aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
Diffstat (limited to 'fs')
-rw-r--r--fs/aio.c16
-rw-r--r--fs/autofs4/autofs_i.h12
-rw-r--r--fs/autofs4/dev-ioctl.c3
-rw-r--r--fs/autofs4/inode.c4
-rw-r--r--fs/autofs4/waitq.c22
-rw-r--r--fs/binfmt_aout.c32
-rw-r--r--fs/binfmt_elf.c23
-rw-r--r--fs/binfmt_elf_fdpic.c18
-rw-r--r--fs/binfmt_flat.c12
-rw-r--r--fs/binfmt_som.c12
-rw-r--r--fs/btrfs/backref.c27
-rw-r--r--fs/btrfs/compression.c2
-rw-r--r--fs/btrfs/ctree.c28
-rw-r--r--fs/btrfs/ctree.h4
-rw-r--r--fs/btrfs/disk-io.c40
-rw-r--r--fs/btrfs/disk-io.h3
-rw-r--r--fs/btrfs/extent-tree.c28
-rw-r--r--fs/btrfs/extent_io.c66
-rw-r--r--fs/btrfs/extent_io.h4
-rw-r--r--fs/btrfs/file.c9
-rw-r--r--fs/btrfs/free-space-cache.c9
-rw-r--r--fs/btrfs/inode.c54
-rw-r--r--fs/btrfs/ioctl.c5
-rw-r--r--fs/btrfs/ioctl.h4
-rw-r--r--fs/btrfs/reada.c48
-rw-r--r--fs/btrfs/relocation.c4
-rw-r--r--fs/btrfs/scrub.c26
-rw-r--r--fs/btrfs/super.c7
-rw-r--r--fs/btrfs/transaction.c15
-rw-r--r--fs/btrfs/tree-log.c2
-rw-r--r--fs/btrfs/volumes.c33
-rw-r--r--fs/buffer.c1
-rw-r--r--fs/cifs/cifsfs.c14
-rw-r--r--fs/cifs/cifsfs.h2
-rw-r--r--fs/cifs/cifssmb.c30
-rw-r--r--fs/cifs/connect.c132
-rw-r--r--fs/cifs/dir.c17
-rw-r--r--fs/cifs/file.c13
-rw-r--r--fs/cifs/netmisc.c3
-rw-r--r--fs/dcache.c26
-rw-r--r--fs/debugfs/file.c14
-rw-r--r--fs/dlm/debug_fs.c9
-rw-r--r--fs/dlm/lock.c12
-rw-r--r--fs/eventpoll.c4
-rw-r--r--fs/exec.c7
-rw-r--r--fs/ext4/ext4.h3
-rw-r--r--fs/ext4/extents.c6
-rw-r--r--fs/ext4/super.c50
-rw-r--r--fs/fuse/dir.c25
-rw-r--r--fs/fuse/file.c129
-rw-r--r--fs/fuse/inode.c1
-rw-r--r--fs/gfs2/Kconfig7
-rw-r--r--fs/gfs2/aops.c4
-rw-r--r--fs/gfs2/bmap.c6
-rw-r--r--fs/gfs2/dir.c4
-rw-r--r--fs/gfs2/inode.c13
-rw-r--r--fs/gfs2/lock_dlm.c10
-rw-r--r--fs/gfs2/rgrp.c8
-rw-r--r--fs/gfs2/xattr.c12
-rw-r--r--fs/hfsplus/catalog.c4
-rw-r--r--fs/hfsplus/dir.c11
-rw-r--r--fs/hugetlbfs/inode.c2
-rw-r--r--fs/jbd2/commit.c4
-rw-r--r--fs/libfs.c9
-rw-r--r--fs/lockd/clnt4xdr.c2
-rw-r--r--fs/lockd/clntxdr.c2
-rw-r--r--fs/locks.c3
-rw-r--r--fs/namei.c39
-rw-r--r--fs/nfs/blocklayout/blocklayout.c4
-rw-r--r--fs/nfs/client.c5
-rw-r--r--fs/nfs/dir.c4
-rw-r--r--fs/nfs/idmap.c4
-rw-r--r--fs/nfs/internal.h8
-rw-r--r--fs/nfs/namespace.c93
-rw-r--r--fs/nfs/nfs4_fs.h11
-rw-r--r--fs/nfs/nfs4filelayoutdev.c2
-rw-r--r--fs/nfs/nfs4namespace.c86
-rw-r--r--fs/nfs/nfs4proc.c186
-rw-r--r--fs/nfs/nfs4state.c31
-rw-r--r--fs/nfs/nfs4xdr.c53
-rw-r--r--fs/nfs/objlayout/objlayout.c2
-rw-r--r--fs/nfs/pnfs.c2
-rw-r--r--fs/nfs/read.c2
-rw-r--r--fs/nfs/super.c12
-rw-r--r--fs/nfs/write.c5
-rw-r--r--fs/nfsd/nfs3xdr.c22
-rw-r--r--fs/nfsd/nfs4proc.c15
-rw-r--r--fs/nfsd/nfs4recover.c2
-rw-r--r--fs/nfsd/nfs4state.c23
-rw-r--r--fs/nfsd/nfs4xdr.c4
-rw-r--r--fs/nfsd/vfs.c2
-rw-r--r--fs/ocfs2/alloc.c2
-rw-r--r--fs/ocfs2/refcounttree.c12
-rw-r--r--fs/ocfs2/suballoc.c4
-rw-r--r--fs/pipe.c31
-rw-r--r--fs/proc/root.c9
-rw-r--r--fs/proc/stat.c34
-rw-r--r--fs/proc/task_mmu.c3
-rw-r--r--fs/pstore/inode.c8
-rw-r--r--fs/splice.c5
-rw-r--r--fs/sysfs/dir.c5
-rw-r--r--fs/sysfs/group.c6
-rw-r--r--fs/xattr.c40
103 files changed, 1138 insertions, 809 deletions
diff --git a/fs/aio.c b/fs/aio.c
index da887604dfc5..67a6db3e1b6f 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -93,9 +93,8 @@ static void aio_free_ring(struct kioctx *ctx)
93 put_page(info->ring_pages[i]); 93 put_page(info->ring_pages[i]);
94 94
95 if (info->mmap_size) { 95 if (info->mmap_size) {
96 down_write(&ctx->mm->mmap_sem); 96 BUG_ON(ctx->mm != current->mm);
97 do_munmap(ctx->mm, info->mmap_base, info->mmap_size); 97 vm_munmap(info->mmap_base, info->mmap_size);
98 up_write(&ctx->mm->mmap_sem);
99 } 98 }
100 99
101 if (info->ring_pages && info->ring_pages != info->internal_pages) 100 if (info->ring_pages && info->ring_pages != info->internal_pages)
@@ -389,6 +388,17 @@ void exit_aio(struct mm_struct *mm)
389 "exit_aio:ioctx still alive: %d %d %d\n", 388 "exit_aio:ioctx still alive: %d %d %d\n",
390 atomic_read(&ctx->users), ctx->dead, 389 atomic_read(&ctx->users), ctx->dead,
391 ctx->reqs_active); 390 ctx->reqs_active);
391 /*
392 * We don't need to bother with munmap() here -
393 * exit_mmap(mm) is coming and it'll unmap everything.
394 * Since aio_free_ring() uses non-zero ->mmap_size
395 * as indicator that it needs to unmap the area,
396 * just set it to 0; aio_free_ring() is the only
397 * place that uses ->mmap_size, so it's safe.
398 * That way we get all munmap done to current->mm -
399 * all other callers have ctx->mm == current->mm.
400 */
401 ctx->ring_info.mmap_size = 0;
392 put_ioctx(ctx); 402 put_ioctx(ctx);
393 } 403 }
394} 404}
diff --git a/fs/autofs4/autofs_i.h b/fs/autofs4/autofs_i.h
index eb1cc92cd67d..908e18455413 100644
--- a/fs/autofs4/autofs_i.h
+++ b/fs/autofs4/autofs_i.h
@@ -110,7 +110,6 @@ struct autofs_sb_info {
110 int sub_version; 110 int sub_version;
111 int min_proto; 111 int min_proto;
112 int max_proto; 112 int max_proto;
113 int compat_daemon;
114 unsigned long exp_timeout; 113 unsigned long exp_timeout;
115 unsigned int type; 114 unsigned int type;
116 int reghost_enabled; 115 int reghost_enabled;
@@ -270,6 +269,17 @@ int autofs4_fill_super(struct super_block *, void *, int);
270struct autofs_info *autofs4_new_ino(struct autofs_sb_info *); 269struct autofs_info *autofs4_new_ino(struct autofs_sb_info *);
271void autofs4_clean_ino(struct autofs_info *); 270void autofs4_clean_ino(struct autofs_info *);
272 271
272static inline int autofs_prepare_pipe(struct file *pipe)
273{
274 if (!pipe->f_op || !pipe->f_op->write)
275 return -EINVAL;
276 if (!S_ISFIFO(pipe->f_dentry->d_inode->i_mode))
277 return -EINVAL;
278 /* We want a packet pipe */
279 pipe->f_flags |= O_DIRECT;
280 return 0;
281}
282
273/* Queue management functions */ 283/* Queue management functions */
274 284
275int autofs4_wait(struct autofs_sb_info *,struct dentry *, enum autofs_notify); 285int autofs4_wait(struct autofs_sb_info *,struct dentry *, enum autofs_notify);
diff --git a/fs/autofs4/dev-ioctl.c b/fs/autofs4/dev-ioctl.c
index 9dacb8586701..aa9103f8f01b 100644
--- a/fs/autofs4/dev-ioctl.c
+++ b/fs/autofs4/dev-ioctl.c
@@ -376,7 +376,7 @@ static int autofs_dev_ioctl_setpipefd(struct file *fp,
376 err = -EBADF; 376 err = -EBADF;
377 goto out; 377 goto out;
378 } 378 }
379 if (!pipe->f_op || !pipe->f_op->write) { 379 if (autofs_prepare_pipe(pipe) < 0) {
380 err = -EPIPE; 380 err = -EPIPE;
381 fput(pipe); 381 fput(pipe);
382 goto out; 382 goto out;
@@ -385,7 +385,6 @@ static int autofs_dev_ioctl_setpipefd(struct file *fp,
385 sbi->pipefd = pipefd; 385 sbi->pipefd = pipefd;
386 sbi->pipe = pipe; 386 sbi->pipe = pipe;
387 sbi->catatonic = 0; 387 sbi->catatonic = 0;
388 sbi->compat_daemon = is_compat_task();
389 } 388 }
390out: 389out:
391 mutex_unlock(&sbi->wq_mutex); 390 mutex_unlock(&sbi->wq_mutex);
diff --git a/fs/autofs4/inode.c b/fs/autofs4/inode.c
index d8dc002e9cc3..6e488ebe7784 100644
--- a/fs/autofs4/inode.c
+++ b/fs/autofs4/inode.c
@@ -19,7 +19,6 @@
19#include <linux/parser.h> 19#include <linux/parser.h>
20#include <linux/bitops.h> 20#include <linux/bitops.h>
21#include <linux/magic.h> 21#include <linux/magic.h>
22#include <linux/compat.h>
23#include "autofs_i.h" 22#include "autofs_i.h"
24#include <linux/module.h> 23#include <linux/module.h>
25 24
@@ -225,7 +224,6 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent)
225 set_autofs_type_indirect(&sbi->type); 224 set_autofs_type_indirect(&sbi->type);
226 sbi->min_proto = 0; 225 sbi->min_proto = 0;
227 sbi->max_proto = 0; 226 sbi->max_proto = 0;
228 sbi->compat_daemon = is_compat_task();
229 mutex_init(&sbi->wq_mutex); 227 mutex_init(&sbi->wq_mutex);
230 mutex_init(&sbi->pipe_mutex); 228 mutex_init(&sbi->pipe_mutex);
231 spin_lock_init(&sbi->fs_lock); 229 spin_lock_init(&sbi->fs_lock);
@@ -292,7 +290,7 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent)
292 printk("autofs: could not open pipe file descriptor\n"); 290 printk("autofs: could not open pipe file descriptor\n");
293 goto fail_dput; 291 goto fail_dput;
294 } 292 }
295 if (!pipe->f_op || !pipe->f_op->write) 293 if (autofs_prepare_pipe(pipe) < 0)
296 goto fail_fput; 294 goto fail_fput;
297 sbi->pipe = pipe; 295 sbi->pipe = pipe;
298 sbi->pipefd = pipefd; 296 sbi->pipefd = pipefd;
diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c
index 9c098db43344..da8876d38a7b 100644
--- a/fs/autofs4/waitq.c
+++ b/fs/autofs4/waitq.c
@@ -91,24 +91,7 @@ static int autofs4_write(struct autofs_sb_info *sbi,
91 91
92 return (bytes > 0); 92 return (bytes > 0);
93} 93}
94 94
95/*
96 * The autofs_v5 packet was misdesigned.
97 *
98 * The packets are identical on x86-32 and x86-64, but have different
99 * alignment. Which means that 'sizeof()' will give different results.
100 * Fix it up for the case of running 32-bit user mode on a 64-bit kernel.
101 */
102static noinline size_t autofs_v5_packet_size(struct autofs_sb_info *sbi)
103{
104 size_t pktsz = sizeof(struct autofs_v5_packet);
105#if defined(CONFIG_X86_64) && defined(CONFIG_COMPAT)
106 if (sbi->compat_daemon > 0)
107 pktsz -= 4;
108#endif
109 return pktsz;
110}
111
112static void autofs4_notify_daemon(struct autofs_sb_info *sbi, 95static void autofs4_notify_daemon(struct autofs_sb_info *sbi,
113 struct autofs_wait_queue *wq, 96 struct autofs_wait_queue *wq,
114 int type) 97 int type)
@@ -172,7 +155,8 @@ static void autofs4_notify_daemon(struct autofs_sb_info *sbi,
172 { 155 {
173 struct autofs_v5_packet *packet = &pkt.v5_pkt.v5_packet; 156 struct autofs_v5_packet *packet = &pkt.v5_pkt.v5_packet;
174 157
175 pktsz = autofs_v5_packet_size(sbi); 158 pktsz = sizeof(*packet);
159
176 packet->wait_queue_token = wq->wait_queue_token; 160 packet->wait_queue_token = wq->wait_queue_token;
177 packet->len = wq->name.len; 161 packet->len = wq->name.len;
178 memcpy(packet->name, wq->name.name, wq->name.len); 162 memcpy(packet->name, wq->name.name, wq->name.len);
diff --git a/fs/binfmt_aout.c b/fs/binfmt_aout.c
index 2eb12f13593d..d146e181d10d 100644
--- a/fs/binfmt_aout.c
+++ b/fs/binfmt_aout.c
@@ -50,9 +50,7 @@ static int set_brk(unsigned long start, unsigned long end)
50 end = PAGE_ALIGN(end); 50 end = PAGE_ALIGN(end);
51 if (end > start) { 51 if (end > start) {
52 unsigned long addr; 52 unsigned long addr;
53 down_write(&current->mm->mmap_sem); 53 addr = vm_brk(start, end - start);
54 addr = do_brk(start, end - start);
55 up_write(&current->mm->mmap_sem);
56 if (BAD_ADDR(addr)) 54 if (BAD_ADDR(addr))
57 return addr; 55 return addr;
58 } 56 }
@@ -280,9 +278,7 @@ static int load_aout_binary(struct linux_binprm * bprm, struct pt_regs * regs)
280 pos = 32; 278 pos = 32;
281 map_size = ex.a_text+ex.a_data; 279 map_size = ex.a_text+ex.a_data;
282#endif 280#endif
283 down_write(&current->mm->mmap_sem); 281 error = vm_brk(text_addr & PAGE_MASK, map_size);
284 error = do_brk(text_addr & PAGE_MASK, map_size);
285 up_write(&current->mm->mmap_sem);
286 if (error != (text_addr & PAGE_MASK)) { 282 if (error != (text_addr & PAGE_MASK)) {
287 send_sig(SIGKILL, current, 0); 283 send_sig(SIGKILL, current, 0);
288 return error; 284 return error;
@@ -313,9 +309,7 @@ static int load_aout_binary(struct linux_binprm * bprm, struct pt_regs * regs)
313 309
314 if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) { 310 if (!bprm->file->f_op->mmap||((fd_offset & ~PAGE_MASK) != 0)) {
315 loff_t pos = fd_offset; 311 loff_t pos = fd_offset;
316 down_write(&current->mm->mmap_sem); 312 vm_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);
317 do_brk(N_TXTADDR(ex), ex.a_text+ex.a_data);
318 up_write(&current->mm->mmap_sem);
319 bprm->file->f_op->read(bprm->file, 313 bprm->file->f_op->read(bprm->file,
320 (char __user *)N_TXTADDR(ex), 314 (char __user *)N_TXTADDR(ex),
321 ex.a_text+ex.a_data, &pos); 315 ex.a_text+ex.a_data, &pos);
@@ -325,24 +319,20 @@ static int load_aout_binary(struct linux_binprm * bprm, struct pt_regs * regs)
325 goto beyond_if; 319 goto beyond_if;
326 } 320 }
327 321
328 down_write(&current->mm->mmap_sem); 322 error = vm_mmap(bprm->file, N_TXTADDR(ex), ex.a_text,
329 error = do_mmap(bprm->file, N_TXTADDR(ex), ex.a_text,
330 PROT_READ | PROT_EXEC, 323 PROT_READ | PROT_EXEC,
331 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE | MAP_EXECUTABLE, 324 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE | MAP_EXECUTABLE,
332 fd_offset); 325 fd_offset);
333 up_write(&current->mm->mmap_sem);
334 326
335 if (error != N_TXTADDR(ex)) { 327 if (error != N_TXTADDR(ex)) {
336 send_sig(SIGKILL, current, 0); 328 send_sig(SIGKILL, current, 0);
337 return error; 329 return error;
338 } 330 }
339 331
340 down_write(&current->mm->mmap_sem); 332 error = vm_mmap(bprm->file, N_DATADDR(ex), ex.a_data,
341 error = do_mmap(bprm->file, N_DATADDR(ex), ex.a_data,
342 PROT_READ | PROT_WRITE | PROT_EXEC, 333 PROT_READ | PROT_WRITE | PROT_EXEC,
343 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE | MAP_EXECUTABLE, 334 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE | MAP_EXECUTABLE,
344 fd_offset + ex.a_text); 335 fd_offset + ex.a_text);
345 up_write(&current->mm->mmap_sem);
346 if (error != N_DATADDR(ex)) { 336 if (error != N_DATADDR(ex)) {
347 send_sig(SIGKILL, current, 0); 337 send_sig(SIGKILL, current, 0);
348 return error; 338 return error;
@@ -412,9 +402,7 @@ static int load_aout_library(struct file *file)
412 "N_TXTOFF is not page aligned. Please convert library: %s\n", 402 "N_TXTOFF is not page aligned. Please convert library: %s\n",
413 file->f_path.dentry->d_name.name); 403 file->f_path.dentry->d_name.name);
414 } 404 }
415 down_write(&current->mm->mmap_sem); 405 vm_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);
416 do_brk(start_addr, ex.a_text + ex.a_data + ex.a_bss);
417 up_write(&current->mm->mmap_sem);
418 406
419 file->f_op->read(file, (char __user *)start_addr, 407 file->f_op->read(file, (char __user *)start_addr,
420 ex.a_text + ex.a_data, &pos); 408 ex.a_text + ex.a_data, &pos);
@@ -425,12 +413,10 @@ static int load_aout_library(struct file *file)
425 goto out; 413 goto out;
426 } 414 }
427 /* Now use mmap to map the library into memory. */ 415 /* Now use mmap to map the library into memory. */
428 down_write(&current->mm->mmap_sem); 416 error = vm_mmap(file, start_addr, ex.a_text + ex.a_data,
429 error = do_mmap(file, start_addr, ex.a_text + ex.a_data,
430 PROT_READ | PROT_WRITE | PROT_EXEC, 417 PROT_READ | PROT_WRITE | PROT_EXEC,
431 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE, 418 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE,
432 N_TXTOFF(ex)); 419 N_TXTOFF(ex));
433 up_write(&current->mm->mmap_sem);
434 retval = error; 420 retval = error;
435 if (error != start_addr) 421 if (error != start_addr)
436 goto out; 422 goto out;
@@ -438,9 +424,7 @@ static int load_aout_library(struct file *file)
438 len = PAGE_ALIGN(ex.a_text + ex.a_data); 424 len = PAGE_ALIGN(ex.a_text + ex.a_data);
439 bss = ex.a_text + ex.a_data + ex.a_bss; 425 bss = ex.a_text + ex.a_data + ex.a_bss;
440 if (bss > len) { 426 if (bss > len) {
441 down_write(&current->mm->mmap_sem); 427 error = vm_brk(start_addr + len, bss - len);
442 error = do_brk(start_addr + len, bss - len);
443 up_write(&current->mm->mmap_sem);
444 retval = error; 428 retval = error;
445 if (error != start_addr + len) 429 if (error != start_addr + len)
446 goto out; 430 goto out;
diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
index 48ffb3dc610a..16f735417072 100644
--- a/fs/binfmt_elf.c
+++ b/fs/binfmt_elf.c
@@ -82,9 +82,7 @@ static int set_brk(unsigned long start, unsigned long end)
82 end = ELF_PAGEALIGN(end); 82 end = ELF_PAGEALIGN(end);
83 if (end > start) { 83 if (end > start) {
84 unsigned long addr; 84 unsigned long addr;
85 down_write(&current->mm->mmap_sem); 85 addr = vm_brk(start, end - start);
86 addr = do_brk(start, end - start);
87 up_write(&current->mm->mmap_sem);
88 if (BAD_ADDR(addr)) 86 if (BAD_ADDR(addr))
89 return addr; 87 return addr;
90 } 88 }
@@ -514,9 +512,7 @@ static unsigned long load_elf_interp(struct elfhdr *interp_elf_ex,
514 elf_bss = ELF_PAGESTART(elf_bss + ELF_MIN_ALIGN - 1); 512 elf_bss = ELF_PAGESTART(elf_bss + ELF_MIN_ALIGN - 1);
515 513
516 /* Map the last of the bss segment */ 514 /* Map the last of the bss segment */
517 down_write(&current->mm->mmap_sem); 515 error = vm_brk(elf_bss, last_bss - elf_bss);
518 error = do_brk(elf_bss, last_bss - elf_bss);
519 up_write(&current->mm->mmap_sem);
520 if (BAD_ADDR(error)) 516 if (BAD_ADDR(error))
521 goto out_close; 517 goto out_close;
522 } 518 }
@@ -962,10 +958,8 @@ static int load_elf_binary(struct linux_binprm *bprm, struct pt_regs *regs)
962 and some applications "depend" upon this behavior. 958 and some applications "depend" upon this behavior.
