Commit 7ed7fe5e authored by Linus Torvalds's avatar Linus Torvalds

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6:
  [PATCH] get stack footprint of pathname resolution back to relative sanity
  [PATCH] double iput() on failure exit in hugetlb
  [PATCH] double dput() on failure exit in tiny-shmem
  [PATCH] fix up new filp allocators
  [PATCH] check for null vfsmount in dentry_open()
  [PATCH] reiserfs: eliminate private use of struct file in xattr
  [PATCH] sanitize hppfs
  hppfs pass vfsmount to dentry_open()
  [PATCH] restore export of do_kern_mount()
parents a4083c92 a02f76c3
......@@ -81,13 +81,10 @@ int anon_inode_getfd(int *pfd, struct inode **pinode, struct file **pfile,
if (IS_ERR(anon_inode_inode))
return -ENODEV;
file = get_empty_filp();
if (!file)
return -ENFILE;
error = get_unused_fd();
if (error < 0)
goto err_put_filp;
return error;
fd = error;
/*
......@@ -114,14 +111,15 @@ int anon_inode_getfd(int *pfd, struct inode **pinode, struct file **pfile,
dentry->d_flags &= ~DCACHE_UNHASHED;
d_instantiate(dentry, anon_inode_inode);
file->f_path.mnt = mntget(anon_inode_mnt);
file->f_path.dentry = dentry;
error = -ENFILE;
file = alloc_file(anon_inode_mnt, dentry,
FMODE_READ | FMODE_WRITE, fops);
if (!file)
goto err_dput;
file->f_mapping = anon_inode_inode->i_mapping;
file->f_pos = 0;
file->f_flags = O_RDWR;
file->f_op = fops;
file->f_mode = FMODE_READ | FMODE_WRITE;
file->f_version = 0;
file->private_data = priv;
......@@ -132,10 +130,10 @@ int anon_inode_getfd(int *pfd, struct inode **pinode, struct file **pfile,
*pfile = file;
return 0;
err_dput:
dput(dentry);
err_put_unused_fd:
put_unused_fd(fd);
err_put_filp:
put_filp(file);
return error;
}
EXPORT_SYMBOL_GPL(anon_inode_getfd);
......
......@@ -83,6 +83,12 @@ int proc_nr_files(ctl_table *table, int write, struct file *filp,
/* Find an unused file structure and return a pointer to it.
* Returns NULL, if there are no more free file structures or
* we run out of memory.
*
* Be very careful using this. You are responsible for
* getting write access to any mount that you might assign
* to this filp, if it is opened for write. If this is not
* done, you will imbalance int the mount's writer count
* and a warning at __fput() time.
*/
struct file *get_empty_filp(void)
{
......
This diff is collapsed.
......@@ -954,7 +954,7 @@ struct file *hugetlb_file_setup(const char *name, size_t size)
FMODE_WRITE | FMODE_READ,
&hugetlbfs_file_operations);
if (!file)
goto out_inode;
goto out_dentry; /* inode is already attached */
return file;
......
......@@ -106,7 +106,7 @@
* any extra contention...
*/
static int link_path_walk(const char *name, struct nameidata *nd);
static int __link_path_walk(const char *name, struct nameidata *nd);
/* In order to reduce some races, while at the same time doing additional
* checking and hopefully speeding things up, we copy filenames to the
......@@ -563,6 +563,37 @@ walk_init_root(const char *name, struct nameidata *nd)
return 1;
}
/*
* Wrapper to retry pathname resolution whenever the underlying
* file system returns an ESTALE.
*
* Retry the whole path once, forcing real lookup requests
* instead of relying on the dcache.
*/
static __always_inline int link_path_walk(const char *name, struct nameidata *nd)
{
struct path save = nd->path;
int result;
/* make sure the stuff we saved doesn't go away */
dget(save.dentry);
mntget(save.mnt);
result = __link_path_walk(name, nd);
if (result == -ESTALE) {
/* nd->path had been dropped */
nd->path = save;
dget(nd->path.dentry);
mntget(nd->path.mnt);
nd->flags |= LOOKUP_REVAL;
result = __link_path_walk(name, nd);
}
path_put(&save);
return result;
}
static __always_inline int __vfs_follow_link(struct nameidata *nd, const char *link)
{
int res = 0;
......@@ -1020,36 +1051,6 @@ static int __link_path_walk(const char *name, struct nameidata *nd)
return err;
}
/*
* Wrapper to retry pathname resolution whenever the underlying
* file system returns an ESTALE.
