diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2012-11-07 07:38:56 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-11-07 07:38:56 -0500 |
| commit | 0e4a43ed08e2f44aa7b96aa95d0a540d675483e1 (patch) | |
| tree | 613afa922c7db15689ed048038f3b0eb898d6c67 /fs | |
| parent | 826389d137d99ad5596d4b2b7747e29e250f468c (diff) | |
| parent | 96e5d1d3adf56f1c7eeb07258f6a1a0a7ae9c489 (diff) | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-3.0-fixes
Pull gfs2 fixes from Steven Whitehouse:
"Here are a number of GFS2 bug fixes. There are three from Andy Price
which fix various issues spotted by automated code analysis. There
are two from Lukas Czerner fixing my mistaken assumptions as to how
FITRIM should work. Finally Ben Marzinski has fixed a bug relating to
mmap and atime and also a bug relating to a locking issue in the
transaction code."
* git://git.kernel.org/pub/scm/linux/kernel/git/steve/gfs2-3.0-fixes:
GFS2: Test bufdata with buffer locked and gfs2_log_lock held
GFS2: Don't call file_accessed() with a shared glock
GFS2: Fix FITRIM argument handling
GFS2: Require user to provide argument for FITRIM
GFS2: Clean up some unused assignments
GFS2: Fix possible null pointer deref in gfs2_rs_alloc
GFS2: Fix an unchecked error from gfs2_rs_alloc
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/gfs2/file.c | 14 | ||||
| -rw-r--r-- | fs/gfs2/lops.c | 16 | ||||
| -rw-r--r-- | fs/gfs2/quota.c | 7 | ||||
| -rw-r--r-- | fs/gfs2/rgrp.c | 33 | ||||
| -rw-r--r-- | fs/gfs2/super.c | 3 | ||||
| -rw-r--r-- | fs/gfs2/trans.c | 8 |
6 files changed, 43 insertions, 38 deletions
diff --git a/fs/gfs2/file.c b/fs/gfs2/file.c index 0def0504afc1..e056b4ce4877 100644 --- a/fs/gfs2/file.c +++ b/fs/gfs2/file.c | |||
| @@ -516,15 +516,13 @@ static int gfs2_mmap(struct file *file, struct vm_area_struct *vma) | |||
| 516 | struct gfs2_holder i_gh; | 516 | struct gfs2_holder i_gh; |
| 517 | int error; | 517 | int error; |
| 518 | 518 | ||
| 519 | gfs2_holder_init(ip->i_gl, LM_ST_SHARED, LM_FLAG_ANY, &i_gh); | 519 | error = gfs2_glock_nq_init(ip->i_gl, LM_ST_SHARED, LM_FLAG_ANY, |
| 520 | error = gfs2_glock_nq(&i_gh); | 520 | &i_gh); |
| 521 | if (error == 0) { | ||
| 522 | file_accessed(file); | ||
| 523 | gfs2_glock_dq(&i_gh); | ||
| 524 | } | ||
| 525 | gfs2_holder_uninit(&i_gh); | ||
| 526 | if (error) | 521 | if (error) |
| 527 | return error; | 522 | return error; |
| 523 | /* grab lock to update inode */ | ||
| 524 | gfs2_glock_dq_uninit(&i_gh); | ||
| 525 | file_accessed(file); | ||
| 528 | } | 526 | } |
| 529 | vma->vm_ops = &gfs2_vm_ops; | 527 | vma->vm_ops = &gfs2_vm_ops; |
| 530 | 528 | ||
| @@ -677,10 +675,8 @@ static ssize_t gfs2_file_aio_write(struct kiocb *iocb, const struct iovec *iov, | |||
| 677 | size_t writesize = iov_length(iov, nr_segs); | 675 | size_t writesize = iov_length(iov, nr_segs); |
| 678 | struct dentry *dentry = file->f_dentry; | 676 | struct dentry *dentry = file->f_dentry; |