963 Since we do not have the power to recompile these, we 959 Since we do not have the power to recompile these, we
964 emulate the SVr4 behavior. Sigh. */ 960 emulate the SVr4 behavior. Sigh. */
965 down_write(&current->mm->mmap_sem); 961 error = vm_mmap(NULL, 0, PAGE_SIZE, PROT_READ | PROT_EXEC,
966 error = do_mmap(NULL, 0, PAGE_SIZE, PROT_READ | PROT_EXEC,
967 MAP_FIXED | MAP_PRIVATE, 0); 962 MAP_FIXED | MAP_PRIVATE, 0);
968 up_write(&current->mm->mmap_sem);
969 } 963 }
970 964
971#ifdef ELF_PLAT_INIT 965#ifdef ELF_PLAT_INIT
@@ -1050,8 +1044,7 @@ static int load_elf_library(struct file *file)
1050 eppnt++; 1044 eppnt++;
1051 1045
1052 /* Now use mmap to map the library into memory. */ 1046 /* Now use mmap to map the library into memory. */
1053 down_write(&current->mm->mmap_sem); 1047 error = vm_mmap(file,
1054 error = do_mmap(file,
1055 ELF_PAGESTART(eppnt->p_vaddr), 1048 ELF_PAGESTART(eppnt->p_vaddr),
1056 (eppnt->p_filesz + 1049 (eppnt->p_filesz +
1057 ELF_PAGEOFFSET(eppnt->p_vaddr)), 1050 ELF_PAGEOFFSET(eppnt->p_vaddr)),
@@ -1059,7 +1052,6 @@ static int load_elf_library(struct file *file)
1059 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE, 1052 MAP_FIXED | MAP_PRIVATE | MAP_DENYWRITE,
1060 (eppnt->p_offset - 1053 (eppnt->p_offset -
1061 ELF_PAGEOFFSET(eppnt->p_vaddr))); 1054 ELF_PAGEOFFSET(eppnt->p_vaddr)));
1062 up_write(&current->mm->mmap_sem);
1063 if (error != ELF_PAGESTART(eppnt->p_vaddr)) 1055 if (error != ELF_PAGESTART(eppnt->p_vaddr))
1064 goto out_free_ph; 1056 goto out_free_ph;
1065 1057
@@ -1072,11 +1064,8 @@ static int load_elf_library(struct file *file)
1072 len = ELF_PAGESTART(eppnt->p_filesz + eppnt->p_vaddr + 1064 len = ELF_PAGESTART(eppnt->p_filesz + eppnt->p_vaddr +
1073 ELF_MIN_ALIGN - 1); 1065 ELF_MIN_ALIGN - 1);
1074 bss = eppnt->p_memsz + eppnt->p_vaddr; 1066 bss = eppnt->p_memsz + eppnt->p_vaddr;
1075 if (bss > len) { 1067 if (bss > len)
1076 down_write(&current->mm->mmap_sem); 1068 vm_brk(len, bss - len);
1077 do_brk(len, bss - len);
1078 up_write(&current->mm->mmap_sem);
1079 }
1080 error = 0; 1069 error = 0;
1081 1070
1082out_free_ph: 1071out_free_ph:
diff --git a/fs/binfmt_elf_fdpic.c b/fs/binfmt_elf_fdpic.c
index 9bd5612a8224..d390a0fffc65 100644
--- a/fs/binfmt_elf_fdpic.c
+++ b/fs/binfmt_elf_fdpic.c
@@ -390,21 +390,17 @@ static int load_elf_fdpic_binary(struct linux_binprm *bprm,
390 (executable_stack == EXSTACK_DEFAULT && VM_STACK_FLAGS & VM_EXEC)) 390 (executable_stack == EXSTACK_DEFAULT && VM_STACK_FLAGS & VM_EXEC))
391 stack_prot |= PROT_EXEC; 391 stack_prot |= PROT_EXEC;
392 392
393 down_write(&current->mm->mmap_sem); 393 current->mm->start_brk = vm_mmap(NULL, 0, stack_size, stack_prot,
394 current->mm->start_brk = do_mmap(NULL, 0, stack_size, stack_prot,
395 MAP_PRIVATE | MAP_ANONYMOUS | 394 MAP_PRIVATE | MAP_ANONYMOUS |
396 MAP_UNINITIALIZED | MAP_GROWSDOWN, 395 MAP_UNINITIALIZED | MAP_GROWSDOWN,
397 0); 396 0);
398 397
399 if (IS_ERR_VALUE(current->mm->start_brk)) { 398 if (IS_ERR_VALUE(current->mm->start_brk)) {
400 up_write(&current->mm->mmap_sem);
401 retval = current->mm->start_brk; 399 retval = current->mm->start_brk;
402 current->mm->start_brk = 0; 400 current->mm->start_brk = 0;
403 goto error_kill; 401 goto error_kill;
404 } 402 }
405 403
406 up_write(&current->mm->mmap_sem);
407
408 current->mm->brk = current->mm->start_brk; 404 current->mm->brk = current->mm->start_brk;
409 current->mm->context.end_brk = current->mm->start_brk; 405 current->mm->context.end_brk = current->mm->start_brk;
410 current->mm->context.end_brk += 406 current->mm->context.end_brk +=
@@ -955,10 +951,8 @@ static int elf_fdpic_map_file_constdisp_on_uclinux(
955 if (params->flags & ELF_FDPIC_FLAG_EXECUTABLE) 951 if (params->flags & ELF_FDPIC_FLAG_EXECUTABLE)
956 mflags |= MAP_EXECUTABLE; 952 mflags |= MAP_EXECUTABLE;
957 953
958 down_write(&mm->mmap_sem); 954 maddr = vm_mmap(NULL, load_addr, top - base,
959 maddr = do_mmap(NULL, load_addr, top - base,
960 PROT_READ | PROT_WRITE | PROT_EXEC, mflags, 0); 955 PROT_READ | PROT_WRITE | PROT_EXEC, mflags, 0);
961 up_write(&mm->mmap_sem);
962 if (IS_ERR_VALUE(maddr)) 956 if (IS_ERR_VALUE(maddr))
963 return (int) maddr; 957 return (int) maddr;
964 958
@@ -1096,10 +1090,8 @@ static int elf_fdpic_map_file_by_direct_mmap(struct elf_fdpic_params *params,
1096 1090
1097 /* create the mapping */ 1091 /* create the mapping */
1098 disp = phdr->p_vaddr & ~PAGE_MASK; 1092 disp = phdr->p_vaddr & ~PAGE_MASK;
1099 down_write(&mm->mmap_sem); 1093 maddr = vm_mmap(file, maddr, phdr->p_memsz + disp, prot, flags,
1100 maddr = do_mmap(file, maddr, phdr->p_memsz + disp, prot, flags,
1101 phdr->p_offset - disp); 1094 phdr->p_offset - disp);
1102 up_write(&mm->mmap_sem);
1103 1095
1104 kdebug("mmap[%d] <file> sz=%lx pr=%x fl=%x of=%lx --> %08lx", 1096 kdebug("mmap[%d] <file> sz=%lx pr=%x fl=%x of=%lx --> %08lx",
1105 loop, phdr->p_memsz + disp, prot, flags, 1097 loop, phdr->p_memsz + disp, prot, flags,
@@ -1143,10 +1135,8 @@ static int elf_fdpic_map_file_by_direct_mmap(struct elf_fdpic_params *params,
1143 unsigned long xmaddr; 1135 unsigned long xmaddr;
1144 1136
1145 flags |= MAP_FIXED | MAP_ANONYMOUS; 1137 flags |= MAP_FIXED | MAP_ANONYMOUS;
1146 down_write(&mm->mmap_sem); 1138 xmaddr = vm_mmap(NULL, xaddr, excess - excess1,
1147 xmaddr = do_mmap(NULL, xaddr, excess - excess1,
1148 prot, flags, 0); 1139 prot, flags, 0);
1149 up_write(&mm->mmap_sem);
1150 1140
1151 kdebug("mmap[%d] <anon>" 1141 kdebug("mmap[%d] <anon>"
1152 " ad=%lx sz=%lx pr=%x fl=%x of=0 --> %08lx", 1142 " ad=%lx sz=%lx pr=%x fl=%x of=0 --> %08lx",
diff --git a/fs/binfmt_flat.c b/fs/binfmt_flat.c
index 024d20ee3ca3..6b2daf99fab8 100644
--- a/fs/binfmt_flat.c
+++ b/fs/binfmt_flat.c
@@ -542,10 +542,8 @@ static int load_flat_file(struct linux_binprm * bprm,
542 */ 542 */
543 DBG_FLT("BINFMT_FLAT: ROM mapping of file (we hope)\n"); 543 DBG_FLT("BINFMT_FLAT: ROM mapping of file (we hope)\n");
544 544
545 down_write(&current->mm->mmap_sem); 545 textpos = vm_mmap(bprm->file, 0, text_len, PROT_READ|PROT_EXEC,
546 textpos = do_mmap(bprm->file, 0, text_len, PROT_READ|PROT_EXEC,
547 MAP_PRIVATE|MAP_EXECUTABLE, 0); 546 MAP_PRIVATE|MAP_EXECUTABLE, 0);
548 up_write(&current->mm->mmap_sem);
549 if (!textpos || IS_ERR_VALUE(textpos)) { 547 if (!textpos || IS_ERR_VALUE(textpos)) {
550 if (!textpos) 548 if (!textpos)
551 textpos = (unsigned long) -ENOMEM; 549 textpos = (unsigned long) -ENOMEM;
@@ -556,10 +554,8 @@ static int load_flat_file(struct linux_binprm * bprm,
556 554
557 len = data_len + extra + MAX_SHARED_LIBS * sizeof(unsigned long); 555 len = data_len + extra + MAX_SHARED_LIBS * sizeof(unsigned long);
558 len = PAGE_ALIGN(len); 556 len = PAGE_ALIGN(len);
559 down_write(&current->mm->mmap_sem); 557 realdatastart = vm_mmap(0, 0, len,
560 realdatastart = do_mmap(0, 0, len,
561 PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE, 0); 558 PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE, 0);
562 up_write(&current->mm->mmap_sem);
563 559
564 if (realdatastart == 0 || IS_ERR_VALUE(realdatastart)) { 560 if (realdatastart == 0 || IS_ERR_VALUE(realdatastart)) {
565 if (!realdatastart) 561 if (!realdatastart)
@@ -603,10 +599,8 @@ static int load_flat_file(struct linux_binprm * bprm,
603 599
604 len = text_len + data_len + extra + MAX_SHARED_LIBS * sizeof(unsigned long); 600 len = text_len + data_len + extra + MAX_SHARED_LIBS * sizeof(unsigned long);
605 len = PAGE_ALIGN(len); 601 len = PAGE_ALIGN(len);
606 down_write(&current->mm->mmap_sem); 602 textpos = vm_mmap(0, 0, len,
607 textpos = do_mmap(0, 0, len,
608 PROT_READ | PROT_EXEC | PROT_WRITE, MAP_PRIVATE, 0); 603 PROT_READ | PROT_EXEC | PROT_WRITE, MAP_PRIVATE, 0);
609 up_write(&current->mm->mmap_sem);
610 604
611 if (!textpos || IS_ERR_VALUE(textpos)) { 605 if (!textpos || IS_ERR_VALUE(textpos)) {
612 if (!textpos) 606 if (!textpos)
diff --git a/fs/binfmt_som.c b/fs/binfmt_som.c
index e4fc746629a7..4517aaff61b4 100644
--- a/fs/binfmt_som.c
+++ b/fs/binfmt_som.c
@@ -147,10 +147,8 @@ static int map_som_binary(struct file *file,
147 code_size = SOM_PAGEALIGN(hpuxhdr->exec_tsize); 147 code_size = SOM_PAGEALIGN(hpuxhdr->exec_tsize);
148 current->mm->start_code = code_start; 148 current->mm->start_code = code_start;
149 current->mm->end_code = code_start + code_size; 149 current->mm->end_code = code_start + code_size;
150 down_write(&current->mm->mmap_sem); 150 retval = vm_mmap(file, code_start, code_size, prot,
151 retval = do_mmap(file, code_start, code_size, prot,
152 flags, SOM_PAGESTART(hpuxhdr->exec_tfile)); 151 flags, SOM_PAGESTART(hpuxhdr->exec_tfile));
153 up_write(&current->mm->mmap_sem);
154 if (retval < 0 && retval > -1024) 152 if (retval < 0 && retval > -1024)
155 goto out; 153 goto out;
156 154
@@ -158,20 +156,16 @@ static int map_som_binary(struct file *file,
158 data_size = SOM_PAGEALIGN(hpuxhdr->exec_dsize); 156 data_size = SOM_PAGEALIGN(hpuxhdr->exec_dsize);
159 current->mm->start_data = data_start; 157 current->mm->start_data = data_start;
160 current->mm->end_data = bss_start = data_start + data_size; 158 current->mm->end_data = bss_start = data_start + data_size;
161 down_write(&current->mm->mmap_sem); 159 retval = vm_mmap(file, data_start, data_size,
162 retval = do_mmap(file, data_start, data_size,
163 prot | PROT_WRITE, flags, 160 prot | PROT_WRITE, flags,
164 SOM_PAGESTART(hpuxhdr->exec_dfile)); 161 SOM_PAGESTART(hpuxhdr->exec_dfile));
165 up_write(&current->mm->mmap_sem);
166 if (retval < 0 && retval > -1024) 162 if (retval < 0 && retval > -1024)
167 goto out; 163 goto out;
168 164
169 som_brk = bss_start + SOM_PAGEALIGN(hpuxhdr->exec_bsize); 165 som_brk = bss_start + SOM_PAGEALIGN(hpuxhdr->exec_bsize);
170 current->mm->start_brk = current->mm->brk = som_brk; 166 current->mm->start_brk = current->mm->brk = som_brk;
171 down_write(&current->mm->mmap_sem); 167 retval = vm_mmap(NULL, bss_start, som_brk - bss_start,
172 retval = do_mmap(NULL, bss_start, som_brk - bss_start,
173 prot | PROT_WRITE, MAP_FIXED | MAP_PRIVATE, 0); 168 prot | PROT_WRITE, MAP_FIXED | MAP_PRIVATE, 0);
174 up_write(&current->mm->mmap_sem);
175 if (retval > 0 || retval < -1024) 169 if (retval > 0 || retval < -1024)
176 retval = 0; 170 retval = 0;
177out: 171out:
diff --git a/fs/btrfs/backref.c b/fs/btrfs/backref.c
index f4e90748940a..bcec06750232 100644
--- a/fs/btrfs/backref.c
+++ b/fs/btrfs/backref.c
@@ -22,6 +22,7 @@
22#include "ulist.h" 22#include "ulist.h"
23#include "transaction.h" 23#include "transaction.h"
24#include "delayed-ref.h" 24#include "delayed-ref.h"
25#include "locking.h"
25 26
26/* 27/*
27 * this structure records all encountered refs on the way up to the root 28 * this structure records all encountered refs on the way up to the root
@@ -893,18 +894,22 @@ static char *iref_to_path(struct btrfs_root *fs_root, struct btrfs_path *path,
893 s64 bytes_left = size - 1; 894 s64 bytes_left = size - 1;
894 struct extent_buffer *eb = eb_in; 895 struct extent_buffer *eb = eb_in;
895 struct btrfs_key found_key; 896 struct btrfs_key found_key;
897 int leave_spinning = path->leave_spinning;
896 898
897 if (bytes_left >= 0) 899 if (bytes_left >= 0)
898 dest[bytes_left] = '\0'; 900 dest[bytes_left] = '\0';
899 901
902 path->leave_spinning = 1;
900 while (1) { 903 while (1) {
901 len = btrfs_inode_ref_name_len(eb, iref); 904 len = btrfs_inode_ref_name_len(eb, iref);
902 bytes_left -= len; 905 bytes_left -= len;
903 if (bytes_left >= 0) 906 if (bytes_left >= 0)
904 read_extent_buffer(eb, dest + bytes_left, 907 read_extent_buffer(eb, dest + bytes_left,
905 (unsigned long)(iref + 1), len); 908 (unsigned long)(iref + 1), len);
906 if (eb != eb_in) 909 if (eb != eb_in) {
910 btrfs_tree_read_unlock_blocking(eb);
907 free_extent_buffer(eb); 911 free_extent_buffer(eb);
912 }
908 ret = inode_ref_info(parent, 0, fs_root, path, &found_key); 913 ret = inode_ref_info(parent, 0, fs_root, path, &found_key);
909 if (ret > 0) 914 if (ret > 0)
910 ret = -ENOENT; 915 ret = -ENOENT;
@@ -919,8 +924,11 @@ static char *iref_to_path(struct btrfs_root *fs_root, struct btrfs_path *path,
919 slot = path->slots[0]; 924 slot = path->slots[0];
920 eb = path->nodes[0]; 925 eb = path->nodes[0];
921 /* make sure we can use eb after releasing the path */ 926 /* make sure we can use eb after releasing the path */
922 if (eb != eb_in) 927 if (eb != eb_in) {
923 atomic_inc(&eb->refs); 928 atomic_inc(&eb->refs);
929 btrfs_tree_read_lock(eb);
930 btrfs_set_lock_blocking_rw(eb, BTRFS_READ_LOCK);
931 }
924 btrfs_release_path(path); 932 btrfs_release_path(path);
925 933
926 iref = btrfs_item_ptr(eb, slot, struct btrfs_inode_ref); 934 iref = btrfs_item_ptr(eb, slot, struct btrfs_inode_ref);
@@ -931,6 +939,7 @@ static char *iref_to_path(struct btrfs_root *fs_root, struct btrfs_path *path,
931 } 939 }
932 940
933 btrfs_release_path(path); 941 btrfs_release_path(path);
942 path->leave_spinning = leave_spinning;
934 943
935 if (ret) 944 if (ret)
936 return ERR_PTR(ret); 945 return ERR_PTR(ret);
@@ -1247,7 +1256,7 @@ static int iterate_irefs(u64 inum, struct btrfs_root *fs_root,
1247 struct btrfs_path *path, 1256 struct btrfs_path *path,
1248 iterate_irefs_t *iterate, void *ctx) 1257 iterate_irefs_t *iterate, void *ctx)
1249{ 1258{
1250 int ret; 1259 int ret = 0;
1251 int slot; 1260 int slot;
1252 u32 cur; 1261 u32 cur;
1253 u32 len; 1262 u32 len;
@@ -1259,7 +1268,8 @@ static int iterate_irefs(u64 inum, struct btrfs_root *fs_root,
1259 struct btrfs_inode_ref *iref; 1268 struct btrfs_inode_ref *iref;
1260 struct btrfs_key found_key; 1269 struct btrfs_key found_key;
1261 1270
1262 while (1) { 1271 while (!ret) {
1272 path->leave_spinning = 1;
1263 ret = inode_ref_info(inum, parent ? parent+1 : 0, fs_root, path, 1273 ret = inode_ref_info(inum, parent ? parent+1 : 0, fs_root, path,
1264 &found_key); 1274 &found_key);
1265 if (ret < 0) 1275 if (ret < 0)
@@ -1275,6 +1285,8 @@ static int iterate_irefs(u64 inum, struct btrfs_root *fs_root,
1275 eb = path->nodes[0]; 1285 eb = path->nodes[0];
1276 /* make sure we can use eb after releasing the path */ 1286 /* make sure we can use eb after releasing the path */
1277 atomic_inc(&eb->refs); 1287 atomic_inc(&eb->refs);
1288 btrfs_tree_read_lock(eb);
1289 btrfs_set_lock_blocking_rw(eb, BTRFS_READ_LOCK);
1278 btrfs_release_path(path); 1290 btrfs_release_path(path);
1279 1291
1280 item = btrfs_item_nr(eb, slot); 1292 item = btrfs_item_nr(eb, slot);
@@ -1288,13 +1300,12 @@ static int iterate_irefs(u64 inum, struct btrfs_root *fs_root,
1288 (unsigned long long)found_key.objectid, 1300 (unsigned long long)found_key.objectid,
1289 (unsigned long long)fs_root->objectid); 1301 (unsigned long long)fs_root->objectid);
1290 ret = iterate(parent, iref, eb, ctx); 1302 ret = iterate(parent, iref, eb, ctx);
1291 if (ret) { 1303 if (ret)
1292 free_extent_buffer(eb);
1293 break; 1304 break;
1294 }
1295 len = sizeof(*iref) + name_len; 1305 len = sizeof(*iref) + name_len;
1296 iref = (struct btrfs_inode_ref *)((char *)iref + len); 1306 iref = (struct btrfs_inode_ref *)((char *)iref + len);
1297 } 1307 }
1308 btrfs_tree_read_unlock_blocking(eb);
1298 free_extent_buffer(eb); 1309 free_extent_buffer(eb);
1299 } 1310 }
1300 1311
@@ -1414,6 +1425,8 @@ struct inode_fs_paths *init_ipath(s32 total_bytes, struct btrfs_root *fs_root,
1414 1425
1415void free_ipath(struct inode_fs_paths *ipath) 1426void free_ipath(struct inode_fs_paths *ipath)
1416{ 1427{
1428 if (!ipath)
1429 return;
1417 kfree(ipath->fspath); 1430 kfree(ipath->fspath);
1418 kfree(ipath); 1431 kfree(ipath);
1419} 1432}
diff --git a/fs/btrfs/compression.c b/fs/btrfs/compression.c
index d286b40a5671..86eff48dab78 100644
--- a/fs/btrfs/compression.c
+++ b/fs/btrfs/compression.c
@@ -405,6 +405,7 @@ int btrfs_submit_compressed_write(struct inode *inode, u64 start,
405 bio_put(bio); 405 bio_put(bio);
406 406
407 bio = compressed_bio_alloc(bdev, first_byte, GFP_NOFS); 407 bio = compressed_bio_alloc(bdev, first_byte, GFP_NOFS);
408 BUG_ON(!bio);
408 bio->bi_private = cb; 409 bio->bi_private = cb;
409 bio->bi_end_io = end_compressed_bio_write; 410 bio->bi_end_io = end_compressed_bio_write;
410 bio_add_page(bio, page, PAGE_CACHE_SIZE, 0); 411 bio_add_page(bio, page, PAGE_CACHE_SIZE, 0);
@@ -687,6 +688,7 @@ int btrfs_submit_compressed_read(struct inode *inode, struct bio *bio,
687 688
688 comp_bio = compressed_bio_alloc(bdev, cur_disk_byte, 689 comp_bio = compressed_bio_alloc(bdev, cur_disk_byte,
689 GFP_NOFS); 690 GFP_NOFS);
691 BUG_ON(!comp_bio);
690 comp_bio->bi_private = cb; 692 comp_bio->bi_private = cb;
691 comp_bio->bi_end_io = end_compressed_bio_read; 693 comp_bio->bi_end_io = end_compressed_bio_read;
692 694
diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c
index e801f226d7e0..4106264fbc65 100644
--- a/fs/btrfs/ctree.c
+++ b/fs/btrfs/ctree.c
@@ -220,10 +220,12 @@ struct extent_buffer *btrfs_read_lock_root_node(struct btrfs_root *root)
220 */ 220 */
221static void add_root_to_dirty_list(struct btrfs_root *root) 221static void add_root_to_dirty_list(struct btrfs_root *root)
222{ 222{
223 spin_lock(&root->fs_info->trans_lock);
223 if (root->track_dirty && list_empty(&root->dirty_list)) { 224 if (root->track_dirty && list_empty(&root->dirty_list)) {
224 list_add(&root->dirty_list, 225 list_add(&root->dirty_list,
225 &root->fs_info->dirty_cowonly_roots); 226 &root->fs_info->dirty_cowonly_roots);
226 } 227 }
228 spin_unlock(&root->fs_info->trans_lock);
227} 229}
228 230
229/* 231/*
@@ -723,7 +725,7 @@ int btrfs_realloc_node(struct btrfs_trans_handle *trans,
723 725
724 cur = btrfs_find_tree_block(root, blocknr, blocksize); 726 cur = btrfs_find_tree_block(root, blocknr, blocksize);
725 if (cur) 727 if (cur)
726 uptodate = btrfs_buffer_uptodate(cur, gen); 728 uptodate = btrfs_buffer_uptodate(cur, gen, 0);
727 else 729 else
728 uptodate = 0; 730 uptodate = 0;
729 if (!cur || !uptodate) { 731 if (!cur || !uptodate) {
@@ -1358,7 +1360,12 @@ static noinline int reada_for_balance(struct btrfs_root *root,
1358 block1 = btrfs_node_blockptr(parent, slot - 1); 1360 block1 = btrfs_node_blockptr(parent, slot - 1);
1359 gen = btrfs_node_ptr_generation(parent, slot - 1); 1361 gen = btrfs_node_ptr_generation(parent, slot - 1);
1360 eb = btrfs_find_tree_block(root, block1, blocksize); 1362 eb = btrfs_find_tree_block(root, block1, blocksize);
1361 if (eb && btrfs_buffer_uptodate(eb, gen)) 1363 /*
1364 * if we get -eagain from btrfs_buffer_uptodate, we
1365 * don't want to return eagain here. That will loop
1366 * forever
1367 */
1368 if (eb && btrfs_buffer_uptodate(eb, gen, 1) != 0)
1362 block1 = 0; 1369 block1 = 0;
1363 free_extent_buffer(eb); 1370 free_extent_buffer(eb);
1364 } 1371 }
@@ -1366,7 +1373,7 @@ static noinline int reada_for_balance(struct btrfs_root *root,
1366 block2 = btrfs_node_blockptr(parent, slot + 1); 1373 block2 = btrfs_node_blockptr(parent, slot + 1);
1367 gen = btrfs_node_ptr_generation(parent, slot + 1); 1374 gen = btrfs_node_ptr_generation(parent, slot + 1);
1368 eb = btrfs_find_tree_block(root, block2, blocksize); 1375 eb = btrfs_find_tree_block(root, block2, blocksize);
1369 if (eb && btrfs_buffer_uptodate(eb, gen)) 1376 if (eb && btrfs_buffer_uptodate(eb, gen, 1) != 0)
1370 block2 = 0; 1377 block2 = 0;
1371 free_extent_buffer(eb); 1378 free_extent_buffer(eb);
1372 } 1379 }
@@ -1504,8 +1511,9 @@ read_block_for_search(struct btrfs_trans_handle *trans,
1504 1511
1505 tmp = btrfs_find_tree_block(root, blocknr, blocksize); 1512 tmp = btrfs_find_tree_block(root, blocknr, blocksize);
1506 if (tmp) { 1513 if (tmp) {
1507 if (btrfs_buffer_uptodate(tmp, 0)) { 1514 /* first we do an atomic uptodate check */
1508 if (btrfs_buffer_uptodate(tmp, gen)) { 1515 if (btrfs_buffer_uptodate(tmp, 0, 1) > 0) {
1516 if (btrfs_buffer_uptodate(tmp, gen, 1) > 0) {
1509 /* 1517 /*
1510 * we found an up to date block without 1518 * we found an up to date block without
1511 * sleeping, return 1519 * sleeping, return
@@ -1523,8 +1531,9 @@ read_block_for_search(struct btrfs_trans_handle *trans,
1523 free_extent_buffer(tmp); 1531 free_extent_buffer(tmp);
1524 btrfs_set_path_blocking(p); 1532 btrfs_set_path_blocking(p);
1525 1533
1534 /* now we're allowed to do a blocking uptodate check */
1526 tmp = read_tree_block(root, blocknr, blocksize, gen); 1535 tmp = read_tree_block(root, blocknr, blocksize, gen);
1527 if (tmp && btrfs_buffer_uptodate(tmp, gen)) { 1536 if (tmp && btrfs_buffer_uptodate(tmp, gen, 0) > 0) {
1528 *eb_ret = tmp; 1537 *eb_ret = tmp;
1529 return 0; 1538 return 0;
1530 } 1539 }
@@ -1559,7 +1568,7 @@ read_block_for_search(struct btrfs_trans_handle *trans,
1559 * and give up so that our caller doesn't loop forever 1568 * and give up so that our caller doesn't loop forever
1560 * on our EAGAINs. 1569 * on our EAGAINs.