*
* Retry the whole path once, forcing real lookup requests
* instead of relying on the dcache.
*/
static int link_path_walk(const char *name, struct nameidata *nd)
{
struct nameidata save = *nd;
int result;
/* make sure the stuff we saved doesn't go away */
dget(save.path.dentry);
mntget(save.path.mnt);
result = __link_path_walk(name, nd);
if (result == -ESTALE) {
*nd = save;
dget(nd->path.dentry);
mntget(nd->path.mnt);
nd->flags |= LOOKUP_REVAL;
result = __link_path_walk(name, nd);
}
path_put(&save.path);
return result;
}
static int path_walk(const char *name, struct nameidata *nd)
{
current->total_link_count = 0;
......
......@@ -903,6 +903,18 @@ struct file *dentry_open(struct dentry *dentry, struct vfsmount *mnt, int flags)
int error;
struct file *f;
/*
* We must always pass in a valid mount pointer. Historically
* callers got away with not passing it, but we must enforce this at
* the earliest possible point now to avoid strange problems deep in the
* filesystem stack.
*/
if (!mnt) {
printk(KERN_WARNING "%s called with NULL vfsmount\n", __func__);
dump_stack();
return ERR_PTR(-EINVAL);
}
error = -ENFILE;
f = get_empty_filp();
if (f == NULL) {
......
......@@ -957,13 +957,10 @@ struct file *create_write_pipe(void)
struct dentry *dentry;
struct qstr name = { .name = "" };
f = get_empty_filp();
if (!f)
return ERR_PTR(-ENFILE);
err = -ENFILE;
inode = get_pipe_inode();
if (!inode)
goto err_file;
goto err;
err = -ENOMEM;
dentry = d_alloc(pipe_mnt->mnt_sb->s_root, &name);
......@@ -978,22 +975,24 @@ struct file *create_write_pipe(void)
*/
dentry->d_flags &= ~DCACHE_UNHASHED;
d_instantiate(dentry, inode);
f->f_path.mnt = mntget(pipe_mnt);
f->f_path.dentry = dentry;
err = -ENFILE;
f = alloc_file(pipe_mnt, dentry, FMODE_WRITE, &write_pipe_fops);
if (!f)
goto err_dentry;
f->f_mapping = inode->i_mapping;
f->f_flags = O_WRONLY;
f->f_op = &write_pipe_fops;
f->f_mode = FMODE_WRITE;
f->f_version = 0;
return f;
err_dentry:
dput(dentry);
err_inode:
free_pipe_info(inode);
iput(inode);
err_file:
put_filp(f);
err:
return ERR_PTR(err);
}
......
......@@ -191,28 +191,11 @@ static struct dentry *get_xa_file_dentry(const struct inode *inode,
dput(xadir);
if (err)
xafile = ERR_PTR(err);
return xafile;
}
/* Opens a file pointer to the attribute associated with inode */
static struct file *open_xa_file(const struct inode *inode, const char *name,
int flags)
{
struct dentry *xafile;
struct file *fp;
xafile = get_xa_file_dentry(inode, name, flags);
if (IS_ERR(xafile))
return ERR_PTR(PTR_ERR(xafile));
else if (!xafile->d_inode) {
dput(xafile);
return ERR_PTR(-ENODATA);
xafile = ERR_PTR(-ENODATA);
}
fp = dentry_open(xafile, NULL, O_RDWR);
/* dentry_open dputs the dentry if it fails */
return fp;
return xafile;
}
/*
......@@ -228,9 +211,8 @@ static struct file *open_xa_file(const struct inode *inode, const char *name,
* we're called with i_mutex held, so there are no worries about the directory
* changing underneath us.