| 679 | struct gfs2_inode *ip = GFS2_I(dentry->d_inode); | 677 | struct gfs2_inode *ip = GFS2_I(dentry->d_inode); |
| 680 | struct gfs2_sbd *sdp; | ||
| 681 | int ret; | 678 | int ret; |
| 682 | 679 | ||
| 683 | sdp = GFS2_SB(file->f_mapping->host); | ||
| 684 | ret = gfs2_rs_alloc(ip); | 680 | ret = gfs2_rs_alloc(ip); |
| 685 | if (ret) | 681 | if (ret) |
| 686 | return ret; | 682 | return ret; |
diff --git a/fs/gfs2/lops.c b/fs/gfs2/lops.c index 8ff95a2d54ee..9ceccb1595a3 100644 --- a/fs/gfs2/lops.c +++ b/fs/gfs2/lops.c | |||
| @@ -393,12 +393,10 @@ static void buf_lo_add(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) | |||
| 393 | struct gfs2_meta_header *mh; | 393 | struct gfs2_meta_header *mh; |
| 394 | struct gfs2_trans *tr; | 394 | struct gfs2_trans *tr; |
| 395 | 395 | ||
| 396 | lock_buffer(bd->bd_bh); | ||
| 397 | gfs2_log_lock(sdp); | ||
| 398 | tr = current->journal_info; | 396 | tr = current->journal_info; |
| 399 | tr->tr_touched = 1; | 397 | tr->tr_touched = 1; |
| 400 | if (!list_empty(&bd->bd_list)) | 398 | if (!list_empty(&bd->bd_list)) |
| 401 | goto out; | 399 | return; |
| 402 | set_bit(GLF_LFLUSH, &bd->bd_gl->gl_flags); | 400 | set_bit(GLF_LFLUSH, &bd->bd_gl->gl_flags); |
| 403 | set_bit(GLF_DIRTY, &bd->bd_gl->gl_flags); | 401 | set_bit(GLF_DIRTY, &bd->bd_gl->gl_flags); |
| 404 | mh = (struct gfs2_meta_header *)bd->bd_bh->b_data; | 402 | mh = (struct gfs2_meta_header *)bd->bd_bh->b_data; |
| @@ -414,9 +412,6 @@ static void buf_lo_add(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) | |||
| 414 | sdp->sd_log_num_buf++; | 412 | sdp->sd_log_num_buf++; |
| 415 | list_add(&bd->bd_list, &sdp->sd_log_le_buf); | 413 | list_add(&bd->bd_list, &sdp->sd_log_le_buf); |
| 416 | tr->tr_num_buf_new++; | 414 | tr->tr_num_buf_new++; |
| 417 | out: | ||
| 418 | gfs2_log_unlock(sdp); | ||
| 419 | unlock_buffer(bd->bd_bh); | ||
| 420 | } | 415 | } |
| 421 | 416 | ||
| 422 | static void gfs2_check_magic(struct buffer_head *bh) | 417 | static void gfs2_check_magic(struct buffer_head *bh) |
| @@ -621,7 +616,6 @@ static void revoke_lo_add(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) | |||
| 621 | 616 | ||
| 622 | static void revoke_lo_before_commit(struct gfs2_sbd *sdp) | 617 | static void revoke_lo_before_commit(struct gfs2_sbd *sdp) |
| 623 | { | 618 | { |
| 624 | struct gfs2_log_descriptor *ld; | ||
| 625 | struct gfs2_meta_header *mh; | 619 | struct gfs2_meta_header *mh; |
| 626 | unsigned int offset; | 620 | unsigned int offset; |
| 627 | struct list_head *head = &sdp->sd_log_le_revoke; | 621 | struct list_head *head = &sdp->sd_log_le_revoke; |
| @@ -634,7 +628,6 @@ static void revoke_lo_before_commit(struct gfs2_sbd *sdp) | |||
| 634 | 628 | ||
| 635 | length = gfs2_struct2blk(sdp, sdp->sd_log_num_revoke, sizeof(u64)); | 629 | length = gfs2_struct2blk(sdp, sdp->sd_log_num_revoke, sizeof(u64)); |
