Commit graph

1334 commits

Author SHA1 Message Date
David Gibson
86e07ce71a [PATCH] Fix error handling with put_compat_statfs()
In fs/compat.c, whenever put_compat_statfs() returns an error, the
containing syscall returns -EFAULT.  This is presumably by analogy with the
non-compat case, where any non-zero code from copy_to_user() should be
translated into an EFAULT.  However, put_compat_statfs() is also return
-EOVERFLOW.  The same applies for put_compat_statfs64().

This bug can be observed with a statfs() on a hugetlbfs directory.
hugetlbfs, when mounted without limits reports available, free and total
blocks as -1 (itself a bug, another patch coming).  statfs() will
mysteriously return EFAULT although it's parameters are perfectly valid
addresses.

This patch causes the compat versions of statfs() and statfs64() to
correctly propogate the return values from put_compat_statfs() and
put_compat_statfs64().

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-22 09:13:43 -08:00
Linus Torvalds
1a324727ca Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2005-11-21 10:46:34 -08:00
Alexandra Kossovsky
4909724b5d [COMPAT] net: SIOCGIFCONF data corruption
From: Alexandra Kossovsky <Alexandra.Kossovsky@oktetlabs.ru>

From http://bugzilla.kernel.org/show_bug.cgi?id=4746

There is user data corruption when using ioctl(SIOCGIFCONF) in 32-bit
application running amd64 kernel. I do not think that this problem is
exploitable, but any data corruption may lead to security problems.
Following code demonstrates the problem

#include <stdint.h>
#include <stdio.h>
#include <sys/time.h>
#include <sys/socket.h>
#include <net/if.h>
#include <sys/ioctl.h>

char buf[256];

main()
{
	int s = socket(AF_INET, SOCK_DGRAM, 0);
	struct ifconf req;
	int i;

	req.ifc_buf = buf;
	req.ifc_len = 41;

	printf("Result %d\n", ioctl(s, SIOCGIFCONF, &req));
	printf("Len %d\n", req.ifc_len);
	for (i = 41; i < 256; i++)
		if (buf[i] != 0)
			printf("Byte %d is corrupted\n", i);
}
	
Steps to reproduce:
Compile the code above into 32-bit elf and run it. You'll get
Result 0
Len 32
Byte 48 is corrupted
Byte 52 is corrupted
Byte 53 is corrupted
Byte 54 is corrupted
Byte 55 is corrupted

Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2005-11-20 13:41:59 -08:00
Andi Kleen
9e18fcdd34 [PATCH] Remove compat ioctl semaphore
Originally for 2.6.16, but the semaphore causes problems for some
people so get rid of it now.

It's not needed anymore because the ioctl hash table is never changed
at run time now.

Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-20 11:52:59 -08:00
Steve French
1e6b39fbb6 Merge with /pub/scm/linux/kernel/git/torvalds/linux-2.6.git 2005-11-19 21:05:42 -08:00
Steve French
cdbce9c87e [CIFS] Fix setattr of mode only (e.g. in some chmod cases) to Windows
so it does not return EACCESS (unless server really returns that).

Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-19 21:04:52 -08:00
Steve French
86c96b4bb7 [CIFS] Fix mknod of block and chardev over SFU mounts
Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-18 20:25:31 -08:00
David S. Miller
bcb6ad1f5a [COMPAT]: EXT3_IOC_SETVERSION is _IOW() not _IOR().
Noticed by Helge Deller.

Signed-off-by: David S. Miller <davem@davemloft.net>
2005-11-18 14:50:20 -08:00
Steve French
c119b87d59 [CIFS] Missing part of previous patch
Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-18 12:27:27 -08:00
Steve French
3020a1f58c [CIFS] Fix scheduling while atomic when pending writes at file close time
Fix the case in which readdir reset file type when SFU mount option
specified.

Also fix sfu related functions to not request EAs (xattrs) when not
configured in Kconfig

Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-18 11:31:10 -08:00
Steve French
87c89dd733 [CIFS] Vectored and async i/o turned on and correct the
writev and aio_write to flush properly.

This is Christoph's patch merged with the new nobrl file operations

Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>

From: Christoph Hellwig <hch@lst.de>

 - support vectored and async aio ops unconditionally - this is above
   the pagecache and transparent to the fs
 - remove cifs_read_wrapper.  it was only doing silly checks and
   calling generic_file_write in all cases.
 - use do_sync_read/do_sync_write as read/write operations.  They call
   ->readv/->writev which we now always implemente.
 - add the filemap_fdatawrite calls to writev/aio_write which were
   missing previously compared to plain write.  no idea what the point
   behind them is, but let's be consistent at least..

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Steven French <sfrench@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
2005-11-17 17:03:00 -08:00
Steve French
9e294f1c4d [CIFS] Recognize properly symlinks and char/blk devices (not just
FIFOs) created by SFU (part 2 of 2).

    Thanks to Martin Koeppe for useful analysis.

    Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-17 16:59:21 -08:00
David S. Miller
d5ea655376 [COMPAT]: Add ext3 ioctl translations.
So things like on-line resizing et al. work.

Based almost entirely upon a patch by Guido Gnther <agx@sigxcpu.org>

Signed-off-by: David S. Miller <davem@davemloft.net>
2005-11-17 15:04:34 -08:00
Steve French
0f2b27c438 [CIFS] Fix sparse warnings on smb bcc (byte count)
Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-16 14:25:50 -08:00
David S. Miller
6e87abd0b8 [DVB]: Add compat ioctl handling.
Based upon a patch by Guido Guenther <agx@sigxcpu.org>.

Some of these ioctls had embedded time_t objects
or pointers, so needed translation.

Signed-off-by: David S. Miller <davem@davemloft.net>
2005-11-16 00:52:57 -08:00
Steve French
ff7feac963 [CIFS] Fix endian errors (setfacl/getfacl failures) in handling ACLs
(and a ppc64 compiler warning)

Signed-off-by: Dave Kleikamp <shaggy@austin.ibm.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-15 16:45:16 -08:00
Steve French
d6e2f2a4c8 [CIFS] Recognize properly symlinks and char/blk devices (not just FIFOs)
created by SFU (part 1 of 2).

Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-15 16:43:39 -08:00
Steve French
7b0a65f992 Merge with /pub/scm/linux/kernel/git/torvalds/linux-2.6.git 2005-11-13 20:28:58 -08:00
Johann Lombardi
ec63f22dc3 [PATCH] ext2: remove duplicate newlines in ext2_fill_super
ext2_warning() already adds a newline.

Signed-off-by: Johann Lombardi <johann.lombardi@bull.net>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-13 18:14:17 -08:00
Zach Brown
d00689af6b [PATCH] aio: replace locking comments with assert_spin_locked()
aio: replace locking comments with assert_spin_locked()

Signed-off-by: Zach Brown <zach.brown@oracle.com>
Acked-by: Benjamin LaHaise <bcrl@kvack.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-13 18:14:16 -08:00
Zach Brown
20dcae3243 [PATCH] aio: remove kioctx from mm_struct
Sync iocbs have a life cycle that don't need a kioctx.  Their retrying, if
any, is done in the context of their owner who has allocated them on the
stack.

The sole user of a sync iocb's ctx reference was aio_complete() checking for
an elevated iocb ref count that could never happen.  No path which grabs an
iocb ref has access to sync iocbs.

If we were to implement sync iocb cancelation it would be done by the owner of
the iocb using its on-stack reference.

Removing this chunk from aio_complete allows us to remove the entire kioctx
instance from mm_struct, reducing its size by a third.  On a i386 testing box
the slab size went from 768 to 504 bytes and from 5 to 8 per page.

Signed-off-by: Zach Brown <zach.brown@oracle.com>
Acked-by: Benjamin LaHaise <bcrl@kvack.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-13 18:14:16 -08:00
Luiz Fernando Capitulino
0f5c79f292 [PATCH] Fix sparse warning in proc/task_mmu.c
fs/proc/task_mmu.c:198:33: warning: Using plain integer as NULL pointer

Signed-off-by: Luiz Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-13 18:14:15 -08:00
Denis Lunev
ab4eb43ce7 [PATCH] ext3: journal handling on error path in ext3_journalled_writepage()
This patch fixes lost referrence on ext3 current handle in
ext3_journalled_writepage().

Signed-Off-By: Denis Lunev <den@sw.ru>
Cc: Kirill Korotaev <dev@sw.ru>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-13 18:14:15 -08:00
Linus Torvalds
41866a56cc Merge master.kernel.org:/pub/scm/linux/kernel/git/tglx/mtd-2.6 2005-11-13 12:30:14 -08:00
Thomas Gleixner
5b9d1f19a7 [JFFS2] Remove broken and useless debug code
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
2005-11-13 19:33:24 +01:00
Chris Wright
f3a9388e4e [PATCH] VFS: local denial-of-service with file leases
Remove time_out_leases() printk that's easily triggered by users.

 Signed-off-by: Chris Wright <chrisw@osdl.org>
 Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2005-11-13 12:29:58 -05:00
J. Bruce Fields
dc15ae14e9 [PATCH] VFS: Fix memory leak with file leases
The patch
 http://linux.bkbits.net:8080/linux-2.6/diffs/fs/locks.c@1.70??nav=index.html
 introduced a pretty nasty memory leak in the lease code. When freeing
 the lease, the code in locks_delete_lock() will correctly clean up
 the fasync queue, but when we return to fcntl_setlease(), the freed
 fasync entry will be reinstated.

 This patch ensures that we skip the call to fasync_helper() when we're
 freeing up the lease.

 Signed-off-by: J. Bruce Fields <bfields@fieldses.org>
 Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
2005-11-13 12:29:54 -05:00
Steve French
1b98a8221e Merge with /pub/scm/linux/kernel/git/torvalds/linux-2.6.git 2005-11-12 19:53:33 -08:00
Linus Torvalds
63f45b8094 Merge git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivial 2005-11-11 16:29:22 -08:00
Steve French
e89dc92096 [CIFS] Cleanup sparse warnings for unicode little endian casts
Following Shaggy's suggestion, do a better job on the unicode string
handling routines in cifs in specifying that the wchar_t are really
little endian widechars (__le16).

Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-11 15:18:19 -08:00
Steve French
8b94bcb923 [CIFS] Fix CIFS "nobrl" mount option so does not disable sending brl requests
for all mounts just that particular mount.

Found by Arjan Vand de Ven

Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-11 11:41:00 -08:00
Steve French
1b397f4f1c [CIFS] Fix spaces in cifs kconfig entry
Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-10 19:36:39 -08:00
Steve French
69114089b7 [CIFS] Reduce sparse endian warnings
Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-10 19:28:44 -08:00
Steve French
3c50c61826 [CIFS] Update CIFS change log
Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-10 17:31:33 -08:00
Steve French
a2653ebab3 [CIFS] Reserve upcall IDX value for CIFS with connector header and add
Kconfig option for CIFS upcall.

Signed-off-by: Steve French <sfrench@us.ibm.com>
2005-11-10 15:33:38 -08:00
Steve French
7b7abfe3dd 2005-11-09 15:21:09 -08:00
Steve French
e82b3aec8d Merge with /pub/scm/linux/kernel/git/torvalds/linux-2.6.git 2005-11-09 14:33:22 -08:00
Linus Torvalds
ad8f76be48 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/shaggy/jfs-2.6 2005-11-09 13:47:34 -08:00
Adrian Bunk
8d3d81cf02 [PATCH] fs/hugetlbfs/inode.c: make a function static
This patch makes a needlessly global function static.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Acked-by: William Irwin <wli@holomorphy.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:56:41 -08:00
Adrian Bunk
0ce6e62bd6 [PATCH] fs/namei.c: make path_lookup_create() static
This patch makes the needlessly global function path_lookup_create()
static.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Acked-by: Trond Myklebust <trond.myklebust@fys.uio.no>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:56:40 -08:00
Arnd Bergmann
c7f82d9c49 [PATCH] fbdev: move ioctl32 code to fbmem.c
The frame buffer layer already had some code dealing with compat ioctls, this
patch moves over the remaining code from fs/compat_ioctl.c

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Antonino Daplas <adaplas@pol.net>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:56:36 -08:00
Christoph Hellwig
7a81e31686 [PATCH] re-add TIOCSTART and TIOCSTOP compat_ioctl handlers
We don't implement these ioctls, but some architectures define them in the
headers.  Bash picks them up and issues them frequently.  Add compat_ioctl
handlers to silence warnings about unhandled copat ioctls.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:56:00 -08:00
Christoph Hellwig
49705b7743 [PATCH] sanitize lookup_hash prototype
->permission and ->lookup have a struct nameidata * argument these days to
pass down lookup intents.  Unfortunately some callers of lookup_hash don't
actually pass this one down.  For lookup_one_len() we don't have a struct
nameidata to pass down, but as this function is a library function only
used by filesystem code this is an acceptable limitation.  All other
callers should pass down the nameidata, so this patch changes the
lookup_hash interface to only take a struct nameidata argument and derives
the other two arguments to __lookup_hash from it.  All callers already have
the nameidata argument available so this is not a problem.

At the same time I'd like to deprecate the lookup_hash interface as there
are better exported interfaces for filesystem usage.  Before it can
actually be removed I need to fix up rpc_pipefs.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Cc: Ram Pai <linuxram@us.ibm.com>
Cc: Jeff Mahoney <jeffm@suse.com>
Cc: Al Viro <viro@ftp.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:56:00 -08:00
Christoph Hellwig
8c744fb83d [PATCH] add a file_permission helper
A few more callers of permission() just want to check for a different access
pattern on an already open file.  This patch adds a wrapper for permission()
that takes a file in preparation of per-mount read-only support and to clean
up the callers a little.  The helper is not intended for new code, everything
without the interface set in stone should use vfs_permission()

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:55:59 -08:00
Christoph Hellwig
e4543eddfd [PATCH] add a vfs_permission helper
Most permission() calls have a struct nameidata * available.  This helper
takes that as an argument and thus makes sure we pass it down for lookup
intents and prepares for per-mount read-only support where we need a struct
vfsmount for checking whether a file is writeable.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:55:58 -08:00
Adrian Bunk
55e64b3003 [PATCH] ext2: remove the ancient CHANGES file
This patch removes an ancient changelog file.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:55:58 -08:00
Adrian Bunk
2860b733f1 [PATCH] remove CONFIG_EXT{2,3}_CHECK
The CONFIG_EXT{2,3}_CHECK options where were never available, and all they
did was to implement a subset of e2fsck in the kernel.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:55:58 -08:00
Jan Kara
0ad74ffa90 [PATCH] Fix return value in reiserfs allocator
Make reiserfs correctly return EDQUOT when the allocation failed due to
quotas (so far we just returned ENOSPC).

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:55:58 -08:00
Christoph Hellwig
41a34a4fe1 [PATCH] fat: respect silent mount flag
Pass down the silent flag to parse_options().  Without this fat gives
warnings when mounting some non-fat rootfs with options.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Acked-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:55:58 -08:00
Christoph Hellwig
33096b1e73 [PATCH] hpfs: remove spurious mtime update
Remove mtime update in hpfs_file_write, it's done in generic_file_write
already.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2005-11-09 07:55:57 -08:00