
and DQUOT_USR_LIMITS_ENABLED. This way we are able to separately enable /
disable whether we should:
1) ignore quotas completely
2) just keep uptodate information about usage
3) actually enforce quota limits

This is going to be useful when quota is treated as filesystem metadata - we
then want to keep quota information uptodate all the time and just enable /
disable limits enforcement.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Make _SUSPENDED just a flag
Jan Kara [Wed, 20 Aug 2008 14:21:01 +0000 (16:21 +0200)]
quota: Make _SUSPENDED just a flag

Upto now, DQUOT_USR_SUSPENDED behaved like a state - i.e., either quota
was enabled or suspended or none. Now allowed states are 0, ENABLED,
ENABLED | SUSPENDED. This will be useful later when we implement separate
enabling of quota usage tracking and limits enforcement because we need to
keep track of a state which has been suspended.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Remove bogus 'optimization' in check_idq() and check_bdq()
Jan Kara [Wed, 20 Aug 2008 13:49:59 +0000 (15:49 +0200)]
quota: Remove bogus 'optimization' in check_idq() and check_bdq()

Checks like <= 0 for an unsigned type do not make much sence. The value
could be only 0 and that does not happen often enough for the check
to be worth it.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Increase size of variables for limits and inode usage
Jan Kara [Wed, 20 Aug 2008 12:45:12 +0000 (14:45 +0200)]
quota: Increase size of variables for limits and inode usage

So far quota was fine with quota block limits and inode limits/numbers in
a 32-bit type. Now with rapid increase in storage sizes there are coming
requests to be able to handle quota limits above 4TB / more that 2^32 inodes.
So bump up sizes of types in mem_dqblk structure to 64-bits to be able to
handle this. Also update inode allocation / checking functions to use qsize_t
and make global structure keep quota limits in bytes so that things are
consistent.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoquota: Add callbacks for allocating and destroying dquot structures
Jan Kara [Tue, 19 Aug 2008 12:51:22 +0000 (14:51 +0200)]
quota: Add callbacks for allocating and destroying dquot structures

Some filesystems would like to keep private information together with each
dquot. Add callbacks alloc_dquot and destroy_dquot allowing filesystem to
allocate larger dquots from their private slab in a similar fashion we
currently allocate inodes.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2/xattr: Restore not_found in xis
Tao Ma [Wed, 19 Nov 2008 08:48:42 +0000 (16:48 +0800)]
ocfs2/xattr: Restore not_found in xis

During an xattr set, when we move a xattr which was stored in inode to the
outside bucket, we have to delete it and it will use the old value of
xis->not_found. xis->not_found is removed by ocfs2_calc_xattr_set_need
though, so we must restore it.

Signed-off-by: Tao Ma <tao.ma@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2/xattr: Fix a bug in xattr allocation estimation
Tao Ma [Wed, 19 Nov 2008 08:48:41 +0000 (16:48 +0800)]
ocfs2/xattr: Fix a bug in xattr allocation estimation

When we extend one xattr's value to a large size, the old value size might
be smaller than the size of a value root. In those cases, we still need to
guess the metadata allocation.

Reported-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Tao Ma <tao.ma@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Remove JBD compatibility layer
Mark Fasheh [Wed, 19 Nov 2008 00:53:43 +0000 (16:53 -0800)]
ocfs2: Remove JBD compatibility layer

JBD2 is fully backwards compatible with JBD and it's been tested enough with
Ocfs2 that we can clean this code up now.

Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Convert ocfs2_read_dir_block() to ocfs2_read_virt_blocks()
Joel Becker [Thu, 13 Nov 2008 22:49:21 +0000 (14:49 -0800)]
ocfs2: Convert ocfs2_read_dir_block() to ocfs2_read_virt_blocks()

Now that we've centralized the ocfs2_read_virt_blocks() code, let's use
it in ocfs2_read_dir_block().

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Wrap virtual block reads in ocfs2_read_virt_blocks()
Joel Becker [Thu, 13 Nov 2008 22:49:20 +0000 (14:49 -0800)]
ocfs2: Wrap virtual block reads in ocfs2_read_virt_blocks()

The ocfs2_read_dir_block() function really maps an inode's virtual
blocks to physical ones before calling ocfs2_read_blocks().  Let's
extract that to common code, because other places might want to do that.

Other than the block number being virtual, ocfs2_read_virt_blocks()
takes the same arguments as ocfs2_read_blocks().  It converts those
virtual block numbers to physical before calling ocfs2_read_blocks()
directly.  If the blocks asked for are discontiguous, this can mean
multiple calls to ocfs2_read_blocks(), but this is mostly hidden from
the caller.

