diff options
Diffstat (limited to 'fs')
63 files changed, 5132 insertions, 4845 deletions
diff --git a/fs/afs/flock.c b/fs/afs/flock.c index 8f07f8d1bfa..4f77f3caee9 100644 --- a/fs/afs/flock.c +++ b/fs/afs/flock.c @@ -456,7 +456,8 @@ static int afs_do_getlk(struct file *file, struct file_lock *fl) /* check local lock records first */ ret = 0; - if (posix_test_lock(file, fl) == 0) { + posix_test_lock(file, fl); + if (fl->fl_type == F_UNLCK) { /* no local locks; consult the server */ ret = afs_vnode_fetch_status(vnode, NULL, key); if (ret < 0) diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index a27e42bf340..ba24cb2ff6c 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -148,6 +148,7 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec, elf_addr_t *elf_info; int ei_index = 0; struct task_struct *tsk = current; + struct vm_area_struct *vma; /* * If this architecture has a platform capability string, copy it @@ -234,6 +235,15 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec, sp = (elf_addr_t __user *)bprm->p; #endif + + /* + * Grow the stack manually; some architectures have a limit on how + * far ahead a user-space access may be in order to grow the stack. + */ + vma = find_extend_vma(current->mm, bprm->p); + if (!vma) + return -EFAULT; + /* Now, let's put argc (and argv, envp if appropriate) on the stack */ if (__put_user(argc, sp++)) return -EFAULT; @@ -254,8 +264,8 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec, size_t len; if (__put_user((elf_addr_t)p, argv++)) return -EFAULT; - len = strnlen_user((void __user *)p, PAGE_SIZE*MAX_ARG_PAGES); - if (!len || len > PAGE_SIZE*MAX_ARG_PAGES) + len = strnlen_user((void __user *)p, MAX_ARG_STRLEN); + if (!len || len > MAX_ARG_STRLEN) return 0; p += len; } @@ -266,8 +276,8 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr *exec, size_t len; if (__put_user((elf_addr_t)p, envp++)) return -EFAULT; - len = strnlen_user((void __user *)p, PAGE_SIZE*MAX_ARG_PAGES); - if (!len || len > PAGE_SIZE*MAX_ARG_PAGES) + len = strnlen_user((void __user *)p, MAX_ARG_STRLEN); + if (!len || len > MAX_ARG_STRLEN) return 0; p += len; } @@ -826,10 +836,6 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) } /* OK, This is the point of no return */ - current->mm->start_data = 0; - current->mm->end_data = 0; - current->mm->end_code = 0; - current->mm->mmap = NULL; current->flags &= ~PF_FORKNOEXEC; current->mm->def_flags = def_flags; @@ -1051,9 +1057,13 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs) compute_creds(bprm); current->flags &= ~PF_FORKNOEXEC; - create_elf_tables(bprm, &loc->elf_ex, + retval = create_elf_tables(bprm, &loc->elf_ex, (interpreter_type == INTERPRETER_AOUT), load_addr, interp_load_addr); + if (retval < 0) { + send_sig(SIGKILL, current, 0); + goto out; + } /* N.B. passed_fileno might not be initialized? */ if (interpreter_type == INTERPRETER_AOUT) current->mm->arg_start += strlen(passed_fileno) + 1; @@ -1252,7 +1262,7 @@ static int dump_seek(struct file *file, loff_t off) * * I think we should skip something. But I am not sure how. H.J. */ -static int maydump(struct vm_area_struct *vma) +static int maydump(struct vm_area_struct *vma, unsigned long mm_flags) { /* The vma can be set up to tell us the answer directly. */ if (vma->vm_flags & VM_ALWAYSDUMP) @@ -1262,15 +1272,19 @@ static int maydump(struct vm_area_struct *vma) if (vma->vm_flags & (VM_IO | VM_RESERVED)) return 