1561 */ 1570 */
1562 if (!btrfs_buffer_uptodate(tmp, 0)) 1571 if (!btrfs_buffer_uptodate(tmp, 0, 0))
1563 ret = -EIO; 1572 ret = -EIO;
1564 free_extent_buffer(tmp); 1573 free_extent_buffer(tmp);
1565 } 1574 }
@@ -4043,7 +4052,7 @@ again:
4043 tmp = btrfs_find_tree_block(root, blockptr, 4052 tmp = btrfs_find_tree_block(root, blockptr,
4044 btrfs_level_size(root, level - 1)); 4053 btrfs_level_size(root, level - 1));
4045 4054
4046 if (tmp && btrfs_buffer_uptodate(tmp, gen)) { 4055 if (tmp && btrfs_buffer_uptodate(tmp, gen, 1) > 0) {
4047 free_extent_buffer(tmp); 4056 free_extent_buffer(tmp);
4048 break; 4057 break;
4049 } 4058 }
@@ -4166,7 +4175,8 @@ next:
4166 struct extent_buffer *cur; 4175 struct extent_buffer *cur;
4167 cur = btrfs_find_tree_block(root, blockptr, 4176 cur = btrfs_find_tree_block(root, blockptr,
4168 btrfs_level_size(root, level - 1)); 4177 btrfs_level_size(root, level - 1));
4169 if (!cur || !btrfs_buffer_uptodate(cur, gen)) { 4178 if (!cur ||
4179 btrfs_buffer_uptodate(cur, gen, 1) <= 0) {
4170 slot++; 4180 slot++;
4171 if (cur) 4181 if (cur)
4172 free_extent_buffer(cur); 4182 free_extent_buffer(cur);
diff --git a/fs/btrfs/ctree.h b/fs/btrfs/ctree.h
index 5b8ef8eb3521..8fd72331d600 100644
--- a/fs/btrfs/ctree.h
+++ b/fs/btrfs/ctree.h
@@ -1078,7 +1078,7 @@ struct btrfs_fs_info {
1078 * is required instead of the faster short fsync log commits 1078 * is required instead of the faster short fsync log commits
1079 */ 1079 */
1080 u64 last_trans_log_full_commit; 1080 u64 last_trans_log_full_commit;
1081 unsigned long mount_opt:21; 1081 unsigned long mount_opt;
1082 unsigned long compress_type:4; 1082 unsigned long compress_type:4;
1083 u64 max_inline; 1083 u64 max_inline;
1084 u64 alloc_start; 1084 u64 alloc_start;
@@ -2166,7 +2166,7 @@ BTRFS_SETGET_STACK_FUNCS(root_last_snapshot, struct btrfs_root_item,
2166 2166
2167static inline bool btrfs_root_readonly(struct btrfs_root *root) 2167static inline bool btrfs_root_readonly(struct btrfs_root *root)
2168{ 2168{
2169 return root->root_item.flags & BTRFS_ROOT_SUBVOL_RDONLY; 2169 return (root->root_item.flags & cpu_to_le64(BTRFS_ROOT_SUBVOL_RDONLY)) != 0;
2170} 2170}
2171 2171
2172/* struct btrfs_root_backup */ 2172/* struct btrfs_root_backup */
diff --git a/fs/btrfs/disk-io.c b/fs/btrfs/disk-io.c
index 20196f411206..a7ffc88a7dbe 100644
--- a/fs/btrfs/disk-io.c
+++ b/fs/btrfs/disk-io.c
@@ -323,7 +323,8 @@ static int csum_tree_block(struct btrfs_root *root, struct extent_buffer *buf,
323 * in the wrong place. 323 * in the wrong place.
324 */ 324 */
325static int verify_parent_transid(struct extent_io_tree *io_tree, 325static int verify_parent_transid(struct extent_io_tree *io_tree,
326 struct extent_buffer *eb, u64 parent_transid) 326 struct extent_buffer *eb, u64 parent_transid,
327 int atomic)
327{ 328{
328 struct extent_state *cached_state = NULL; 329 struct extent_state *cached_state = NULL;
329 int ret; 330 int ret;
@@ -331,6 +332,9 @@ static int verify_parent_transid(struct extent_io_tree *io_tree,
331 if (!parent_transid || btrfs_header_generation(eb) == parent_transid) 332 if (!parent_transid || btrfs_header_generation(eb) == parent_transid)
332 return 0; 333 return 0;
333 334
335 if (atomic)
336 return -EAGAIN;
337
334 lock_extent_bits(io_tree, eb->start, eb->start + eb->len - 1, 338 lock_extent_bits(io_tree, eb->start, eb->start + eb->len - 1,
335 0, &cached_state); 339 0, &cached_state);
336 if (extent_buffer_uptodate(eb) && 340 if (extent_buffer_uptodate(eb) &&
@@ -372,7 +376,8 @@ static int btree_read_extent_buffer_pages(struct btrfs_root *root,
372 ret = read_extent_buffer_pages(io_tree, eb, start, 376 ret = read_extent_buffer_pages(io_tree, eb, start,
373 WAIT_COMPLETE, 377 WAIT_COMPLETE,
374 btree_get_extent, mirror_num); 378 btree_get_extent, mirror_num);
375 if (!ret && !verify_parent_transid(io_tree, eb, parent_transid)) 379 if (!ret && !verify_parent_transid(io_tree, eb,
380 parent_transid, 0))
376 break; 381 break;
377 382
378 /* 383 /*
@@ -383,17 +388,16 @@ static int btree_read_extent_buffer_pages(struct btrfs_root *root,
383 if (test_bit(EXTENT_BUFFER_CORRUPT, &eb->bflags)) 388 if (test_bit(EXTENT_BUFFER_CORRUPT, &eb->bflags))
384 break; 389 break;
385 390
386 if (!failed_mirror) {
387 failed = 1;
388 printk(KERN_ERR "failed mirror was %d\n", eb->failed_mirror);
389 failed_mirror = eb->failed_mirror;
390 }
391
392 num_copies = btrfs_num_copies(&root->fs_info->mapping_tree, 391 num_copies = btrfs_num_copies(&root->fs_info->mapping_tree,
393 eb->start, eb->len); 392 eb->start, eb->len);
394 if (num_copies == 1) 393 if (num_copies == 1)
395 break; 394 break;
396 395
396 if (!failed_mirror) {
397 failed = 1;
398 failed_mirror = eb->read_mirror;
399 }
400
397 mirror_num++; 401 mirror_num++;
398 if (mirror_num == failed_mirror) 402 if (mirror_num == failed_mirror)
399 mirror_num++; 403 mirror_num++;
@@ -564,7 +568,7 @@ struct extent_buffer *find_eb_for_page(struct extent_io_tree *tree,
564} 568}
565 569
566static int btree_readpage_end_io_hook(struct page *page, u64 start, u64 end, 570static int btree_readpage_end_io_hook(struct page *page, u64 start, u64 end,
567 struct extent_state *state) 571 struct extent_state *state, int mirror)
568{ 572{
569 struct extent_io_tree *tree; 573 struct extent_io_tree *tree;
570 u64 found_start; 574 u64 found_start;
@@ -589,6 +593,7 @@ static int btree_readpage_end_io_hook(struct page *page, u64 start, u64 end,
589 if (!reads_done) 593 if (!reads_done)
590 goto err; 594 goto err;
591 595
596 eb->read_mirror = mirror;
592 if (test_bit(EXTENT_BUFFER_IOERR, &eb->bflags)) { 597 if (test_bit(EXTENT_BUFFER_IOERR, &eb->bflags)) {
593 ret = -EIO; 598 ret = -EIO;
594 goto err; 599 goto err;
@@ -652,7 +657,7 @@ static int btree_io_failed_hook(struct page *page, int failed_mirror)
652 657
653 eb = (struct extent_buffer *)page->private; 658 eb = (struct extent_buffer *)page->private;
654 set_bit(EXTENT_BUFFER_IOERR, &eb->bflags); 659 set_bit(EXTENT_BUFFER_IOERR, &eb->bflags);
655 eb->failed_mirror = failed_mirror; 660 eb->read_mirror = failed_mirror;
656 if (test_and_clear_bit(EXTENT_BUFFER_READAHEAD, &eb->bflags)) 661 if (test_and_clear_bit(EXTENT_BUFFER_READAHEAD, &eb->bflags))
657 btree_readahead_hook(root, eb, eb->start, -EIO); 662 btree_readahead_hook(root, eb, eb->start, -EIO);
658 return -EIO; /* we fixed nothing */ 663 return -EIO; /* we fixed nothing */
@@ -1202,7 +1207,7 @@ static int __must_check find_and_setup_root(struct btrfs_root *tree_root,
1202 root->commit_root = NULL; 1207 root->commit_root = NULL;
1203 root->node = read_tree_block(root, btrfs_root_bytenr(&root->root_item), 1208 root->node = read_tree_block(root, btrfs_root_bytenr(&root->root_item),
1204 blocksize, generation); 1209 blocksize, generation);
1205 if (!root->node || !btrfs_buffer_uptodate(root->node, generation)) { 1210 if (!root->node || !btrfs_buffer_uptodate(root->node, generation, 0)) {
1206 free_extent_buffer(root->node); 1211 free_extent_buffer(root->node);
1207 root->node = NULL; 1212 root->node = NULL;
1208 return -EIO; 1213 return -EIO;
@@ -2254,9 +2259,9 @@ int open_ctree(struct super_block *sb,
2254 goto fail_sb_buffer; 2259 goto fail_sb_buffer;
2255 } 2260 }
2256 2261
2257 if (sectorsize < PAGE_SIZE) { 2262 if (sectorsize != PAGE_SIZE) {
2258 printk(KERN_WARNING "btrfs: Incompatible sector size " 2263 printk(KERN_WARNING "btrfs: Incompatible sector size(%lu) "
2259 "found on %s\n", sb->s_id); 2264 "found on %s\n", (unsigned long)sectorsize, sb->s_id);
2260 goto fail_sb_buffer; 2265 goto fail_sb_buffer;
2261 } 2266 }
2262 2267
@@ -3143,7 +3148,8 @@ int close_ctree(struct btrfs_root *root)
3143 return 0; 3148 return 0;
3144} 3149}
3145 3150
3146int btrfs_buffer_uptodate(struct extent_buffer *buf, u64 parent_transid) 3151int btrfs_buffer_uptodate(struct extent_buffer *buf, u64 parent_transid,
3152 int atomic)
3147{ 3153{
3148 int ret; 3154 int ret;
3149 struct inode *btree_inode = buf->pages[0]->mapping->host; 3155 struct inode *btree_inode = buf->pages[0]->mapping->host;
@@ -3153,7 +3159,9 @@ int btrfs_buffer_uptodate(struct extent_buffer *buf, u64 parent_transid)
3153 return ret; 3159 return ret;
3154 3160
3155 ret = verify_parent_transid(&BTRFS_I(btree_inode)->io_tree, buf, 3161 ret = verify_parent_transid(&BTRFS_I(btree_inode)->io_tree, buf,
3156 parent_transid); 3162 parent_transid, atomic);
3163 if (ret == -EAGAIN)
3164 return ret;
3157 return !ret; 3165 return !ret;
3158} 3166}
3159 3167
diff --git a/fs/btrfs/disk-io.h b/fs/btrfs/disk-io.h
index a7ace1a2dd12..ab1830aaf0ed 100644
--- a/fs/btrfs/disk-io.h
+++ b/fs/btrfs/disk-io.h
@@ -66,7 +66,8 @@ void btrfs_btree_balance_dirty(struct btrfs_root *root, unsigned long nr);
66void __btrfs_btree_balance_dirty(struct btrfs_root *root, unsigned long nr); 66void __btrfs_btree_balance_dirty(struct btrfs_root *root, unsigned long nr);
67void btrfs_free_fs_root(struct btrfs_fs_info *fs_info, struct btrfs_root *root); 67void btrfs_free_fs_root(struct btrfs_fs_info *fs_info, struct btrfs_root *root);
68void btrfs_mark_buffer_dirty(struct extent_buffer *buf); 68void btrfs_mark_buffer_dirty(struct extent_buffer *buf);
69int btrfs_buffer_uptodate(struct extent_buffer *buf, u64 parent_transid); 69int btrfs_buffer_uptodate(struct extent_buffer *buf, u64 parent_transid,
70 int atomic);
70int btrfs_set_buffer_uptodate(struct extent_buffer *buf); 71int btrfs_set_buffer_uptodate(struct extent_buffer *buf);
71int btrfs_read_buffer(struct extent_buffer *buf, u64 parent_transid); 72int btrfs_read_buffer(struct extent_buffer *buf, u64 parent_transid);
72u32 btrfs_csum_data(struct btrfs_root *root, char *data, u32 seed, size_t len); 73u32 btrfs_csum_data(struct btrfs_root *root, char *data, u32 seed, size_t len);
diff --git a/fs/btrfs/extent-tree.c b/fs/btrfs/extent-tree.c
index a84420491c11..49fd7b66d57b 100644
--- a/fs/btrfs/extent-tree.c
+++ b/fs/btrfs/extent-tree.c
@@ -529,9 +529,7 @@ static int cache_block_group(struct btrfs_block_group_cache *cache,
529 * allocate blocks for the tree root we can't do the fast caching since 529 * allocate blocks for the tree root we can't do the fast caching since
530 * we likely hold important locks. 530 * we likely hold important locks.
531 */ 531 */
532 if (trans && (!trans->transaction->in_commit) && 532 if (fs_info->mount_opt & BTRFS_MOUNT_SPACE_CACHE) {
533 (root && root != root->fs_info->tree_root) &&
534 btrfs_test_opt(root, SPACE_CACHE)) {
535 ret = load_free_space_cache(fs_info, cache); 533 ret = load_free_space_cache(fs_info, cache);
536 534
537 spin_lock(&cache->lock); 535 spin_lock(&cache->lock);
@@ -2303,6 +2301,7 @@ static noinline int run_clustered_refs(struct btrfs_trans_handle *trans,
2303 2301
2304 if (ret) { 2302 if (ret) {
2305 printk(KERN_DEBUG "btrfs: run_delayed_extent_op returned %d\n", ret); 2303 printk(KERN_DEBUG "btrfs: run_delayed_extent_op returned %d\n", ret);
2304 spin_lock(&delayed_refs->lock);
2306 return ret; 2305 return ret;
2307 } 2306 }
2308 2307
@@ -2333,6 +2332,7 @@ static noinline int run_clustered_refs(struct btrfs_trans_handle *trans,
2333 2332
2334 if (ret) { 2333 if (ret) {
2335 printk(KERN_DEBUG "btrfs: run_one_delayed_ref returned %d\n", ret); 2334 printk(KERN_DEBUG "btrfs: run_one_delayed_ref returned %d\n", ret);
2335 spin_lock(&delayed_refs->lock);
2336 return ret; 2336 return ret;
2337 } 2337 }
2338 2338
@@ -3152,15 +3152,14 @@ static void set_avail_alloc_bits(struct btrfs_fs_info *fs_info, u64 flags)
3152/* 3152/*
3153 * returns target flags in extended format or 0 if restripe for this 3153 * returns target flags in extended format or 0 if restripe for this
3154 * chunk_type is not in progress 3154 * chunk_type is not in progress
3155 *
3156 * should be called with either volume_mutex or balance_lock held
3155 */ 3157 */
3156static u64 get_restripe_target(struct btrfs_fs_info *fs_info, u64 flags) 3158static u64 get_restripe_target(struct btrfs_fs_info *fs_info, u64 flags)
3157{ 3159{
3158 struct btrfs_balance_control *bctl = fs_info->balance_ctl; 3160 struct btrfs_balance_control *bctl = fs_info->balance_ctl;
3159 u64 target = 0; 3161 u64 target = 0;
3160 3162
3161 BUG_ON(!mutex_is_locked(&fs_info->volume_mutex) &&
3162 !spin_is_locked(&fs_info->balance_lock));
3163
3164 if (!bctl) 3163 if (!bctl)
3165 return 0; 3164 return 0;
3166 3165
@@ -3772,13 +3771,10 @@ again:
3772 */ 3771 */
3773 if (current->journal_info) 3772 if (current->journal_info)
3774 return -EAGAIN; 3773 return -EAGAIN;
3775 ret = wait_event_interruptible(space_info->wait, 3774 ret = wait_event_killable(space_info->wait, !space_info->flush);
3776 !space_info->flush); 3775 /* Must have been killed, return */
3777 /* Must have been interrupted, return */ 3776 if (ret)
3778 if (ret) {
3779 printk(KERN_DEBUG "btrfs: %s returning -EINTR\n", __func__);
3780 return -EINTR; 3777 return -EINTR;
3781 }
3782 3778
3783 spin_lock(&space_info->lock); 3779 spin_lock(&space_info->lock);
3784 } 3780 }
@@ -4205,7 +4201,7 @@ static u64 calc_global_metadata_size(struct btrfs_fs_info *fs_info)
4205 num_bytes += div64_u64(data_used + meta_used, 50); 4201 num_bytes += div64_u64(data_used + meta_used, 50);
4206 4202
4207 if (num_bytes * 3 > meta_used) 4203 if (num_bytes * 3 > meta_used)
4208 num_bytes = div64_u64(meta_used, 3) * 2; 4204 num_bytes = div64_u64(meta_used, 3);
4209 4205
4210 return ALIGN(num_bytes, fs_info->extent_root->leafsize << 10); 4206 return ALIGN(num_bytes, fs_info->extent_root->leafsize << 10);
4211} 4207}
@@ -4218,8 +4214,8 @@ static void update_global_block_rsv(struct btrfs_fs_info *fs_info)
4218 4214
4219 num_bytes = calc_global_metadata_size(fs_info); 4215 num_bytes = calc_global_metadata_size(fs_info);
4220 4216
4221 spin_lock(&block_rsv->lock);
4222 spin_lock(&sinfo->lock); 4217 spin_lock(&sinfo->lock);
4218 spin_lock(&block_rsv->lock);
4223 4219
4224 block_rsv->size = num_bytes; 4220 block_rsv->size = num_bytes;
4225 4221
@@ -4245,8 +4241,8 @@ static void update_global_block_rsv(struct btrfs_fs_info *fs_info)
4245 block_rsv->full = 1; 4241 block_rsv->full = 1;
4246 } 4242 }
4247 4243
4248 spin_unlock(&sinfo->lock);
4249 spin_unlock(&block_rsv->lock); 4244 spin_unlock(&block_rsv->lock);
4245 spin_unlock(&sinfo->lock);
4250} 4246}
4251 4247
4252static void init_global_block_rsv(struct btrfs_fs_info *fs_info) 4248static void init_global_block_rsv(struct btrfs_fs_info *fs_info)
@@ -6572,7 +6568,7 @@ static noinline int do_walk_down(struct btrfs_trans_handle *trans,
6572 goto skip; 6568 goto skip;
6573 } 6569 }
6574 6570
6575 if (!btrfs_buffer_uptodate(next, generation)) { 6571 if (!btrfs_buffer_uptodate(next, generation, 0)) {
6576 btrfs_tree_unlock(next); 6572 btrfs_tree_unlock(next);
6577 free_extent_buffer(next); 6573 free_extent_buffer(next);
6578 next = NULL; 6574 next = NULL;
diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c
index 8d904dd7ea9f..c9018a05036e 100644
--- a/fs/btrfs/extent_io.c
+++ b/fs/btrfs/extent_io.c
@@ -402,20 +402,28 @@ static int split_state(struct extent_io_tree *tree, struct extent_state *orig,
402 return 0; 402 return 0;
403} 403}
404 404
405static struct extent_state *next_state(struct extent_state *state)
406{
407 struct rb_node *next = rb_next(&state->rb_node);
408 if (next)
409 return rb_entry(next, struct extent_state, rb_node);
410 else
411 return NULL;
412}
413
405/* 414/*
406 * utility function to clear some bits in an extent state struct. 415 * utility function to clear some bits in an extent state struct.
407 * it will optionally wake up any one waiting on this state (wake == 1), or 416 * it will optionally wake up any one waiting on this state (wake == 1)
408 * forcibly remove the state from the tree (delete == 1).