| 636 | page = gfs2_get_log_desc(sdp, GFS2_LOG_DESC_REVOKE, length, sdp->sd_log_num_revoke); | 630 | page = gfs2_get_log_desc(sdp, GFS2_LOG_DESC_REVOKE, length, sdp->sd_log_num_revoke); |
| 637 | ld = page_address(page); | ||
| 638 | offset = sizeof(struct gfs2_log_descriptor); | 631 | offset = sizeof(struct gfs2_log_descriptor); |
| 639 | 632 | ||
| 640 | list_for_each_entry(bd, head, bd_list) { | 633 | list_for_each_entry(bd, head, bd_list) { |
| @@ -777,12 +770,10 @@ static void databuf_lo_add(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) | |||
| 777 | struct address_space *mapping = bd->bd_bh->b_page->mapping; | 770 | struct address_space *mapping = bd->bd_bh->b_page->mapping; |
| 778 | struct gfs2_inode *ip = GFS2_I(mapping->host); | 771 | struct gfs2_inode *ip = GFS2_I(mapping->host); |
| 779 | 772 | ||
| 780 | lock_buffer(bd->bd_bh); | ||
| 781 | gfs2_log_lock(sdp); | ||
| 782 | if (tr) | 773 | if (tr) |
| 783 | tr->tr_touched = 1; | 774 | tr->tr_touched = 1; |
| 784 | if (!list_empty(&bd->bd_list)) | 775 | if (!list_empty(&bd->bd_list)) |
| 785 | goto out; | 776 | return; |
| 786 | set_bit(GLF_LFLUSH, &bd->bd_gl->gl_flags); | 777 | set_bit(GLF_LFLUSH, &bd->bd_gl->gl_flags); |
| 787 | set_bit(GLF_DIRTY, &bd->bd_gl->gl_flags); | 778 | set_bit(GLF_DIRTY, &bd->bd_gl->gl_flags); |
| 788 | if (gfs2_is_jdata(ip)) { | 779 | if (gfs2_is_jdata(ip)) { |
| @@ -793,9 +784,6 @@ static void databuf_lo_add(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) | |||
| 793 | } else { | 784 | } else { |
| 794 | list_add_tail(&bd->bd_list, &sdp->sd_log_le_ordered); | 785 | list_add_tail(&bd->bd_list, &sdp->sd_log_le_ordered); |
| 795 | } | 786 | } |
| 796 | out: | ||
| 797 | gfs2_log_unlock(sdp); | ||
| 798 | unlock_buffer(bd->bd_bh); | ||
| 799 | } | 787 | } |
| 800 | 788 | ||
| 801 | /** | 789 | /** |
diff --git a/fs/gfs2/quota.c b/fs/gfs2/quota.c index 40c4b0d42fa8..c5af8e18f27a 100644 --- a/fs/gfs2/quota.c +++ b/fs/gfs2/quota.c | |||
| @@ -497,8 +497,11 @@ int gfs2_quota_hold(struct gfs2_inode *ip, u32 uid, u32 gid) | |||
| 497 | struct gfs2_quota_data **qd; | 497 | struct gfs2_quota_data **qd; |
| 498 | int error; | 498 | int error; |
| 499 | 499 | ||
| 500 | if (ip->i_res == NULL) | 500 | if (ip->i_res == NULL) { |
| 501 | gfs2_rs_alloc(ip); | 501 | error = gfs2_rs_alloc(ip); |
| 502 | if (error) | ||
| 503 | return error; | ||
| 504 | } | ||
| 502 | 505 | ||
| 503 | qd = ip->i_res->rs_qa_qd; | 506 | qd = ip->i_res->rs_qa_qd; |
| 504 | 507 | ||
diff --git a/fs/gfs2/rgrp.c b/fs/gfs2/rgrp.c index 3cc402ce6fea..38fe18f2f055 100644 --- a/fs/gfs2/rgrp.c +++ b/fs/gfs2/rgrp.c | |||
| @@ -553,7 +553,6 @@ void gfs2_free_clones(struct gfs2_rgrpd *rgd) | |||
| 553 | */ | 553 | */ |
| 554 | int gfs2_rs_alloc(struct gfs2_inode *ip) | 554 | int gfs2_rs_alloc(struct gfs2_inode *ip) |
| 555 | { | 555 | { |
| 556 | int error = 0; | ||
| 557 | struct gfs2_blkreserv *res; | 556 | struct gfs2_blkreserv *res; |
| 558 | 557 | ||
| 559 | if (ip->i_res) | 558 | if (ip->i_res) |
| @@ -561,7 +560,7 @@ int gfs2_rs_alloc(struct gfs2_inode *ip) | |||
| 561 | 560 | ||
| 562 | res = kmem_cache_zalloc(gfs2_rsrv_cachep, GFP_NOFS); | 561 | res = kmem_cache_zalloc(gfs2_rsrv_cachep, GFP_NOFS); |
| 563 | if (!res) | 562 | if (!res) |
| 564 | error = -ENOMEM; | 563 | return -ENOMEM; |
| 565 | 564 | ||
| 566 | RB_CLEAR_NODE(&res->rs_node); | 565 | RB_CLEAR_NODE(&res->rs_node); |
| 567 | 566 | ||
| @@ -571,7 +570,7 @@ int gfs2_rs_alloc(struct gfs2_inode *ip) | |||
| 571 | else | 570 | else |
| 572 | ip->i_res = res; | 571 | ip->i_res = res; |
| 573 | up_write(&ip->i_rw_mutex); | 572 | up_write(&ip->i_rw_mutex); |
| 574 | return error; | 573 | return 0; |
| 575 | } | 574 | } |
| 576 | 575 | ||
| 577 | static void dump_rs(struct seq_file *seq, const struct gfs2_blkreserv *rs) | 576 | static void dump_rs(struct seq_file *seq, const struct gfs2_blkreserv *rs) |
| @@ -1263,7 +1262,9 @@ int gfs2_fitrim(struct file *filp, void __user *argp) | |||
| 1263 | int ret = 0; | 1262 | int ret = 0; |
| 1264 | u64 amt; | 1263 | u64 amt; |
| 1265 | u64 trimmed = 0; | 1264 | u64 trimmed = 0; |
| 1265 | u64 start, end, minlen; | ||
| 1266 | unsigned int x; | 1266 | unsigned int x; |
| 1267 | unsigned bs_shift = sdp->sd_sb.sb_bsize_shift; | ||
| 1267 | 1268 | ||
| 1268 | if (!capable(CAP_SYS_ADMIN)) | 1269 | if (!capable(CAP_SYS_ADMIN)) |
| 1269 | return -EPERM; | 1270 | return -EPERM; |
| @@ -1271,19 +1272,25 @@ int gfs2_fitrim(struct file *filp, void __user *argp) | |||
| 1271 | if (!blk_queue_discard(q)) | 1272 | if (!blk_queue_discard(q)) |
| 1272 | return -EOPNOTSUPP; | 1273 | return -EOPNOTSUPP; |
| 1273 | 1274 | ||
| 1274 | if (argp == NULL) { | 1275 | if (copy_from_user(&r, argp, sizeof(r))) |
| 1275 | r.start = 0; | ||
| 1276 | r.len = ULLONG_MAX; | ||
| 1277 | r.minlen = 0; | ||
| 1278 | } else if (copy_from_user(&r, argp, sizeof(r))) | ||
| 1279 | return -EFAULT; | 1276 | return -EFAULT; |
| 1280 | 1277 | ||
| 1281 | ret = gfs2_rindex_update(sdp); | 1278 | ret = gfs2_rindex_update(sdp); |
| 1282 | if (ret) | 1279 | if (ret) |
| 1283 | return ret; | 1280 | return ret; |
| 1284 | 1281 | ||
| 1285 | rgd = gfs2_blk2rgrpd(sdp, r.start, 0); | 1282 | start = r.start >> bs_shift; |
| 1286 | rgd_end = gfs2_blk2rgrpd(sdp, r.start + r.len, 0); | 1283 | end = start + (r.len >> bs_shift); |
| 1284 | minlen = max_t(u64, r.minlen, | ||
| 1285 | q->limits.discard_granularity) >> bs_shift; | ||
| 1286 | |||
| 1287 | rgd = gfs2_blk2rgrpd(sdp, start, 0); | ||
| 1288 | rgd_end = gfs2_blk2rgrpd(sdp, end - 1, 0); | ||
| 1289 | |||
| 1290 | if (end <= start || | ||
| 1291 | minlen > sdp->sd_max_rg_data || | ||
| 1292 | start > rgd_end->rd_data0 + rgd_end->rd_data) | ||
| 1293 | return -EINVAL; | ||
| 1287 | 1294 | ||
| 1288 | while (1) { | 1295 | while (1) { |
| 1289 | 1296 | ||
| @@ -1295,7 +1302,9 @@ int gfs2_fitrim(struct file *filp, void __user *argp) | |||
| 1295 | /* Trim each bitmap in the rgrp */ | 1302 | /* Trim each bitmap in the rgrp */ |
| 1296 | for (x = 0; x < rgd->rd_length; x++) { | 1303 | for (x = 0; x < rgd->rd_length; x++) { |
| 1297 | struct gfs2_bitmap *bi = rgd->rd_bits + x; | 1304 | struct gfs2_bitmap *bi = rgd->rd_bits + x; |
| 1298 | ret = gfs2_rgrp_send_discards(sdp, rgd->rd_data0, NULL, bi, r.minlen, &amt); | 1305 | ret = gfs2_rgrp_send_discards(sdp, |
| 1306 | rgd->rd_data0, NULL, bi, minlen, | ||
| 1307 | &amt); | ||
| 1299 | if (ret) { | 1308 | if (ret) { |
| 1300 | gfs2_glock_dq_uninit(&gh); | 1309 | gfs2_glock_dq_uninit(&gh); |
| 1301 | goto out; | 1310 | goto out; |
| @@ -1324,7 +1333,7 @@ int gfs2_fitrim(struct file *filp, void __user *argp) | |||
| 1324 | 1333 | ||
| 1325 | out: | 1334 | out: |
| 1326 | r.len = trimmed << 9; | 1335 | r.len = trimmed << 9; |
| 1327 | if (argp && copy_to_user(argp, &r, sizeof(r))) | 1336 | if (copy_to_user(argp, &r, sizeof(r))) |
| 1328 | return -EFAULT; | 1337 | return -EFAULT; |
| 1329 | 1338 | ||
| 1330 | return ret; | 1339 | return ret; |
diff --git a/fs/gfs2/super.c b/fs/gfs2/super.c index bc737261f234..d6488674d916 100644 --- a/fs/gfs2/super.c +++ b/fs/gfs2/super.c | |||
| @@ -810,7 +810,8 @@ static void gfs2_dirty_inode(struct inode *inode, int flags) | |||
| 810 | return; | 810 | return; |
| 811 | } | 811 | } |
| 812 | need_unlock = 1; | 812 | need_unlock = 1; |
| 813 | } | 813 | } else if (WARN_ON_ONCE(ip->i_gl->gl_state != LM_ST_EXCLUSIVE)) |
| 814 | return; | ||
| 814 | 815 | ||
| 815 | if (current->journal_info == NULL) { | 816 | if (current->journal_info == NULL) { |
| 816 | ret = gfs2_trans_begin(sdp, RES_DINODE, 0); | 817 | ret = gfs2_trans_begin(sdp, RES_DINODE, 0); |
diff --git a/fs/gfs2/trans.c b/fs/gfs2/trans.c index adbd27875ef9..413627072f36 100644 --- a/fs/gfs2/trans.c +++ b/fs/gfs2/trans.c | |||
| @@ -155,14 +155,22 @@ void gfs2_trans_add_bh(struct gfs2_glock *gl, struct buffer_head *bh, int meta) | |||
| 155 | struct gfs2_sbd *sdp = gl->gl_sbd; | 155 | struct gfs2_sbd *sdp = gl->gl_sbd; |
| 156 | struct gfs2_bufdata *bd; | 156 | struct gfs2_bufdata *bd; |
| 157 | 157 | ||
| 158 | lock_buffer(bh); | ||
| 159 | gfs2_log_lock(sdp); | ||
| 158 | bd = bh->b_private; | 160 | bd = bh->b_private; |
| 159 | if (bd) | 161 | if (bd) |
| 160 | gfs2_assert(sdp, bd->bd_gl == gl); | 162 | gfs2_assert(sdp, bd->bd_gl == gl); |
| 161 | else { | 163 | else { |
| 164 | gfs2_log_unlock(sdp); | ||
| 165 | unlock_buffer(bh); | ||
| 162 | gfs2_attach_bufdata(gl, bh, meta); | 166 | gfs2_attach_bufdata(gl, bh, meta); |
| 163 | bd = bh->b_private; | 167 | bd = bh->b_private; |
| 168 | lock_buffer(bh); | ||
| 169 | gfs2_log_lock(sdp); | ||
| 164 | } | 170 | } |
| 165 | lops_add(sdp, bd); | 171 | lops_add(sdp, bd); |
| 172 | gfs2_log_unlock(sdp); | ||
| 173 | unlock_buffer(bh); | ||
| 166 | } | 174 | } |
| 167 | 175 | ||
| 168 | void gfs2_trans_add_revoke(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) | 176 | void gfs2_trans_add_revoke(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) |