Like ocfs2_read_blocks(), the caller can pass in an existing
buffer_head.  This is usually done to pick up some readahead I/O.
ocfs2_read_virt_blocks() checks the buffer_head's block number
against the extent map - it must match.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Validate metadata only when it's read from disk.
Joel Becker [Thu, 13 Nov 2008 22:49:19 +0000 (14:49 -0800)]
ocfs2: Validate metadata only when it's read from disk.

Add an optional validation hook to ocfs2_read_blocks().  Now the
validation function is only called when a block was actually read off of
disk.  It is not called when the buffer was in cache.

We add a buffer state bit BH_NeedsValidate to flag these buffers.  It
must always be one higher than the last JBD2 buffer state bit.

The dinode, dirblock, extent_block, and xattr_block validators are
lifted to this scheme directly.  The group_descriptor validator needs to
be split into two pieces.  The first part only needs the gd buffer and
is passed to ocfs2_read_block().  The second part requires the dinode as
well, and is called every time.  It's only 3 compares, so it's tiny.
This also allows us to clean up the non-fatal gd check used by resize.c.
It now has no magic argument.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Wrap xattr block reads in a dedicated function
Joel Becker [Thu, 13 Nov 2008 22:49:18 +0000 (14:49 -0800)]
ocfs2: Wrap xattr block reads in a dedicated function

We weren't consistently checking xattr blocks after we read them.
Most places checked the signature, but none checked xb_blkno or
xb_fs_signature.  Create a toplevel ocfs2_read_xattr_block() that does
the read and the validation.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Wrap dirblock reads in a dedicated function.
Joel Becker [Thu, 13 Nov 2008 22:49:17 +0000 (14:49 -0800)]
ocfs2: Wrap dirblock reads in a dedicated function.

We have ocfs2_bread() as a vestige of the original ext-based dir code.
It's only used by directories, though.  Turn it into
ocfs2_read_dir_block(), with a prototype matching the other metadata
read functions.  It's set up to validate dirblocks when the time comes.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Wrap extent block reads in a dedicated function.
Joel Becker [Thu, 13 Nov 2008 22:49:16 +0000 (14:49 -0800)]
ocfs2: Wrap extent block reads in a dedicated function.

We weren't consistently checking extent blocks after we read them.
Most places checked the signature, but none checked h_blkno or
h_fs_signature.  Create a toplevel ocfs2_read_extent_block() that does
the read and the validation.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Morph the haphazard OCFS2_IS_VALID_GROUP_DESC() checks.
Joel Becker [Thu, 13 Nov 2008 22:49:15 +0000 (14:49 -0800)]
ocfs2: Morph the haphazard OCFS2_IS_VALID_GROUP_DESC() checks.

Random places in the code would check a group descriptor bh to see if it
was valid. The previous commit unified descriptor block reads,
validating all block reads in the same place.  Thus, these checks are no
longer necessary.  Rather than eliminate them, however, we change them
to BUG_ON() checks.  This ensures the assumptions remain true.  All of
the code paths to these checks have been audited to ensure they come
from a validated descriptor read.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Wrap group descriptor reads in a dedicated function.
Joel Becker [Thu, 13 Nov 2008 22:49:14 +0000 (14:49 -0800)]
ocfs2: Wrap group descriptor reads in a dedicated function.

We have a clean call for validating group descriptors, but every place
that wants the always does a read_block()+validate() call pair.  Create
a toplevel ocfs2_read_group_descriptor() that does the right
thing.  This allows us to leverage the single call point later for
fancier handling.  We also add validation of gd->bg_generation against
the superblock and gd->bg_blkno against the block we thought we read.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Consolidate validation of group descriptors.
Joel Becker [Thu, 13 Nov 2008 22:49:13 +0000 (14:49 -0800)]
ocfs2: Consolidate validation of group descriptors.

Currently the validation of group descriptors is directly duplicated so
that one version can error the filesystem and the other (resize) can
just report the problem.  Consolidate to one function that takes a
boolean.  Wrap that function with the old call for the old users.

This is in preparation for lifting the read+validate step into a
single function.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Morph the haphazard OCFS2_IS_VALID_DINODE() checks.
Joel Becker [Thu, 13 Nov 2008 22:49:12 +0000 (14:49 -0800)]
ocfs2: Morph the haphazard OCFS2_IS_VALID_DINODE() checks.

Random places in the code would check a dinode bh to see if it was
valid.  Not only did they do different levels of validation, they
handled errors in different ways.

The previous commit unified inode block reads, validating all block
reads in the same place.  Thus, these haphazard checks are no longer
necessary.  Rather than eliminate them, however, we change them to
BUG_ON() checks.  This ensures the assumptions remain true.  All of the
code paths to these checks have been audited to ensure they come from a
validated inode read.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Wrap inode block reads in a dedicated function.
Joel Becker [Thu, 13 Nov 2008 22:49:11 +0000 (14:49 -0800)]
ocfs2: Wrap inode block reads in a dedicated function.

