- 30 Nov, 2010 6 commits
-
-
Jeff Layton authored
The DFS referral parsing code does a memchr() call to find the '\\' delimiter that separates the hostname in the referral UNC from the sharename. It then uses that value to set the length of the hostname via pointer subtraction. Instead of subtracting the start of the hostname however, it subtracts the start of the UNC, which causes the code to pass in a hostname length that is 2 bytes too long. Regression introduced in commit 1a4240f4. Reported-and-Tested-by:
Robbert Kouprie <robbert@exx.nl> Signed-off-by:
Jeff Layton <jlayton@redhat.com> Cc: Wang Lei <wang840925@gmail.com> Cc: David Howells <dhowells@redhat.com> Cc: stable@kernel.org Signed-off-by:
Steve French <sfrench@us.ibm.com>
-
Suresh Jayaraman authored
Reviewed-by:
Suresh Jayaraman <sjayaraman@suse.de> Signed-off-by:
-
Suresh Jayaraman authored
Currently, if CONFIG_CIFS_FSCACHE is set, fscache is enabled on files opened as read-only irrespective of the 'fsc' mount option. Fix this by enabling fscache only if 'fsc' mount option is specified explicitly. Remove an extraneous cFYI debug message and fix a typo while at it. Reported-by:
-
Suresh Jayaraman authored
Currently, it is possible to specify 'fsc' mount option even if CONFIG_CIFS_FSCACHE has not been set. The option is being ignored silently while the user fscache functionality to work. Fix this by raising error when the CONFIG option is not set. Reported-by:
-
Shirish Pargaonkar authored
Add extended attribute name system.cifs_acl Get/generate cifs/ntfs acl blob and hand over to the invoker however it wants to parse/process it under experimental configurable option CIFS_ACL. Do not get CIFS/NTFS ACL for xattr for attribute system.posix_acl_access Signed-off-by:
Shirish Pargaonkar <shirishpargaonkar@gmail.com> Signed-off-by:
-
Shirish Pargaonkar authored
Change the name of function mode_to_acl to mode_to_cifs_acl. Handle return code in functions mode_to_cifs_acl and cifs_acl_to_fattr. Signed-off-by:
-
- 29 Nov, 2010 1 commit
-
-
Suresh Jayaraman authored
Only the callers check whether the invalid_mapping flag is set and not cifs_invalidate_mapping(). Signed-off-by:
-
- 14 Nov, 2010 1 commit
-
-
Steve French authored
linux-2.6.37-rc1: I compiled a kernel with CIFS which subsequently failed with an error indicating it couldn't initialize crypto module "hmacmd5". CONFIG_CRYPTO_HMAC=y fixed the problem. This patch makes CIFS depend on CRYPTO_HMAC in kconfig. Signed-off-by: Jody Bruchon<jody@nctritech.com> CC: Shirish Pargaonkar <shirishp@us.ibm.com> Signed-off-by:
-
- 13 Nov, 2010 1 commit
-
-
Jeff Layton authored
It's possible for initiate_cifs_search to be called on a filp that already has private_data attached. If this happens, we'll end up calling cifs_sb_tlink, taking an extra reference to the tlink and attaching that to the cifsFileInfo. This leads to refcount leaks that manifest as a "stuck" cifsd at umount time. Fix this by only looking up the tlink for the cifsFile on the filp's first pass through this function. When called on a filp that already has cifsFileInfo associated with it, just use the tlink reference that it already owns. This patch fixes samba.org bug 7792: https://bugzilla.samba.org/show_bug.cgi?id=7792Signed-off-by:
-
- 11 Nov, 2010 2 commits
-
-
Shirish Pargaonkar authored
Modify get/set_cifs_acl* calls to reutrn error code and percolate the error code up to the caller. Signed-off-by:
-
Oskar Schirmer authored
cifs_root_iget allocates full_path through cifs_build_path_to_root, but fails to kfree it upon cifs_get_inode_info* failure. Make all failure exit paths traverse clean up handling at the end of the function. Signed-off-by:
Oskar Schirmer <oskar@scara.com> Reviewed-by:
Jesper Juhl <jj@chaosbits.net> Cc: stable@kernel.org Signed-off-by:
-
- 10 Nov, 2010 1 commit
-
-
Jeff Layton authored
cfile may very well be freed after the cifsFileInfo_put. Make sure we have a valid pointer to the superblock for cifs_sb_deactive. Signed-off-by:
-
- 09 Nov, 2010 5 commits
-
-
git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: cifs: fix a memleak in cifs_setattr_nounix() cifs: make cifs_ioctl handle NULL filp->private_data correctly
-
Pekka Enberg authored
As pointed out by Linus, commit dab5855b ("perf_counter: Add mmap event hooks to mprotect()") is fundamentally wrong as mprotect_fixup() can free 'vma' due to merging. Fix the problem by moving perf_event_mmap() hook to mprotect_fixup(). Note: there's another successful return path from mprotect_fixup() if old flags equal to new flags. We don't, however, need to call perf_event_mmap() there because 'perf' already knows the VMA is executable. Reported-by:
Dave Jones <davej@redhat.com> Analyzed-by:
Linus Torvalds <torvalds@linux-foundation.org> Cc: Ingo Molnar <mingo@elte.hu> Reviewed-by:
Peter Zijlstra <a.p.zijlstra@chello.nl> Signed-off-by:
Pekka Enberg <penberg@kernel.org> Signed-off-by:
-
Suresh Jayaraman authored
Andrew Hendry reported a kmemleak warning in 2.6.37-rc1 while editing a text file with gedit over cifs. unreferenced object 0xffff88022ee08b40 (size 32): comm "gedit", pid 2524, jiffies 4300160388 (age 2633.655s) hex dump (first 32 bytes): 5c 2e 67 6f 75 74 70 75 74 73 74 72 65 61 6d 2d \.goutputstream- 35 42 41 53 4c 56 00 de 09 00 00 00 2c 26 78 ee 5BASLV......,&x. backtrace: [<ffffffff81504a4d>] kmemleak_alloc+0x2d/0x60 [<ffffffff81136e13>] __kmalloc+0xe3/0x1d0 [<ffffffffa0313db0>] build_path_from_dentry+0xf0/0x230 [cifs] [<ffffffffa031ae1e>] cifs_setattr+0x9e/0x770 [cifs] [<ffffffff8115fe90>] notify_change+0x170/0x2e0 [<ffffffff81145ceb>] sys_fchmod+0x10b/0x140 [<ffffffff8100c172>] system_call_fastpath+0x16/0x1b [<ffffffffffffffff>] 0xffffffffffffffff The commit 1025774c that removed inode_setattr() seems to have introduced this memleak by returning early without freeing 'full_path'. Reported-by:Andrew Hendry <andrew.hendry@gmail.com> Cc: Christoph Hellwig <hch@lst.de> Reviewed-by:
-
Linus Torvalds authored
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: kernel: Constify temporary variable in roundup()
-
Tetsuo Handa authored
Fix build error with GCC 3.x caused by commit b28efd54 "kernel: roundup should only reference arguments once" by constifying temporary variable used in that macro. Signed-off-by:
Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Suggested-by:
Andrew Morton <akpm@linux-foundation.org> Acked-by:
Eric Paris <eparis@redhat.com> Signed-off-by:
James Morris <jmorris@namei.org>
-
- 08 Nov, 2010 17 commits
-
-
Meelis Roos authored
Fix openpromfs compilation by adding a missing semicolon in fs/openpromfs/inode.c openprom_mount(). Signed-off-by:
Meelis Roos <mroos@linux.ee> Signed-off-by:
David S. Miller <davem@davemloft.net> Signed-off-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4Linus Torvalds authored
* 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4: ext4: Add new ext4 inode tracepoints ext4: Don't call sb_issue_discard() in ext4_free_blocks() ext4: do not try to grab the s_umount semaphore in ext4_quota_off ext4: fix potential race when freeing ext4_io_page structures ext4: handle writeback of inodes which are being freed ext4: initialize the percpu counters before replaying the journal ext4: "ret" may be used uninitialized in ext4_lazyinit_thread() ext4: fix lazyinit hang after removing request
-
Jeff Layton authored
Commit 13cfb733 made cifs_ioctl use the tlink attached to the cifsFileInfo for a filp. This ignores the case of an open directory however, which in CIFS can have a NULL private_data until a readdir is done on it. This patch re-adds the NULL pointer checks that were removed in commit 50ae28f0 and moves the setting of tcon and "caps" variables lower. Long term, a better fix would be to establish a f_op->open routine for directories that populates that field at open time, but that requires some other changes to how readdir calls are handled. Reported-by:
Kjell Rune Skaaraas <kjella79@yahoo.no> Reviewed-and-Tested-by:
-
git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty-2.6Linus Torvalds authored
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty-2.6: TTY: move .gitignore from drivers/char/ to drivers/tty/vt/ TTY: create drivers/tty/vt and move the vt code there TTY: create drivers/tty and move the tty core files there
-
Linus Torvalds authored
Merge branch 'staging-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-next-2.6 * 'staging-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging-next-2.6: Staging: ath6kl: remove empty files that mess with 'distclean' staging: ath6kl: Fixing the driver to use modified mmc_host structure Staging: solo6x10: fix build problem
-
Linus Torvalds authored
Merge branch 'rmobile-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6 * 'rmobile-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6: mmc: sh_mmcif: Convert extern inline to static inline. ARM: mach-shmobile: Allow GPIO chips to register IRQ mappings. ARM: mach-shmobile: fix sh7372 after a recent clock framework rework ARM: mach-shmobile: include drivers/sh/Kconfig ARM: mach-shmobile: ap4evb: Add HDMI sound support ARM: mach-shmobile: clock-sh7372: Add FSIDIV clock support ARM: shmobile: remove sh_timer_config clk member
-
git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6Linus Torvalds authored
* 'sh-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/lethal/sh-2.6: sh: clkfwk: Fix up checkpatch warnings. sh: make some needlessly global sh7724 clocks static sh: add clk_round_parent() to optimize parent clock rate sh: Simplify phys_addr_mask()/PTE_PHYS_MASK for 29/32-bit. sh: nommu: Support building without an uncached mapping. sh: nommu: use 32-bit phys mode. sh: mach-se: Fix up SE7206 no ioport build. sh: intc: Update for single IRQ reservation helper. sh: clkfwk: Fix up rate rounding error handling. sh: mach-se: Rip out superfluous 7751 PIO routines. sh: mach-se: Rip out superfluous 770x PIO routines. sh: mach-edosk7705: Kill off machtype, consolidate board def. sh: mach-edosk7705: update for this century, kill off PIO trapping. sh: mach-se: Rip out superfluous 7206 PIO routines. sh: mach-systemh: Kill off dead board. sh: mach-snapgear: Kill off machtype, consolidate board def. sh: mach-snapgear: Rip out superfluous PIO routines. sh: mach-microdev: SuperIO-relative ioport mapping.
-
Theodore Ts'o authored
Add ext4_evict_inode, ext4_drop_inode, ext4_mark_inode_dirty, and ext4_begin_ordered_truncate() Signed-off-by:"Theodore Ts'o" <tytso@mit.edu>
-
Theodore Ts'o authored
Commit 5c521830 (ext4: Support discard requests when running in no-journal mode) attempts to add sb_issue_discard() for data blocks (in data=writeback mode) and in no-journal mode. Unfortunately, this no longer works, because in commit dd3932ed (block: remove BLKDEV_IFL_WAIT), sb_issue_discard() only presents a synchronous interface, and there are times when we call ext4_free_blocks() when we are are holding a spinlock, or are otherwise in an atomic context. For now, I've removed the call to sb_issue_discard() to prevent a deadlock or (if spinlock debugging is enabled) failures like this: BUG: scheduling while atomic: rc.sysinit/1376/0x00000002 Pid: 1376, comm: rc.sysinit Not tainted 2.6.36-ARCH #1 Call Trace: [<ffffffff810397ce>] __schedule_bug+0x5e/0x70 [<ffffffff81403110>] schedule+0x950/0xa70 [<ffffffff81060bad>] ? insert_work+0x7d/0x90 [<ffffffff81060fbd>] ? queue_work_on+0x1d/0x30 [<ffffffff81061127>] ? queue_work+0x37/0x60 [<ffffffff8140377d>] schedule_timeout+0x21d/0x360 [<ffffffff812031c3>] ? generic_make_request+0x2c3/0x540 [<ffffffff81402680>] wait_for_common+0xc0/0x150 [<ffffffff81041490>] ? default_wake_function+0x0/0x10 [<ffffffff812034bc>] ? submit_bio+0x7c/0x100 [<ffffffff810680a0>] ? wake_bit_function+0x0/0x40 [<ffffffff814027b8>] wait_for_completion+0x18/0x20 [<ffffffff8120a969>] blkdev_issue_discard+0x1b9/0x210 [<ffffffff811ba03e>] ext4_free_blocks+0x68e/0xb60 [<ffffffff811b1650>] ? __ext4_handle_dirty_metadata+0x110/0x120 [<ffffffff811b098c>] ext4_ext_truncate+0x8cc/0xa70 [<ffffffff810d713e>] ? pagevec_lookup+0x1e/0x30 [<ffffffff81191618>] ext4_truncate+0x178/0x5d0 [<ffffffff810eacbb>] ? unmap_mapping_range+0xab/0x280 [<ffffffff810d8976>] vmtruncate+0x56/0x70 [<ffffffff811925cb>] ext4_setattr+0x14b/0x460 [<ffffffff811319e4>] notify_change+0x194/0x380 [<ffffffff81117f80>] do_truncate+0x60/0x90 [<ffffffff811e08fa>] ? security_inode_permission+0x1a/0x20 [<ffffffff811eaec1>] ? tomoyo_path_truncate+0x11/0x20 [<ffffffff81127539>] do_last+0x5d9/0x770 [<ffffffff811278bd>] do_filp_open+0x1ed/0x680 [<ffffffff8140644f>] ? page_fault+0x1f/0x30 [<ffffffff81132bfc>] ? alloc_fd+0xec/0x140 [<ffffffff81118db1>] do_sys_open+0x61/0x120 [<ffffffff81118e8b>] sys_open+0x1b/0x20 [<ffffffff81002e6b>] system_call_fastpath+0x16/0x1b https://bugzilla.kernel.org/show_bug.cgi?id=22302Reported-by:
Mathias Burén <mathias.buren@gmail.com> Signed-off-by:
-
Dmitry Monakhov authored
It's not needed to sync the filesystem, and it fixes a lock_dep complaint. Signed-off-by:
Dmitry Monakhov <dmonakhov@gmail.com> Signed-off-by:
Jan Kara <jack@suse.cz>
-
Theodore Ts'o authored
Use an atomic_t and make sure we don't free the structure while we might still be submitting I/O for that page. Signed-off-by: -
Theodore Ts'o authored
The following BUG can occur when an inode which is getting freed when it still has dirty pages outstanding, and it gets deleted (in this because it was the target of a rename). In ordered mode, we need to make sure the data pages are written just in case we crash before the rename (or unlink) is committed. If the inode is being freed then when we try to igrab the inode, we end up tripping the BUG_ON at fs/ext4/page-io.c:146. To solve this problem, we need to keep track of the number of io callbacks which are pending, and avoid destroying the inode until they have all been completed. That way we don't have to bump the inode count to keep the inode from being destroyed; an approach which doesn't work because the count could have already been dropped down to zero before the inode writeback has started (at which point we're not allowed to bump the count back up to 1, since it's already started getting freed). Thanks to Dave Chinner for suggesting this approach, which is also used by XFS. kernel BUG at /scratch_space/linux-2.6/fs/ext4/page-io.c:146! Call Trace: [<ffffffff811075b1>] ext4_bio_write_page+0x172/0x307 [<ffffffff811033a7>] mpage_da_submit_io+0x2f9/0x37b [<ffffffff811068d7>] mpage_da_map_and_submit+0x2cc/0x2e2 [<ffffffff811069b3>] mpage_add_bh_to_extent+0xc6/0xd5 [<ffffffff81106c66>] write_cache_pages_da+0x2a4/0x3ac [<ffffffff81107044>] ext4_da_writepages+0x2d6/0x44d [<ffffffff81087910>] do_writepages+0x1c/0x25 [<ffffffff810810a4>] __filemap_fdatawrite_range+0x4b/0x4d [<ffffffff810815f5>] filemap_fdatawrite_range+0xe/0x10 [<ffffffff81122a2e>] jbd2_journal_begin_ordered_truncate+0x7b/0xa2 [<ffffffff8110615d>] ext4_evict_inode+0x57/0x24c [<ffffffff810c14a3>] evict+0x22/0x92 [<ffffffff810c1a3d>] iput+0x212/0x249 [<ffffffff810bdf16>] dentry_iput+0xa1/0xb9 [<ffffffff810bdf6b>] d_kill+0x3d/0x5d [<ffffffff810be613>] dput+0x13a/0x147 [<ffffffff810b990d>] sys_renameat+0x1b5/0x258 [<ffffffff81145f71>] ? _atomic_dec_and_lock+0x2d/0x4c [<ffffffff810b2950>] ? cp_new_stat+0xde/0xea [<ffffffff810b29c1>] ? sys_newlstat+0x2d/0x38 [<ffffffff810b99c6>] sys_rename+0x16/0x18 [<ffffffff81002a2b>] system_call_fastpath+0x16/0x1b Reported-by:
Nick Bowler <nbowler@elliptictech.com> Signed-off-by:
-
Paul Mundt authored
-
Paul Mundt authored
Merge branches 'sh/pio-death', 'sh/nommu', 'sh/clkfwk', 'sh/core' and 'sh/intc-extension' into sh-fixes-for-linus
-
Paul Mundt authored
The clk_round_parent() change introduced various checkpatch warnings, tidy them up. Signed-off-by:Paul Mundt <lethal@linux-sh.org>
-
Guennadi Liakhovetski authored
