aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorTim Shimmin <tes@chook.melbourne.sgi.com>2007-10-11 02:52:59 -0400
committerTim Shimmin <tes@chook.melbourne.sgi.com>2007-10-11 02:52:59 -0400
commitc1561cf463f4a480d1960e833c8fe628207b24e4 (patch)
treeb612e5257611ef33196aacc00fba813c943384d5 /fs
parent053c59a0a7234bac669992f5b8b933b7d7fc189d (diff)
parentbbf25010f1a6b761914430f5fca081ec8c7accd1 (diff)
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6 into for-linus
Diffstat (limited to 'fs')
-rw-r--r--fs/aio.c2
-rw-r--r--fs/binfmt_flat.c6
-rw-r--r--fs/lockd/svclock.c4
-rw-r--r--fs/ocfs2/localalloc.c4
-rw-r--r--fs/splice.c46
5 files changed, 46 insertions, 16 deletions
diff --git a/fs/aio.c b/fs/aio.c
index dbe699e9828c..ea2e19820381 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1562,6 +1562,7 @@ int fastcall io_submit_one(struct kioctx *ctx, struct iocb __user *user_iocb,
1562 fput(file); 1562 fput(file);
1563 return -EAGAIN; 1563 return -EAGAIN;
1564 } 1564 }
1565 req->ki_filp = file;
1565 if (iocb->aio_flags & IOCB_FLAG_RESFD) { 1566 if (iocb->aio_flags & IOCB_FLAG_RESFD) {
1566 /* 1567 /*
1567 * If the IOCB_FLAG_RESFD flag of aio_flags is set, get an 1568 * If the IOCB_FLAG_RESFD flag of aio_flags is set, get an
@@ -1576,7 +1577,6 @@ int fastcall io_submit_one(struct kioctx *ctx, struct iocb __user *user_iocb,
1576 } 1577 }
1577 } 1578 }
1578 1579
1579 req->ki_filp = file;
1580 ret = put_user(req->ki_key, &user_iocb->aio_key); 1580 ret = put_user(req->ki_key, &user_iocb->aio_key);
1581 if (unlikely(ret)) { 1581 if (unlikely(ret)) {
1582 dprintk("EFAULT: aio_key\n"); 1582 dprintk("EFAULT: aio_key\n");
diff --git a/fs/binfmt_flat.c b/fs/binfmt_flat.c
index 861141b4f6d6..fcb3405bb14e 100644
--- a/fs/binfmt_flat.c
+++ b/fs/binfmt_flat.c
@@ -742,6 +742,7 @@ static int load_flat_file(struct linux_binprm * bprm,
742 * __start to address 4 so that is okay). 742 * __start to address 4 so that is okay).
743 */ 743 */
744 if (rev > OLD_FLAT_VERSION) { 744 if (rev > OLD_FLAT_VERSION) {
745 unsigned long persistent = 0;
745 for (i=0; i < relocs; i++) { 746 for (i=0; i < relocs; i++) {
746 unsigned long addr, relval; 747 unsigned long addr, relval;
747 748
@@ -749,6 +750,8 @@ static int load_flat_file(struct linux_binprm * bprm,
749 relocated (of course, the address has to be 750 relocated (of course, the address has to be
750 relocated first). */ 751 relocated first). */
751 relval = ntohl(reloc[i]); 752 relval = ntohl(reloc[i]);
753 if (flat_set_persistent (relval, &persistent))
754 continue;
752 addr = flat_get_relocate_addr(relval); 755 addr = flat_get_relocate_addr(relval);
753 rp = (unsigned long *) calc_reloc(addr, libinfo, id, 1); 756 rp = (unsigned long *) calc_reloc(addr, libinfo, id, 1);
754 if (rp == (unsigned long *)RELOC_FAILED) { 757 if (rp == (unsigned long *)RELOC_FAILED) {
@@ -757,7 +760,8 @@ static int load_flat_file(struct linux_binprm * bprm,
757 } 760 }
758 761
759 /* Get the pointer's value. */ 762 /* Get the pointer's value. */
760 addr = flat_get_addr_from_rp(rp, relval, flags); 763 addr = flat_get_addr_from_rp(rp, relval, flags,
764 &persistent);
761 if (addr != 0) { 765 if (addr != 0) {
762 /* 766 /*
763 * Do the relocation. PIC relocs in the data section are 767 * Do the relocation. PIC relocs in the data section are
diff --git a/fs/lockd/svclock.c b/fs/lockd/svclock.c
index d098c7af0d22..d120ec39bcb0 100644
--- a/fs/lockd/svclock.c
+++ b/fs/lockd/svclock.c
@@ -485,8 +485,10 @@ nlmsvc_testlock(struct svc_rqst *rqstp, struct nlm_file *file,
485 return nlm_granted; 485 return nlm_granted;
486 /* Create host handle for callback */ 486 /* Create host handle for callback */
487 host = nlmsvc_lookup_host(rqstp, lock->caller, lock->len); 487 host = nlmsvc_lookup_host(rqstp, lock->caller, lock->len);
488 if (host == NULL) 488 if (host == NULL) {
489 kfree(conf);