The ocfs2 code currently reads inodes off disk with a simple
ocfs2_read_block() call.  Each place that does this has a different set
of sanity checks it performs.  Some check only the signature.  A couple
validate the block number (the block read vs di->i_blkno).  A couple
others check for VALID_FL.  Only one place validates i_fs_generation.  A
couple check nothing.  Even when an error is found, they don't all do
the same thing.

We wrap inode reading into ocfs2_read_inode_block().  This will validate
all the above fields, going readonly if they are invalid (they never
should be).  ocfs2_read_inode_block_full() is provided for the places
that want to pass read_block flags.  Every caller is passing a struct
inode with a valid ip_blkno, so we don't need a separate blkno argument
either.

We will remove the validation checks from the rest of the code in a
later commit, as they are no longer necessary.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: add mount option and Kconfig option for acl
Tiger Yang [Fri, 14 Nov 2008 03:17:52 +0000 (11:17 +0800)]
ocfs2: add mount option and Kconfig option for acl

This patch adds the Kconfig option "CONFIG_OCFS2_FS_POSIX_ACL"
and mount options "acl" to enable acls in Ocfs2.

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: add ocfs2_init_acl in mknod
Tiger Yang [Fri, 14 Nov 2008 03:17:41 +0000 (11:17 +0800)]
ocfs2: add ocfs2_init_acl in mknod

We need to get the parent directories acls and let the new child inherit it.
To this, we add additional calculations for data/metadata allocation.

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: add ocfs2_acl_chmod
Tiger Yang [Fri, 14 Nov 2008 03:17:29 +0000 (11:17 +0800)]
ocfs2: add ocfs2_acl_chmod

This function is used to update acl xattrs during file mode changes.

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: add ocfs2_check_acl
Tiger Yang [Fri, 14 Nov 2008 03:17:18 +0000 (11:17 +0800)]
ocfs2: add ocfs2_check_acl

This function is used to enhance permission checking with POSIX ACLs.

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: add POSIX ACL API
Tiger Yang [Fri, 14 Nov 2008 03:17:04 +0000 (11:17 +0800)]
ocfs2: add POSIX ACL API

This patch adds POSIX ACL(access control lists) APIs in ocfs2. We convert
struct posix_acl to many ocfs2_acl_entry and regard them as an extended
attribute entry.

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: add ocfs2_xattr_get_nolock
Tiger Yang [Fri, 14 Nov 2008 03:16:53 +0000 (11:16 +0800)]
ocfs2: add ocfs2_xattr_get_nolock

This function does the work of ocfs2_xattr_get under an open lock.

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: add ocfs2_init_security in during file create
Tiger Yang [Fri, 14 Nov 2008 03:16:41 +0000 (11:16 +0800)]
ocfs2: add ocfs2_init_security in during file create

Security attributes must be set when creating a new inode.

We do this in three steps.

- First, get security xattr's name and value by security_operation

- Calculate and reserve the meta data and clusters needed by this security
  xattr before starting transaction

- Finally, we set it before add_entry

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: add security xattr API
Tiger Yang [Fri, 14 Nov 2008 03:16:27 +0000 (11:16 +0800)]
ocfs2: add security xattr API

This patch add security xattr set/get/list APIs to
support security attributes in Ocfs2.

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: add ocfs2_xattr_set_handle
Tiger Yang [Fri, 14 Nov 2008 03:16:03 +0000 (11:16 +0800)]
ocfs2: add ocfs2_xattr_set_handle

This function is used to set xattr's in a started transaction. It is only
called during inode creation inode for initial security/acl xattrs of the
new inode. These xattrs could be put into ibody or extent block, so xattr
bucket would not be use in this case.

Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: move new inode allocation out of the transaction
Tiger Yang [Fri, 14 Nov 2008 03:15:44 +0000 (11:15 +0800)]
ocfs2: move new inode allocation out of the transaction

Move out inode allocation from ocfs2_mknod_locked() because
vfs_dq_init() must be called outside of a transaction.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Tiger Yang <tiger.yang@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: turn __ocfs2_remove_inode_range() into ocfs2_remove_btree_range()
Mark Fasheh [Wed, 12 Nov 2008 23:16:38 +0000 (15:16 -0800)]
ocfs2: turn __ocfs2_remove_inode_range() into ocfs2_remove_btree_range()

This patch genericizes the high level handling of extent removal.
ocfs2_remove_btree_range() is nearly identical to
__ocfs2_remove_inode_range(), except that extent tree operations have been
used where necessary. We update ocfs2_remove_inode_range() to use the
generic helper. Now extent tree based structures have an easy way to
truncate ranges.

Signed-off-by: Mark Fasheh <mfasheh@suse.com>
Acked-by: Joel Becker <joel.becker@oracle.com>
15 years agoocfs2/xattr: Merge xattr set transaction.
Tao Ma [Wed, 12 Nov 2008 00:27:01 +0000 (08:27 +0800)]
ocfs2/xattr: Merge xattr set transaction.

In current ocfs2/xattr, the whole xattr set is divided into
many steps are many transaction are used, this make the
xattr set process isn't like a real transaction, so this
patch try to merge all the transaction into one. Another
benefit is that acl can use it easily now.

I don't merge the transaction of deleting xattr when we
remove an inode. The reason is that if we have a large number
of xattrs and every xattrs has large values(large enough
for outside storage), the whole transaction will be very
huge and it looks like jbd can't handle it(I meet with a
jbd complain once). And the old inode removal is also divided
into many steps, so I'd like to leave as it is.

Note:
In xattr set, I try to avoid ocfs2_extend_trans since if
the credits aren't enough for the extension, it will commit
all the dirty blocks and create a new transaction which may
lead to inconsistency in metadata. All ocfs2_extend_trans
remained are safe now.

Signed-off-by: Tao Ma <tao.ma@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2/xattr: Reserve meta/data at the beginning of ocfs2_xattr_set.
Tao Ma [Wed, 12 Nov 2008 00:27:00 +0000 (08:27 +0800)]
ocfs2/xattr: Reserve meta/data at the beginning of ocfs2_xattr_set.

In ocfs2 xattr set, we reserve metadata and clusters in any place
they are needed. It is time-consuming and ineffective, so this
patch try to reserve metadata and clusters at the beginning of
ocfs2_xattr_set.

Signed-off-by: Tao Ma <tao.ma@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2/xattr: Move clusters free into dealloc.
Tao Ma [Wed, 12 Nov 2008 00:26:59 +0000 (08:26 +0800)]
ocfs2/xattr: Move clusters free into dealloc.

Move clusters free process into dealloc context so that
they can be freed after the transaction.

Signed-off-by: Tao Ma <tao.ma@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Add clusters free in dealloc_ctxt.
Tao Ma [Wed, 12 Nov 2008 00:26:58 +0000 (08:26 +0800)]
ocfs2: Add clusters free in dealloc_ctxt.

Now in ocfs2 xattr set, the whole process are divided into many small
parts and they are wrapped into diffrent transactions and it make the
set doesn't look like a real transaction. So we want to integrate it
into a real one.

In some cases we will allocate some clusters and free some in just one
transaction. e.g, one xattr is larger than inline size, so it and its
value root is stored within the inode while the value is outside in a
cluster. Then we try to update it with a smaller value(larger than the
size of root but smaller than inline size), we may need to free the
outside cluster while allocate a new bucket(one cluster) since now the
inode may be full. The old solution will lock the global_bitmap(if the
local alloc failed in stress test) and then the truncate log. This will
cause a ABBA lock with truncate log flush.

This patch add the clusters free in dealloc_ctxt, so that we can record
the free clusters during the transaction and then free it after we
release the global_bitmap in xattr set.

Signed-off-by: Tao Ma <tao.ma@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2/xattr: Only extend xattr bucket in need.
Tao Ma [Wed, 12 Nov 2008 00:26:57 +0000 (08:26 +0800)]
ocfs2/xattr: Only extend xattr bucket in need.

When the first block of a bucket is filled up with xattr
entries, we normally extend the bucket. But if we are
just replace one xattr with small length, we don't need
to extend it. This is important since we will calculate
what we need before the transaction and in this situation
no resources will be allocated.

Signed-off-by: Tao Ma <tao.ma@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2/xattr: Only set buffer update if it doesn't exist in cache.
Tao Ma [Thu, 6 Nov 2008 00:10:48 +0000 (08:10 +0800)]
ocfs2/xattr: Only set buffer update if it doesn't exist in cache.

When we call ocfs2_init_xattr_bucket, we deem that the new buffer head
will be written to disk immediately, so we just use sb_getblk. But in
some cases the buffer may have already been in ocfs2 uptodate cache,
so we only call ocfs2_set_buffer_uptodate if the buffer head isn't
in the cache.

Signed-off-by: Tao Ma <tao.ma@oracle.com>
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2/xattr: Remove additional bucket allocation in bucket defragment.
Tao Ma [Thu, 6 Nov 2008 00:10:47 +0000 (08:10 +0800)]
ocfs2/xattr: Remove additional bucket allocation in bucket defragment.

Joel has refactored xattr bucket and make xattr bucket a general
wrapper. So in ocfs2_defrag_xattr_bucket, we have already passed the
bucket in, so there is no need to allocate a new one and read it.