409 * 417 *
410 * If no bits are set on the state struct after clearing things, the 418 * If no bits are set on the state struct after clearing things, the
411 * struct is freed and removed from the tree 419 * struct is freed and removed from the tree
412 */ 420 */
413static int clear_state_bit(struct extent_io_tree *tree, 421static struct extent_state *clear_state_bit(struct extent_io_tree *tree,
414 struct extent_state *state, 422 struct extent_state *state,
415 int *bits, int wake) 423 int *bits, int wake)
416{ 424{
425 struct extent_state *next;
417 int bits_to_clear = *bits & ~EXTENT_CTLBITS; 426 int bits_to_clear = *bits & ~EXTENT_CTLBITS;
418 int ret = state->state & bits_to_clear;
419 427
420 if ((bits_to_clear & EXTENT_DIRTY) && (state->state & EXTENT_DIRTY)) { 428 if ((bits_to_clear & EXTENT_DIRTY) && (state->state & EXTENT_DIRTY)) {
421 u64 range = state->end - state->start + 1; 429 u64 range = state->end - state->start + 1;
@@ -427,6 +435,7 @@ static int clear_state_bit(struct extent_io_tree *tree,
427 if (wake) 435 if (wake)
428 wake_up(&state->wq); 436 wake_up(&state->wq);
429 if (state->state == 0) { 437 if (state->state == 0) {
438 next = next_state(state);
430 if (state->tree) { 439 if (state->tree) {
431 rb_erase(&state->rb_node, &tree->state); 440 rb_erase(&state->rb_node, &tree->state);
432 state->tree = NULL; 441 state->tree = NULL;
@@ -436,8 +445,9 @@ static int clear_state_bit(struct extent_io_tree *tree,
436 } 445 }
437 } else { 446 } else {
438 merge_state(tree, state); 447 merge_state(tree, state);
448 next = next_state(state);
439 } 449 }
440 return ret; 450 return next;
441} 451}
442 452
443static struct extent_state * 453static struct extent_state *
@@ -476,7 +486,6 @@ int clear_extent_bit(struct extent_io_tree *tree, u64 start, u64 end,
476 struct extent_state *state; 486 struct extent_state *state;
477 struct extent_state *cached; 487 struct extent_state *cached;
478 struct extent_state *prealloc = NULL; 488 struct extent_state *prealloc = NULL;
479 struct rb_node *next_node;
480 struct rb_node *node; 489 struct rb_node *node;
481 u64 last_end; 490 u64 last_end;
482 int err; 491 int err;
@@ -528,14 +537,11 @@ hit_next:
528 WARN_ON(state->end < start); 537 WARN_ON(state->end < start);
529 last_end = state->end; 538 last_end = state->end;
530 539
531 if (state->end < end && !need_resched())
532 next_node = rb_next(&state->rb_node);
533 else
534 next_node = NULL;
535
536 /* the state doesn't have the wanted bits, go ahead */ 540 /* the state doesn't have the wanted bits, go ahead */
537 if (!(state->state & bits)) 541 if (!(state->state & bits)) {
542 state = next_state(state);
538 goto next; 543 goto next;
544 }
539 545
540 /* 546 /*
541 * | ---- desired range ---- | 547 * | ---- desired range ---- |
@@ -593,16 +599,13 @@ hit_next:
593 goto out; 599 goto out;
594 } 600 }
595 601
596 clear_state_bit(tree, state, &bits, wake); 602 state = clear_state_bit(tree, state, &bits, wake);
597next: 603next:
598 if (last_end == (u64)-1) 604 if (last_end == (u64)-1)
599 goto out; 605 goto out;
600 start = last_end + 1; 606 start = last_end + 1;
601 if (start <= end && next_node) { 607 if (start <= end && state && !need_resched())
602 state = rb_entry(next_node, struct extent_state,
603 rb_node);
604 goto hit_next; 608 goto hit_next;
605 }
606 goto search_again; 609 goto search_again;
607 610
608out: 611out:
@@ -1937,7 +1940,7 @@ int repair_eb_io_failure(struct btrfs_root *root, struct extent_buffer *eb,
1937 struct btrfs_mapping_tree *map_tree = &root->fs_info->mapping_tree; 1940 struct btrfs_mapping_tree *map_tree = &root->fs_info->mapping_tree;
1938 u64 start = eb->start; 1941 u64 start = eb->start;
1939 unsigned long i, num_pages = num_extent_pages(eb->start, eb->len); 1942 unsigned long i, num_pages = num_extent_pages(eb->start, eb->len);
1940 int ret; 1943 int ret = 0;
1941 1944
1942 for (i = 0; i < num_pages; i++) { 1945 for (i = 0; i < num_pages; i++) {
1943 struct page *p = extent_buffer_page(eb, i); 1946 struct page *p = extent_buffer_page(eb, i);
@@ -2180,6 +2183,10 @@ static int bio_readpage_error(struct bio *failed_bio, struct page *page,
2180 } 2183 }
2181 2184
2182 bio = bio_alloc(GFP_NOFS, 1); 2185 bio = bio_alloc(GFP_NOFS, 1);
2186 if (!bio) {
2187 free_io_failure(inode, failrec, 0);
2188 return -EIO;
2189 }
2183 bio->bi_private = state; 2190 bio->bi_private = state;
2184 bio->bi_end_io = failed_bio->bi_end_io; 2191 bio->bi_end_io = failed_bio->bi_end_io;
2185 bio->bi_sector = failrec->logical >> 9; 2192 bio->bi_sector = failrec->logical >> 9;
@@ -2297,7 +2304,7 @@ static void end_bio_extent_readpage(struct bio *bio, int err)
2297 u64 start; 2304 u64 start;
2298 u64 end; 2305 u64 end;
2299 int whole_page; 2306 int whole_page;
2300 int failed_mirror; 2307 int mirror;
2301 int ret; 2308 int ret;
2302 2309
2303 if (err) 2310 if (err)
@@ -2336,20 +2343,18 @@ static void end_bio_extent_readpage(struct bio *bio, int err)
2336 } 2343 }
2337 spin_unlock(&tree->lock); 2344 spin_unlock(&tree->lock);
2338 2345
2346 mirror = (int)(unsigned long)bio->bi_bdev;
2339 if (uptodate && tree->ops && tree->ops->readpage_end_io_hook) { 2347 if (uptodate && tree->ops && tree->ops->readpage_end_io_hook) {
2340 ret = tree->ops->readpage_end_io_hook(page, start, end, 2348 ret = tree->ops->readpage_end_io_hook(page, start, end,
2341 state); 2349 state, mirror);
2342 if (ret) 2350 if (ret)
2343 uptodate = 0; 2351 uptodate = 0;
2344 else 2352 else
2345 clean_io_failure(start, page); 2353 clean_io_failure(start, page);
2346 } 2354 }
2347 2355
2348 if (!uptodate)
2349 failed_mirror = (int)(unsigned long)bio->bi_bdev;
2350
2351 if (!uptodate && tree->ops && tree->ops->readpage_io_failed_hook) { 2356 if (!uptodate && tree->ops && tree->ops->readpage_io_failed_hook) {
2352 ret = tree->ops->readpage_io_failed_hook(page, failed_mirror); 2357 ret = tree->ops->readpage_io_failed_hook(page, mirror);
2353 if (!ret && !err && 2358 if (!ret && !err &&
2354 test_bit(BIO_UPTODATE, &bio->bi_flags)) 2359 test_bit(BIO_UPTODATE, &bio->bi_flags))
2355 uptodate = 1; 2360 uptodate = 1;
@@ -2364,8 +2369,7 @@ static void end_bio_extent_readpage(struct bio *bio, int err)
2364 * can't handle the error it will return -EIO and we 2369 * can't handle the error it will return -EIO and we
2365 * remain responsible for that page. 2370 * remain responsible for that page.
2366 */ 2371 */
2367 ret = bio_readpage_error(bio, page, start, end, 2372 ret = bio_readpage_error(bio, page, start, end, mirror, NULL);
2368 failed_mirror, NULL);
2369 if (ret == 0) { 2373 if (ret == 0) {
2370 uptodate = 2374 uptodate =
2371 test_bit(BIO_UPTODATE, &bio->bi_flags); 2375 test_bit(BIO_UPTODATE, &bio->bi_flags);
@@ -4116,6 +4120,7 @@ struct extent_buffer *alloc_extent_buffer(struct extent_io_tree *tree,
4116 if (atomic_inc_not_zero(&exists->refs)) { 4120 if (atomic_inc_not_zero(&exists->refs)) {
4117 spin_unlock(&mapping->private_lock); 4121 spin_unlock(&mapping->private_lock);
4118 unlock_page(p); 4122 unlock_page(p);
4123 page_cache_release(p);
4119 mark_extent_buffer_accessed(exists); 4124 mark_extent_buffer_accessed(exists);
4120 goto free_eb; 4125 goto free_eb;
4121 } 4126 }
@@ -4195,8 +4200,7 @@ free_eb:
4195 unlock_page(eb->pages[i]); 4200 unlock_page(eb->pages[i]);
4196 } 4201 }
4197 4202
4198 if (!atomic_dec_and_test(&eb->refs)) 4203 WARN_ON(!atomic_dec_and_test(&eb->refs));
4199 return exists;
4200 btrfs_release_extent_buffer(eb); 4204 btrfs_release_extent_buffer(eb);
4201 return exists; 4205 return exists;
4202} 4206}
@@ -4458,7 +4462,7 @@ int read_extent_buffer_pages(struct extent_io_tree *tree,
4458 } 4462 }
4459 4463
4460 clear_bit(EXTENT_BUFFER_IOERR, &eb->bflags); 4464 clear_bit(EXTENT_BUFFER_IOERR, &eb->bflags);
4461 eb->failed_mirror = 0; 4465 eb->read_mirror = 0;
4462 atomic_set(&eb->io_pages, num_reads); 4466 atomic_set(&eb->io_pages, num_reads);
4463 for (i = start_i; i < num_pages; i++) { 4467 for (i = start_i; i < num_pages; i++) {
4464 page = extent_buffer_page(eb, i); 4468 page = extent_buffer_page(eb, i);
diff --git a/fs/btrfs/extent_io.h b/fs/btrfs/extent_io.h
index faf10eb57f75..b516c3b8dec6 100644
--- a/fs/btrfs/extent_io.h
+++ b/fs/btrfs/extent_io.h
@@ -79,7 +79,7 @@ struct extent_io_ops {
79 u64 start, u64 end, 79 u64 start, u64 end,
80 struct extent_state *state); 80 struct extent_state *state);
81 int (*readpage_end_io_hook)(struct page *page, u64 start, u64 end, 81 int (*readpage_end_io_hook)(struct page *page, u64 start, u64 end,
82 struct extent_state *state); 82 struct extent_state *state, int mirror);
83 int (*writepage_end_io_hook)(struct page *page, u64 start, u64 end, 83 int (*writepage_end_io_hook)(struct page *page, u64 start, u64 end,
84 struct extent_state *state, int uptodate); 84 struct extent_state *state, int uptodate);
85 void (*set_bit_hook)(struct inode *inode, struct extent_state *state, 85 void (*set_bit_hook)(struct inode *inode, struct extent_state *state,
@@ -135,7 +135,7 @@ struct extent_buffer {
135 spinlock_t refs_lock; 135 spinlock_t refs_lock;
136 atomic_t refs; 136 atomic_t refs;
137 atomic_t io_pages; 137 atomic_t io_pages;
138 int failed_mirror; 138 int read_mirror;
139 struct list_head leak_list; 139 struct list_head leak_list;
140 struct rcu_head rcu_head; 140 struct rcu_head rcu_head;
141 pid_t lock_owner; 141 pid_t lock_owner;
diff --git a/fs/btrfs/file.c b/fs/btrfs/file.c
index d83260d7498f..53bf2d764bbc 100644
--- a/fs/btrfs/file.c
+++ b/fs/btrfs/file.c
@@ -567,6 +567,7 @@ int btrfs_drop_extents(struct btrfs_trans_handle *trans, struct inode *inode,
567 int extent_type; 567 int extent_type;
568 int recow; 568 int recow;
569 int ret; 569 int ret;
570 int modify_tree = -1;
570 571
571 if (drop_cache) 572 if (drop_cache)
572 btrfs_drop_extent_cache(inode, start, end - 1, 0); 573 btrfs_drop_extent_cache(inode, start, end - 1, 0);
@@ -575,10 +576,13 @@ int btrfs_drop_extents(struct btrfs_trans_handle *trans, struct inode *inode,
575 if (!path) 576 if (!path)
576 return -ENOMEM; 577 return -ENOMEM;
577 578
579 if (start >= BTRFS_I(inode)->disk_i_size)
580 modify_tree = 0;
581
578 while (1) { 582 while (1) {
579 recow = 0; 583 recow = 0;
580 ret = btrfs_lookup_file_extent(trans, root, path, ino, 584 ret = btrfs_lookup_file_extent(trans, root, path, ino,
581 search_start, -1); 585 search_start, modify_tree);
582 if (ret < 0) 586 if (ret < 0)
583 break; 587 break;
584 if (ret > 0 && path->slots[0] > 0 && search_start == start) { 588 if (ret > 0 && path->slots[0] > 0 && search_start == start) {
@@ -634,7 +638,8 @@ next_slot:
634 } 638 }
635 639
636 search_start = max(key.offset, start); 640 search_start = max(key.offset, start);
637 if (recow) { 641 if (recow || !modify_tree) {
642 modify_tree = -1;
638 btrfs_release_path(path); 643 btrfs_release_path(path);
639 continue; 644 continue;
640 } 645 }
diff --git a/fs/btrfs/free-space-cache.c b/fs/btrfs/free-space-cache.c
index e88330d3df52..202008ec367d 100644
--- a/fs/btrfs/free-space-cache.c
+++ b/fs/btrfs/free-space-cache.c
@@ -748,13 +748,6 @@ int load_free_space_cache(struct btrfs_fs_info *fs_info,
748 u64 used = btrfs_block_group_used(&block_group->item); 748 u64 used = btrfs_block_group_used(&block_group->item);
749 749
750 /* 750 /*
751 * If we're unmounting then just return, since this does a search on the
752 * normal root and not the commit root and we could deadlock.
753 */
754 if (btrfs_fs_closing(fs_info))
755 return 0;
756
757 /*
758 * If this block group has been marked to be cleared for one reason or 751 * If this block group has been marked to be cleared for one reason or
759 * another then we can't trust the on disk cache, so just return. 752 * another then we can't trust the on disk cache, so just return.
760 */ 753 */
@@ -768,6 +761,8 @@ int load_free_space_cache(struct btrfs_fs_info *fs_info,
768 path = btrfs_alloc_path(); 761 path = btrfs_alloc_path();
769 if (!path) 762 if (!path)
770 return 0; 763 return 0;
764 path->search_commit_root = 1;
765 path->skip_locking = 1;
771 766
772 inode = lookup_free_space_inode(root, block_group, path); 767 inode = lookup_free_space_inode(root, block_group, path);
773 if (IS_ERR(inode)) { 768 if (IS_ERR(inode)) {
diff --git a/fs/btrfs/inode.c b/fs/btrfs/inode.c
index 115bc05e42b0..61b16c641ce0 100644
--- a/fs/btrfs/inode.c
+++ b/fs/btrfs/inode.c
@@ -1947,7 +1947,7 @@ static int btrfs_writepage_end_io_hook(struct page *page, u64 start, u64 end,
1947 * extent_io.c will try to find good copies for us. 1947 * extent_io.c will try to find good copies for us.
1948 */ 1948 */
1949static int btrfs_readpage_end_io_hook(struct page *page, u64 start, u64 end, 1949static int btrfs_readpage_end_io_hook(struct page *page, u64 start, u64 end,
1950 struct extent_state *state) 1950 struct extent_state *state, int mirror)
1951{ 1951{
1952 size_t offset = start - ((u64)page->index << PAGE_CACHE_SHIFT); 1952 size_t offset = start - ((u64)page->index << PAGE_CACHE_SHIFT);
1953 struct inode *inode = page->mapping->host; 1953 struct inode *inode = page->mapping->host;
@@ -4069,7 +4069,7 @@ static struct inode *new_simple_dir(struct super_block *s,
4069 BTRFS_I(inode)->dummy_inode = 1; 4069 BTRFS_I(inode)->dummy_inode = 1;
4070 4070
4071 inode->i_ino = BTRFS_EMPTY_SUBVOL_DIR_OBJECTID; 4071 inode->i_ino = BTRFS_EMPTY_SUBVOL_DIR_OBJECTID;
4072 inode->i_op = &simple_dir_inode_operations; 4072 inode->i_op = &btrfs_dir_ro_inode_operations;
4073 inode->i_fop = &simple_dir_operations; 4073 inode->i_fop = &simple_dir_operations;
4074 inode->i_mode = S_IFDIR | S_IRUGO | S_IWUSR | S_IXUGO; 4074 inode->i_mode = S_IFDIR | S_IRUGO | S_IWUSR | S_IXUGO;
4075 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; 4075 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
@@ -4140,14 +4140,18 @@ struct inode *btrfs_lookup_dentry(struct inode *dir, struct dentry *dentry)
4140static int btrfs_dentry_delete(const struct dentry *dentry) 4140static int btrfs_dentry_delete(const struct dentry *dentry)
4141{ 4141{
4142 struct btrfs_root *root; 4142 struct btrfs_root *root;
4143 struct inode *inode = dentry->d_inode;
4143 4144
4144 if (!dentry->d_inode && !IS_ROOT(dentry)) 4145 if (!inode && !IS_ROOT(dentry))
4145 dentry = dentry->d_parent; 4146 inode = dentry->d_parent->d_inode;
4146 4147
4147 if (dentry->d_inode) { 4148 if (inode) {
4148 root = BTRFS_I(dentry->d_inode)->root; 4149 root = BTRFS_I(inode)->root;
4149 if (btrfs_root_refs(&root->root_item) == 0) 4150 if (btrfs_root_refs(&root->root_item) == 0)
4150 return 1; 4151 return 1;
4152
4153 if (btrfs_ino(inode) == BTRFS_EMPTY_SUBVOL_DIR_OBJECTID)
4154 return 1;
4151 } 4155 }
4152 return 0; 4156 return 0;
4153} 4157}
@@ -4188,7 +4192,6 @@ static int btrfs_real_readdir(struct file *filp, void *dirent,
4188 struct btrfs_path *path; 4192 struct btrfs_path *path;
4189 struct list_head ins_list; 4193 struct list_head ins_list;
4190 struct list_head del_list; 4194 struct list_head del_list;
4191 struct qstr q;
4192 int ret; 4195 int ret;
4193 struct extent_buffer *leaf; 4196 struct extent_buffer *leaf;
4194 int slot; 4197 int slot;
@@ -4279,7 +4282,6 @@ static int btrfs_real_readdir(struct file *filp, void *dirent,
4279 4282
4280 while (di_cur < di_total) { 4283 while (di_cur < di_total) {
4281 struct btrfs_key location; 4284 struct btrfs_key location;
4282 struct dentry *tmp;
4283 4285
4284 if (verify_dir_item(root, leaf, di)) 4286 if (verify_dir_item(root, leaf, di))
4285 break; 4287 break;
@@ -4300,35 +4302,15 @@ static int btrfs_real_readdir(struct file *filp, void *dirent,
4300 d_type = btrfs_filetype_table[btrfs_dir_type(leaf, di)]; 4302 d_type = btrfs_filetype_table[btrfs_dir_type(leaf, di)];
4301 btrfs_dir_item_key_to_cpu(leaf, di, &location); 4303 btrfs_dir_item_key_to_cpu(leaf, di, &location);
4302 4304
4303 q.name = name_ptr; 4305
4304 q.len = name_len;
4305 q.hash = full_name_hash(q.name, q.len);
4306 tmp = d_lookup(filp->f_dentry, &q);
4307 if (!tmp) {
4308 struct btrfs_key *newkey;
4309
4310 newkey = kzalloc(sizeof(struct btrfs_key),
4311 GFP_NOFS);
4312 if (!newkey)
4313 goto no_dentry;
4314 tmp = d_alloc(filp->f_dentry, &q);
4315 if (!tmp) {
4316 kfree(newkey);
4317 dput(tmp);
4318 goto no_dentry;
4319 }
4320 memcpy(newkey, &location,
4321 sizeof(struct btrfs_key));
4322 tmp->d_fsdata = newkey;
4323 tmp->d_flags |= DCACHE_NEED_LOOKUP;
4324 d_rehash(tmp);
4325 dput(tmp);
4326 } else {
4327 dput(tmp);
4328 }
4329no_dentry:
4330 /* is this a reference to our own snapshot? If so 4306 /* is this a reference to our own snapshot? If so
4331 * skip it 4307 * skip it.
4308 *
4309 * In contrast to old kernels, we insert the snapshot's
4310 * dir item and dir index after it has been created, so
4311 * we won't find a reference to our own snapshot. We
4312 * still keep the following code for backward
4313 * compatibility.
4332 */ 4314 */
4333 if (location.type == BTRFS_ROOT_ITEM_KEY && 4315 if (location.type == BTRFS_ROOT_ITEM_KEY &&
4334 location.objectid == root->root_key.objectid) { 4316 location.objectid == root->root_key.objectid) {
diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
index 18cc23d164a8..14f8e1faa46e 100644
--- a/fs/btrfs/ioctl.c
+++ b/fs/btrfs/ioctl.c
@@ -2262,7 +2262,10 @@ static long btrfs_ioctl_dev_info(struct btrfs_root *root, void __user *arg)
2262 di_args->bytes_used = dev->bytes_used; 2262 di_args->bytes_used = dev->bytes_used;
2263 di_args->total_bytes = dev->total_bytes; 2263 di_args->total_bytes = dev->total_bytes;
2264 memcpy(di_args->uuid, dev->uuid, sizeof(di_args->uuid)); 2264 memcpy(di_args->uuid, dev->uuid, sizeof(di_args->uuid));
2265 strncpy(di_args->path, dev->name, sizeof(di_args->path)); 2265 if (dev->name)
2266 strncpy(di_args->path, dev->name, sizeof(di_args->path));
2267 else
2268 di_args->path[0] = '\0';
2266 2269
2267out: 2270out:
2268 if (ret == 0 && copy_to_user(arg, di_args, sizeof(*di_args))) 2271 if (ret == 0 && copy_to_user(arg, di_args, sizeof(*di_args)))
diff --git a/fs/btrfs/ioctl.h b/fs/btrfs/ioctl.h
index 4f69028a68c4..086e6bdae1c4 100644
--- a/fs/btrfs/ioctl.h
+++ b/fs/btrfs/ioctl.h
@@ -252,7 +252,7 @@ struct btrfs_data_container {
252 252
253struct btrfs_ioctl_ino_path_args { 253struct btrfs_ioctl_ino_path_args {
254 __u64 inum; /* in */ 254 __u64 inum; /* in */
255 __u32 size; /* in */ 255 __u64 size; /* in */
256 __u64 reserved[4]; 256 __u64 reserved[4];
257 /* struct btrfs_data_container *fspath; out */ 257 /* struct btrfs_data_container *fspath; out */
258 __u64 fspath; /* out */ 258 __u64 fspath; /* out */
@@ -260,7 +260,7 @@ struct btrfs_ioctl_ino_path_args {
260 260
261struct btrfs_ioctl_logical_ino_args { 261struct btrfs_ioctl_logical_ino_args {
262 __u64 logical; /* in */ 262 __u64 logical; /* in */
263 __u32 size; /* in */ 263 __u64 size; /* in */
264 __u64 reserved[4]; 264 __u64 reserved[4];
265 /* struct btrfs_data_container *inodes; out */ 265 /* struct btrfs_data_container *inodes; out */
266 __u64 inodes; 266 __u64 inodes;
diff --git a/fs/btrfs/reada.c b/fs/btrfs/reada.c
index dc5d33146fdb..ac5d01085884 100644
--- a/fs/btrfs/reada.c
+++ b/fs/btrfs/reada.c
@@ -250,14 +250,12 @@ static struct reada_zone *reada_find_zone(struct btrfs_fs_info *fs_info,
250 struct btrfs_bio *bbio) 250 struct btrfs_bio *bbio)
251{ 251{
252 int ret; 252 int ret;
253 int looped = 0;
254 struct reada_zone *zone; 253 struct reada_zone *zone;
255 struct btrfs_block_group_cache *cache = NULL; 254 struct btrfs_block_group_cache *cache = NULL;
256 u64 start; 255 u64 start;
257 u64 end; 256 u64 end;
258 int i; 257 int i;
259 258
260again:
261 zone = NULL; 259 zone = NULL;
262 spin_lock(&fs_info->reada_lock); 260 spin_lock(&fs_info->reada_lock);
263 ret = radix_tree_gang_lookup(&dev->reada_zones, (void **)&zone, 261 ret = radix_tree_gang_lookup(&dev->reada_zones, (void **)&zone,
@@ -274,9 +272,6 @@ again:
274 spin_unlock(&fs_info->reada_lock); 272 spin_unlock(&fs_info->reada_lock);
275 } 273 }
276 274
277 if (looped)
278 return NULL;
279
280 cache = btrfs_lookup_block_group(fs_info, logical); 275 cache = btrfs_lookup_block_group(fs_info, logical);
281 if (!cache) 276 if (!cache)
282 return NULL; 277 return NULL;
@@ -307,13 +302,15 @@ again:
307 ret = radix_tree_insert(&dev->reada_zones, 302 ret = radix_tree_insert(&dev->reada_zones,
308 (unsigned long)(zone->end >> PAGE_CACHE_SHIFT), 303 (unsigned long)(zone->end >> PAGE_CACHE_SHIFT),
309 zone); 304 zone);
310 spin_unlock(&fs_info->reada_lock);
311 305
312 if (ret) { 306 if (ret == -EEXIST) {
313 kfree(zone); 307 kfree(zone);
314 looped = 1; 308 ret = radix_tree_gang_lookup(&dev->reada_zones, (void **)&zone,
315 goto again; 309 logical >> PAGE_CACHE_SHIFT, 1);
310 if (ret == 1)
311 kref_get(&zone->refcnt);
316 } 312 }
313 spin_unlock(&fs_info->reada_lock);
317 314
318 return zone; 315 return zone;
319} 316}
@@ -323,26 +320,26 @@ static struct reada_extent *reada_find_extent(struct btrfs_root *root,
323 struct btrfs_key *top, int level) 320 struct btrfs_key *top, int level)
324{ 321{
325 int ret; 322 int ret;
326 int looped = 0;
327 struct reada_extent *re = NULL; 323 struct reada_extent *re = NULL;
324 struct reada_extent *re_exist = NULL;
328 struct btrfs_fs_info *fs_info = root->fs_info; 325 struct btrfs_fs_info *fs_info = root->fs_info;
329 struct btrfs_mapping_tree *map_tree = &fs_info->mapping_tree; 326 struct btrfs_mapping_tree *map_tree = &fs_info->mapping_tree;
330 struct btrfs_bio *bbio = NULL; 327 struct btrfs_bio *bbio = NULL;
331 struct btrfs_device *dev; 328 struct btrfs_device *dev;
329 struct btrfs_device *prev_dev;
332 u32 blocksize; 330 u32 blocksize;
333 u64 length; 331 u64 length;
334 int nzones = 0; 332 int nzones = 0;
335 int i; 333 int i;
336 unsigned long index = logical >> PAGE_CACHE_SHIFT; 334 unsigned long index = logical >> PAGE_CACHE_SHIFT;
337 335
338again:
339 spin_lock(&fs_info->reada_lock); 336 spin_lock(&fs_info->reada_lock);
340 re = radix_tree_lookup(&fs_info->reada_tree, index); 337 re = radix_tree_lookup(&fs_info->reada_tree, index);
341 if (re) 338 if (re)
342 kref_get(&re->refcnt); 339 kref_get(&re->refcnt);
343 spin_unlock(&fs_info->reada_lock); 340 spin_unlock(&fs_info->reada_lock);
344 341
345 if (re || looped) 342 if (re)
346 return re; 343 return re;
347 344
348 re = kzalloc(sizeof(*re), GFP_NOFS); 345 re = kzalloc(sizeof(*re), GFP_NOFS);
@@ -398,16 +395,31 @@ again:
398 /* insert extent in reada_tree + all per-device trees, all or nothing */ 395 /* insert extent in reada_tree + all per-device trees, all or nothing */
399 spin_lock(&fs_info->reada_lock); 396 spin_lock(&fs_info->reada_lock);
400 ret = radix_tree_insert(&fs_info->reada_tree, index, re); 397 ret = radix_tree_insert(&fs_info->reada_tree, index, re);
398 if (ret == -EEXIST) {
399 re_exist = radix_tree_lookup(&fs_info->reada_tree, index);
400 BUG_ON(!re_exist);
401 kref_get(&re_exist->refcnt);
402 spin_unlock(&fs_info->reada_lock);
403 goto error;
404 }
401 if (ret) { 405 if (ret) {
402 spin_unlock(&fs_info->reada_lock); 406 spin_unlock(&fs_info->reada_lock);
403 if (ret != -ENOMEM) {
404 /* someone inserted the extent in the meantime */
405 looped = 1;
406 }
407 goto error; 407 goto error;
408 } 408 }
409 prev_dev = NULL;
409 for (i = 0; i < nzones; ++i) { 410 for (i = 0; i < nzones; ++i) {
410 dev = bbio->stripes[i].dev; 411 dev = bbio->stripes[i].dev;
412 if (dev == prev_dev) {
413 /*
414 * in case of DUP, just add the first zone. As both
415 * are on the same device, there's nothing to gain
416 * from adding both.
