1. 27 Jul, 2008 10 commits
    • Al Viro's avatar
      [PATCH] sanitize ->permission() prototype · e6305c43
      Al Viro authored
      * kill nameidata * argument; map the 3 bits in ->flags anybody cares
        about to new MAY_... ones and pass with the mask.
      * kill redundant gfs2_iop_permission()
      * sanitize ecryptfs_permission()
      * fix remaining places where ->permission() instances might barf on new
        MAY_... found in mask.
      
      The obvious next target in that direction is permission(9)
      
      folded fix for nfs_permission() breakage from Miklos Szeredi <mszeredi@suse.cz>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      e6305c43
    • Miklos Szeredi's avatar
      [patch 05/14] hpfs: dont call permission() · 1bd5191d
      Miklos Szeredi authored
      hpfs_unlink() calls permission() prior to truncating the file.  HPFS
      doesn't define a .permission method, so replace with explicit call to
      generic_permission().
      
      This is equivalent, except that devcgroup_inode_permission() and
      security_inode_permission() are not called.
      
      The truncation is just an implementation detail of the unlink, so
      these security checks are unnecessary.
      
      I suspect that even calling generic_permission() is unnecessary, since
      we shouldn't mind if the file isn't writable.  But I leave that to the
      maintainer to decide.
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@suse.cz>
      CC: Mikulas Patocka <mikulas@artax.karlin.mff.cuni.cz>
      1bd5191d
    • Al Viro's avatar
      [PATCH] sanitize proc_sysctl · 9043476f
      Al Viro authored
      * keep references to ctl_table_head and ctl_table in /proc/sys inodes
      * grab the former during operations, use the latter for access to
        entry if that succeeds
      * have ->d_compare() check if table should be seen for one who does lookup;
        that allows us to avoid flipping inodes - if we have the same name resolve
        to different things, we'll just keep several dentries and ->d_compare()
        will reject the wrong ones.
      * have ->lookup() and ->readdir() scan the table of our inode first, then
        walk all ctl_table_header and scan ->attached_by for those that are
        attached to our directory.
      * implement ->getattr().
      * get rid of insane amounts of tree-walking
      * get rid of the need to know dentry in ->permission() and of the contortions
        induced by that.
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      9043476f
    • Al Viro's avatar
      [PATCH] sysctl: keep track of tree relationships · ae7edecc
      Al Viro authored
      In a sense, that's the heart of the series.  It's based on the following
      property of the trees we are actually asked to add: they can be split into
      stem that is already covered by registered trees and crown that is entirely
      new.  IOW, if a/b and a/c/d are introduced by our tree, then a/c is also
      introduced by it.
      
      That allows to associate tree and table entry with each node in the union;
      while directory nodes might be covered by many trees, only one will cover
      the node by its crown.  And that will allow much saner logics for /proc/sys
      in the next patches.  This patch introduces the data structures needed to
      keep track of that.
      
      When adding a sysctl table, we find a "parent" one.  Which is to say,
      find the deepest node on its stem that already is present in one of the
      tables from our table set or its ancestor sets.  That table will be our
      parent and that node in it - attachment point.  Add our table to list
      anchored in parent, have it refer the parent and contents of attachment
      point.  Also remember where its crown lives.
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      ae7edecc
    • Al Viro's avatar
      [PATCH] sysctl: make sure that /proc/sys/net/ipv4 appears before per-ns ones · bd7b1533
      Al Viro authored
      Massage ipv4 initialization - make sure that net.ipv4 appears as
      non-per-net-namespace before it shows up in per-net-namespace sysctls.
      That's the only change outside of sysctl.c needed to get sane ordering
      rules and data structures for sysctls (esp. for procfs side of that
      mess).
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      bd7b1533
    • Al Viro's avatar
      [PATCH] allow delayed freeing of ctl_table_header · f7e6ced4
      Al Viro authored
      Refcount the sucker; instead of freeing it by the end of unregistration
      just drop the refcount and free only when it hits zero.  Make sure that
      we _always_ make ->unregistering non-NULL in start_unregistering().
      
      That allows anybody to get a reference to such puppy, preventing its
      freeing and reuse.  It does *not* block unregistration.  Anybody who
      holds such a reference can
      	* try to grab a "use" reference (ctl_head_grab()); that will
      succeeds if and only if it hadn't entered unregistration yet.  If it
      succeeds, we can use it in all normal ways until we release the "use"
      reference (with ctl_head_finish()).  Note that this relies on having
      ->unregistering become non-NULL in all cases when one starts to unregister
      the sucker.
      	* keep pointers to ctl_table entries; they *can* be freed if
      the entire thing is unregistered.  However, if ctl_head_grab() succeeds,
      we know that unregistration had not happened (and will not happen until
      ctl_head_finish()) and such pointers can be used safely.
      
      IOW, now we can have inodes under /proc/sys keep references to ctl_table
      entries, protecting them with references to ctl_table_header and
      grabbing the latter for the duration of operations that require access
      to ctl_table.  That won't cause deadlocks, since unregistration will not
      be stopped by mere keeping a reference to ctl_table_header.
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      f7e6ced4
    • Al Viro's avatar
      [PATCH] beginning of sysctl cleanup - ctl_table_set · 73455092
      Al Viro authored
      New object: set of sysctls [currently - root and per-net-ns].
      Contains: pointer to parent set, list of tables and "should I see this set?"
      method (->is_seen(set)).
      Current lists of tables are subsumed by that; net-ns contains such a beast.
      ->lookup() for ctl_table_root returns pointer to ctl_table_set instead of
      that to ->list of that ctl_table_set.
      
      [folded compile fixes by rdd for configs without sysctl]
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      73455092
    • Miklos Szeredi's avatar
      [patch] hppfs: remove hppfs_permission · 7ac6cd65
      Miklos Szeredi authored
      hppfs_permission() is equivalent to the '.permission == NULL' case.
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@suse.cz>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      7ac6cd65
    • Denys Vlasenko's avatar
      [PATCH] reuse xxx_fifo_fops for xxx_pipe_fops · d2d9648e
      Denys Vlasenko authored
      Merge fifo and pipe file_operations.
      Signed-off-by: default avatarDenys Vlasenko <vda.linux@googlemail.com>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      d2d9648e
    • Miklos Szeredi's avatar
      [patch] vfs: fix lookup on deleted directory · d70b67c8
      Miklos Szeredi authored
      Lookup can install a child dentry for a deleted directory.  This keeps
      the directory dentry alive, and the inode pinned in the cache and on
      disk, even after all external references have gone away.
      
      This isn't a big problem normally, since memory pressure or umount
      will clear out the directory dentry and its children, releasing the
      inode.  But for UBIFS this causes problems because its orphan area can
      overflow.
      
      Fix this by returning ENOENT for all lookups on a S_DEAD directory
      before creating a child dentry.
      
      Thanks to Zoltan Sogor for noticing this while testing UBIFS, and
      Artem for the excellent analysis of the problem and testing.
      Reported-by: default avatarArtem Bityutskiy <Artem.Bityutskiy@nokia.com>
      Tested-by: default avatarArtem Bityutskiy <Artem.Bityutskiy@nokia.com>
      Signed-off-by: default avatarMiklos Szeredi <mszeredi@suse.cz>
      Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
      d70b67c8
  2. 26 Jul, 2008 30 commits