Signed-off-by: Tao Ma <tao.ma@oracle.com>
Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Use buckets in ocfs2_xattr_set_entry_in_bucket().
Joel Becker [Tue, 28 Oct 2008 01:07:45 +0000 (18:07 -0700)]
ocfs2: Use buckets in ocfs2_xattr_set_entry_in_bucket().

The ocfs2_xattr_set_entry_in_bucket() function is already working on an
ocfs2_xattr_bucket structure, so let's use the bucket API.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Use buckets in ocfs2_defrag_xattr_bucket().
Joel Becker [Mon, 27 Oct 2008 22:25:18 +0000 (15:25 -0700)]
ocfs2: Use buckets in ocfs2_defrag_xattr_bucket().

Use the ocfs2_xattr_bucket abstraction for reading and writing the
bucket in ocfs2_defrag_xattr_bucket().

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Use buckets in ocfs2_xattr_create_index_block().
Joel Becker [Mon, 27 Oct 2008 22:18:29 +0000 (15:18 -0700)]
ocfs2: Use buckets in ocfs2_xattr_create_index_block().

Use the ocfs2_xattr_bucket abstraction in
ocfs2_xattr_create_index_block() and its helpers.  We get more efficient
reads, a lot less buffer_head munging, and nicer code to boot.  While
we're at it, ocfs2_xattr_update_xattr_search() becomes void.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Use buckets in ocfs2_xattr_bucket_find().
Joel Becker [Mon, 27 Oct 2008 22:01:54 +0000 (15:01 -0700)]
ocfs2: Use buckets in ocfs2_xattr_bucket_find().

Change the ocfs2_xattr_bucket_find() function to use ocfs2_xattr_bucket
as its abstraction.  This makes for more efficient reads, as buckets are
linear blocks, and also has improved caching characteristics.  It also
reads better.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Take ocfs2_xattr_bucket structures off of the stack.
Joel Becker [Sat, 25 Oct 2008 02:13:20 +0000 (19:13 -0700)]
ocfs2: Take ocfs2_xattr_bucket structures off of the stack.

The ocfs2_xattr_bucket structure is a nice abstraction, but it is a bit
large to have on the stack.  Just like ocfs2_path, let's allocate it
with a ocfs2_xattr_bucket_new() function.

We can now store the inode on the bucket, cleaning up all the other
bucket functions.  While we're here, we catch another place or two that
wasn't using ocfs2_read_xattr_bucket().

Updates:
- No longer allocating xis.bucket, as it will never be used.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Copy xattr buckets with a dedicated function.
Joel Becker [Sat, 25 Oct 2008 01:54:43 +0000 (18:54 -0700)]
ocfs2: Copy xattr buckets with a dedicated function.

Now that the places that copy whole buckets are using struct
ocfs2_xattr_bucket, we can do the copy in a dedicated function.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Wrap journal_access/journal_dirty for xattr buckets.
Joel Becker [Sat, 25 Oct 2008 01:47:33 +0000 (18:47 -0700)]
ocfs2: Wrap journal_access/journal_dirty for xattr buckets.

A common action is to call ocfs2_journal_access() and
ocfs2_journal_dirty() on the buffer heads of an xattr bucket.  Let's
create nice wrappers.

While we're there, let's drop the places that try to be smart by writing
only the first and last blocks of a bucket.  A bucket is contiguous, so
writing the whole thing is actually more efficient.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Improve ocfs2_read_xattr_bucket().
Joel Becker [Sat, 25 Oct 2008 00:33:40 +0000 (17:33 -0700)]
ocfs2: Improve ocfs2_read_xattr_bucket().

The ocfs2_read_xattr_bucket() function would read an xattr bucket into a
list of buffer heads.  However, we have a nice ocfs2_xattr_bucket
structure.  Let's have it fill that out instead.

In addition, ocfs2_read_xattr_bucket() would initialize buffer heads for
a bucket that's never been on disk before.  That's confusing.  Let's
call that functionality ocfs2_init_xattr_bucket().

The functions ocfs2_cp_xattr_bucket() and ocfs2_half_xattr_bucket() are
updated to use the ocfs2_xattr_bucket structure rather than raw bh
lists.  That way they can use the new read/init calls.  In addition,
they drop the wasted read of an existing target bucket.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Provide a wrapper to brelse() xattr bucket buffers.
Joel Becker [Sat, 25 Oct 2008 00:16:48 +0000 (17:16 -0700)]
ocfs2: Provide a wrapper to brelse() xattr bucket buffers.

A common theme is walking all the buffer heads on an ocfs2_xattr_bucket
and releasing them.  Let's wrap that.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Convenient access to an xattr bucket's header.
Joel Becker [Sat, 25 Oct 2008 00:04:49 +0000 (17:04 -0700)]
ocfs2: Convenient access to an xattr bucket's header.

The xattr code often wants to access the ocfs2_xattr_header at the start
of an bucket.  Rather than walk the pointer chains, let's just create
another nice macro.  As a side benefit, we can get rid of the mostly
spurious ->bu_xh element on the bucket structure.  The idea is ripped
from the ocfs2_path code.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Convenient access to xattr bucket data blocks.
Joel Becker [Fri, 24 Oct 2008 23:57:21 +0000 (16:57 -0700)]
ocfs2: Convenient access to xattr bucket data blocks.

The xattr code often wants to access the data pointer for blocks in an
xattr bucket.  This is usually found by dereferencing the bh array
hanging off of the ocfs2_xattr_bucket structure.  Rather than do this
all the time, let's provide a nice little macro.  The idea is ripped
from the ocfs2_path code.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Convenient access to an xattr bucket's block number.
Joel Becker [Fri, 24 Oct 2008 23:21:03 +0000 (16:21 -0700)]
ocfs2: Convenient access to an xattr bucket's block number.

The xattr code often wants to know the block number of an xattr bucket.
This is usually found by dereferencing the first bh hanging off of the
ocfs2_xattr_bucket structure.  Rather than do this all the time, let's
provide a nice little macro.  The idea is ripped from the ocfs2_path
code.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoocfs2: Field prefixes for the xattr_bucket structure
Joel Becker [Sun, 19 Oct 2008 02:11:42 +0000 (19:11 -0700)]
ocfs2: Field prefixes for the xattr_bucket structure

The ocfs2_xattr_bucket structure keeps track of the buffers for one
xattr bucket.  Let's prefix the fields for easier code navigation.

Signed-off-by: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Mark Fasheh <mfasheh@suse.com>
15 years agoMerge branch 'audit.b61' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit...
Linus Torvalds [Mon, 5 Jan 2009 00:32:11 +0000 (16:32 -0800)]
Merge branch 'audit.b61' of git://git./linux/kernel/git/viro/audit-current

* 'audit.b61' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current:
  audit: validate comparison operations, store them in sane form
  clean up audit_rule_{add,del} a bit
  make sure that filterkey of task,always rules is reported
  audit rules ordering, part 2
  fixing audit rule ordering mess, part 1
  audit_update_lsm_rules() misses the audit_inode_hash[] ones
  sanitize audit_log_capset()
  sanitize audit_fd_pair()
  sanitize audit_mq_open()
  sanitize AUDIT_MQ_SENDRECV
  sanitize audit_mq_notify()
  sanitize audit_mq_getsetattr()
  sanitize audit_ipc_set_perm()
  sanitize audit_ipc_obj()
  sanitize audit_socketcall
  don't reallocate buffer in every audit_sockaddr()

15 years agortc: add alarm/update irq interfaces
Alessandro Zummo [Sun, 4 Jan 2009 20:00:54 +0000 (12:00 -0800)]
rtc: add alarm/update irq interfaces

Add standard interfaces for alarm/update irqs enabling.  Drivers are no
more required to implement equivalent ioctl code as rtc-dev will provide
it.

UIE emulation should now be handled correctly and will work even for those
RTC drivers who cannot be configured to do both UIE and AIE.

Signed-off-by: Alessandro Zummo <a.zummo@towertech.it>
Cc: David Brownell <david-b@pacbell.net>
Cc: Atsushi Nemoto <anemo@mba.ocn.ne.jp>
Cc: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
15 years agofs: symlink write_begin allocation context fix
Nick Piggin [Sun, 4 Jan 2009 20:00:53 +0000 (12:00 -0800)]
fs: symlink write_begin allocation context fix

With the write_begin/write_end aops, page_symlink was broken because it
could no longer pass a GFP_NOFS type mask into the point where the
allocations happened.  They are done in write_begin, which would always
assume that the filesystem can be entered from reclaim.  This bug could
cause filesystem deadlocks.

The funny thing with having a gfp_t mask there is that it doesn't really
allow the caller to arbitrarily tinker with the context in which it can be
called.  It couldn't ever be GFP_ATOMIC, for example, because it needs to
take the page lock.  The only thing any callers care about is __GFP_FS
anyway, so turn that into a single flag.

Add a new flag for write_begin, AOP_FLAG_NOFS.  Filesystems can now act on
this flag in their write_begin function.  Change __grab_cache_page to
accept a nofs argument as well, to honour that flag (while we're there,
change the name to grab_cache_page_write_begin which is more instructive
and does away with random leading underscores).

