From ea9a05a1330053759c02eb2c60547085140a4cbd Mon Sep 17 00:00:00 2001 From: Eric Sandeen Date: Sat, 10 Feb 2007 01:46:07 -0800 Subject: [PATCH] ext3: refuse ro to rw remount of fs with orphan inodes In the rare case where we have skipped orphan inode processing due to a readonly block device, and the block device subsequently changes back to read-write, disallow a remount,rw transition of the filesystem when we have an unprocessed orphan inodes as this would corrupt the list. Ideally we should process the orphan inode list during the remount, but that's trickier, and this plugs the hole for now. Signed-off-by: Eric Sandeen Cc: "Stephen C. Tweedie" Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/ext3/super.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'fs/ext3') diff --git a/fs/ext3/super.c b/fs/ext3/super.c index b34886734a4..5eec3eb409a 100644 --- a/fs/ext3/super.c +++ b/fs/ext3/super.c @@ -2344,6 +2344,22 @@ static int ext3_remount (struct super_block * sb, int * flags, char * data) err = -EROFS; goto restore_opts; } + + /* + * If we have an unprocessed orphan list hanging + * around from a previously readonly bdev mount, + * require a full umount/remount for now. + */ + if (es->s_last_orphan) { + printk(KERN_WARNING "EXT3-fs: %s: couldn't " + "remount RDWR because of unprocessed " + "orphan inode list. Please " + "umount/remount instead.\n", + sb->s_id); + err = -EINVAL; + goto restore_opts; + } + /* * Mounting a RDONLY partition read-write, so reread * and store the current valid flag. (It may have -- cgit v1.2.3-18-g5258 From 2e7842b887627c4319c4625d2b52fa6616fda2cd Mon Sep 17 00:00:00 2001 From: Hugh Dickins Date: Sat, 10 Feb 2007 01:46:13 -0800 Subject: [PATCH] fix umask when noACL kernel meets extN tuned for ACLs Fix insecure default behaviour reported by Tigran Aivazian: if an ext2 or ext3 or ext4 filesystem is tuned to mount with "acl", but mounted by a kernel built without ACL support, then umask was ignored when creating inodes - though root or user has umask 022, touch creates files as 0666, and mkdir creates directories as 0777. This appears to have worked right until 2.6.11, when a fix to the default mode on symlinks (always 0777) assumed VFS applies umask: which it does, unless the mount is marked for ACLs; but ext[234] set MS_POSIXACL in s_flags according to s_mount_opt set according to def_mount_opts. We could revert to the 2.6.10 ext[234]_init_acl (adding an S_ISLNK test); but other filesystems only set MS_POSIXACL when ACLs are configured. We could fix this at another level; but it seems most robust to avoid setting the s_mount_opt flag in the first place (at the expense of more ifdefs). Likewise don't set the XATTR_USER flag when built without XATTR support. Signed-off-by: Hugh Dickins Cc: Tigran Aivazian Cc: Cc: Andreas Gruenbacher Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/ext3/super.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'fs/ext3') diff --git a/fs/ext3/super.c b/fs/ext3/super.c index 5eec3eb409a..a0623a84a4b 100644 --- a/fs/ext3/super.c +++ b/fs/ext3/super.c @@ -1459,10 +1459,14 @@ static int ext3_fill_super (struct super_block *sb, void *data, int silent) set_opt(sbi->s_mount_opt, GRPID); if (def_mount_opts & EXT3_DEFM_UID16) set_opt(sbi->s_mount_opt, NO_UID32); +#ifdef CONFIG_EXT3_FS_XATTR if (def_mount_opts & EXT3_DEFM_XATTR_USER) set_opt(sbi->s_mount_opt, XATTR_USER); +#endif +#ifdef CONFIG_EXT3_FS_POSIX_ACL if (def_mount_opts & EXT3_DEFM_ACL) set_opt(sbi->s_mount_opt, POSIX_ACL); +#endif if ((def_mount_opts & EXT3_DEFM_JMODE) == EXT3_DEFM_JMODE_DATA) sbi->s_mount_opt |= EXT3_MOUNT_JOURNAL_DATA; else if ((def_mount_opts & EXT3_DEFM_JMODE) == EXT3_DEFM_JMODE_ORDERED) -- cgit v1.2.3-18-g5258 From 2988a7740dc0dd9a0cb56576e8fe1d777dff0db3 Mon Sep 17 00:00:00 2001 From: Eric Sandeen Date: Sat, 10 Feb 2007 01:46:16 -0800 Subject: [PATCH] return ENOENT from ext3_link when racing with unlink Return -ENOENT from ext[34]_link if we've raced with unlink and i_nlink is 0. Doing otherwise has the potential to corrupt the orphan inode list, because we'd wind up with an inode with a non-zero link count on the list, and it will never get properly cleaned up & removed from the orphan list before it is freed. [akpm@osdl.org: build fix] Signed-off-by: Eric Sandeen Cc: Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/ext3/namei.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'fs/ext3') diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c index 4df39c4315e..57402b5f030 100644 --- a/fs/ext3/namei.c +++ b/fs/ext3/namei.c @@ -2191,6 +2191,12 @@ static int ext3_link (struct dentry * old_dentry, if (inode->i_nlink >= EXT3_LINK_MAX) return -EMLINK; + /* + * Return -ENOENT if we've raced with unlink and i_nlink is 0. Doing + * otherwise has the potential to corrupt the orphan inode list. + */ + if (inode->i_nlink == 0) + return -ENOENT; retry: handle = ext3_journal_start(dir, EXT3_DATA_TRANS_BLOCKS(dir->i_sb) + -- cgit v1.2.3-18-g5258 From 731b9a549882c76189baafccbd068d5785ea2a82 Mon Sep 17 00:00:00 2001 From: Eric Sandeen Date: Sat, 10 Feb 2007 01:46:16 -0800 Subject: [PATCH] remove ext[34]_inc_count and _dec_count - Naming is confusing, ext3_inc_count manipulates i_nlink not i_count - handle argument passed in is not used - ext3 and ext4 already call inc_nlink and dec_nlink directly in other places Signed-off-by: Eric Sandeen Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/ext3/namei.c | 21 +++------------------ 1 file changed, 3 insertions(+), 18 deletions(-) (limited to 'fs/ext3') diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c index 57402b5f030..a8e89328e66 100644 --- a/fs/ext3/namei.c +++ b/fs/ext3/namei.c @@ -1618,21 +1618,6 @@ static int ext3_delete_entry (handle_t *handle, return -ENOENT; } -/* - * ext3_mark_inode_dirty is somewhat expensive, so unlike ext2 we - * do not perform it in these functions. We perform it at the call site, - * if it is needed. - */ -static inline void ext3_inc_count(handle_t *handle, struct inode *inode) -{ - inc_nlink(inode); -} - -static inline void ext3_dec_count(handle_t *handle, struct inode *inode) -{ - drop_nlink(inode); -} - static int ext3_add_nondir(handle_t *handle, struct dentry *dentry, struct inode *inode) { @@ -1642,7 +1627,7 @@ static int ext3_add_nondir(handle_t *handle, d_instantiate(dentry, inode); return 0; } - ext3_dec_count(handle, inode); + drop_nlink(inode); iput(inode); return err; } @@ -2163,7 +2148,7 @@ retry: err = __page_symlink(inode, symname, l, mapping_gfp_mask(inode->i_mapping) & ~__GFP_FS); if (err) { - ext3_dec_count(handle, inode); + drop_nlink(inode); ext3_mark_inode_dirty(handle, inode); iput (inode); goto out_stop; @@ -2208,7 +2193,7 @@ retry: handle->h_sync = 1; inode->i_ctime = CURRENT_TIME_SEC; - ext3_inc_count(handle, inode); + inc_nlink(inode); atomic_inc(&inode->i_count); err = ext3_add_nondir(handle, dentry, inode); -- cgit v1.2.3-18-g5258 From 3e4fdaf8aebe489e8e59826fdf78cb64356d2ad0 Mon Sep 17 00:00:00 2001 From: Dmitriy Monakhov Date: Sat, 10 Feb 2007 01:46:35 -0800 Subject: [PATCH] jbd layer function called instead of fs specific one jbd function called instead of fs specific one. Signed-off-by: Dmitriy Monakhov Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/ext3/inode.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'fs/ext3') diff --git a/fs/ext3/inode.c b/fs/ext3/inode.c index beaf25f5112..8a824f4ce5c 100644 --- a/fs/ext3/inode.c +++ b/fs/ext3/inode.c @@ -947,7 +947,7 @@ out: static int ext3_get_block(struct inode *inode, sector_t iblock, struct buffer_head *bh_result, int create) { - handle_t *handle = journal_current_handle(); + handle_t *handle = ext3_journal_current_handle(); int ret = 0; unsigned max_blocks = bh_result->b_size >> inode->i_blkbits; @@ -1717,7 +1717,7 @@ static ssize_t ext3_direct_IO(int rw, struct kiocb *iocb, /* * Reacquire the handle: ext3_get_block() can restart the transaction */ - handle = journal_current_handle(); + handle = ext3_journal_current_handle(); out_stop: if (handle) { -- cgit v1.2.3-18-g5258 From 754661f143e70d66eae6c48532ca245aa05dec0e Mon Sep 17 00:00:00 2001 From: Arjan van de Ven Date: Mon, 12 Feb 2007 00:55:38 -0800 Subject: [PATCH] mark struct inode_operations const 1 Many struct inode_operations in the kernel can be "const". Marking them const moves these to the .rodata section, which avoids false sharing with potential dirty data. In addition it'll catch accidental writes at compile time to these shared resources. Signed-off-by: Arjan van de Ven Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/ext3/file.c | 2 +- fs/ext3/namei.c | 4 ++-- fs/ext3/symlink.c | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) (limited to 'fs/ext3') diff --git a/fs/ext3/file.c b/fs/ext3/file.c index 881f6365c41..1e6f1386453 100644 --- a/fs/ext3/file.c +++ b/fs/ext3/file.c @@ -125,7 +125,7 @@ const struct file_operations ext3_file_operations = { .splice_write = generic_file_splice_write, }; -struct inode_operations ext3_file_inode_operations = { +const struct inode_operations ext3_file_inode_operations = { .truncate = ext3_truncate, .setattr = ext3_setattr, #ifdef CONFIG_EXT3_FS_XATTR diff --git a/fs/ext3/namei.c b/fs/ext3/namei.c index a8e89328e66..49159f13cc1 100644 --- a/fs/ext3/namei.c +++ b/fs/ext3/namei.c @@ -2365,7 +2365,7 @@ end_rename: /* * directories can handle most operations... */ -struct inode_operations ext3_dir_inode_operations = { +const struct inode_operations ext3_dir_inode_operations = { .create = ext3_create, .lookup = ext3_lookup, .link = ext3_link, @@ -2385,7 +2385,7 @@ struct inode_operations ext3_dir_inode_operations = { .permission = ext3_permission, }; -struct inode_operations ext3_special_inode_operations = { +const struct inode_operations ext3_special_inode_operations = { .setattr = ext3_setattr, #ifdef CONFIG_EXT3_FS_XATTR .setxattr = generic_setxattr, diff --git a/fs/ext3/symlink.c b/fs/ext3/symlink.c index 4f79122cde6..ff7b4ccd898 100644 --- a/fs/ext3/symlink.c +++ b/fs/ext3/symlink.c @@ -30,7 +30,7 @@ static void * ext3_follow_link(struct dentry *dentry, struct nameidata *nd) return NULL; } -struct inode_operations ext3_symlink_inode_operations = { +const struct inode_operations ext3_symlink_inode_operations = { .readlink = generic_readlink, .follow_link = page_follow_link_light, .put_link = page_put_link, @@ -42,7 +42,7 @@ struct inode_operations ext3_symlink_inode_operations = { #endif }; -struct inode_operations ext3_fast_symlink_inode_operations = { +const struct inode_operations ext3_fast_symlink_inode_operations = { .readlink = generic_readlink, .follow_link = ext3_follow_link, #ifdef CONFIG_EXT3_FS_XATTR -- cgit v1.2.3-18-g5258 From ee9b6d61a2a43c5952eb43283f8db284a4e70b8a Mon Sep 17 00:00:00 2001 From: Josef 'Jeff' Sipek Date: Mon, 12 Feb 2007 00:55:41 -0800 Subject: [PATCH] Mark struct super_operations const This patch is inspired by Arjan's "Patch series to mark struct file_operations and struct inode_operations const". Compile tested with gcc & sparse. Signed-off-by: Josef 'Jeff' Sipek Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/ext3/super.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'fs/ext3') diff --git a/fs/ext3/super.c b/fs/ext3/super.c index a0623a84a4b..4a4fcd6868c 100644 --- a/fs/ext3/super.c +++ b/fs/ext3/super.c @@ -639,7 +639,7 @@ static struct quotactl_ops ext3_qctl_operations = { }; #endif -static struct super_operations ext3_sops = { +static const struct super_operations ext3_sops = { .alloc_inode = ext3_alloc_inode, .destroy_inode = ext3_destroy_inode, .read_inode = ext3_read_inode, -- cgit v1.2.3-18-g5258