*/
static int __xattr_readdir(struct file *filp, void *dirent, filldir_t filldir)
static int __xattr_readdir(struct inode *inode, void *dirent, filldir_t filldir)
{
struct inode *inode = filp->f_path.dentry->d_inode;
struct cpu_key pos_key; /* key of current position in the directory (key of directory entry) */
INITIALIZE_PATH(path_to_entry);
struct buffer_head *bh;
......@@ -374,23 +356,16 @@ static int __xattr_readdir(struct file *filp, void *dirent, filldir_t filldir)
*
*/
static
int xattr_readdir(struct file *file, filldir_t filler, void *buf)
int xattr_readdir(struct inode *inode, filldir_t filler, void *buf)
{
struct inode *inode = file->f_path.dentry->d_inode;
int res = -ENOTDIR;
if (!file->f_op || !file->f_op->readdir)
goto out;
int res = -ENOENT;
mutex_lock_nested(&inode->i_mutex, I_MUTEX_XATTR);
// down(&inode->i_zombie);
res = -ENOENT;
if (!IS_DEADDIR(inode)) {
lock_kernel();
res = __xattr_readdir(file, buf, filler);
res = __xattr_readdir(inode, buf, filler);
unlock_kernel();
}
// up(&inode->i_zombie);
mutex_unlock(&inode->i_mutex);
out:
return res;
}
......@@ -442,7 +417,7 @@ reiserfs_xattr_set(struct inode *inode, const char *name, const void *buffer,
size_t buffer_size, int flags)
{
int err = 0;
struct file *fp;
struct dentry *dentry;
struct page *page;
char *data;
struct address_space *mapping;
......@@ -460,18 +435,18 @@ reiserfs_xattr_set(struct inode *inode, const char *name, const void *buffer,
xahash = xattr_hash(buffer, buffer_size);
open_file:
fp = open_xa_file(inode, name, flags);
if (IS_ERR(fp)) {
err = PTR_ERR(fp);
dentry = get_xa_file_dentry(inode, name, flags);
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
goto out;
}
xinode = fp->f_path.dentry->d_inode;
xinode = dentry->d_inode;
REISERFS_I(inode)->i_flags |= i_has_xattr_dir;
/* we need to copy it off.. */
if (xinode->i_nlink > 1) {
fput(fp);
dput(dentry);
err = reiserfs_xattr_del(inode, name);
if (err < 0)
goto out;
......@@ -485,7 +460,7 @@ reiserfs_xattr_set(struct inode *inode, const char *name, const void *buffer,
newattrs.ia_size = buffer_size;
newattrs.ia_valid = ATTR_SIZE | ATTR_CTIME;
mutex_lock_nested(&xinode->i_mutex, I_MUTEX_XATTR);
err = notify_change(fp->f_path.dentry, &newattrs);
err = notify_change(dentry, &newattrs);
if (err)
goto out_filp;
......@@ -518,13 +493,12 @@ reiserfs_xattr_set(struct inode *inode, const char *name, const void *buffer,
rxh->h_hash = cpu_to_le32(xahash);
}
err = reiserfs_prepare_write(fp, page, page_offset,
err = reiserfs_prepare_write(NULL, page, page_offset,
page_offset + chunk + skip);
if (!err) {
if (buffer)
memcpy(data + skip, buffer + buffer_pos, chunk);
err =
reiserfs_commit_write(fp, page, page_offset,
err = reiserfs_commit_write(NULL, page, page_offset,
page_offset + chunk +
skip);
}
......@@ -548,7 +522,7 @@ reiserfs_xattr_set(struct inode *inode, const char *name, const void *buffer,
out_filp:
mutex_unlock(&xinode->i_mutex);
fput(fp);
dput(dentry);
out:
return err;
......@@ -562,7 +536,7 @@ reiserfs_xattr_get(const struct inode *inode, const char *name, void *buffer,
size_t buffer_size)
{
ssize_t err = 0;
struct file *fp;
struct dentry *dentry;
size_t isize;
size_t file_pos = 0;
size_t buffer_pos = 0;
......@@ -578,13 +552,13 @@ reiserfs_xattr_get(const struct inode *inode, const char *name, void *buffer,
if (get_inode_sd_version(inode) == STAT_DATA_V1)
return -EOPNOTSUPP;
fp = open_xa_file(inode, name, FL_READONLY);
if (IS_ERR(fp)) {
err = PTR_ERR(fp);
dentry = get_xa_file_dentry(inode, name, FL_READONLY);
if (IS_ERR(dentry)) {
err = PTR_ERR(dentry);
goto out;
}
xinode = fp->f_path.dentry->d_inode;
xinode = dentry->d_inode;
isize = xinode->i_size;