417 * Also, it wouldn't work, as the tree is per device
418 * and adding would fail with EEXIST
419 */
420 continue;
421 }
422 prev_dev = dev;
411 ret = radix_tree_insert(&dev->reada_extents, index, re); 423 ret = radix_tree_insert(&dev->reada_extents, index, re);
412 if (ret) { 424 if (ret) {
413 while (--i >= 0) { 425 while (--i >= 0) {
@@ -450,9 +462,7 @@ error:
450 } 462 }
451 kfree(bbio); 463 kfree(bbio);
452 kfree(re); 464 kfree(re);
453 if (looped) 465 return re_exist;
454 goto again;
455 return NULL;
456} 466}
457 467
458static void reada_kref_dummy(struct kref *kr) 468static void reada_kref_dummy(struct kref *kr)
diff --git a/fs/btrfs/relocation.c b/fs/btrfs/relocation.c
index 017281dbb2a7..646ee21bb035 100644
--- a/fs/btrfs/relocation.c
+++ b/fs/btrfs/relocation.c
@@ -1279,7 +1279,9 @@ static int __update_reloc_root(struct btrfs_root *root, int del)
1279 if (rb_node) 1279 if (rb_node)
1280 backref_tree_panic(rb_node, -EEXIST, node->bytenr); 1280 backref_tree_panic(rb_node, -EEXIST, node->bytenr);
1281 } else { 1281 } else {
1282 spin_lock(&root->fs_info->trans_lock);
1282 list_del_init(&root->root_list); 1283 list_del_init(&root->root_list);
1284 spin_unlock(&root->fs_info->trans_lock);
1283 kfree(node); 1285 kfree(node);
1284 } 1286 }
1285 return 0; 1287 return 0;
@@ -3811,7 +3813,7 @@ restart:
3811 3813
3812 ret = btrfs_block_rsv_check(rc->extent_root, rc->block_rsv, 5); 3814 ret = btrfs_block_rsv_check(rc->extent_root, rc->block_rsv, 5);
3813 if (ret < 0) { 3815 if (ret < 0) {
3814 if (ret != -EAGAIN) { 3816 if (ret != -ENOSPC) {
3815 err = ret; 3817 err = ret;
3816 WARN_ON(1); 3818 WARN_ON(1);
3817 break; 3819 break;
diff --git a/fs/btrfs/scrub.c b/fs/btrfs/scrub.c
index 90acc82046c3..2f3d6f917fb3 100644
--- a/fs/btrfs/scrub.c
+++ b/fs/btrfs/scrub.c
@@ -998,6 +998,7 @@ static int scrub_setup_recheck_block(struct scrub_dev *sdev,
998 page = sblock->pagev + page_index; 998 page = sblock->pagev + page_index;
999 page->logical = logical; 999 page->logical = logical;
1000 page->physical = bbio->stripes[mirror_index].physical; 1000 page->physical = bbio->stripes[mirror_index].physical;
1001 /* for missing devices, bdev is NULL */
1001 page->bdev = bbio->stripes[mirror_index].dev->bdev; 1002 page->bdev = bbio->stripes[mirror_index].dev->bdev;
1002 page->mirror_num = mirror_index + 1; 1003 page->mirror_num = mirror_index + 1;
1003 page->page = alloc_page(GFP_NOFS); 1004 page->page = alloc_page(GFP_NOFS);
@@ -1042,8 +1043,16 @@ static int scrub_recheck_block(struct btrfs_fs_info *fs_info,
1042 struct scrub_page *page = sblock->pagev + page_num; 1043 struct scrub_page *page = sblock->pagev + page_num;
1043 DECLARE_COMPLETION_ONSTACK(complete); 1044 DECLARE_COMPLETION_ONSTACK(complete);
1044 1045
1046 if (page->bdev == NULL) {
1047 page->io_error = 1;
1048 sblock->no_io_error_seen = 0;
1049 continue;
1050 }
1051
1045 BUG_ON(!page->page); 1052 BUG_ON(!page->page);
1046 bio = bio_alloc(GFP_NOFS, 1); 1053 bio = bio_alloc(GFP_NOFS, 1);
1054 if (!bio)
1055 return -EIO;
1047 bio->bi_bdev = page->bdev; 1056 bio->bi_bdev = page->bdev;
1048 bio->bi_sector = page->physical >> 9; 1057 bio->bi_sector = page->physical >> 9;
1049 bio->bi_end_io = scrub_complete_bio_end_io; 1058 bio->bi_end_io = scrub_complete_bio_end_io;
@@ -1171,6 +1180,8 @@ static int scrub_repair_page_from_good_copy(struct scrub_block *sblock_bad,
1171 DECLARE_COMPLETION_ONSTACK(complete); 1180 DECLARE_COMPLETION_ONSTACK(complete);
1172 1181
1173 bio = bio_alloc(GFP_NOFS, 1); 1182 bio = bio_alloc(GFP_NOFS, 1);
1183 if (!bio)
1184 return -EIO;
1174 bio->bi_bdev = page_bad->bdev; 1185 bio->bi_bdev = page_bad->bdev;
1175 bio->bi_sector = page_bad->physical >> 9; 1186 bio->bi_sector = page_bad->physical >> 9;
1176 bio->bi_end_io = scrub_complete_bio_end_io; 1187 bio->bi_end_io = scrub_complete_bio_end_io;
@@ -1253,12 +1264,6 @@ static int scrub_checksum_data(struct scrub_block *sblock)
1253 if (memcmp(csum, on_disk_csum, sdev->csum_size)) 1264 if (memcmp(csum, on_disk_csum, sdev->csum_size))
1254 fail = 1; 1265 fail = 1;
1255 1266
1256 if (fail) {
1257 spin_lock(&sdev->stat_lock);
1258 ++sdev->stat.csum_errors;
1259 spin_unlock(&sdev->stat_lock);
1260 }
1261
1262 return fail; 1267 return fail;
1263} 1268}
1264 1269
@@ -1331,15 +1336,6 @@ static int scrub_checksum_tree_block(struct scrub_block *sblock)
1331 if (memcmp(calculated_csum, on_disk_csum, sdev->csum_size)) 1336 if (memcmp(calculated_csum, on_disk_csum, sdev->csum_size))
1332 ++crc_fail; 1337 ++crc_fail;
1333 1338
1334 if (crc_fail || fail) {
1335 spin_lock(&sdev->stat_lock);
1336 if (crc_fail)
1337 ++sdev->stat.csum_errors;
1338 if (fail)
1339 ++sdev->stat.verify_errors;
1340 spin_unlock(&sdev->stat_lock);
1341 }
1342
1343 return fail || crc_fail; 1339 return fail || crc_fail;
1344} 1340}
1345 1341
diff --git a/fs/btrfs/super.c b/fs/btrfs/super.c
index 8d5d380f7bdb..c5f8fca4195f 100644
--- a/fs/btrfs/super.c
+++ b/fs/btrfs/super.c
@@ -815,7 +815,6 @@ int btrfs_sync_fs(struct super_block *sb, int wait)
815 return 0; 815 return 0;
816 } 816 }
817 817
818 btrfs_start_delalloc_inodes(root, 0);
819 btrfs_wait_ordered_extents(root, 0, 0); 818 btrfs_wait_ordered_extents(root, 0, 0);
820 819
821 trans = btrfs_start_transaction(root, 0); 820 trans = btrfs_start_transaction(root, 0);
@@ -1148,13 +1147,15 @@ static int btrfs_remount(struct super_block *sb, int *flags, char *data)
1148 if (ret) 1147 if (ret)
1149 goto restore; 1148 goto restore;
1150 } else { 1149 } else {
1151 if (fs_info->fs_devices->rw_devices == 0) 1150 if (fs_info->fs_devices->rw_devices == 0) {
1152 ret = -EACCES; 1151 ret = -EACCES;
1153 goto restore; 1152 goto restore;
1153 }
1154 1154
1155 if (btrfs_super_log_root(fs_info->super_copy) != 0) 1155 if (btrfs_super_log_root(fs_info->super_copy) != 0) {
1156 ret = -EINVAL; 1156 ret = -EINVAL;
1157 goto restore; 1157 goto restore;
1158 }
1158 1159
1159 ret = btrfs_cleanup_fs_roots(fs_info); 1160 ret = btrfs_cleanup_fs_roots(fs_info);
1160 if (ret) 1161 if (ret)
diff --git a/fs/btrfs/transaction.c b/fs/btrfs/transaction.c
index 8da29e8e4de1..36422254ef67 100644
--- a/fs/btrfs/transaction.c
+++ b/fs/btrfs/transaction.c
@@ -73,8 +73,10 @@ loop:
73 73
74 cur_trans = root->fs_info->running_transaction; 74 cur_trans = root->fs_info->running_transaction;
75 if (cur_trans) { 75 if (cur_trans) {
76 if (cur_trans->aborted) 76 if (cur_trans->aborted) {
77 spin_unlock(&root->fs_info->trans_lock);
77 return cur_trans->aborted; 78 return cur_trans->aborted;
79 }
78 atomic_inc(&cur_trans->use_count); 80 atomic_inc(&cur_trans->use_count);
79 atomic_inc(&cur_trans->num_writers); 81 atomic_inc(&cur_trans->num_writers);
80 cur_trans->num_joined++; 82 cur_trans->num_joined++;
@@ -480,6 +482,7 @@ static int __btrfs_end_transaction(struct btrfs_trans_handle *trans,
480 struct btrfs_transaction *cur_trans = trans->transaction; 482 struct btrfs_transaction *cur_trans = trans->transaction;
481 struct btrfs_fs_info *info = root->fs_info; 483 struct btrfs_fs_info *info = root->fs_info;
482 int count = 0; 484 int count = 0;
485 int err = 0;
483 486
484 if (--trans->use_count) { 487 if (--trans->use_count) {
485 trans->block_rsv = trans->orig_rsv; 488 trans->block_rsv = trans->orig_rsv;
@@ -532,18 +535,18 @@ static int __btrfs_end_transaction(struct btrfs_trans_handle *trans,
532 535
533 if (current->journal_info == trans) 536 if (current->journal_info == trans)
534 current->journal_info = NULL; 537 current->journal_info = NULL;
535 memset(trans, 0, sizeof(*trans));
536 kmem_cache_free(btrfs_trans_handle_cachep, trans);
537 538
538 if (throttle) 539 if (throttle)
539 btrfs_run_delayed_iputs(root); 540 btrfs_run_delayed_iputs(root);
540 541
541 if (trans->aborted || 542 if (trans->aborted ||
542 root->fs_info->fs_state & BTRFS_SUPER_FLAG_ERROR) { 543 root->fs_info->fs_state & BTRFS_SUPER_FLAG_ERROR) {
543 return -EIO; 544 err = -EIO;
544 } 545 }
545 546
546 return 0; 547 memset(trans, 0, sizeof(*trans));
548 kmem_cache_free(btrfs_trans_handle_cachep, trans);
549 return err;
547} 550}
548 551
549int btrfs_end_transaction(struct btrfs_trans_handle *trans, 552int btrfs_end_transaction(struct btrfs_trans_handle *trans,
@@ -1399,6 +1402,7 @@ int btrfs_commit_transaction(struct btrfs_trans_handle *trans,
1399 ret = commit_fs_roots(trans, root); 1402 ret = commit_fs_roots(trans, root);
1400 if (ret) { 1403 if (ret) {
1401 mutex_unlock(&root->fs_info->tree_log_mutex); 1404 mutex_unlock(&root->fs_info->tree_log_mutex);
1405 mutex_unlock(&root->fs_info->reloc_mutex);
1402 goto cleanup_transaction; 1406 goto cleanup_transaction;
1403 } 1407 }
1404 1408
@@ -1410,6 +1414,7 @@ int btrfs_commit_transaction(struct btrfs_trans_handle *trans,
1410 ret = commit_cowonly_roots(trans, root); 1414 ret = commit_cowonly_roots(trans, root);
1411 if (ret) { 1415 if (ret) {
1412 mutex_unlock(&root->fs_info->tree_log_mutex); 1416 mutex_unlock(&root->fs_info->tree_log_mutex);
1417 mutex_unlock(&root->fs_info->reloc_mutex);
1413 goto cleanup_transaction; 1418 goto cleanup_transaction;
1414 } 1419 }
1415 1420
diff --git a/fs/btrfs/tree-log.c b/fs/btrfs/tree-log.c
index d017283ae6f5..eb1ae908582c 100644
--- a/fs/btrfs/tree-log.c
+++ b/fs/btrfs/tree-log.c
@@ -279,7 +279,7 @@ static int process_one_buffer(struct btrfs_root *log,
279 log->fs_info->extent_root, 279 log->fs_info->extent_root,
280 eb->start, eb->len); 280 eb->start, eb->len);
281 281
282 if (btrfs_buffer_uptodate(eb, gen)) { 282 if (btrfs_buffer_uptodate(eb, gen, 0)) {
283 if (wc->write) 283 if (wc->write)
284 btrfs_write_tree_block(eb); 284 btrfs_write_tree_block(eb);
285 if (wc->wait) 285 if (wc->wait)
diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index a872b48be0ae..1411b99555a4 100644
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -3324,12 +3324,14 @@ static int __btrfs_alloc_chunk(struct btrfs_trans_handle *trans,
3324 stripe_size = devices_info[ndevs-1].max_avail; 3324 stripe_size = devices_info[ndevs-1].max_avail;
3325 num_stripes = ndevs * dev_stripes; 3325 num_stripes = ndevs * dev_stripes;
3326 3326
3327 if (stripe_size * num_stripes > max_chunk_size * ncopies) { 3327 if (stripe_size * ndevs > max_chunk_size * ncopies) {
3328 stripe_size = max_chunk_size * ncopies; 3328 stripe_size = max_chunk_size * ncopies;
3329 do_div(stripe_size, num_stripes); 3329 do_div(stripe_size, ndevs);
3330 } 3330 }
3331 3331
3332 do_div(stripe_size, dev_stripes); 3332 do_div(stripe_size, dev_stripes);
3333
3334 /* align to BTRFS_STRIPE_LEN */
3333 do_div(stripe_size, BTRFS_STRIPE_LEN); 3335 do_div(stripe_size, BTRFS_STRIPE_LEN);
3334 stripe_size *= BTRFS_STRIPE_LEN; 3336 stripe_size *= BTRFS_STRIPE_LEN;
3335 3337
@@ -3805,10 +3807,11 @@ static int __btrfs_map_block(struct btrfs_mapping_tree *map_tree, int rw,
3805 else if (mirror_num) 3807 else if (mirror_num)
3806 stripe_index += mirror_num - 1; 3808 stripe_index += mirror_num - 1;
3807 else { 3809 else {
3810 int old_stripe_index = stripe_index;
3808 stripe_index = find_live_mirror(map, stripe_index, 3811 stripe_index = find_live_mirror(map, stripe_index,
3809 map->sub_stripes, stripe_index + 3812 map->sub_stripes, stripe_index +
3810 current->pid % map->sub_stripes); 3813 current->pid % map->sub_stripes);
3811 mirror_num = stripe_index + 1; 3814 mirror_num = stripe_index - old_stripe_index + 1;
3812 } 3815 }
3813 } else { 3816 } else {
3814 /* 3817 /*
@@ -3833,6 +3836,7 @@ static int __btrfs_map_block(struct btrfs_mapping_tree *map_tree, int rw,
3833 int sub_stripes = 0; 3836 int sub_stripes = 0;
3834 u64 stripes_per_dev = 0; 3837 u64 stripes_per_dev = 0;
3835 u32 remaining_stripes = 0; 3838 u32 remaining_stripes = 0;
3839 u32 last_stripe = 0;
3836 3840
3837 if (map->type & 3841 if (map->type &
3838 (BTRFS_BLOCK_GROUP_RAID0 | BTRFS_BLOCK_GROUP_RAID10)) { 3842 (BTRFS_BLOCK_GROUP_RAID0 | BTRFS_BLOCK_GROUP_RAID10)) {
@@ -3846,6 +3850,8 @@ static int __btrfs_map_block(struct btrfs_mapping_tree *map_tree, int rw,
3846 stripe_nr_orig, 3850 stripe_nr_orig,
3847 factor, 3851 factor,
3848 &remaining_stripes); 3852 &remaining_stripes);
3853 div_u64_rem(stripe_nr_end - 1, factor, &last_stripe);
3854 last_stripe *= sub_stripes;
3849 } 3855 }
3850 3856
3851 for (i = 0; i < num_stripes; i++) { 3857 for (i = 0; i < num_stripes; i++) {
@@ -3858,16 +3864,29 @@ static int __btrfs_map_block(struct btrfs_mapping_tree *map_tree, int rw,
3858 BTRFS_BLOCK_GROUP_RAID10)) { 3864 BTRFS_BLOCK_GROUP_RAID10)) {
3859 bbio->stripes[i].length = stripes_per_dev * 3865 bbio->stripes[i].length = stripes_per_dev *
3860 map->stripe_len; 3866 map->stripe_len;
3867
3861 if (i / sub_stripes < remaining_stripes) 3868 if (i / sub_stripes < remaining_stripes)
3862 bbio->stripes[i].length += 3869 bbio->stripes[i].length +=
3863 map->stripe_len; 3870 map->stripe_len;
3871
3872 /*
3873 * Special for the first stripe and
3874 * the last stripe:
3875 *
3876 * |-------|...|-------|
3877 * |----------|
3878 * off end_off
3879 */
3864 if (i < sub_stripes) 3880 if (i < sub_stripes)
3865 bbio->stripes[i].length -= 3881 bbio->stripes[i].length -=
3866 stripe_offset; 3882 stripe_offset;
3867 if ((i / sub_stripes + 1) % 3883
3868 sub_stripes == remaining_stripes) 3884 if (stripe_index >= last_stripe &&
3885 stripe_index <= (last_stripe +
3886 sub_stripes - 1))
3869 bbio->stripes[i].length -= 3887 bbio->stripes[i].length -=
3870 stripe_end_offset; 3888 stripe_end_offset;
3889
3871 if (i == sub_stripes - 1) 3890 if (i == sub_stripes - 1)
3872 stripe_offset = 0; 3891 stripe_offset = 0;
3873 } else 3892 } else
@@ -4334,8 +4353,10 @@ static int open_seed_devices(struct btrfs_root *root, u8 *fsid)
4334 4353
4335 ret = __btrfs_open_devices(fs_devices, FMODE_READ, 4354 ret = __btrfs_open_devices(fs_devices, FMODE_READ,
4336 root->fs_info->bdev_holder); 4355 root->fs_info->bdev_holder);
4337 if (ret) 4356 if (ret) {
4357 free_fs_devices(fs_devices);
4338 goto out; 4358 goto out;
4359 }
4339 4360
4340 if (!fs_devices->seeding) { 4361 if (!fs_devices->seeding) {
4341 __btrfs_close_devices(fs_devices); 4362 __btrfs_close_devices(fs_devices);
diff --git a/fs/buffer.c b/fs/buffer.c
index 36d66653b931..351e18ea2e53 100644
--- a/fs/buffer.c
+++ b/fs/buffer.c
@@ -985,7 +985,6 @@ grow_dev_page(struct block_device *bdev, sector_t block,
985 return page; 985 return page;
986 986
987failed: 987failed:
988 BUG();
989 unlock_page(page); 988 unlock_page(page);
990 page_cache_release(page); 989 page_cache_release(page);
991 return NULL; 990 return NULL;
diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c
index d34212822444..ca6a3796a33b 100644
--- a/fs/cifs/cifsfs.c
+++ b/fs/cifs/cifsfs.c
@@ -370,13 +370,13 @@ cifs_show_options(struct seq_file *s, struct dentry *root)
370 (int)(srcaddr->sa_family)); 370 (int)(srcaddr->sa_family));
371 } 371 }
372 372
373 seq_printf(s, ",uid=%d", cifs_sb->mnt_uid); 373 seq_printf(s, ",uid=%u", cifs_sb->mnt_uid);
374 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_OVERR_UID) 374 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_OVERR_UID)
375 seq_printf(s, ",forceuid"); 375 seq_printf(s, ",forceuid");
376 else 376 else
377 seq_printf(s, ",noforceuid"); 377 seq_printf(s, ",noforceuid");
378 378
379 seq_printf(s, ",gid=%d", cifs_sb->mnt_gid); 379 seq_printf(s, ",gid=%u", cifs_sb->mnt_gid);
380 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_OVERR_GID) 380 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_OVERR_GID)
381 seq_printf(s, ",forcegid"); 381 seq_printf(s, ",forcegid");
382 else 382 else
@@ -434,11 +434,15 @@ cifs_show_options(struct seq_file *s, struct dentry *root)
434 seq_printf(s, ",noperm"); 434 seq_printf(s, ",noperm");
435 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_STRICT_IO) 435 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_STRICT_IO)
436 seq_printf(s, ",strictcache"); 436 seq_printf(s, ",strictcache");
437 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_CIFS_BACKUPUID)
438 seq_printf(s, ",backupuid=%u", cifs_sb->mnt_backupuid);
439 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_CIFS_BACKUPGID)
440 seq_printf(s, ",backupgid=%u", cifs_sb->mnt_backupgid);
437 441
438 seq_printf(s, ",rsize=%d", cifs_sb->rsize); 442 seq_printf(s, ",rsize=%u", cifs_sb->rsize);
439 seq_printf(s, ",wsize=%d", cifs_sb->wsize); 443 seq_printf(s, ",wsize=%u", cifs_sb->wsize);
440 /* convert actimeo and display it in seconds */ 444 /* convert actimeo and display it in seconds */
441 seq_printf(s, ",actimeo=%lu", cifs_sb->actimeo / HZ); 445 seq_printf(s, ",actimeo=%lu", cifs_sb->actimeo / HZ);
442 446
443 return 0; 447 return 0;
444} 448}
diff --git a/fs/cifs/cifsfs.h b/fs/cifs/cifsfs.h
index d1389bb33ceb..65365358c976 100644
--- a/fs/cifs/cifsfs.h
+++ b/fs/cifs/cifsfs.h
@@ -125,5 +125,5 @@ extern long cifs_ioctl(struct file *filep, unsigned int cmd, unsigned long arg);
125extern const struct export_operations cifs_export_ops; 125extern const struct export_operations cifs_export_ops;
126#endif /* CONFIG_CIFS_NFSD_EXPORT */ 126#endif /* CONFIG_CIFS_NFSD_EXPORT */
127 127
128#define CIFS_VERSION "1.77" 128#define CIFS_VERSION "1.78"
129#endif /* _CIFSFS_H */ 129#endif /* _CIFSFS_H */
diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
index 8fecc99be344..da2f5446fa7a 100644
--- a/fs/cifs/cifssmb.c
+++ b/fs/cifs/cifssmb.c
@@ -3892,13 +3892,12 @@ CIFSSMBSetCIFSACL(const int xid, struct cifs_tcon *tcon, __u16 fid,
3892 int rc = 0; 3892 int rc = 0;
3893 int bytes_returned = 0; 3893 int bytes_returned = 0;
3894 SET_SEC_DESC_REQ *pSMB = NULL; 3894 SET_SEC_DESC_REQ *pSMB = NULL;
3895 NTRANSACT_RSP *pSMBr = NULL; 3895 void *pSMBr;
3896 3896
3897setCifsAclRetry: 3897setCifsAclRetry:
3898 rc = smb_init(SMB_COM_NT_TRANSACT, 19, tcon, (void **) &pSMB, 3898 rc = smb_init(SMB_COM_NT_TRANSACT, 19, tcon, (void **) &pSMB, &pSMBr);
3899 (void **) &pSMBr);
3900 if (rc) 3899 if (rc)
3901 return (rc); 3900 return rc;
3902 3901
3903 pSMB->MaxSetupCount = 0; 3902 pSMB->MaxSetupCount = 0;
3904 pSMB->Reserved = 0; 3903 pSMB->Reserved = 0;
@@ -3926,9 +3925,8 @@ setCifsAclRetry:
3926 pSMB->AclFlags = cpu_to_le32(aclflag); 3925 pSMB->AclFlags = cpu_to_le32(aclflag);
3927 3926
3928 if (pntsd && acllen) { 3927 if (pntsd && acllen) {
3929 memcpy((char *) &pSMBr->hdr.Protocol + data_offset, 3928 memcpy((char *)pSMBr + offsetof(struct smb_hdr, Protocol) +
3930 (char *) pntsd, 3929 data_offset, pntsd, acllen);
3931 acllen);