This is really a more flexible way to go in the end anyway -- if a
filesystem happens to want any extra allocations aside from the pagecache
ones in ints write_begin function, it may now use GFP_KERNEL (rather than
GFP_NOFS) for common case allocations (eg.  ocfs2_alloc_write_ctxt, for a
random example).

[kosaki.motohiro@jp.fujitsu.com: fix ubifs]
[kosaki.motohiro@jp.fujitsu.com: fix fuse]
Signed-off-by: Nick Piggin <npiggin@suse.de>
Reviewed-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Cc: <stable@kernel.org> [2.6.28.x]
Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
[ Cleaned up the calling convention: just pass in the AOP flags
  untouched to the grab_cache_page_write_begin() function.  That
  just simplifies everybody, and may even allow future expansion of the
  logic.   - Linus ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
15 years agoviafb: fix crashes due to 4k stack overflow
Bruno Prémont [Sun, 4 Jan 2009 21:11:54 +0000 (13:11 -0800)]
viafb: fix crashes due to 4k stack overflow

The function viafb_cursor() uses 2 stack-variables of CURSOR_SIZE bits;
CURSOR_SIZE is defined as (8 * 1024).  Using up twice 1k on stack is too
much for 4k-stack (though it works with 8k-stacks).  Make those two
variables kzalloc'ed to preserve stack space.

Also merge the whole lot of local struct's in viafb_ioctl into a union so
the stack usage gets minimized here as well.  (struct's are only accessed
in their indicidual IOCTL case) This second part is only compile-tested as
I know of no userspace app using the IOCTLs.

Signed-off-by: Bruno Prémont <bonbons@linux-vserver.org>
Cc: <JosephChan@via.com.tw>
Cc: Krzysztof Helt <krzysztof.h1@poczta.fm>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
15 years agofs: introduce bgl_lock_ptr()
Pekka Enberg [Sun, 4 Jan 2009 20:00:48 +0000 (12:00 -0800)]
fs: introduce bgl_lock_ptr()

As suggested by Andreas Dilger, introduce a bgl_lock_ptr() helper in
<linux/blockgroup_lock.h> and add separate sb_bgl_lock() helpers to
filesystem specific header files to break the hidden dependency to
struct ext[234]_sb_info.

Also, while at it, convert the macros to static inlines to try make up
for all the times I broke Andrew Morton's tree.

Acked-by: Andreas Dilger <adilger@sun.com>
Signed-off-by: Pekka Enberg <penberg@cs.helsinki.fi>
Cc: <linux-ext4@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
15 years agospi.h uses/needs device.h
Randy Dunlap [Sun, 4 Jan 2009 20:00:47 +0000 (12:00 -0800)]
spi.h uses/needs device.h

Include header files as used/needed:

  In file included from drivers/leds/leds-dac124s085.c:16:
  include/linux/spi/spi.h:66: error: field 'dev' has incomplete type
  include/linux/spi/spi.h: In function 'to_spi_device':
  include/linux/spi/spi.h:100: warning: type defaults to 'int' in declaration of '__mptr'
  ...

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Cc: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
15 years agovmalloc.c: fix flushing in vmap_page_range()
Adam Lackorzynski [Sun, 4 Jan 2009 20:00:46 +0000 (12:00 -0800)]
vmalloc.c: fix flushing in vmap_page_range()

The flush_cache_vmap in vmap_page_range() is called with the end of the
range twice.  The following patch fixes this for me.

Signed-off-by: Adam Lackorzynski <adam@os.inf.tu-dresden.de>
Cc: Nick Piggin <nickpiggin@yahoo.com.au>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
15 years agocgroups: fix a race between cgroup_clone and umount
Li Zefan [Sun, 4 Jan 2009 20:00:45 +0000 (12:00 -0800)]
cgroups: fix a race between cgroup_clone and umount

The race is calling cgroup_clone() while umounting the ns cgroup subsys,
and thus cgroup_clone() might access invalid cgroup_fs, or kill_sb() is
called after cgroup_clone() created a new dir in it.

The BUG I triggered is BUG_ON(root->number_of_cgroups != 1);

  ------------[ cut here ]------------
  kernel BUG at kernel/cgroup.c:1093!
  invalid opcode: 0000 [#1] SMP
  ...
  Process umount (pid: 5177, ti=e411e000 task=e40c4670 task.ti=e411e000)
  ...
  Call Trace:
   [<c0493df7>] ? deactivate_super+0x3f/0x51
   [<c04a3600>] ? mntput_no_expire+0xb3/0xdd
   [<c04a3ab2>] ? sys_umount+0x265/0x2ac
   [<c04a3b06>] ? sys_oldumount+0xd/0xf
   [<c0403911>] ? sysenter_do_call+0x12/0x31
  ...
  EIP: [<c0456e76>] cgroup_kill_sb+0x23/0xe0 SS:ESP 0068:e411ef2c
  ---[ end trace c766c1be3bf944ac ]---