REISERFS_I(inode)->i_flags |= i_has_xattr_dir;
......@@ -652,7 +626,7 @@ reiserfs_xattr_get(const struct inode *inode, const char *name, void *buffer,
}
out_dput:
fput(fp);
dput(dentry);
out:
return err;
......@@ -742,7 +716,6 @@ reiserfs_delete_xattrs_filler(void *buf, const char *name, int namelen,
/* This is called w/ inode->i_mutex downed */
int reiserfs_delete_xattrs(struct inode *inode)
{
struct file *fp;
struct dentry *dir, *root;
int err = 0;
......@@ -763,15 +736,8 @@ int reiserfs_delete_xattrs(struct inode *inode)
return 0;
}
fp = dentry_open(dir, NULL, O_RDWR);
if (IS_ERR(fp)) {
err = PTR_ERR(fp);
/* dentry_open dputs the dentry if it fails */
goto out;
}
lock_kernel();
err = xattr_readdir(fp, reiserfs_delete_xattrs_filler, dir);
err = xattr_readdir(dir->d_inode, reiserfs_delete_xattrs_filler, dir);
if (err) {
unlock_kernel();
goto out_dir;
......@@ -791,7 +757,7 @@ int reiserfs_delete_xattrs(struct inode *inode)
unlock_kernel();
out_dir:
fput(fp);
dput(dir);
out:
if (!err)
......@@ -833,7 +799,6 @@ reiserfs_chown_xattrs_filler(void *buf, const char *name, int namelen,
int reiserfs_chown_xattrs(struct inode *inode, struct iattr *attrs)
{
struct file *fp;
struct dentry *dir;
int err = 0;
struct reiserfs_chown_buf buf;
......@@ -857,13 +822,6 @@ int reiserfs_chown_xattrs(struct inode *inode, struct iattr *attrs)
goto out;
}
fp = dentry_open(dir, NULL, O_RDWR);
if (IS_ERR(fp)) {
err = PTR_ERR(fp);
/* dentry_open dputs the dentry if it fails */
goto out;
}
lock_kernel();
attrs->ia_valid &= (ATTR_UID | ATTR_GID | ATTR_CTIME);
......@@ -871,7 +829,7 @@ int reiserfs_chown_xattrs(struct inode *inode, struct iattr *attrs)
buf.attrs = attrs;
buf.inode = inode;
err = xattr_readdir(fp, reiserfs_chown_xattrs_filler, &buf);
err = xattr_readdir(dir->d_inode, reiserfs_chown_xattrs_filler, &buf);
if (err) {
unlock_kernel();
goto out_dir;
......@@ -881,7 +839,7 @@ int reiserfs_chown_xattrs(struct inode *inode, struct iattr *attrs)
unlock_kernel();
out_dir:
fput(fp);
dput(dir);
out:
attrs->ia_valid = ia_valid;
......@@ -1029,7 +987,6 @@ reiserfs_listxattr_filler(void *buf, const char *name, int namelen,
*/
ssize_t reiserfs_listxattr(struct dentry * dentry, char *buffer, size_t size)
{
struct file *fp;
struct dentry *dir;
int err = 0;
struct reiserfs_listxattr_buf buf;
......@@ -1052,13 +1009,6 @@ ssize_t reiserfs_listxattr(struct dentry * dentry, char *buffer, size_t size)
goto out;
}
fp = dentry_open(dir, NULL, O_RDWR);
if (IS_ERR(fp)) {
err = PTR_ERR(fp);
/* dentry_open dputs the dentry if it fails */
goto out;
}
buf.r_buf = buffer;
buf.r_size = buffer ? size : 0;
buf.r_pos = 0;
......@@ -1066,7 +1016,7 @@ ssize_t reiserfs_listxattr(struct dentry * dentry, char *buffer, size_t size)
REISERFS_I(dentry->d_inode)->i_flags |= i_has_xattr_dir;
err = xattr_readdir(fp, reiserfs_listxattr_filler, &buf);
err = xattr_readdir(dir->d_inode, reiserfs_listxattr_filler, &buf);
if (err)
goto out_dir;
......@@ -1076,7 +1026,7 @@ ssize_t reiserfs_listxattr(struct dentry * dentry, char *buffer, size_t size)
err = buf.r_pos;
out_dir:
fput(fp);
dput(dir);
out:
reiserfs_read_unlock_xattr_i(dentry->d_inode);
......
......@@ -945,6 +945,7 @@ do_kern_mount(const char *fstype, int flags, const char *name, void *data)
put_filesystem(type);
return mnt;
}
EXPORT_SYMBOL_GPL(do_kern_mount);
struct vfsmount *kern_mount_data(struct file_system_type *type, void *data)
{
......
......@@ -88,6 +88,8 @@ struct file *shmem_file_setup(char *name, loff_t size, unsigned long flags)
close_file:
put_filp(file);
return ERR_PTR(error);
put_dentry:
dput(dentry);
put_memory:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment