<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/fs, branch v3.0.13</title>
<subtitle>Linux kernel source tree</subtitle>
<id>https://git.amat.us/linux/atom/fs?h=v3.0.13</id>
<link rel='self' href='https://git.amat.us/linux/atom/fs?h=v3.0.13'/>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/'/>
<updated>2011-12-09T16:52:47Z</updated>
<entry>
<title>xfs: fix attr2 vs large data fork assert</title>
<updated>2011-12-09T16:52:47Z</updated>
<author>
<name>Christoph Hellwig</name>
<email>hch@infradead.org</email>
</author>
<published>2011-12-06T21:21:30Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=e006de470fa793b770cb098b39b46212a35b1b2b'/>
<id>urn:sha1:e006de470fa793b770cb098b39b46212a35b1b2b</id>
<content type='text'>
commit 4c393a6059f8442a70512a48ce4639b882b6f6ad upstream.

With Dmitry fsstress updates I've seen very reproducible crashes in
xfs_attr_shortform_remove because xfs_attr_shortform_bytesfit claims that
the attributes would not fit inline into the inode after removing an
attribute.  It turns out that we were operating on an inode with lots
of delalloc extents, and thus an if_bytes values for the data fork that
is larger than biggest possible on-disk storage for it which utterly
confuses the code near the end of xfs_attr_shortform_bytesfit.

Fix this by always allowing the current attribute fork, like we already
do for the attr1 format, given that delalloc conversion will take care
for moving either the data or attribute area out of line if it doesn't
fit at that point - or making the point moot by merging extents at this
point.

Also document the function better, and clean up some loose bits.

Reviewed-by: Dave Chinner &lt;dchinner@redhat.com&gt;
Signed-off-by: Christoph Hellwig &lt;hch@lst.de&gt;
Signed-off-by: Ben Myers &lt;bpm@sgi.com&gt;
Acked-by: Dave Chinner &lt;dchinner@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>xfs: force buffer writeback before blocking on the ilock in inode reclaim</title>
<updated>2011-12-09T16:52:46Z</updated>
<author>
<name>Christoph Hellwig</name>
<email>hch@infradead.org</email>
</author>
<published>2011-12-06T21:21:15Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=edb9a31845c5ba0ff325daa58f17f881d60d1559'/>
<id>urn:sha1:edb9a31845c5ba0ff325daa58f17f881d60d1559</id>
<content type='text'>
commit 4dd2cb4a28b7ab1f37163a4eba280926a13a8749 upstream.

If we are doing synchronous inode reclaim we block the VM from making
progress in memory reclaim.  So if we encouter a flush locked inode
promote it in the delwri list and wake up xfsbufd to write it out now.
Without this we can get hangs of up to 30 seconds during workloads hitting
synchronous inode reclaim.

The scheme is copied from what we do for dquot reclaims.

Reported-by: Simon Kirby &lt;sim@hostway.ca&gt;
Signed-off-by: Christoph Hellwig &lt;hch@lst.de&gt;
Tested-by: Simon Kirby &lt;sim@hostway.ca&gt;
Signed-off-by: Ben Myers &lt;bpm@sgi.com&gt;
Acked-by: Dave Chinner &lt;dchinner@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>xfs: validate acl count</title>
<updated>2011-12-09T16:52:46Z</updated>
<author>
<name>Christoph Hellwig</name>
<email>hch@infradead.org</email>
</author>
<published>2011-12-06T21:21:05Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=a980e5dccb3ff8cb8f77ff27264b13837958119d'/>
<id>urn:sha1:a980e5dccb3ff8cb8f77ff27264b13837958119d</id>
<content type='text'>
commit fa8b18edd752a8b4e9d1ee2cd615b82c93cf8bba upstream.

This prevents in-memory corruption and possible panics if the on-disk
ACL is badly corrupted.

Signed-off-by: Christoph Hellwig &lt;hch@lst.de&gt;
Signed-off-by: Ben Myers &lt;bpm@sgi.com&gt;
Acked-by: Dave Chinner &lt;dchinner@redhat.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>NFS: Prevent 3.0 from crashing if it receives a partial layout</title>
<updated>2011-12-09T16:52:46Z</updated>
<author>
<name>Trond Myklebust</name>
<email>Trond.Myklebust@netapp.com</email>
</author>
<published>2011-10-18T17:11:07Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=ee6dfa64be0c1e8976f20246278121bc9fcf1a24'/>
<id>urn:sha1:ee6dfa64be0c1e8976f20246278121bc9fcf1a24</id>
<content type='text'>
This is a backport of critical parts of
commit 7c24d9489f "NFSv4.1: File layout only supports whole file layouts"

It prevents the file layout driver from (incorrectly) using
partial layouts, but ignores the part of the referenced commmit that
relies on additional machinery to change the LAYOUTGET request
based on layout driver.

Signed-off-by: Fred Isaman &lt;iisaman@netapp.com&gt;
Acked-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>eCryptfs: Extend array bounds for all filename chars</title>
<updated>2011-12-09T16:52:19Z</updated>
<author>
<name>Tyler Hicks</name>
<email>tyhicks@canonical.com</email>
</author>
<published>2011-11-23T17:31:24Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=4d15dcb0e249cd9834afc9b44d674dbd9eb57116'/>
<id>urn:sha1:4d15dcb0e249cd9834afc9b44d674dbd9eb57116</id>
<content type='text'>
commit 0f751e641a71157aa584c2a2e22fda52b52b8a56 upstream.

From mhalcrow's original commit message:

    Characters with ASCII values greater than the size of
    filename_rev_map[] are valid filename characters.
    ecryptfs_decode_from_filename() will access kernel memory beyond
    that array, and ecryptfs_parse_tag_70_packet() will then decrypt
    those characters. The attacker, using the FNEK of the crafted file,
    can then re-encrypt the characters to reveal the kernel memory past
    the end of the filename_rev_map[] array. I expect low security
    impact since this array is statically allocated in the text area,
    and the amount of memory past the array that is accessible is
    limited by the largest possible ASCII filename character.

This patch solves the issue reported by mhalcrow but with an
implementation suggested by Linus to simply extend the length of
filename_rev_map[] to 256. Characters greater than 0x7A are mapped to
0x00, which is how invalid characters less than 0x7A were previously
being handled.

Signed-off-by: Tyler Hicks &lt;tyhicks@canonical.com&gt;
Reported-by: Michael Halcrow &lt;mhalcrow@google.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>eCryptfs: Flush file in vma close</title>
<updated>2011-12-09T16:52:18Z</updated>
<author>
<name>Tyler Hicks</name>
<email>tyhicks@canonical.com</email>
</author>
<published>2011-11-21T23:31:29Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=051726ea7a7d39c03cb5653c962b0b6f47b5cc37'/>
<id>urn:sha1:051726ea7a7d39c03cb5653c962b0b6f47b5cc37</id>
<content type='text'>
commit 32001d6fe9ac6b0423e674a3093aa56740849f3b upstream.

Dirty pages weren't being written back when an mmap'ed eCryptfs file was
closed before the mapping was unmapped. Since f_ops-&gt;flush() is not
called by the munmap() path, the lower file was simply being released.
This patch flushes the eCryptfs file in the vm_ops-&gt;close() path.

https://launchpad.net/bugs/870326

Signed-off-by: Tyler Hicks &lt;tyhicks@canonical.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;

</content>
</entry>
<entry>
<title>xfs: fix -&gt;write_inode return values</title>
<updated>2011-11-26T17:10:07Z</updated>
<author>
<name>Christoph Hellwig</name>
<email>hch@infradead.org</email>
</author>
<published>2011-11-19T18:13:39Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=ae6c19cd6c32f88b2d8549984ff2a5fcdcc932b2'/>
<id>urn:sha1:ae6c19cd6c32f88b2d8549984ff2a5fcdcc932b2</id>
<content type='text'>
patch 58d84c4ee0389ddeb86238d5d8359a982c9f7a5b upstream.

Currently we always redirty an inode that was attempted to be written out
synchronously but has been cleaned by an AIL pushed internall, which is
rather bogus.  Fix that by doing the i_update_core check early on and
return 0 for it.  Also include async calls for it, as doing any work for
those is just as pointless.  While we're at it also fix the sign for the
EIO return in case of a filesystem shutdown, and fix the completely
non-sensical locking around xfs_log_inode.

Signed-off-by: Christoph Hellwig &lt;hch@lst.de&gt;
Reviewed-by: Dave Chinner &lt;dchinner@redhat.com&gt;
Signed-off-by: Alex Elder &lt;aelder@sgi.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;
</content>
</entry>
<entry>
<title>xfs: use doalloc flag in xfs_qm_dqattach_one()</title>
<updated>2011-11-26T17:10:06Z</updated>
<author>
<name>Mitsuo Hayasaka</name>
<email>mitsuo.hayasaka.hu@hitachi.com</email>
</author>
<published>2011-11-19T18:13:45Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=7d7e5d33408819c084528dcff139fc4564c7bdda'/>
<id>urn:sha1:7d7e5d33408819c084528dcff139fc4564c7bdda</id>
<content type='text'>
commit db3e74b582915d66e10b0c73a62763418f54c340 upstream

The doalloc arg in xfs_qm_dqattach_one() is a flag that indicates
whether a new area to handle quota information will be allocated
if needed. Originally, it was passed to xfs_qm_dqget(), but has
been removed by the following commit (probably by mistake):

	commit 8e9b6e7fa4544ea8a0e030c8987b918509c8ff47
	Author: Christoph Hellwig &lt;hch@lst.de&gt;
	Date:   Sun Feb 8 21:51:42 2009 +0100

	xfs: remove the unused XFS_QMOPT_DQLOCK flag

As the result, xfs_qm_dqget() called from xfs_qm_dqattach_one()
never allocates the new area even if it is needed.

This patch gives the doalloc arg to xfs_qm_dqget() in
xfs_qm_dqattach_one() to fix this problem.

Signed-off-by: Mitsuo Hayasaka &lt;mitsuo.hayasaka.hu@hitachi.com&gt;
Cc: Alex Elder &lt;aelder@sgi.com&gt;
Cc: Christoph Hellwig &lt;hch@infradead.org&gt;
Reviewed-by: Christoph Hellwig &lt;hch@lst.de&gt;
Signed-off-by: Ben Myers &lt;bpm@sgi.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;
</content>
</entry>
<entry>
<title>xfs: Fix possible memory corruption in xfs_readlink</title>
<updated>2011-11-26T17:10:06Z</updated>
<author>
<name>Carlos Maiolino</name>
<email>cmaiolino@redhat.com</email>
</author>
<published>2011-11-19T18:13:44Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=626ff2d51fc1127814fa28bdfb1df761ea894755'/>
<id>urn:sha1:626ff2d51fc1127814fa28bdfb1df761ea894755</id>
<content type='text'>
commit b52a360b2aa1c59ba9970fb0f52bbb093fcc7a24 upstream.

Fixes a possible memory corruption when the link is larger than
MAXPATHLEN and XFS_DEBUG is not enabled. This also remove the
S_ISLNK assert, since the inode mode is checked previously in
xfs_readlink_by_handle() and via VFS.

Updated to address concerns raised by Ben Hutchings about the loose
attention paid to 32- vs 64-bit values, and the lack of handling a
potentially negative pathlen value:
 - Changed type of "pathlen" to be xfs_fsize_t, to match that of
   ip-&gt;i_d.di_size
 - Added checking for a negative pathlen to the too-long pathlen
   test, and generalized the message that gets reported in that case
   to reflect the change
As a result, if a negative pathlen were encountered, this function
would return EFSCORRUPTED (and would fail an assertion for a debug
build)--just as would a too-long pathlen.

Signed-off-by: Alex Elder &lt;aelder@sgi.com&gt;
Signed-off-by: Carlos Maiolino &lt;cmaiolino@redhat.com&gt;
Reviewed-by: Christoph Hellwig &lt;hch@lst.de&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;
</content>
</entry>
<entry>
<title>xfs: fix buffer flushing during unmount</title>
<updated>2011-11-26T17:10:06Z</updated>
<author>
<name>Christoph Hellwig</name>
<email>hch@infradead.org</email>
</author>
<published>2011-11-19T18:13:43Z</published>
<link rel='alternate' type='text/html' href='https://git.amat.us/linux/commit/?id=70f589ceb96bbf1d4c2c2f5b6c3d6dff19ddd31d'/>
<id>urn:sha1:70f589ceb96bbf1d4c2c2f5b6c3d6dff19ddd31d</id>
<content type='text'>
commit 87c7bec7fc3377b3873eb3a0f4b603981ea16ebb upstream.

The code to flush buffers in the umount code is a bit iffy: we first
flush all delwri buffers out, but then might be able to queue up a
new one when logging the sb counts.  On a normal shutdown that one
would get flushed out when doing the synchronous superblock write in
xfs_unmountfs_writesb, but we skip that one if the filesystem has
been shut down.

Fix this by moving the delwri list flushing until just before unmounting
the log, and while we're at it also remove the superflous delwri list
and buffer lru flusing for the rt and log device that can never have
cached or delwri buffers.

Signed-off-by: Christoph Hellwig &lt;hch@lst.de&gt;
Reported-by: Amit Sahrawat &lt;amit.sahrawat83@gmail.com&gt;
Tested-by: Amit Sahrawat &lt;amit.sahrawat83@gmail.com&gt;
Signed-off-by: Alex Elder &lt;aelder@sgi.com&gt;
Signed-off-by: Greg Kroah-Hartman &lt;gregkh@suse.de&gt;
</content>
</entry>
</feed>