Cc: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: Li Zefan <lizf@cn.fujitsu.com>
Cc: Paul Menage <menage@google.com>
Cc: "Serge E. Hallyn" <serue@us.ibm.com>
Cc: Balbir Singh <balbir@in.ibm.com>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
15 years agoaudit: validate comparison operations, store them in sane form
Al Viro [Tue, 16 Dec 2008 10:59:26 +0000 (05:59 -0500)]
audit: validate comparison operations, store them in sane form

Don't store the field->op in the messy (and very inconvenient for e.g.
audit_comparator()) form; translate to dense set of values and do full
validation of userland-submitted value while we are at it.

->audit_init_rule() and ->audit_match_rule() get new values now; in-tree
instances updated.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agoclean up audit_rule_{add,del} a bit
Al Viro [Mon, 15 Dec 2008 06:50:28 +0000 (01:50 -0500)]
clean up audit_rule_{add,del} a bit

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agomake sure that filterkey of task,always rules is reported
Al Viro [Tue, 16 Dec 2008 08:51:22 +0000 (03:51 -0500)]
make sure that filterkey of task,always rules is reported

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agoaudit rules ordering, part 2
Al Viro [Mon, 15 Dec 2008 06:17:50 +0000 (01:17 -0500)]
audit rules ordering, part 2

Fix the actual rule listing; add per-type lists _not_ used for matching,
with all exit,... sitting on one such list.  Simplifies "do something
for all rules" logics, while we are at it...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agofixing audit rule ordering mess, part 1
Al Viro [Mon, 15 Dec 2008 04:45:27 +0000 (23:45 -0500)]
fixing audit rule ordering mess, part 1

Problem: ordering between the rules on exit chain is currently lost;
all watch and inode rules are listed after everything else _and_
exit,never on one kind doesn't stop exit,always on another from
being matched.

Solution: assign priorities to rules, keep track of the current
highest-priority matching rule and its result (always/never).

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agoaudit_update_lsm_rules() misses the audit_inode_hash[] ones
Al Viro [Sun, 14 Dec 2008 17:04:02 +0000 (12:04 -0500)]
audit_update_lsm_rules() misses the audit_inode_hash[] ones

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agosanitize audit_log_capset()
Al Viro [Sun, 4 Jan 2009 19:52:57 +0000 (14:52 -0500)]
sanitize audit_log_capset()

* no allocations
* return void
* don't duplicate checked for dummy context

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agosanitize audit_fd_pair()
Al Viro [Sun, 14 Dec 2008 09:57:47 +0000 (04:57 -0500)]
sanitize audit_fd_pair()

* no allocations
* return void

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agosanitize audit_mq_open()
Al Viro [Sun, 14 Dec 2008 09:02:26 +0000 (04:02 -0500)]
sanitize audit_mq_open()

* don't bother with allocations
* don't do double copy_from_user()
* don't duplicate parts of check for audit_dummy_context()

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agosanitize AUDIT_MQ_SENDRECV
Al Viro [Sun, 14 Dec 2008 08:46:48 +0000 (03:46 -0500)]
sanitize AUDIT_MQ_SENDRECV

* logging the original value of *msg_prio in mq_timedreceive(2)
  is insane - the argument is write-only (i.e. syscall always
  ignores the original value and only overwrites it).
* merge __audit_mq_timed{send,receive}
* don't do copy_from_user() twice
* don't mess with allocations in auditsc part
* ... and don't bother checking !audit_enabled and !context in there -
  we'd already checked for audit_dummy_context().

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agosanitize audit_mq_notify()
Al Viro [Wed, 10 Dec 2008 12:16:12 +0000 (07:16 -0500)]
sanitize audit_mq_notify()

* don't copy_from_user() twice
* don't bother with allocations
* don't duplicate parts of audit_dummy_context()
* make it return void

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agosanitize audit_mq_getsetattr()
Al Viro [Wed, 10 Dec 2008 11:58:59 +0000 (06:58 -0500)]
sanitize audit_mq_getsetattr()

* get rid of allocations
* make it return void
* don't duplicate parts of audit_dummy_context()

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agosanitize audit_ipc_set_perm()
Al Viro [Wed, 10 Dec 2008 08:47:15 +0000 (03:47 -0500)]
sanitize audit_ipc_set_perm()

* get rid of allocations
* make it return void
* simplify callers

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
15 years agosanitize audit_ipc_obj()
Al Viro [Wed, 10 Dec 2008 08:40:06 +0000 (03:40 -0500)]
sanitize audit_ipc_obj()

* get rid of allocations
* make it return void
* simplify callers

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>