489 return nlm_lck_denied_nolocks; 490 return nlm_lck_denied_nolocks;
491 }
490 block = nlmsvc_create_block(rqstp, host, file, lock, cookie); 492 block = nlmsvc_create_block(rqstp, host, file, lock, cookie);
491 if (block == NULL) { 493 if (block == NULL) {
492 kfree(conf); 494 kfree(conf);
diff --git a/fs/ocfs2/localalloc.c b/fs/ocfs2/localalloc.c
index de984d272576..d272847d5a07 100644
--- a/fs/ocfs2/localalloc.c
+++ b/fs/ocfs2/localalloc.c
@@ -514,8 +514,10 @@ int ocfs2_reserve_local_alloc_bits(struct ocfs2_super *osb,
514 ac->ac_bh = osb->local_alloc_bh; 514 ac->ac_bh = osb->local_alloc_bh;
515 status = 0; 515 status = 0;
516bail: 516bail:
517 if (status < 0 && local_alloc_inode) 517 if (status < 0 && local_alloc_inode) {
518 mutex_unlock(&local_alloc_inode->i_mutex);
518 iput(local_alloc_inode); 519 iput(local_alloc_inode);
520 }
519 521
520 mlog_exit(status); 522 mlog_exit(status);
521 return status; 523 return status;
diff --git a/fs/splice.c b/fs/splice.c
index c010a72ca2d2..e95a36228863 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -1224,6 +1224,33 @@ static long do_splice(struct file *in, loff_t __user *off_in,
1224} 1224}
1225 1225
1226/* 1226/*
1227 * Do a copy-from-user while holding the mmap_semaphore for reading, in a
1228 * manner safe from deadlocking with simultaneous mmap() (grabbing mmap_sem
1229 * for writing) and page faulting on the user memory pointed to by src.
1230 * This assumes that we will very rarely hit the partial != 0 path, or this
1231 * will not be a win.
1232 */
1233static int copy_from_user_mmap_sem(void *dst, const void __user *src, size_t n)
1234{
1235 int partial;
1236
1237 pagefault_disable();
1238 partial = __copy_from_user_inatomic(dst, src, n);
1239 pagefault_enable();
1240
1241 /*
1242 * Didn't copy everything, drop the mmap_sem and do a faulting copy
1243 */
1244 if (unlikely(partial)) {
1245 up_read(&current->mm->mmap_sem);
1246 partial = copy_from_user(dst, src, n);
1247 down_read(&current->mm->mmap_sem);
1248 }
1249
1250 return partial;
1251}
1252
1253/*
1227 * Map an iov into an array of pages and offset/length tupples. With the 1254 * Map an iov into an array of pages and offset/length tupples. With the
1228 * partial_page structure, we can map several non-contiguous ranges into 1255 * partial_page structure, we can map several non-contiguous ranges into
1229 * our ones pages[] map instead of splitting that operation into pieces. 1256 * our ones pages[] map instead of splitting that operation into pieces.
@@ -1236,31 +1263,26 @@ static int get_iovec_page_array(const struct iovec __user *iov,
1236{ 1263{
1237 int buffers = 0, error = 0; 1264 int buffers = 0, error = 0;
1238 1265
1239 /*
1240 * It's ok to take the mmap_sem for reading, even
1241 * across a "get_user()".
1242 */
1243 down_read(&current->mm->mmap_sem); 1266 down_read(&current->mm->mmap_sem);
1244 1267
1245 while (nr_vecs) { 1268 while (nr_vecs) {
1246 unsigned long off, npages; 1269 unsigned long off, npages;
1270 struct iovec entry;
1247 void __user *base; 1271 void __user *base;
1248 size_t len; 1272 size_t len;
1249 int i; 1273 int i;
1250 1274
1251 /* 1275 error = -EFAULT;
1252 * Get user address base and length for this iovec. 1276 if (copy_from_user_mmap_sem(&entry, iov, sizeof(entry)))
1253 */
1254 error = get_user(base, &iov->iov_base);
1255 if (unlikely(error))
1256 break;
1257 error = get_user(len, &iov->iov_len);
1258 if (unlikely(error))
1259 break; 1277 break;
1260 1278
1279 base = entry.iov_base;
1280 len = entry.iov_len;
1281
1261 /* 1282 /*
1262 * Sanity check this iovec. 0 read succeeds. 1283 * Sanity check this iovec. 0 read succeeds.
1263 */ 1284 */
1285 error = 0;
1264 if (unlikely(!len)) 1286 if (unlikely(!len))
1265 break; 1287 break;
1266 error = -EFAULT; 1288 error = -EFAULT;
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-19 14:15:11 -0500