These clocks are currently only used inside one .c file and are not declared in any headers, therefore having them global is useless. Signed-off-by:
Guennadi Liakhovetski <g.liakhovetski@gmx.de> Signed-off-by:
-
Guennadi Liakhovetski authored
Sometimes it is possible and reasonable to adjust the parent clock rate to improve precision of the child clock, e.g., if the child clock has no siblings. clk_round_parent() is a new addition to the SH clock-framework API, that implements such an optimization for child clocks with divisors, taking all integer values in a range. Signed-off-by:
-
- 06 Nov, 2010 6 commits
-
-
Greg Kroah-Hartman authored
These two .h files would get removed from the tree when doing make distclean It turns out they are not needed at all, so just delete them which fixes people's git trees when doing development. Reported-by:
Andi Kleen <andi@firstfloor.org> Signed-off-by:
Greg Kroah-Hartman <gregkh@suse.de>
-
Vivek Goyal authored
While scanning the floopy code due to c093ee4f ("floppy: fix use-after-free in module load failure path"), I found one more instance of trying to access disk->queue pointer after doing put_disk() on gendisk. For some reason , floppy moule still loads/unloads fine. The object is probably still around with right pointer values. o There seems to be one more instance of trying to cleanup the request queue after we have called put_disk() on associated gendisk. o This fix is more out of code inspection. Even without this fix for some reason I am able to load/unload floppy module without any issues. o Floppy module loads/unloads fine after the fix. Signed-off-by:
Vivek Goyal <vgoyal@redhat.com> Signed-off-by:
-
Greg Kroah-Hartman authored
The autogenerated files (consolemap_deftbl.c and defkeymap.c) need to be ignored by git, so move the .gitignore file that was doing it to the properly location now that the files have moved as well. Cc: Arnd Bergmann <arnd@arndb.de> Cc: Jiri Slaby <jslaby@suse.cz> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Signed-off-by: -
Linus Torvalds authored
Commit 27ae60f8 ("ipw2x00: replace "ieee80211" with "libipw" where appropriate") changed DRV_NAME to be "libipw", but didn't properly fix up the places where it was used to specify the name for the /proc/net/ directory. For backwards compatibility reasons, that directory name remained "ieee80211", but due to the DRV_NAME change, the error case printouts and the cleanup functions now used "libipw" instead. Which made it all fail badly. For example, on module unload as reported by Randy: WARNING: at fs/proc/generic.c:816 remove_proc_entry+0x156/0x35e() name 'libipw' because it's trying to unregister a /proc directory that obviously doesn't even exist. Clean it all up to use DRV_PROCNAME for the actual /proc directory name. Reported-and-tested-by:
Randy Dunlap <randy.dunlap@oracle.com> Cc: Pavel Roskin <proski@gnu.org> Cc: John W. Linville <linville@tuxdriver.com> Signed-off-by:
-
git://git.kernel.org/pub/scm/virt/kvm/kvmLinus Torvalds authored
* 'kvm-updates/2.6.37' of git://git.kernel.org/pub/scm/virt/kvm/kvm: KVM: PPC: BookE: Load the lower half of MSR KVM: PPC: BookE: fix sleep with interrupts disabled KVM: PPC: e500: Call kvm_vcpu_uninit() before kvmppc_e500_tlb_uninit(). PPC: KVM: Book E doesn't have __end_interrupts. KVM: x86: Issue smp_call_function_many with preemption disabled KVM: x86: fix information leak to userland KVM: PPC: fix information leak to userland KVM: MMU: fix rmap_remove on non present sptes KVM: Write protect memory after slot swap
-
Linus Torvalds authored
Commit 48821184 ("floppy: switch to one queue per drive instead of sharing a queue") introduced a use-after-free. We do "put_disk()" on the disk device _before_ we then clean up the queue associated with that disk. Move the put_disk() down to avoid dereferencing a free'd data structure. Cc: Jens Axboe <jaxboe@fusionio.com> Cc: Vivek Goyal <vgoyal@redhat.com> Reported-and-tested-by:
-
