litmus-rt.git/drivers/message/i2o, branch wip-default-clustering The LITMUS^RT kernel. i2o: check return code from put_user() 2010-08-11T15:59:06+00:00 Kulikov Vasiliy segooon@gmail.com 2010-08-11T01:02:04+00:00 89596f20bb5f0f32c37abd337d995080e04519c8 Check return value of put_user() and return -EFAULT if it failed. Original comment "We did a get user...so assuming mem is ok...is this bad?" is incorrect because memory can be read only. Signed-off-by: Kulikov Vasiliy <segooon@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Check return value of put_user() and return -EFAULT if it failed.
Original comment "We did a get user...so assuming mem is ok...is this
bad?" is incorrect because memory can be read only.

Signed-off-by: Kulikov Vasiliy <segooon@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
i2o: fix overflow of copy_to_user() 2010-08-11T15:59:05+00:00 Kulikov Vasiliy segooon@gmail.com 2010-08-11T01:02:03+00:00 d929dc2bfd8a58c34f1df0680018fa8ea5caa907 If (len > reslen) we must not call copy_to_user() since kernel buffer is smaller than we want to copy. Similar code in this file is correct, so this bug was a typo. Signed-off-by: Kulikov Vasiliy <segooon@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
If (len > reslen) we must not call copy_to_user() since kernel buffer is
smaller than we want to copy.  Similar code in this file is correct, so
this bug was a typo.

Signed-off-by: Kulikov Vasiliy <segooon@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
drivers/message/i2o/exec-osm.c: add missing mutex_unlock 2010-08-11T15:59:05+00:00 Julia Lawall julia@diku.dk 2010-08-11T01:02:03+00:00 32fa45498f843fcf56087b8046d8319fcd455ef0 Add a mutex_unlock missing on the error path. The semantic match that finds this problem is as follows: (http://coccinelle.lip6.fr/) // <smpl> @@ expression E1; @@ * mutex_lock(E1,...); <+... when != E1 if (...) { ... when != E1 * return ...; } ...+> * mutex_unlock(E1,...); // </smpl> Signed-off-by: Julia Lawall <julia@diku.dk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Add a mutex_unlock missing on the error path.

The semantic match that finds this problem is as follows:
(http://coccinelle.lip6.fr/)

// <smpl>
@@
expression E1;
@@

* mutex_lock(E1,...);
  <+... when != E1
  if (...) {
    ... when != E1
*   return ...;
  }
  ...+>
* mutex_unlock(E1,...);
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
drivers/message: move dereference after NULL test 2010-08-11T15:59:00+00:00 Julia Lawall julia@diku.dk 2010-08-11T01:01:14+00:00 d23670069ad60c82234e51a945e8b472e8c7bde2 If the NULL test on dev->i2o_dev or i2o_dev is needed, then the dereference should be after the NULL test. A simplified version of the semantic match that detects this problem is as follows (http://coccinelle.lip6.fr/): // <smpl> @match exists@ expression x, E; identifier fld; @@ * x->fld ... when != \(x = E\|&x\) * x == NULL // </smpl> Signed-off-by: Julia Lawall <julia@diku.dk> Cc: James Bottomley <James.Bottomley@suse.de> Cc: Kashyap Desai <kashyap.desai@lsi.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
If the NULL test on dev->i2o_dev or i2o_dev is needed, then the dereference
should be after the NULL test.

A simplified version of the semantic match that detects this problem is as
follows (http://coccinelle.lip6.fr/):

// <smpl>
@match exists@
expression x, E;
identifier fld;
@@

* x->fld
  ... when != \(x = E\|&x\)
* x == NULL
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Cc: James Bottomley <James.Bottomley@suse.de>
Cc: Kashyap Desai <kashyap.desai@lsi.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
scsi/i2o: restore ioctl changes 2010-08-07T16:26:29+00:00 Arnd Bergmann arnd@arndb.de 2010-07-08T12:57:03+00:00 2daa672b1a736d41b3e7a2e3a05f1909a1f96530 This restores the changes from "scsi/i2o_block: cleanup ioctl handling", which accidentally got reverted. Origignal changelog: This fixes the ioctl function of the i2o_block driver, which has multiple problems: * The BLKI2OSRSTRAT and BLKI2OSWSTRAT commands always return -ENOTTY on success, where they should return 0. * Support for 32 bit compat is missing * The driver should use the .ioctl function and because .locked_ioctl is going away. The use of the big kernel lock remains for now, but gets made explictit in the ioctl function. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Jens Axboe <jaxboe@fusionio.com> 
This restores the changes from "scsi/i2o_block: cleanup ioctl
handling", which accidentally got reverted.

Origignal changelog:
      This fixes the ioctl function of the i2o_block driver, which
      has multiple problems:

      * The BLKI2OSRSTRAT and BLKI2OSWSTRAT commands always return
        -ENOTTY on success, where they should return 0.
      * Support for 32 bit compat is missing
      * The driver should use the .ioctl function and because
        .locked_ioctl is going away.

      The use of the big kernel lock remains for now, but gets
      made explictit in the ioctl function.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
block: push down BKL into .open and .release 2010-08-07T16:25:34+00:00 Arnd Bergmann arnd@arndb.de 2010-08-07T16:25:34+00:00 6e9624b8caec290d28b4c6d9ec75749df6372b87 The open and release block_device_operations are currently called with the BKL held. In order to change that, we must first make sure that all drivers that currently rely on this have no regressions. This blindly pushes the BKL into all .open and .release operations for all block drivers to prepare for the next step. The drivers can subsequently replace the BKL with their own locks or remove it completely when it can be shown that it is not needed. The functions blkdev_get and blkdev_put are the only remaining users of the big kernel lock in the block layer, besides a few uses in the ioctl code, none of which need to serialize with blkdev_{get,put}. Most of these two functions is also under the protection of bdev->bd_mutex, including the actual calls to ->open and ->release, and the common code does not access any global data structures that need the BKL. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Acked-by: Christoph Hellwig <hch@infradead.org> Signed-off-by: Jens Axboe <jaxboe@fusionio.com> 
The open and release block_device_operations are currently
called with the BKL held. In order to change that, we must
first make sure that all drivers that currently rely
on this have no regressions.

This blindly pushes the BKL into all .open and .release
operations for all block drivers to prepare for the
next step. The drivers can subsequently replace the BKL
with their own locks or remove it completely when it can
be shown that it is not needed.

The functions blkdev_get and blkdev_put are the only
remaining users of the big kernel lock in the block
layer, besides a few uses in the ioctl code, none
of which need to serialize with blkdev_{get,put}.

Most of these two functions is also under the protection
of bdev->bd_mutex, including the actual calls to
->open and ->release, and the common code does not
access any global data structures that need the BKL.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Christoph Hellwig <hch@infradead.org>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
block: push down BKL into .locked_ioctl 2010-08-07T16:25:00+00:00 Arnd Bergmann arnd@arndb.de 2010-07-08T08:18:46+00:00 8a6cfeb6deca3a8fefd639d898b0d163c0b5d368 As a preparation for the removal of the big kernel lock in the block layer, this removes the BKL from the common ioctl handling code, moving it into every single driver still using it. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Acked-by: Christoph Hellwig <hch@infradead.org> Signed-off-by: Jens Axboe <jaxboe@fusionio.com> 
As a preparation for the removal of the big kernel
lock in the block layer, this removes the BKL
from the common ioctl handling code, moving it
into every single driver still using it.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Christoph Hellwig <hch@infradead.org>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
scsi/i2o_block: cleanup ioctl handling 2010-08-07T16:24:31+00:00 Arnd Bergmann arnd@arndb.de 2010-07-07T14:51:23+00:00 34484062445fe905bf02c72f87ddda21881acda3 This fixes the ioctl function of the i2o_block driver, which has multiple problems: * The BLKI2OSRSTRAT and BLKI2OSWSTRAT commands always return -ENOTTY on success, where they should return 0. * Support for 32 bit compat is missing * The driver should use the .ioctl function and because .locked_ioctl is going away. The use of the big kernel lock remains for now, but gets made explictit in the ioctl function. Signed-off-by: Arnd Bergmann <arnd@arndb.de> Signed-off-by: Jens Axboe <jaxboe@fusionio.com> 
This fixes the ioctl function of the i2o_block driver, which
has multiple problems:

* The BLKI2OSRSTRAT and BLKI2OSWSTRAT commands always return
  -ENOTTY on success, where they should return 0.
* Support for 32 bit compat is missing
* The driver should use the .ioctl function and because
  .locked_ioctl is going away.

The use of the big kernel lock remains for now, but gets
made explictit in the ioctl function.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
block: remove wrappers for request type/flags 2010-08-07T16:17:56+00:00 Christoph Hellwig hch@lst.de 2010-08-07T16:17:56+00:00 33659ebbae262228eef4e0fe990f393d1f0ed941 Remove all the trivial wrappers for the cmd_type and cmd_flags fields in struct requests. This allows much easier grepping for different request types instead of unwinding through macros. Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Jens Axboe <jaxboe@fusionio.com> 
Remove all the trivial wrappers for the cmd_type and cmd_flags fields in
struct requests.  This allows much easier grepping for different request
types instead of unwinding through macros.

Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Jens Axboe <jaxboe@fusionio.com>
drivers/message/i2o/i2o_config.c: use memdup_user 2010-05-27T16:12:41+00:00 Julia Lawall julia@diku.dk 2010-05-26T21:42:12+00:00 b81d67a50c0f3021d170466388bec3e7fc3abe75 Use memdup_user when user data is immediately copied into the allocated region. The semantic patch that makes this change is as follows: (http://coccinelle.lip6.fr/) // <smpl> @@ expression from,to,size,flag; position p; identifier l1,l2; @@ - to = \(kmalloc@p\|kzalloc@p\)(size,flag); + to = memdup_user(from,size); if ( - to==NULL + IS_ERR(to) || ...) { <+... when != goto l1; - -ENOMEM + PTR_ERR(to) ...+> } - if (copy_from_user(to, from, size) != 0) { - <+... when != goto l2; - -EFAULT - ...+> - } // </smpl> Signed-off-by: Julia Lawall <julia@diku.dk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Use memdup_user when user data is immediately copied into the
allocated region.

The semantic patch that makes this change is as follows:
(http://coccinelle.lip6.fr/)

// <smpl>
@@
expression from,to,size,flag;
position p;
identifier l1,l2;
@@

-  to = \(kmalloc@p\|kzalloc@p\)(size,flag);
+  to = memdup_user(from,size);
   if (
-      to==NULL
+      IS_ERR(to)
                 || ...) {
   <+... when != goto l1;
-  -ENOMEM
+  PTR_ERR(to)
   ...+>
   }
-  if (copy_from_user(to, from, size) != 0) {
-    <+... when != goto l2;
-    -EFAULT
-    ...+>
-  }
// </smpl>

Signed-off-by: Julia Lawall <julia@diku.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>