0; - /* Dump shared memory only if mapped from an anonymous file. */ - if (vma->vm_flags & VM_SHARED) - return vma->vm_file->f_path.dentry->d_inode->i_nlink == 0; + /* By default, dump shared memory if mapped from an anonymous file. */ + if (vma->vm_flags & VM_SHARED) { + if (vma->vm_file->f_path.dentry->d_inode->i_nlink == 0) + return test_bit(MMF_DUMP_ANON_SHARED, &mm_flags); + else + return test_bit(MMF_DUMP_MAPPED_SHARED, &mm_flags); + } - /* If it hasn't been written to, don't write it out */ + /* By default, if it hasn't been written to, don't write it out. */ if (!vma->anon_vma) - return 0; + return test_bit(MMF_DUMP_MAPPED_PRIVATE, &mm_flags); - return 1; + return test_bit(MMF_DUMP_ANON_PRIVATE, &mm_flags); } /* An ELF note in memory */ @@ -1562,6 +1576,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file) #endif int thread_status_size = 0; elf_addr_t *auxv; + unsigned long mm_flags; #ifdef ELF_CORE_WRITE_EXTRA_NOTES int extra_notes_size; #endif @@ -1705,6 +1720,13 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file) dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE); + /* + * We must use the same mm->flags while dumping core to avoid + * inconsistency between the program headers and bodies, otherwise an + * unusable core file can be generated. + */ + mm_flags = current->mm->flags; + /* Write program headers for segments dump */ for (vma = first_vma(current, gate_vma); vma != NULL; vma = next_vma(vma, gate_vma)) { @@ -1717,7 +1739,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file) phdr.p_offset = offset; phdr.p_vaddr = vma->vm_start; phdr.p_paddr = 0; - phdr.p_filesz = maydump(vma) ? sz : 0; + phdr.p_filesz = maydump(vma, mm_flags) ? sz : 0; phdr.p_memsz = sz; offset += phdr.p_filesz; phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0; @@ -1761,7 +1783,7 @@ static int elf_core_dump(long signr, struct pt_regs *regs, struct file *file) vma = next_vma(vma, gate_vma)) { unsigned long addr; - if (!maydump(vma)) + if (!maydump(vma, mm_flags)) continue; for (addr = vma->vm_start; diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c index 9d62fbad3d4..2f5d8dbe676 100644 --- a/fs/binfmt_elf_fdpic.c +++ b/fs/binfmt_elf_fdpic.c @@ -621,8 +621,8 @@ static int create_elf_fdpic_tables(struct linux_binprm *bprm, p = (char __user *) current->mm->arg_start; for (loop = bprm->argc; loop > 0; loop--) { __put_user((elf_caddr_t) p, argv++); - len = strnlen_user(p, PAGE_SIZE * MAX_ARG_PAGES); - if (!len || len > PAGE_SIZE * MAX_ARG_PAGES) + len = strnlen_user(p, MAX_ARG_STRLEN); + if (!len || len > MAX_ARG_STRLEN) return -EINVAL; p += len; } @@ -633,8 +633,8 @@ static int create_elf_fdpic_tables(struct linux_binprm *bprm, current->mm->env_start = (unsigned long) p; for (loop = bprm->envc; loop > 0; loop--) { __put_user((elf_caddr_t)(unsigned long) p, envp++); - len = strnlen_user(p, PAGE_SIZE * MAX_ARG_PAGES); - if (!len || len > PAGE_SIZE * MAX_ARG_PAGES) + len = strnlen_user(p, MAX_ARG_STRLEN); + if (!len || len > MAX_ARG_STRLEN) return -EINVAL; p += len; } @@ -1181,8 +1181,10 @@ static int dump_seek(struct file *file, loff_t off) * * I think we should skip something. But I am not sure how. H.J. */ -static int maydump(struct vm_area_struct *vma) +static int maydump(struct vm_area_struct *vma, unsigned long mm_flags) { + int dump_ok; + /* Do not dump I/O mapped devices or special mappings */ if (vma->vm_flags & (VM_IO | VM_RESERVED)) { kdcore("%08lx: %08lx: no (IO)", vma->vm_start, vma->vm_flags); @@ -1197,27 +1199,35 @@ static int maydump(struct vm_area_struct *vma) return 0; } - /* Dump shared memory only if mapped from an anonymous file. */ + /* By default, dump shared memory if mapped from an anonymous file. */ if (vma->vm_flags & VM_SHARED) { if (vma->vm_file->f_path.dentry->d_inode->i_nlink == 0) { - kdcore("%08lx: %08lx: no (share)", vma->vm_start, vma->vm_flags); - return 1; + dump_ok = test_bit(MMF_DUMP_ANON_SHARED, &mm_flags); + kdcore("%08lx: %08lx: %s (share)", vma->vm_start, + vma->vm_flags, dump_ok ? "yes" : "no"); + return dump_ok; } - kdcore("%08lx: %08lx: no (share)", vma->vm_start, vma->vm_flags); - return 0; + dump_ok = test_bit(MMF_DUMP_MAPPED_SHARED, &mm_flags); + kdcore("%08lx: %08lx: %s (share)", vma->vm_start, + vma->vm_flags, dump_ok ? "yes" : "no"); + return dump_ok; } #ifdef CONFIG_MMU - /* If it hasn't been written to, don't write it out */ + /* By default, if it hasn't been written to, don't write it out */ if (!vma->anon_vma) { - kdcore("%08lx: %08lx: no (!anon)", vma->vm_start, vma->vm_flags); - return 0; + dump_ok = test_bit(MMF_DUMP_MAPPED_PRIVATE, &mm_flags); + kdcore("%08lx: %08lx: %s (!anon)", vma->vm_start, + vma->vm_flags, dump_ok ? "yes" : "no"); + return dump_ok; } #endif - kdcore("%08lx: %08lx: yes", vma->vm_start, vma->vm_flags); - return 1; + dump_ok = test_bit(MMF_DUMP_ANON_PRIVATE, &mm_flags); + kdcore("%08lx: %08lx: %s", vma->vm_start, vma->vm_flags, + dump_ok ? "yes" : "no"); + return dump_ok; } /* An ELF note in memory */ @@ -1456,15 +1466,15 @@ static int elf_dump_thread_status(long signr, struct elf_thread_status *t) * dump the segments for an MMU process */ #ifdef CONFIG_MMU -static int elf_fdpic_dump_segments(struct file *file, struct mm_struct *mm, - size_t *size, unsigned long *limit) +static int elf_fdpic_dump_segments(struct file *file, size_t *size, + unsigned long *limit, unsigned long mm_flags) { struct vm_area_struct *vma; for (vma = current->mm->mmap; vma; vma = vma->vm_next) { unsigned long addr; - if (!maydump(vma)) + if (!maydump(vma, mm_flags)) continue; for (addr = vma->vm_start; @@ -1511,15 +1521,15 @@ end_coredump: * dump the segments for a NOMMU process */ #ifndef CONFIG_MMU -static int elf_fdpic_dump_segments(struct file *file, struct mm_struct *mm, - size_t *size, unsigned long *limit) +static int elf_fdpic_dump_segments(struct file *file, size_t *size, + unsigned long *limit, unsigned long mm_flags) { struct vm_list_struct *vml; for (vml = current->mm->context.vmlist; vml; vml = vml->next) { struct vm_area_struct *vma = vml->vma; - if (!maydump(vma)) + if (!maydump(vma, mm_flags)) continue; if ((*size += PAGE_SIZE) > *limit) @@ -1570,6 +1580,7 @@ static int elf_fdpic_core_dump(long signr, struct pt_regs *regs, struct vm_list_struct *vml; #endif elf_addr_t *auxv; + unsigned long mm_flags; /* * We no longer stop all VM operations. @@ -1707,6 +1718,13 @@ static int elf_fdpic_core_dump(long signr, struct pt_regs *regs, /* Page-align dumped data */ dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE); + /* + * We must use the same mm->flags while dumping core to avoid + * inconsistency between the program headers and bodies, otherwise an + * unusable core file can be generated. + */ + mm_flags = current->mm->flags; + /* write program headers for segments dump */ for ( #ifdef CONFIG_MMU @@ -1728,7 +1746,7 @@ static int elf_fdpic_core_dump(long signr, struct pt_regs *regs, phdr.p_offset = offset; phdr.p_vaddr = vma->vm_start; phdr.p_paddr = 0; - phdr.p_filesz = maydump(vma) ? sz : 0; + phdr.p_filesz = maydump(vma, mm_flags) ? sz : 0; phdr.p_memsz = sz; offset += phdr.p_filesz; phdr.p_flags = vma->vm_flags & VM_READ ? PF_R : 0; @@ -1762,7 +1780,7 @@ static int elf_fdpic_core_dump(long signr, struct pt_regs *regs, DUMP_SEEK(dataoff); - if (elf_fdpic_dump_segments(file, current->mm, &size, &limit) < 0) + if (elf_fdpic_dump_segments(file, &size, &limit, mm_flags) < 0) goto end_coredump; #ifdef ELF_CORE_WRITE_EXTRA_DATA diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c index 330fd3fe854..42e94b3ab7b 100644 --- a/fs/binfmt_misc.c +++ b/fs/binfmt_misc.c @@ -126,7 +126,9 @@ static int load_misc_binary(struct linux_binprm *bprm, struct pt_regs *regs) goto _ret; if (!(fmt->flags & MISC_FMT_PRESERVE_ARGV0)) { - remove_arg_zero(bprm); + retval = remove_arg_zero(bprm); + if (retval) + goto _ret; } if (fmt->flags & MISC_FMT_OPEN_BINARY) { diff --git a/fs/binfmt_script.c b/fs/binfmt_script.c index 304c88544d8..4d0e0f6d327 100644 --- a/fs/binfmt_script.c +++ b/fs/binfmt_script.c @@ -67,7 +67,9 @@ static int load_script(struct linux_binprm *bprm,struct pt_regs *regs) * This is done in reverse order, because of how the * user environment and arguments are stored. */ - remove_arg_zero(bprm); + retval = remove_arg_zero(bprm); + if (retval) + return retval; retval = copy_strings_kernel(1, &bprm->interp, bprm); if (retval < 0) return retval; bprm->argc++; diff --git a/fs/char_dev.c b/fs/char_dev.c index 164a45cdaf5..bbbf07baa14 100644 --- a/fs/char_dev.c +++ b/fs/char_dev.c @@ -321,14 +321,13 @@ void unregister_chrdev_region(dev_t from, unsigned count) } } -int unregister_chrdev(unsigned int major, const char *name) +void unregister_chrdev(unsigned int major, const char *name) { struct char_device_struct *cd; cd = __unregister_chrdev_region(major, 0, 256); if (cd && cd->cdev) cdev_del(cd->cdev); kfree(cd); - return 0; } static DEFINE_SPINLOCK(cdev_lock); diff --git a/fs/coda/cache.c b/fs/coda/cache.c index fcb88fa8d2f..8a2370341c7 100644 --- a/fs/coda/cache.c +++ b/fs/coda/cache.c @@ -43,17 +43,12 @@ void coda_cache_enter(struct inode *inode, int mask) void coda_cache_clear_inode(struct inode *inode) { struct coda_inode_info *cii = ITOC(inode); - cii->c_cached_perm = 0; + cii->c_cached_epoch = atomic_read(&permission_epoch) - 1; } /* remove all acl caches */ void coda_cache_clear_all(struct super_block *sb) { - struct coda_sb_info *sbi; - - sbi = coda_sbp(sb); - BUG_ON(!sbi); - atomic_inc(&permission_epoch); } diff --git a/fs/coda/cnode.c b/fs/coda/cnode.c index 28c872747f8..a7a780929ee 100644 --- a/fs/coda/cnode.c +++ b/fs/coda/cnode.c @@ -55,11 +55,6 @@ static int coda_set_inode(struct inode *inode, void *data) return 0; } -static int coda_fail_inode(struct inode *inode, void *data) -{ - return -1; -} - struct inode * coda_iget(struct super_block * sb, struct CodaFid * fid, struct coda_vattr * attr) { @@ -141,7 +136,7 @@ struct inode *coda_fid_to_inode(struct CodaFid *fid, struct super_block *sb) return NULL; } - inode = iget5_locked(sb, hash, coda_test_inode, coda_fail_inode, fid); + inode = ilookup5(sb, hash, coda_test_inode, fid); if ( !inode ) return NULL; diff --git a/fs/coda/coda_int.h b/fs/coda/coda_int.h index 9e6338fea51..8ccd5ed81d9 100644 --- a/fs/coda/coda_int.h +++ b/fs/coda/coda_int.h @@ -1,12 +1,19 @@ #ifndef _CODA_INT_ #define _CODA_INT_ +struct dentry; + extern struct file_system_type coda_fs_type; +extern unsigned long coda_timeout; +extern int coda_hard; +extern int coda_fake_statfs; void coda_destroy_inodecache(void); int coda_init_inodecache(void); int coda_fsync(struct file *coda_file, struct dentry *coda_dentry, int datasync); +void coda_sysctl_init(void); +void coda_sysctl_clean(void); #endif /* _CODA_INT_ */ diff --git a/fs/coda/dir.c b/fs/coda/dir.c index 898a86dde8f..04a3dd84c99 100644 --- a/fs/coda/dir.c +++ b/fs/coda/dir.c @@ -25,7 +25,6 @@ #include <linux/coda_psdev.h> #include <linux/coda_fs_i.h> #include <linux/coda_cache.h> -#include <linux/coda_proc.h> #include "coda_int.h" @@ -43,15 +42,15 @@ static int coda_rename(struct inode *old_inode, struct dentry *old_dentry, struct inode *new_inode, struct dentry *new_dentry); /* dir file-ops */ -static int coda_readdir(struct file *file, void *dirent, filldir_t filldir); +static int coda_readdir(struct file *file, void *buf, filldir_t filldir); /* dentry ops */ static int coda_dentry_revalidate(struct dentry *de, struct nameidata *nd); static int coda_dentry_delete(struct dentry *); /* support routines */ -static int coda_venus_readdir(struct file *filp, filldir_t filldir, - void *dirent, struct dentry *dir); +static int coda_venus_readdir(struct file *coda_file, void *buf, + filldir_t filldir); /* same as fs/bad_inode.c */ static int coda_return_EIO(void) @@ -97,58 +96,45 @@ const struct file_operations coda_dir_operations = { /* access routines: lookup, readlink, permission */ static struct dentry *coda_lookup(struct inode *dir, struct dentry *entry, struct nameidata *nd) { - struct inode *res_inode = NULL; + struct inode *inode = NULL; struct CodaFid resfid = { { 0, } }; - int dropme = 0; /* to indicate entry should not be cached */ int type = 0; int error = 0; const char *name = entry->d_name.name; size_t length = entry->d_name.len; - - if ( length > CODA_MAXNAMLEN ) { - printk("name too long: lookup, %s (%*s)\n", + + if (length > CODA_MAXNAMLEN) { + printk(KERN_ERR "name too long: lookup, %s (%*s)\n", coda_i2s(dir), (int)length, name); return ERR_PTR(-ENAMETOOLONG); } + /* control object, create inode on the fly */ + if (coda_isroot(dir) && coda_iscontrol(name, length)) { + error = coda_cnode_makectl(&inode, dir->i_sb); + type = CODA_NOCACHE; + goto exit; + } + lock_kernel(); - /* control object, create inode on the fly */ - if (coda_isroot(dir) && coda_iscontrol(name, length)) { - error = coda_cnode_makectl(&res_inode, dir->i_sb); - dropme = 1; - goto exit; - } - error = venus_lookup(dir->i_sb, coda_i2f(dir), - (const char *)name, length, &type, &resfid); + error = venus_lookup(dir->i_sb, coda_i2f(dir), name, length, + &type, &resfid); + if (!error) + error = coda_cnode_make(&inode, &resfid, dir->i_sb); - res_inode = NULL; - if (!error) { - if (type & CODA_NOCACHE) { - type &= (~CODA_NOCACHE); - dropme = 1; - } + unlock_kernel(); - error = coda_cnode_make(&res_inode, &resfid, dir->i_sb); - if (error) { - unlock_kernel(); - return ERR_PTR(error); - } - } else if (error != -ENOENT) { - unlock_kernel(); + if (error && error != -ENOENT) return ERR_PTR(error); - } exit: - entry->d_time = 0; entry->d_op = &coda_dentry_operations; - d_add(entry, res_inode); - if ( dropme ) { - d_drop(entry); - coda_flag_inode(res_inode, C_VATTR); - } - unlock_kernel(); |