3932 inc_rfc1001_len(pSMB, byte_count + data_count); 3930 inc_rfc1001_len(pSMB, byte_count + data_count);
3933 } else 3931 } else
3934 inc_rfc1001_len(pSMB, byte_count); 3932 inc_rfc1001_len(pSMB, byte_count);
@@ -4846,8 +4844,12 @@ parse_DFS_referrals(TRANSACTION2_GET_DFS_REFER_RSP *pSMBr,
4846 max_len = data_end - temp; 4844 max_len = data_end - temp;
4847 node->node_name = cifs_strndup_from_utf16(temp, max_len, 4845 node->node_name = cifs_strndup_from_utf16(temp, max_len,
4848 is_unicode, nls_codepage); 4846 is_unicode, nls_codepage);
4849 if (!node->node_name) 4847 if (!node->node_name) {
4850 rc = -ENOMEM; 4848 rc = -ENOMEM;
4849 goto parse_DFS_referrals_exit;
4850 }
4851
4852 ref++;
4851 } 4853 }
4852 4854
4853parse_DFS_referrals_exit: 4855parse_DFS_referrals_exit:
@@ -5708,7 +5710,8 @@ CIFSSMBSetFileInfo(const int xid, struct cifs_tcon *tcon,
5708 param_offset = offsetof(struct smb_com_transaction2_sfi_req, Fid) - 4; 5710 param_offset = offsetof(struct smb_com_transaction2_sfi_req, Fid) - 4;
5709 offset = param_offset + params; 5711 offset = param_offset + params;
5710 5712
5711 data_offset = (char *) (&pSMB->hdr.Protocol) + offset; 5713 data_offset = (char *)pSMB +
5714 offsetof(struct smb_hdr, Protocol) + offset;
5712 5715
5713 count = sizeof(FILE_BASIC_INFO); 5716 count = sizeof(FILE_BASIC_INFO);
5714 pSMB->MaxParameterCount = cpu_to_le16(2); 5717 pSMB->MaxParameterCount = cpu_to_le16(2);
@@ -5977,7 +5980,7 @@ CIFSSMBUnixSetFileInfo(const int xid, struct cifs_tcon *tcon,
5977 u16 fid, u32 pid_of_opener) 5980 u16 fid, u32 pid_of_opener)
5978{ 5981{
5979 struct smb_com_transaction2_sfi_req *pSMB = NULL; 5982 struct smb_com_transaction2_sfi_req *pSMB = NULL;
5980 FILE_UNIX_BASIC_INFO *data_offset; 5983 char *data_offset;
5981 int rc = 0; 5984 int rc = 0;
5982 u16 params, param_offset, offset, byte_count, count; 5985 u16 params, param_offset, offset, byte_count, count;
5983 5986
@@ -5999,8 +6002,9 @@ CIFSSMBUnixSetFileInfo(const int xid, struct cifs_tcon *tcon,
5999 param_offset = offsetof(struct smb_com_transaction2_sfi_req, Fid) - 4; 6002 param_offset = offsetof(struct smb_com_transaction2_sfi_req, Fid) - 4;
6000 offset = param_offset + params; 6003 offset = param_offset + params;
6001 6004
6002 data_offset = (FILE_UNIX_BASIC_INFO *) 6005 data_offset = (char *)pSMB +
6003 ((char *)(&pSMB->hdr.Protocol) + offset); 6006 offsetof(struct smb_hdr, Protocol) + offset;
6007
6004 count = sizeof(FILE_UNIX_BASIC_INFO); 6008 count = sizeof(FILE_UNIX_BASIC_INFO);
6005 6009
6006 pSMB->MaxParameterCount = cpu_to_le16(2); 6010 pSMB->MaxParameterCount = cpu_to_le16(2);
@@ -6022,7 +6026,7 @@ CIFSSMBUnixSetFileInfo(const int xid, struct cifs_tcon *tcon,
6022 inc_rfc1001_len(pSMB, byte_count); 6026 inc_rfc1001_len(pSMB, byte_count);
6023 pSMB->ByteCount = cpu_to_le16(byte_count); 6027 pSMB->ByteCount = cpu_to_le16(byte_count);
6024 6028
6025 cifs_fill_unix_set_info(data_offset, args); 6029 cifs_fill_unix_set_info((FILE_UNIX_BASIC_INFO *)data_offset, args);
6026 6030
6027 rc = SendReceiveNoRsp(xid, tcon->ses, (char *) pSMB, 0); 6031 rc = SendReceiveNoRsp(xid, tcon->ses, (char *) pSMB, 0);
6028 if (rc) 6032 if (rc)
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 302a15c505a9..5dcc55197fb3 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -109,6 +109,8 @@ enum {
109 109
110 /* Options which could be blank */ 110 /* Options which could be blank */
111 Opt_blank_pass, 111 Opt_blank_pass,
112 Opt_blank_user,
113 Opt_blank_ip,
112 114
113 Opt_err 115 Opt_err
114}; 116};
@@ -183,11 +185,15 @@ static const match_table_t cifs_mount_option_tokens = {
183 { Opt_wsize, "wsize=%s" }, 185 { Opt_wsize, "wsize=%s" },
184 { Opt_actimeo, "actimeo=%s" }, 186 { Opt_actimeo, "actimeo=%s" },
185 187
188 { Opt_blank_user, "user=" },
189 { Opt_blank_user, "username=" },
186 { Opt_user, "user=%s" }, 190 { Opt_user, "user=%s" },
187 { Opt_user, "username=%s" }, 191 { Opt_user, "username=%s" },
188 { Opt_blank_pass, "pass=" }, 192 { Opt_blank_pass, "pass=" },
189 { Opt_pass, "pass=%s" }, 193 { Opt_pass, "pass=%s" },
190 { Opt_pass, "password=%s" }, 194 { Opt_pass, "password=%s" },
195 { Opt_blank_ip, "ip=" },
196 { Opt_blank_ip, "addr=" },
191 { Opt_ip, "ip=%s" }, 197 { Opt_ip, "ip=%s" },
192 { Opt_ip, "addr=%s" }, 198 { Opt_ip, "addr=%s" },
193 { Opt_unc, "unc=%s" }, 199 { Opt_unc, "unc=%s" },
@@ -209,6 +215,8 @@ static const match_table_t cifs_mount_option_tokens = {
209 215
210 { Opt_ignore, "cred" }, 216 { Opt_ignore, "cred" },
211 { Opt_ignore, "credentials" }, 217 { Opt_ignore, "credentials" },
218 { Opt_ignore, "cred=%s" },
219 { Opt_ignore, "credentials=%s" },
212 { Opt_ignore, "guest" }, 220 { Opt_ignore, "guest" },
213 { Opt_ignore, "rw" }, 221 { Opt_ignore, "rw" },
214 { Opt_ignore, "ro" }, 222 { Opt_ignore, "ro" },
@@ -1117,7 +1125,7 @@ static int get_option_ul(substring_t args[], unsigned long *option)
1117 string = match_strdup(args); 1125 string = match_strdup(args);
1118 if (string == NULL) 1126 if (string == NULL)
1119 return -ENOMEM; 1127 return -ENOMEM;
1120 rc = kstrtoul(string, 10, option); 1128 rc = kstrtoul(string, 0, option);
1121 kfree(string); 1129 kfree(string);
1122 1130
1123 return rc; 1131 return rc;
@@ -1534,15 +1542,17 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1534 1542
1535 /* String Arguments */ 1543 /* String Arguments */
1536 1544
1545 case Opt_blank_user:
1546 /* null user, ie. anonymous authentication */
1547 vol->nullauth = 1;
1548 vol->username = NULL;
1549 break;
1537 case Opt_user: 1550 case Opt_user:
1538 string = match_strdup(args); 1551 string = match_strdup(args);
1539 if (string == NULL) 1552 if (string == NULL)
1540 goto out_nomem; 1553 goto out_nomem;
1541 1554
1542 if (!*string) { 1555 if (strnlen(string, MAX_USERNAME_SIZE) >
1543 /* null user, ie. anonymous authentication */
1544 vol->nullauth = 1;
1545 } else if (strnlen(string, MAX_USERNAME_SIZE) >
1546 MAX_USERNAME_SIZE) { 1556 MAX_USERNAME_SIZE) {
1547 printk(KERN_WARNING "CIFS: username too long\n"); 1557 printk(KERN_WARNING "CIFS: username too long\n");
1548 goto cifs_parse_mount_err; 1558 goto cifs_parse_mount_err;
@@ -1565,8 +1575,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1565 1575
1566 /* Obtain the value string */ 1576 /* Obtain the value string */
1567 value = strchr(data, '='); 1577 value = strchr(data, '=');
1568 if (value != NULL) 1578 value++;
1569 *value++ = '\0';
1570 1579
1571 /* Set tmp_end to end of the string */ 1580 /* Set tmp_end to end of the string */
1572 tmp_end = (char *) value + strlen(value); 1581 tmp_end = (char *) value + strlen(value);
@@ -1612,14 +1621,15 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1612 } 1621 }
1613 vol->password[j] = '\0'; 1622 vol->password[j] = '\0';
1614 break; 1623 break;
1624 case Opt_blank_ip:
1625 vol->UNCip = NULL;
1626 break;
1615 case Opt_ip: 1627 case Opt_ip:
1616 string = match_strdup(args); 1628 string = match_strdup(args);
1617 if (string == NULL) 1629 if (string == NULL)
1618 goto out_nomem; 1630 goto out_nomem;
1619 1631
1620 if (!*string) { 1632 if (strnlen(string, INET6_ADDRSTRLEN) >
1621 vol->UNCip = NULL;
1622 } else if (strnlen(string, INET6_ADDRSTRLEN) >
1623 INET6_ADDRSTRLEN) { 1633 INET6_ADDRSTRLEN) {
1624 printk(KERN_WARNING "CIFS: ip address " 1634 printk(KERN_WARNING "CIFS: ip address "
1625 "too long\n"); 1635 "too long\n");
@@ -1637,18 +1647,19 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1637 if (string == NULL) 1647 if (string == NULL)
1638 goto out_nomem; 1648 goto out_nomem;
1639 1649
1640 if (!*string) {
1641 printk(KERN_WARNING "CIFS: invalid path to "
1642 "network resource\n");
1643 goto cifs_parse_mount_err;
1644 }
1645
1646 temp_len = strnlen(string, 300); 1650 temp_len = strnlen(string, 300);
1647 if (temp_len == 300) { 1651 if (temp_len == 300) {
1648 printk(KERN_WARNING "CIFS: UNC name too long\n"); 1652 printk(KERN_WARNING "CIFS: UNC name too long\n");
1649 goto cifs_parse_mount_err; 1653 goto cifs_parse_mount_err;
1650 } 1654 }
1651 1655
1656 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1657 if (vol->UNC == NULL) {
1658 printk(KERN_WARNING "CIFS: no memory for UNC\n");
1659 goto cifs_parse_mount_err;
1660 }
1661 strcpy(vol->UNC, string);
1662
1652 if (strncmp(string, "//", 2) == 0) { 1663 if (strncmp(string, "//", 2) == 0) {
1653 vol->UNC[0] = '\\'; 1664 vol->UNC[0] = '\\';
1654 vol->UNC[1] = '\\'; 1665 vol->UNC[1] = '\\';
@@ -1658,24 +1669,13 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1658 goto cifs_parse_mount_err; 1669 goto cifs_parse_mount_err;
1659 } 1670 }
1660 1671
1661 vol->UNC = kmalloc(temp_len+1, GFP_KERNEL);
1662 if (vol->UNC == NULL) {
1663 printk(KERN_WARNING "CIFS: no memory "
1664 "for UNC\n");
1665 goto cifs_parse_mount_err;
1666 }
1667 strcpy(vol->UNC, string);
1668 break; 1672 break;
1669 case Opt_domain: 1673 case Opt_domain:
1670 string = match_strdup(args); 1674 string = match_strdup(args);
1671 if (string == NULL) 1675 if (string == NULL)
1672 goto out_nomem; 1676 goto out_nomem;
1673 1677
1674 if (!*string) { 1678 if (strnlen(string, 256) == 256) {
1675 printk(KERN_WARNING "CIFS: invalid domain"
1676 " name\n");
1677 goto cifs_parse_mount_err;
1678 } else if (strnlen(string, 256) == 256) {
1679 printk(KERN_WARNING "CIFS: domain name too" 1679 printk(KERN_WARNING "CIFS: domain name too"
1680 " long\n"); 1680 " long\n");
1681 goto cifs_parse_mount_err; 1681 goto cifs_parse_mount_err;
@@ -1694,11 +1694,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1694 if (string == NULL) 1694 if (string == NULL)
1695 goto out_nomem; 1695 goto out_nomem;
1696 1696
1697 if (!*string) { 1697 if (!cifs_convert_address(
1698 printk(KERN_WARNING "CIFS: srcaddr value not"
1699 " specified\n");
1700 goto cifs_parse_mount_err;
1701 } else if (!cifs_convert_address(
1702 (struct sockaddr *)&vol->srcaddr, 1698 (struct sockaddr *)&vol->srcaddr,
1703 string, strlen(string))) { 1699 string, strlen(string))) {
1704 printk(KERN_WARNING "CIFS: Could not parse" 1700 printk(KERN_WARNING "CIFS: Could not parse"
@@ -1711,11 +1707,6 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1711 if (string == NULL) 1707 if (string == NULL)
1712 goto out_nomem; 1708 goto out_nomem;
1713 1709
1714 if (!*string) {
1715 printk(KERN_WARNING "CIFS: Invalid path"
1716 " prefix\n");
1717 goto cifs_parse_mount_err;
1718 }
1719 temp_len = strnlen(string, 1024); 1710 temp_len = strnlen(string, 1024);
1720 if (string[0] != '/') 1711 if (string[0] != '/')
1721 temp_len++; /* missing leading slash */ 1712 temp_len++; /* missing leading slash */
@@ -1743,11 +1734,7 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1743 if (string == NULL) 1734 if (string == NULL)
1744 goto out_nomem; 1735 goto out_nomem;
1745 1736
1746 if (!*string) { 1737 if (strnlen(string, 1024) >= 65) {
1747 printk(KERN_WARNING "CIFS: Invalid iocharset"
1748 " specified\n");
1749 goto cifs_parse_mount_err;
1750 } else if (strnlen(string, 1024) >= 65) {
1751 printk(KERN_WARNING "CIFS: iocharset name " 1738 printk(KERN_WARNING "CIFS: iocharset name "
1752 "too long.\n"); 1739 "too long.\n");
1753 goto cifs_parse_mount_err; 1740 goto cifs_parse_mount_err;
@@ -1772,11 +1759,6 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1772 if (string == NULL) 1759 if (string == NULL)
1773 goto out_nomem; 1760 goto out_nomem;
1774 1761
1775 if (!*string) {
1776 printk(KERN_WARNING "CIFS: No socket option"
1777 " specified\n");
1778 goto cifs_parse_mount_err;
1779 }
1780 if (strnicmp(string, "TCP_NODELAY", 11) == 0) 1762 if (strnicmp(string, "TCP_NODELAY", 11) == 0)
1781 vol->sockopt_tcp_nodelay = 1; 1763 vol->sockopt_tcp_nodelay = 1;
1782 break; 1764 break;
@@ -1785,12 +1767,6 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1785 if (string == NULL) 1767 if (string == NULL)
1786 goto out_nomem; 1768 goto out_nomem;
1787 1769
1788 if (!*string) {
1789 printk(KERN_WARNING "CIFS: Invalid (empty)"
1790 " netbiosname\n");
1791 break;
1792 }
1793
1794 memset(vol->source_rfc1001_name, 0x20, 1770 memset(vol->source_rfc1001_name, 0x20,
1795 RFC1001_NAME_LEN); 1771 RFC1001_NAME_LEN);
1796 /* 1772 /*
@@ -1818,11 +1794,6 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1818 if (string == NULL) 1794 if (string == NULL)
1819 goto out_nomem; 1795 goto out_nomem;
1820 1796
1821 if (!*string) {
1822 printk(KERN_WARNING "CIFS: Empty server"
1823 " netbiosname specified\n");
1824 break;
1825 }
1826 /* last byte, type, is 0x20 for servr type */ 1797 /* last byte, type, is 0x20 for servr type */
1827 memset(vol->target_rfc1001_name, 0x20, 1798 memset(vol->target_rfc1001_name, 0x20,
1828 RFC1001_NAME_LEN_WITH_NULL); 1799 RFC1001_NAME_LEN_WITH_NULL);
@@ -1849,12 +1820,6 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1849 if (string == NULL) 1820 if (string == NULL)
1850 goto out_nomem; 1821 goto out_nomem;
1851 1822
1852 if (!*string) {
1853 cERROR(1, "no protocol version specified"
1854 " after vers= mount option");
1855 goto cifs_parse_mount_err;
1856 }
1857
1858 if (strnicmp(string, "cifs", 4) == 0 || 1823 if (strnicmp(string, "cifs", 4) == 0 ||
1859 strnicmp(string, "1", 1) == 0) { 1824 strnicmp(string, "1", 1) == 0) {
1860 /* This is the default */ 1825 /* This is the default */
@@ -1869,12 +1834,6 @@ cifs_parse_mount_options(const char *mountdata, const char *devname,
1869 if (string == NULL) 1834 if (string == NULL)
1870 goto out_nomem; 1835 goto out_nomem;
1871 1836
1872 if (!*string) {
1873 printk(KERN_WARNING "CIFS: no security flavor"
1874 " specified\n");
1875 break;
1876 }
1877
1878 if (cifs_parse_security_flavors(string, vol) != 0) 1837 if (cifs_parse_security_flavors(string, vol) != 0)
1879 goto cifs_parse_mount_err; 1838 goto cifs_parse_mount_err;
1880 break; 1839 break;
@@ -2226,6 +2185,7 @@ cifs_get_tcp_session(struct smb_vol *volume_info)
2226 tcp_ses->session_estab = false; 2185 tcp_ses->session_estab = false;
2227 tcp_ses->sequence_number = 0; 2186 tcp_ses->sequence_number = 0;
2228 tcp_ses->lstrp = jiffies; 2187 tcp_ses->lstrp = jiffies;
2188 spin_lock_init(&tcp_ses->req_lock);
2229 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list); 2189 INIT_LIST_HEAD(&tcp_ses->tcp_ses_list);
2230 INIT_LIST_HEAD(&tcp_ses->smb_ses_list); 2190 INIT_LIST_HEAD(&tcp_ses->smb_ses_list);
2231 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request); 2191 INIT_DELAYED_WORK(&tcp_ses->echo, cifs_echo_request);
@@ -3271,10 +3231,6 @@ void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
3271 3231
3272 cifs_sb->mnt_uid = pvolume_info->linux_uid; 3232 cifs_sb->mnt_uid = pvolume_info->linux_uid;
3273 cifs_sb->mnt_gid = pvolume_info->linux_gid; 3233 cifs_sb->mnt_gid = pvolume_info->linux_gid;
3274 if (pvolume_info->backupuid_specified)
3275 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
3276 if (pvolume_info->backupgid_specified)
3277 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
3278 cifs_sb->mnt_file_mode = pvolume_info->file_mode; 3234 cifs_sb->mnt_file_mode = pvolume_info->file_mode;
3279 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode; 3235 cifs_sb->mnt_dir_mode = pvolume_info->dir_mode;
3280 cFYI(1, "file mode: 0x%hx dir mode: 0x%hx", 3236 cFYI(1, "file mode: 0x%hx dir mode: 0x%hx",
@@ -3305,10 +3261,14 @@ void cifs_setup_cifs_sb(struct smb_vol *pvolume_info,
3305 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD; 3261 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_RWPIDFORWARD;
3306 if (pvolume_info->cifs_acl) 3262 if (pvolume_info->cifs_acl)
3307 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL; 3263 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_ACL;
3308 if (pvolume_info->backupuid_specified) 3264 if (pvolume_info->backupuid_specified) {
3309 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID; 3265 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPUID;
3310 if (pvolume_info->backupgid_specified) 3266 cifs_sb->mnt_backupuid = pvolume_info->backupuid;
3267 }
3268 if (pvolume_info->backupgid_specified) {
3311 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID; 3269 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_CIFS_BACKUPGID;
3270 cifs_sb->mnt_backupgid = pvolume_info->backupgid;
3271 }
3312 if (pvolume_info->override_uid) 3272 if (pvolume_info->override_uid)
3313 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID; 3273 cifs_sb->mnt_cifs_flags |= CIFS_MOUNT_OVERR_UID;
3314 if (pvolume_info->override_gid) 3274 if (pvolume_info->override_gid)
@@ -3657,22 +3617,6 @@ cifs_get_volume_info(char *mount_data, const char *devname)
3657 return volume_info; 3617 return volume_info;
3658} 3618}
3659 3619
3660/* make sure ra_pages is a multiple of rsize */
3661static inline unsigned int
3662cifs_ra_pages(struct cifs_sb_info *cifs_sb)
3663{
3664 unsigned int reads;
3665 unsigned int rsize_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3666
3667 if (rsize_pages >= default_backing_dev_info.ra_pages)
3668 return default_backing_dev_info.ra_pages;
3669 else if (rsize_pages == 0)
3670 return rsize_pages;
3671
3672 reads = default_backing_dev_info.ra_pages / rsize_pages;
3673 return reads * rsize_pages;
3674}
3675
3676int 3620int
3677cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info) 3621cifs_mount(struct cifs_sb_info *cifs_sb, struct smb_vol *volume_info)
3678{ 3622{
@@ -3760,7 +3704,7 @@ try_mount_again:
3760 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info); 3704 cifs_sb->rsize = cifs_negotiate_rsize(tcon, volume_info);
3761 3705
3762 /* tune readahead according to rsize */ 3706 /* tune readahead according to rsize */
3763 cifs_sb->bdi.ra_pages = cifs_ra_pages(cifs_sb); 3707 cifs_sb->bdi.ra_pages = cifs_sb->rsize / PAGE_CACHE_SIZE;
3764 3708
3765remote_path_check: 3709remote_path_check:
3766#ifdef CONFIG_CIFS_DFS_UPCALL 3710#ifdef CONFIG_CIFS_DFS_UPCALL
diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c
index d172c8ed9017..ec4e9a2a12f8 100644
--- a/fs/cifs/dir.c
+++ b/fs/cifs/dir.c
@@ -668,12 +668,19 @@ cifs_d_revalidate(struct dentry *direntry, struct nameidata *nd)
668 return 0; 668 return 0;
669 else { 669 else {
670 /* 670 /*
671 * Forcibly invalidate automounting directory inodes 671 * If the inode wasn't known to be a dfs entry when
672 * (remote DFS directories) so to have them 672 * the dentry was instantiated, such as when created
673 * instantiated again for automount 673 * via ->readdir(), it needs to be set now since the
674 * attributes will have been updated by
675 * cifs_revalidate_dentry().
674 */ 676 */
675 if (IS_AUTOMOUNT(direntry->d_inode)) 677 if (IS_AUTOMOUNT(direntry->d_inode) &&
676 return 0; 678 !(direntry->d_flags & DCACHE_NEED_AUTOMOUNT)) {
679 spin_lock(&direntry->d_lock);
680 direntry->d_flags |= DCACHE_NEED_AUTOMOUNT;
681 spin_unlock(&direntry->d_lock);
682 }
683
677 return 1; 684 return 1;
678 } 685 }
679 } 686 }
diff --git a/fs/cifs/file.c b/fs/cifs/file.c
index 460d87b7cda0..81725e9286e9 100644
--- a/fs/cifs/file.c
+++ b/fs/cifs/file.c
@@ -835,13 +835,21 @@ cifs_posix_lock_set(struct file *file, struct file_lock *flock)
835 if ((flock->fl_flags & FL_POSIX) == 0) 835 if ((flock->fl_flags & FL_POSIX) == 0)
836 return rc; 836 return rc;
837 837
838try_again:
838 mutex_lock(&cinode->lock_mutex); 839 mutex_lock(&cinode->lock_mutex);
839 if (!cinode->can_cache_brlcks) { 840 if (!cinode->can_cache_brlcks) {
840 mutex_unlock(&cinode->lock_mutex); 841 mutex_unlock(&cinode->lock_mutex);
841 return rc; 842 return rc;
842 } 843 }
843 rc = posix_lock_file_wait(file, flock); 844
845 rc = posix_lock_file(file, flock, NULL);
844 mutex_unlock(&cinode->lock_mutex); 846 mutex_unlock(&cinode->lock_mutex);
847 if (rc == FILE_LOCK_DEFERRED) {
848 rc = wait_event_interruptible(flock->fl_wait, !flock->fl_next);
849 if (!rc)
850 goto try_again;
851 locks_delete_block(flock);
852 }
845 return rc; 853 return rc;
846} 854}
847 855
@@ -2170,7 +2178,7 @@ cifs_iovec_write(struct file *file, const struct iovec *iov,
2170 unsigned long nr_pages, i; 2178 unsigned long nr_pages, i;
2171 size_t copied, len, cur_len; 2179 size_t copied, len, cur_len;
2172 ssize_t total_written = 0; 2180 ssize_t total_written = 0;
2173 loff_t offset = *poffset; 2181 loff_t offset;
2174 struct iov_iter it; 2182 struct iov_iter it;
2175 struct cifsFileInfo *open_file; 2183 struct cifsFileInfo *open_file;
2176 struct cifs_tcon *tcon; 2184 struct cifs_tcon *tcon;
@@ -2192,6 +2200,7 @@ cifs_iovec_write(struct file *file, const struct iovec *iov,
2192 cifs_sb = CIFS_SB(file->f_path.dentry->d_sb); 2200 cifs_sb = CIFS_SB(file->f_path.dentry->d_sb);
2193 open_file = file->private_data; 2201 open_file = file->private_data;
2194 tcon = tlink_tcon(open_file->tlink); 2202 tcon = tlink_tcon(open_file->tlink);
2203 offset = *poffset;
2195 2204
2196 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_RWPIDFORWARD) 2205 if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_RWPIDFORWARD)
2197 pid = open_file->pid; 2206 pid = open_file->pid;
diff --git a/fs/cifs/netmisc.c b/fs/cifs/netmisc.c
index dd23a321bdda..581c225f7f50 100644
--- a/fs/cifs/netmisc.c
+++ b/fs/cifs/netmisc.c
@@ -197,8 +197,7 @@ cifs_convert_address(struct sockaddr *dst, const char *src, int len)
197 memcpy(scope_id, pct + 1, slen); 197 memcpy(scope_id, pct + 1, slen);
198 scope_id[slen] = '\0'; 198 scope_id[slen] = '\0';
199 199
200 rc = strict_strtoul(scope_id, 0, 200 rc = kstrtouint(scope_id, 0, &s6->sin6_scope_id);
201 (unsigned long *)&s6->sin6_scope_id);
202 rc = (rc == 0) ? 1 : 0; 201 rc = (rc == 0) ? 1 : 0;
203 } 202 }
204 203
diff --git a/fs/dcache.c b/fs/dcache.c
index b60ddc41d783..b80531c91779 100644
--- a/fs/dcache.c
+++ b/fs/dcache.c
@@ -141,18 +141,29 @@ int proc_nr_dentry(ctl_table *table, int write, void __user *buffer,
141 * Compare 2 name strings, return 0 if they match, otherwise non-zero. 141 * Compare 2 name strings, return 0 if they match, otherwise non-zero.
142 * The strings are both count bytes long, and count is non-zero. 142 * The strings are both count bytes long, and count is non-zero.
143 */ 143 */
144#ifdef CONFIG_DCACHE_WORD_ACCESS
145
146#include <asm/word-at-a-time.h>
147/*
148 * NOTE! 'cs' and 'scount' come from a dentry, so it has a
149 * aligned allocation for this particular component. We don't
150 * strictly need the load_unaligned_zeropad() safety, but it
151 * doesn't hurt either.
152 *
153 * In contrast, 'ct' and 'tcount' can be from a pathname, and do
154 * need the careful unaligned handling.
155 */
144static inline int dentry_cmp(const unsigned char *cs, size_t scount, 156static inline int dentry_cmp(const unsigned char *cs, size_t scount,
145 const unsigned char *ct, size_t tcount) 157 const unsigned char *ct, size_t tcount)
146{ 158{
147#ifdef CONFIG_DCACHE_WORD_ACCESS
148 unsigned long a,b,mask; 159 unsigned long a,b,mask;
149 160
150 if (unlikely(scount != tcount)) 161 if (unlikely(scount != tcount))
151 return 1; 162 return 1;
152 163
153 for (;;) { 164 for (;;) {
154 a = *(unsigned long *)cs; 165 a = load_unaligned_zeropad(cs);
155 b = *(unsigned long *)ct; 166 b = load_unaligned_zeropad(ct);
156 if (tcount < sizeof(unsigned long)) 167 if (tcount < sizeof(unsigned long))
157 break; 168 break;
158 if (unlikely(a != b)) 169 if (unlikely(a != b))
@@ -165,7 +176,13 @@ static inline int dentry_cmp(const unsigned char *cs, size_t scount,
165 } 176 }
166 mask = ~(~0ul << tcount*8); 177 mask = ~(~0ul << tcount*8);
167 return unlikely(!!((a ^ b) & mask)); 178 return unlikely(!!((a ^ b) & mask));
179}
180
168#else 181#else
182
183static inline int dentry_cmp(const unsigned char *cs, size_t scount,
184 const unsigned char *ct, size_t tcount)
185{
169 if (scount != tcount) 186 if (scount != tcount)
170 return 1; 187 return 1;
171 188
@@ -177,9 +194,10 @@ static inline int dentry_cmp(const unsigned char *cs, size_t scount,
177 tcount--; 194 tcount--;
178 } while (tcount); 195 } while (tcount);
179 return 0; 196 return 0;
180#endif
181} 197}
182 198
199#endif
200
183static void __d_free(struct rcu_head *head) 201static void __d_free(struct rcu_head *head)
184{ 202{
185 struct dentry *dentry = container_of(head, struct dentry, d_u.d_rcu); 203 struct dentry *dentry = container_of(head, struct dentry, d_u.d_rcu);
diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c
index 21e93605161c..5dfafdd1dbd3 100644
--- a/fs/debugfs/file.c
+++ b/fs/debugfs/file.c
@@ -33,18 +33,10 @@ static ssize_t default_write_file(struct file *file, const char __user *buf,
33 return count; 33 return count;
34} 34}
35 35
36static int default_open(struct inode *inode, struct file *file)
37{
38 if (inode->i_private)
39 file->private_data = inode->i_private;
40
41 return 0;
42}
43
44const struct file_operations debugfs_file_operations = { 36const struct file_operations debugfs_file_operations = {
45 .read = default_read_file, 37 .read = default_read_file,
46 .write = default_write_file, 38 .write = default_write_file,
47 .open = default_open, 39 .open = simple_open,
48 .llseek = noop_llseek, 40 .llseek = noop_llseek,
49}; 41};
50 42
@@ -447,7 +439,7 @@ static ssize_t write_file_bool(struct file *file, const char __user *user_buf,
447static const struct file_operations fops_bool = { 439static const struct file_operations fops_bool = {
448 .read = read_file_bool, 440 .read = read_file_bool,
449 .write = write_file_bool, 441 .write = write_file_bool,
450 .open = default_open, 442 .open = simple_open,
451 .llseek = default_llseek, 443 .llseek = default_llseek,
452}; 444};
453 445
@@ -492,7 +484,7 @@ static ssize_t read_file_blob(struct file *file, char __user *user_buf,
492 484
493static const struct file_operations fops_blob = { 485static const struct file_operations fops_blob = {
494 .read = read_file_blob, 486 .read = read_file_blob,
495 .open = default_open, 487 .open = simple_open,
496 .llseek = default_llseek, 488 .llseek = default_llseek,
497}; 489};
498 490
diff --git a/fs/dlm/debug_fs.c b/fs/dlm/debug_fs.c
index 3dca2b39e83f..1c9b08095f98 100644
--- a/fs/dlm/debug_fs.c
+++ b/fs/dlm/debug_fs.c
@@ -609,13 +609,6 @@ static const struct file_operations format3_fops = {
609/* 609/*
610 * dump lkb's on the ls_waiters list 610 * dump lkb's on the ls_waiters list
611 */ 611 */
612
613static int waiters_open(struct inode *inode, struct file *file)
614{
615 file->private_data = inode->i_private;
616 return 0;
617}
618
619static ssize_t waiters_read(struct file *file, char __user *userbuf, 612static ssize_t waiters_read(struct file *file, char __user *userbuf,
620 size_t count, loff_t *ppos) 613 size_t count, loff_t *ppos)
621{ 614{
@@ -644,7 +637,7 @@ static ssize_t waiters_read(struct file *file, char __user *userbuf,
644 637
645static const struct file_operations waiters_fops = { 638static const struct file_operations waiters_fops = {
646 .owner = THIS_MODULE, 639 .owner = THIS_MODULE,
647 .open = waiters_open, 640 .open = simple_open,
648 .read = waiters_read, 641 .read = waiters_read,
649 .llseek = default_llseek, 642 .llseek = default_llseek,
650}; 643};
diff --git a/fs/dlm/lock.c b/fs/dlm/lock.c
index fa5c07d51dcc..4c58d4a3adc4 100644
--- a/fs/dlm/lock.c
+++ b/fs/dlm/lock.c
@@ -1737,6 +1737,18 @@ static int _can_be_granted(struct dlm_rsb *r, struct dlm_lkb *lkb, int now)
1737 return 1; 1737 return 1;
1738 1738
1739 /* 1739 /*
1740 * Even if the convert is compat with all granted locks,
1741 * QUECVT forces it behind other locks on the convert queue.
1742 */
1743
1744 if (now && conv && (lkb->lkb_exflags & DLM_LKF_QUECVT)) {
1745 if (list_empty(&r->res_convertqueue))
1746 return 1;
1747 else
1748 goto out;
1749 }
1750
1751 /*
1740 * The NOORDER flag is set to avoid the standard vms rules on grant 1752 * The NOORDER flag is set to avoid the standard vms rules on grant
1741 * order. 1753 * order.
1742 */ 1754 */
diff --git a/fs/eventpoll.c b/fs/eventpoll.c
index 739b0985b398..c0b3c70ee87a 100644
--- a/fs/eventpoll.c
+++ b/fs/eventpoll.c
@@ -1663,8 +1663,10 @@ SYSCALL_DEFINE4(epoll_ctl, int, epfd, int, op, int, fd,
1663 if (op == EPOLL_CTL_ADD) { 1663 if (op == EPOLL_CTL_ADD) {
1664 if (is_file_epoll(tfile)) { 1664 if (is_file_epoll(tfile)) {
1665 error = -ELOOP; 1665 error = -ELOOP;
1666 if (ep_loop_check(ep, tfile) != 0) 1666 if (ep_loop_check(ep, tfile) != 0) {
1667 clear_tfile_check_list();
1667 goto error_tgt_fput; 1668 goto error_tgt_fput;
1669 }
1668 } else 1670 } else
1669 list_add(&tfile->f_tfile_llink, &tfile_check_list); 1671 list_add(&tfile->f_tfile_llink, &tfile_check_list);
1670 } 1672 }
diff --git a/fs/exec.c b/fs/exec.c
index 9a1d9f0a60ab..b1fd2025e59a 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1371,7 +1371,7 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
1371 unsigned int depth = bprm->recursion_depth; 1371 unsigned int depth = bprm->recursion_depth;
1372 int try,retval; 1372 int try,retval;
1373 struct linux_binfmt *fmt; 1373 struct linux_binfmt *fmt;
1374 pid_t old_pid; 1374 pid_t old_pid, old_vpid;
1375 1375
1376 retval = security_bprm_check(bprm); 1376 retval = security_bprm_check(bprm);
1377 if (retval) 1377 if (retval)
@@ -1382,8 +1382,9 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
1382 return retval; 1382 return retval;
1383 1383
1384 /* Need to fetch pid before load_binary changes it */ 1384 /* Need to fetch pid before load_binary changes it */
1385 old_pid = current->pid;
1385 rcu_read_lock(); 1386 rcu_read_lock();
1386 old_pid = task_pid_nr_ns(current, task_active_pid_ns(current->parent)); 1387 old_vpid = task_pid_nr_ns(current, task_active_pid_ns(current->parent));
1387 rcu_read_unlock(); 1388 rcu_read_unlock();
1388 1389
1389 retval = -ENOENT; 1390 retval = -ENOENT;
@@ -1406,7 +1407,7 @@ int search_binary_handler(struct linux_binprm *bprm,struct pt_regs *regs)
1406 if (retval >= 0) { 1407 if (retval >= 0) {
1407 if (depth == 0) { 1408 if (depth == 0) {
1408 trace_sched_process_exec(current, old_pid, bprm); 1409 trace_sched_process_exec(current, old_pid, bprm);
1409 ptrace_event(PTRACE_EVENT_EXEC, old_pid); 1410 ptrace_event(PTRACE_EVENT_EXEC, old_vpid);
1410 } 1411 }
1411 put_binfmt(fmt); 1412 put_binfmt(fmt);
1412 allow_write_access(bprm->file); 1413 allow_write_access(bprm->file);
diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
index ab2594a30f86..0e01e90add8b 100644
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
@@ -1203,9 +1203,6 @@ struct ext4_sb_info {
1203 unsigned long s_ext_blocks; 1203 unsigned long s_ext_blocks;
1204 unsigned long s_ext_extents; 1204 unsigned long s_ext_extents;
1205#endif 1205#endif
1206 /* ext4 extent cache stats */
1207 unsigned long extent_cache_hits;
1208 unsigned long extent_cache_misses;
1209 1206
1210 /* for buddy allocator */ 1207 /* for buddy allocator */
1211 struct ext4_group_info ***s_group_info; 1208 struct ext4_group_info ***s_group_info;
diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
index 1421938e6792..abcdeab67f52 100644
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -2066,10 +2066,6 @@ static int ext4_ext_check_cache(struct inode *inode, ext4_lblk_t block,
2066 ret = 1; 2066 ret = 1;
2067 } 2067 }
2068errout: 2068errout:
2069 if (!ret)
2070 sbi->extent_cache_misses++;
2071 else
2072 sbi->extent_cache_hits++;
2073 trace_ext4_ext_in_cache(inode, block, ret); 2069 trace_ext4_ext_in_cache(inode, block, ret);
2074 spin_unlock(&EXT4_I(inode)->i_block_reservation_lock); 2070 spin_unlock(&EXT4_I(inode)->i_block_reservation_lock);
2075 return ret; 2071 return ret;
@@ -2882,7 +2878,7 @@ static int ext4_split_extent_at(handle_t *handle,
2882 if (err) 2878 if (err)
2883 goto fix_extent_len; 2879 goto fix_extent_len;
2884 /* update the extent length and mark as initialized */ 2880 /* update the extent length and mark as initialized */
2885 ex->ee_len = cpu_to_le32(ee_len); 2881 ex->ee_len = cpu_to_le16(ee_len);
2886 ext4_ext_try_to_merge(inode, path, ex); 2882 ext4_ext_try_to_merge(inode, path, ex);
2887 err = ext4_ext_dirty(handle, inode, path + depth); 2883 err = ext4_ext_dirty(handle, inode, path + depth);
2888 goto out; 2884 goto out;
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index ceebaf853beb..e1fb1d5de58e 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -1305,20 +1305,20 @@ static int set_qf_name(struct super_block *sb, int qtype, substring_t *args)
1305 ext4_msg(sb, KERN_ERR, 1305 ext4_msg(sb, KERN_ERR,
1306 "Cannot change journaled " 1306 "Cannot change journaled "
1307 "quota options when quota turned on"); 1307 "quota options when quota turned on");
1308 return 0; 1308 return -1;
1309 } 1309 }
1310 qname = match_strdup(args); 1310 qname = match_strdup(args);
1311 if (!qname) { 1311 if (!qname) {
1312 ext4_msg(sb, KERN_ERR, 1312 ext4_msg(sb, KERN_ERR,
1313 "Not enough memory for storing quotafile name"); 1313 "Not enough memory for storing quotafile name");
1314 return 0; 1314 return -1;
1315 } 1315 }
1316 if (sbi->s_qf_names[qtype] && 1316 if (sbi->s_qf_names[qtype] &&
1317 strcmp(sbi->s_qf_names[qtype], qname)) { 1317 strcmp(sbi->s_qf_names[qtype], qname)) {
1318 ext4_msg(sb, KERN_ERR, 1318 ext4_msg(sb, KERN_ERR,
1319 "%s quota file already specified", QTYPE2NAME(qtype)); 1319 "%s quota file already specified", QTYPE2NAME(qtype));
1320 kfree(qname); 1320 kfree(qname);
1321 return 0; 1321 return -1;
1322 } 1322 }
1323 sbi->s_qf_names[qtype] = qname; 1323 sbi->s_qf_names[qtype] = qname;
1324 if (strchr(sbi->s_qf_names[qtype], '/')) { 1324 if (strchr(sbi->s_qf_names[qtype], '/')) {
@@ -1326,7 +1326,7 @@ static int set_qf_name(struct super_block *sb, int qtype, substring_t *args)
1326 "quotafile must be on filesystem root"); 1326 "quotafile must be on filesystem root");
1327 kfree(sbi->s_qf_names[qtype]); 1327 kfree(sbi->s_qf_names[qtype]);
1328 sbi->s_qf_names[qtype] = NULL; 1328 sbi->s_qf_names[qtype] = NULL;
1329 return 0; 1329 return -1;
1330 } 1330 }
1331 set_opt(sb, QUOTA); 1331 set_opt(sb, QUOTA);
1332 return 1; 1332 return 1;
@@ -1341,7 +1341,7 @@ static int clear_qf_name(struct super_block *sb, int qtype)
1341 sbi->s_qf_names[qtype]) { 1341 sbi->s_qf_names[qtype]) {
1342 ext4_msg(sb, KERN_ERR, "Cannot change journaled quota options" 1342 ext4_msg(sb, KERN_ERR, "Cannot change journaled quota options"
1343 " when quota turned on"); 1343 " when quota turned on");
1344 return 0; 1344 return -1;
1345 } 1345 }
1346 /* 1346 /*
1347 * The space will be released later when all options are confirmed 1347 * The space will be released later when all options are confirmed
@@ -1450,6 +1450,16 @@ static int handle_mount_opt(struct super_block *sb, char *opt, int token,
1450 const struct mount_opts *m; 1450 const struct mount_opts *m;
1451 int arg = 0; 1451 int arg = 0;
1452 1452
1453#ifdef CONFIG_QUOTA
1454 if (token == Opt_usrjquota)
1455 return set_qf_name(sb, USRQUOTA, &args[0]);
1456 else if (token == Opt_grpjquota)
1457 return set_qf_name(sb, GRPQUOTA, &args[0]);
1458 else if (token == Opt_offusrjquota)
1459 return clear_qf_name(sb, USRQUOTA);
1460 else if (token == Opt_offgrpjquota)
1461 return clear_qf_name(sb, GRPQUOTA);
1462#endif
1453 if (args->from && match_int(args, &arg)) 1463 if (args->from && match_int(args, &arg))
1454 return -1; 1464 return -1;
1455 switch (token) { 1465 switch (token) {
@@ -1549,18 +1559,6 @@ static int handle_mount_opt(struct super_block *sb, char *opt, int token,
1549 sbi->s_mount_opt |= m->mount_opt; 1559 sbi->s_mount_opt |= m->mount_opt;
1550 } 1560 }
1551#ifdef CONFIG_QUOTA 1561#ifdef CONFIG_QUOTA
1552 } else if (token == Opt_usrjquota) {
1553 if (!set_qf_name(sb, USRQUOTA, &args[0]))
1554 return -1;
1555 } else if (token == Opt_grpjquota) {
1556 if (!set_qf_name(sb, GRPQUOTA, &args[0]))
1557 return -1;
1558 } else if (token == Opt_offusrjquota) {
1559 if (!clear_qf_name(sb, USRQUOTA))
1560 return -1;
1561 } else if (token == Opt_offgrpjquota) {
1562 if (!clear_qf_name(sb, GRPQUOTA))
1563 return -1;
1564 } else if (m->flags & MOPT_QFMT) { 1562 } else if (m->flags & MOPT_QFMT) {
1565 if (sb_any_quota_loaded(sb) && 1563 if (sb_any_quota_loaded(sb) &&
1566 sbi->s_jquota_fmt != m->mount_opt) { 1564 sbi->s_jquota_fmt != m->mount_opt) {
@@ -1599,7 +1597,9 @@ static int parse_options(char *options, struct super_block *sb,
1599 unsigned int *journal_ioprio, 1597 unsigned int *journal_ioprio,
1600 int is_remount) 1598 int is_remount)
1601{ 1599{
1600#ifdef CONFIG_QUOTA
1602 struct ext4_sb_info *sbi = EXT4_SB(sb); 1601 struct ext4_sb_info *sbi = EXT4_SB(sb);
1602#endif
1603 char *p; 1603 char *p;
1604 substring_t args[MAX_OPT_ARGS]; 1604 substring_t args[MAX_OPT_ARGS];
1605 int token; 1605 int token;
@@ -2366,18 +2366,6 @@ static ssize_t lifetime_write_kbytes_show(struct ext4_attr *a,
2366 EXT4_SB(sb)->s_sectors_written_start) >> 1))); 2366 EXT4_SB(sb)->s_sectors_written_start) >> 1)));
2367} 2367}
2368 2368
2369static ssize_t extent_cache_hits_show(struct ext4_attr *a,
2370 struct ext4_sb_info *sbi, char *buf)
2371{
2372 return snprintf(buf, PAGE_SIZE, "%lu\n", sbi->extent_cache_hits);
2373}
2374
2375static ssize_t extent_cache_misses_show(struct ext4_attr *a,
2376 struct ext4_sb_info *sbi, char *buf)
2377{
2378 return snprintf(buf, PAGE_SIZE, "%lu\n", sbi->extent_cache_misses);
2379}
2380
2381static ssize_t inode_readahead_blks_store(struct ext4_attr *a, 2369static ssize_t inode_readahead_blks_store(struct ext4_attr *a,
2382 struct ext4_sb_info *sbi, 2370 struct ext4_sb_info *sbi,
2383 const char *buf, size_t count) 2371 const char *buf, size_t count)
@@ -2435,8 +2423,6 @@ static struct ext4_attr ext4_attr_##name = __ATTR(name, mode, show, store)
2435EXT4_RO_ATTR(delayed_allocation_blocks); 2423EXT4_RO_ATTR(delayed_allocation_blocks);
2436EXT4_RO_ATTR(session_write_kbytes); 2424EXT4_RO_ATTR(session_write_kbytes);
2437EXT4_RO_ATTR(lifetime_write_kbytes); 2425EXT4_RO_ATTR(lifetime_write_kbytes);
2438EXT4_RO_ATTR(extent_cache_hits);
2439EXT4_RO_ATTR(extent_cache_misses);
2440EXT4_ATTR_OFFSET(inode_readahead_blks, 0644, sbi_ui_show, 2426EXT4_ATTR_OFFSET(inode_readahead_blks, 0644, sbi_ui_show,
2441 inode_readahead_blks_store, s_inode_readahead_blks); 2427 inode_readahead_blks_store, s_inode_readahead_blks);
2442EXT4_RW_ATTR_SBI_UI(inode_goal, s_inode_goal); 2428EXT4_RW_ATTR_SBI_UI(inode_goal, s_inode_goal);
@@ -2452,8 +2438,6 @@ static struct attribute *ext4_attrs[] = {
2452 ATTR_LIST(delayed_allocation_blocks), 2438 ATTR_LIST(delayed_allocation_blocks),
2453 ATTR_LIST(session_write_kbytes), 2439 ATTR_LIST(session_write_kbytes),
2454 ATTR_LIST(lifetime_write_kbytes), 2440 ATTR_LIST(lifetime_write_kbytes),
2455 ATTR_LIST(extent_cache_hits),
2456 ATTR_LIST(extent_cache_misses),
2457 ATTR_LIST(inode_readahead_blks), 2441 ATTR_LIST(inode_readahead_blks),
2458 ATTR_LIST(inode_goal), 2442 ATTR_LIST(inode_goal),
2459 ATTR_LIST(mb_stats), 2443 ATTR_LIST(mb_stats),
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index 206632887bb4..df5ac048dc74 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -387,9 +387,6 @@ static int fuse_create_open(struct inode *dir, struct dentry *entry,
387 if (fc->no_create) 387 if (fc->no_create)
388 return -ENOSYS; 388 return -ENOSYS;
389 389
390 if (flags & O_DIRECT)
391 return -EINVAL;
392
393 forget = fuse_alloc_forget(); 390 forget = fuse_alloc_forget();
394 if (!forget) 391 if (!forget)
395 return -ENOMEM; 392 return -ENOMEM;
@@ -644,13 +641,12 @@ static int fuse_unlink(struct inode *dir, struct dentry *entry)
644 fuse_put_request(fc, req); 641 fuse_put_request(fc, req);
645 if (!err) { 642 if (!err) {
646 struct inode *inode = entry->d_inode; 643 struct inode *inode = entry->d_inode;
644 struct fuse_inode *fi = get_fuse_inode(inode);
647 645
648 /* 646 spin_lock(&fc->lock);
649 * Set nlink to zero so the inode can be cleared, if the inode 647 fi->attr_version = ++fc->attr_version;
650 * does have more links this will be discovered at the next 648 drop_nlink(inode);
651 * lookup/getattr. 649 spin_unlock(&fc->lock);
652 */
653 clear_nlink(inode);
654 fuse_invalidate_attr(inode); 650 fuse_invalidate_attr(inode);
655 fuse_invalidate_attr(dir); 651 fuse_invalidate_attr(dir);
656 fuse_invalidate_entry_cache(entry); 652 fuse_invalidate_entry_cache(entry);
@@ -762,8 +758,17 @@ static int fuse_link(struct dentry *entry, struct inode *newdir,
762 will reflect changes in the backing inode (link count, 758 will reflect changes in the backing inode (link count,
763 etc.) 759 etc.)
764 */ 760 */
765 if (!err || err == -EINTR) 761 if (!err) {
762 struct fuse_inode *fi = get_fuse_inode(inode);
763
764 spin_lock(&fc->lock);
765 fi->attr_version = ++fc->attr_version;
766 inc_nlink(inode);
767 spin_unlock(&fc->lock);
768 fuse_invalidate_attr(inode);
769 } else if (err == -EINTR) {
766 fuse_invalidate_attr(inode); 770 fuse_invalidate_attr(inode);
771 }
767 return err; 772 return err;
768} 773}
769 774
diff --git a/fs/fuse/file.c b/fs/fuse/file.c
index a841868bf9ce..504e61b7fd75 100644
--- a/fs/fuse/file.c
+++ b/fs/fuse/file.c
@@ -194,10 +194,6 @@ int fuse_open_common(struct inode *inode, struct file *file, bool isdir)
194 struct fuse_conn *fc = get_fuse_conn(inode); 194 struct fuse_conn *fc = get_fuse_conn(inode);
195 int err; 195 int err;
196 196
197 /* VFS checks this, but only _after_ ->open() */
198 if (file->f_flags & O_DIRECT)
199 return -EINVAL;
200
201 err = generic_file_open(inode, file); 197 err = generic_file_open(inode, file);
202 if (err) 198 if (err)
203 return err; 199 return err;
@@ -932,17 +928,23 @@ static ssize_t fuse_file_aio_write(struct kiocb *iocb, const struct iovec *iov,
932 struct file *file = iocb->ki_filp; 928 struct file *file = iocb->ki_filp;
933 struct address_space *mapping = file->f_mapping; 929 struct address_space *mapping = file->f_mapping;
934 size_t count = 0; 930 size_t count = 0;
931 size_t ocount = 0;
935 ssize_t written = 0; 932 ssize_t written = 0;
933 ssize_t written_buffered = 0;
936 struct inode *inode = mapping->host; 934 struct inode *inode = mapping->host;
937 ssize_t err; 935 ssize_t err;
938 struct iov_iter i; 936 struct iov_iter i;
937 loff_t endbyte = 0;
939 938
940 WARN_ON(iocb->ki_pos != pos); 939 WARN_ON(iocb->ki_pos != pos);
941 940
942 err = generic_segment_checks(iov, &nr_segs, &count, VERIFY_READ); 941 ocount = 0;
942 err = generic_segment_checks(iov, &nr_segs, &ocount, VERIFY_READ);
943 if (err) 943 if (err)
944 return err; 944 return err;
945 945
946 count = ocount;
947
946 mutex_lock(&inode->i_mutex); 948 mutex_lock(&inode->i_mutex);
947 vfs_check_frozen(inode->i_sb, SB_FREEZE_WRITE); 949 vfs_check_frozen(inode->i_sb, SB_FREEZE_WRITE);
948 950
@@ -962,11 +964,41 @@ static ssize_t fuse_file_aio_write(struct kiocb *iocb, const struct iovec *iov,
962 964
963 file_update_time(file); 965 file_update_time(file);
964 966
965 iov_iter_init(&i, iov, nr_segs, count, 0); 967 if (file->f_flags & O_DIRECT) {
966 written = fuse_perform_write(file, mapping, &i, pos); 968 written = generic_file_direct_write(iocb, iov, &nr_segs,
967 if (written >= 0) 969 pos, &iocb->ki_pos,
968 iocb->ki_pos = pos + written; 970 count, ocount);
971 if (written < 0 || written == count)
972 goto out;
973
974 pos += written;
975 count -= written;
969 976
977 iov_iter_init(&i, iov, nr_segs, count, written);
978 written_buffered = fuse_perform_write(file, mapping, &i, pos);
979 if (written_buffered < 0) {
980 err = written_buffered;
981 goto out;
982 }
983 endbyte = pos + written_buffered - 1;
984
985 err = filemap_write_and_wait_range(file->f_mapping, pos,
986 endbyte);
987 if (err)
988 goto out;
989
990 invalidate_mapping_pages(file->f_mapping,
991 pos >> PAGE_CACHE_SHIFT,
992 endbyte >> PAGE_CACHE_SHIFT);
993
994 written += written_buffered;
995 iocb->ki_pos = pos + written_buffered;
996 } else {
997 iov_iter_init(&i, iov, nr_segs, count, 0);
998 written = fuse_perform_write(file, mapping, &i, pos);
999 if (written >= 0)
1000 iocb->ki_pos = pos + written;
1001 }
970out: 1002out:
971 current->backing_dev_info = NULL; 1003 current->backing_dev_info = NULL;
972 mutex_unlock(&inode->i_mutex); 1004 mutex_unlock(&inode->i_mutex);
@@ -1101,30 +1133,41 @@ static ssize_t fuse_direct_read(struct file *file, char __user *buf,
1101 return res; 1133 return res;
1102} 1134}
1103 1135
1104static ssize_t fuse_direct_write(struct file *file, const char __user *buf, 1136static ssize_t __fuse_direct_write(struct file *file, const char __user *buf,
1105 size_t count, loff_t *ppos) 1137 size_t count, loff_t *ppos)
1106{ 1138{
1107 struct inode *inode = file->f_path.dentry->d_inode; 1139 struct inode *inode = file->f_path.dentry->d_inode;
1108 ssize_t res; 1140 ssize_t res;
1109 1141
1110 if (is_bad_inode(inode))
1111 return -EIO;
1112
1113 /* Don't allow parallel writes to the same file */
1114 mutex_lock(&inode->i_mutex);
1115 res = generic_write_checks(file, ppos, &count, 0); 1142 res = generic_write_checks(file, ppos, &count, 0);
1116 if (!res) { 1143 if (!res) {
1117 res = fuse_direct_io(file, buf, count, ppos, 1); 1144 res = fuse_direct_io(file, buf, count, ppos, 1);
1118 if (res > 0) 1145 if (res > 0)
1119 fuse_write_update_size(inode, *ppos); 1146 fuse_write_update_size(inode, *ppos);
1120 } 1147 }
1121 mutex_unlock(&inode->i_mutex);
1122 1148
1123 fuse_invalidate_attr(inode); 1149 fuse_invalidate_attr(inode);
1124 1150
1125 return res; 1151 return res;
1126} 1152}
1127 1153
1154static ssize_t fuse_direct_write(struct file *file, const char __user *buf,
1155 size_t count, loff_t *ppos)
1156{
1157 struct inode *inode = file->f_path.dentry->d_inode;
1158 ssize_t res;
1159
1160 if (is_bad_inode(inode))
1161 return -EIO;
1162
1163 /* Don't allow parallel writes to the same file */
1164 mutex_lock(&inode->i_mutex);
1165 res = __fuse_direct_write(file, buf, count, ppos);
1166 mutex_unlock(&inode->i_mutex);
1167
1168 return res;
1169}
1170
1128static void fuse_writepage_free(struct fuse_conn *fc, struct fuse_req *req) 1171static void fuse_writepage_free(struct fuse_conn *fc, struct fuse_req *req)
1129{ 1172{
1130 __free_page(req->pages[0]); 1173 __free_page(req->pages[0]);
@@ -2077,6 +2120,57 @@ int fuse_notify_poll_wakeup(struct fuse_conn *fc,
2077 return 0; 2120 return 0;
2078} 2121}
2079 2122
2123static ssize_t fuse_loop_dio(struct file *filp, const struct iovec *iov,
2124 unsigned long nr_segs, loff_t *ppos, int rw)
2125{
2126 const struct iovec *vector = iov;
2127 ssize_t ret = 0;
2128
2129 while (nr_segs > 0) {
2130 void __user *base;
2131 size_t len;
2132 ssize_t nr;
2133
2134 base = vector->iov_base;
2135 len = vector->iov_len;
2136 vector++;
2137 nr_segs--;
2138
2139 if (rw == WRITE)
2140 nr = __fuse_direct_write(filp, base, len, ppos);
2141 else
2142 nr = fuse_direct_read(filp, base, len, ppos);
2143
2144 if (nr < 0) {
2145 if (!ret)
2146 ret = nr;
2147 break;
2148 }
2149 ret += nr;
2150 if (nr != len)
2151 break;
2152 }
2153
2154 return ret;
2155}
2156
2157
2158static ssize_t
2159fuse_direct_IO(int rw, struct kiocb *iocb, const struct iovec *iov,
2160 loff_t offset, unsigned long nr_segs)
2161{
2162 ssize_t ret = 0;
2163 struct file *file = NULL;
2164 loff_t pos = 0;
2165
2166 file = iocb->ki_filp;
2167 pos = offset;
2168
2169 ret = fuse_loop_dio(file, iov, nr_segs, &pos, rw);
2170
2171 return ret;
2172}
2173
2080static const struct file_operations fuse_file_operations = { 2174static const struct file_operations fuse_file_operations = {
2081 .llseek = fuse_file_llseek, 2175 .llseek = fuse_file_llseek,
2082 .read = do_sync_read, 2176 .read = do_sync_read,
@@ -2120,6 +2214,7 @@ static const struct address_space_operations fuse_file_aops = {
2120 .readpages = fuse_readpages, 2214 .readpages = fuse_readpages,
2121 .set_page_dirty = __set_page_dirty_nobuffers, 2215 .set_page_dirty = __set_page_dirty_nobuffers,
2122 .bmap = fuse_bmap, 2216 .bmap = fuse_bmap,
2217 .direct_IO = fuse_direct_IO,
2123}; 2218};
2124 2219
2125void fuse_init_file_inode(struct inode *inode) 2220void fuse_init_file_inode(struct inode *inode)
diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c
index 4aec5995867e..26783eb2b1fc 100644
--- a/fs/fuse/inode.c
+++ b/fs/fuse/inode.c
@@ -947,6 +947,7 @@ static int fuse_fill_super(struct super_block *sb, void *data, int silent)
947 sb->s_magic = FUSE_SUPER_MAGIC; 947 sb->s_magic = FUSE_SUPER_MAGIC;
948 sb->s_op = &fuse_super_operations; 948 sb->s_op = &fuse_super_operations;
949 sb->s_maxbytes = MAX_LFS_FILESIZE; 949 sb->s_maxbytes = MAX_LFS_FILESIZE;
950 sb->s_time_gran = 1;
950 sb->s_export_op = &fuse_export_operations; 951 sb->s_export_op = &fuse_export_operations;
951 952
952 file = fget(d.fd); 953 file = fget(d.fd);
diff --git a/fs/gfs2/Kconfig b/fs/gfs2/Kconfig
index c465ae066c62..eb08c9e43c2a 100644
--- a/fs/gfs2/Kconfig
+++ b/fs/gfs2/Kconfig
@@ -1,10 +1,6 @@
1config GFS2_FS 1config GFS2_FS
2 tristate "GFS2 file system support" 2 tristate "GFS2 file system support"
3 depends on (64BIT || LBDAF) 3 depends on (64BIT || LBDAF)
4 select DLM if GFS2_FS_LOCKING_DLM
5 select CONFIGFS_FS if GFS2_FS_LOCKING_DLM
6 select SYSFS if GFS2_FS_LOCKING_DLM
7 select IP_SCTP if DLM_SCTP
8 select FS_POSIX_ACL 4 select FS_POSIX_ACL
9 select CRC32 5 select CRC32
10 select QUOTACTL 6 select QUOTACTL
@@ -29,7 +25,8 @@ config GFS2_FS
29 25
30config GFS2_FS_LOCKING_DLM 26config GFS2_FS_LOCKING_DLM
31 bool "GFS2 DLM locking" 27 bool "GFS2 DLM locking"
32 depends on (GFS2_FS!=n) && NET && INET && (IPV6 || IPV6=n) && HOTPLUG 28 depends on (GFS2_FS!=n) && NET && INET && (IPV6 || IPV6=n) && \
29 HOTPLUG && DLM && CONFIGFS_FS && SYSFS
33 help 30 help
34 Multiple node locking module for GFS2 31 Multiple node locking module for GFS2
35 32
diff --git a/fs/gfs2/aops.c b/fs/gfs2/aops.c
index 38b7a74a0f91..9b2ff0e851b1 100644
--- a/fs/gfs2/aops.c
+++ b/fs/gfs2/aops.c
@@ -807,7 +807,7 @@ static int gfs2_stuffed_write_end(struct inode *inode, struct buffer_head *dibh,
807 807
808 if (inode == sdp->sd_rindex) { 808 if (inode == sdp->sd_rindex) {
809 adjust_fs_space(inode); 809 adjust_fs_space(inode);
810 ip->i_gh.gh_flags |= GL_NOCACHE; 810 sdp->sd_rindex_uptodate = 0;
811 } 811 }
812 812
813 brelse(dibh); 813 brelse(dibh);
@@ -873,7 +873,7 @@ static int gfs2_write_end(struct file *file, struct address_space *mapping,
873 873
874 if (inode == sdp->sd_rindex) { 874 if (inode == sdp->sd_rindex) {
875 adjust_fs_space(inode); 875 adjust_fs_space(inode);
876 ip->i_gh.gh_flags |= GL_NOCACHE; 876 sdp->sd_rindex_uptodate = 0;
877 } 877 }
878 878
879 brelse(dibh); 879 brelse(dibh);
diff --git a/fs/gfs2/bmap.c b/fs/gfs2/bmap.c
index 197c5c47e577..03c04febe26f 100644
--- a/fs/gfs2/bmap.c
+++ b/fs/gfs2/bmap.c
@@ -724,7 +724,11 @@ static int do_strip(struct gfs2_inode *ip, struct buffer_head *dibh,
724 int metadata; 724 int metadata;
725 unsigned int revokes = 0; 725 unsigned int revokes = 0;
726 int x; 726 int x;
727 int error = 0; 727 int error;
728
729 error = gfs2_rindex_update(sdp);
730 if (error)
731 return error;
728 732
729 if (!*top) 733 if (!*top)
730 sm->sm_first = 0; 734 sm->sm_first = 0;
diff --git a/fs/gfs2/dir.c b/fs/gfs2/dir.c
index c35573abd371..a836056343f0 100644
--- a/fs/gfs2/dir.c
+++ b/fs/gfs2/dir.c
@@ -1844,6 +1844,10 @@ static int leaf_dealloc(struct gfs2_inode *dip, u32 index, u32 len,
1844 unsigned int x, size = len * sizeof(u64); 1844 unsigned int x, size = len * sizeof(u64);
1845 int error; 1845 int error;
1846 1846
1847 error = gfs2_rindex_update(sdp);
1848 if (error)
1849 return error;
1850
1847 memset(&rlist, 0, sizeof(struct gfs2_rgrp_list)); 1851 memset(&rlist, 0, sizeof(struct gfs2_rgrp_list));
1848 1852
1849 ht = kzalloc(size, GFP_NOFS); 1853 ht = kzalloc(size, GFP_NOFS);
diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c
index c98a60ee6dfd..a9ba2444e077 100644
--- a/fs/gfs2/inode.c
+++ b/fs/gfs2/inode.c
@@ -1031,7 +1031,13 @@ static int gfs2_unlink(struct inode *dir, struct dentry *dentry)
1031 struct buffer_head *bh; 1031 struct buffer_head *bh;
1032 struct gfs2_holder ghs[3]; 1032 struct gfs2_holder ghs[3];
1033 struct gfs2_rgrpd *rgd; 1033 struct gfs2_rgrpd *rgd;
1034 int error = -EROFS; 1034 int error;
1035
1036 error = gfs2_rindex_update(sdp);
1037 if (error)
1038 return error;
1039
1040 error = -EROFS;
1035 1041
1036 gfs2_holder_init(dip->i_gl, LM_ST_EXCLUSIVE, 0, ghs); 1042 gfs2_holder_init(dip->i_gl, LM_ST_EXCLUSIVE, 0, ghs);
1037 gfs2_holder_init(ip->i_gl, LM_ST_EXCLUSIVE, 0, ghs + 1); 1043 gfs2_holder_init(ip->i_gl, LM_ST_EXCLUSIVE, 0, ghs + 1);
@@ -1224,6 +1230,10 @@ static int gfs2_rename(struct inode *odir, struct dentry *odentry,
1224 return 0; 1230 return 0;
1225 } 1231 }
1226 1232
1233 error = gfs2_rindex_update(sdp);
1234 if (error)
1235 return error;
1236
1227 if (odip != ndip) { 1237 if (odip != ndip) {
1228 error = gfs2_glock_nq_init(sdp->sd_rename_gl, LM_ST_EXCLUSIVE, 1238 error = gfs2_glock_nq_init(sdp->sd_rename_gl, LM_ST_EXCLUSIVE,
1229 0, &r_gh); 1239 0, &r_gh);
@@ -1345,7 +1355,6 @@ static int gfs2_rename(struct inode *odir, struct dentry *odentry,
1345 error = alloc_required; 1355 error = alloc_required;
1346 if (error < 0) 1356 if (error < 0)
1347 goto out_gunlock; 1357 goto out_gunlock;
1348 error = 0;
1349 1358
1350 if (alloc_required) { 1359 if (alloc_required) {
1351 struct gfs2_qadata *qa = gfs2_qadata_get(ndip); 1360 struct gfs2_qadata *qa = gfs2_qadata_get(ndip);
diff --git a/fs/gfs2/lock_dlm.c b/fs/gfs2/lock_dlm.c
index f8411bd1b805..5f5e70e047dc 100644
--- a/fs/gfs2/lock_dlm.c
+++ b/fs/gfs2/lock_dlm.c
@@ -200,10 +200,11 @@ static int make_mode(const unsigned int lmstate)
200 return -1; 200 return -1;
201} 201}
202 202
203static u32 make_flags(const u32 lkid, const unsigned int gfs_flags, 203static u32 make_flags(struct gfs2_glock *gl, const unsigned int gfs_flags,
204 const int req) 204 const int req)
205{ 205{
206 u32 lkf = DLM_LKF_VALBLK; 206 u32 lkf = DLM_LKF_VALBLK;
207 u32 lkid = gl->gl_lksb.sb_lkid;
207 208
208 if (gfs_flags & LM_FLAG_TRY) 209 if (gfs_flags & LM_FLAG_TRY)
209 lkf |= DLM_LKF_NOQUEUE; 210 lkf |= DLM_LKF_NOQUEUE;
@@ -227,8 +228,11 @@ static u32 make_flags(const u32 lkid, const unsigned int gfs_flags,
227 BUG(); 228 BUG();
228 } 229 }
229 230
230 if (lkid != 0) 231 if (lkid != 0) {
231 lkf |= DLM_LKF_CONVERT; 232 lkf |= DLM_LKF_CONVERT;
233 if (test_bit(GLF_BLOCKING, &gl->gl_flags))
234 lkf |= DLM_LKF_QUECVT;
235 }
232 236
233 return lkf; 237 return lkf;
234} 238}
@@ -250,7 +254,7 @@ static int gdlm_lock(struct gfs2_glock *gl, unsigned int req_state,
250 char strname[GDLM_STRNAME_BYTES] = ""; 254 char strname[GDLM_STRNAME_BYTES] = "";
251 255
252 req = make_mode(req_state); 256 req = make_mode(req_state);
253 lkf = make_flags(gl->gl_lksb.sb_lkid, flags, req); 257 lkf = make_flags(gl, flags, req);
254 gfs2_glstats_inc(gl, GFS2_LKS_DCOUNT); 258 gfs2_glstats_inc(gl, GFS2_LKS_DCOUNT);
255 gfs2_sbstats_inc(gl, GFS2_LKS_DCOUNT); 259 gfs2_sbstats_inc(gl, GFS2_LKS_DCOUNT);
256 if (gl->gl_lksb.sb_lkid) { 260 if (gl->gl_lksb.sb_lkid) {
diff --git a/fs/gfs2/rgrp.c b/fs/gfs2/rgrp.c
index 19bde40b4864..3df65c9ab73b 100644
--- a/fs/gfs2/rgrp.c
+++ b/fs/gfs2/rgrp.c
@@ -332,9 +332,6 @@ struct gfs2_rgrpd *gfs2_blk2rgrpd(struct gfs2_sbd *sdp, u64 blk, bool exact)
332 struct rb_node *n, *next; 332 struct rb_node *n, *next;
333 struct gfs2_rgrpd *cur; 333 struct gfs2_rgrpd *cur;
334 334
335 if (gfs2_rindex_update(sdp))
336 return NULL;
337
338 spin_lock(&sdp->sd_rindex_spin); 335 spin_lock(&sdp->sd_rindex_spin);
339 n = sdp->sd_rindex_tree.rb_node; 336 n = sdp->sd_rindex_tree.rb_node;
340 while (n) { 337 while (n) {
@@ -640,6 +637,7 @@ static int read_rindex_entry(struct gfs2_inode *ip,
640 return 0; 637 return 0;
641 638
642 error = 0; /* someone else read in the rgrp; free it and ignore it */ 639 error = 0; /* someone else read in the rgrp; free it and ignore it */
640 gfs2_glock_put(rgd->rd_gl);
643 641
644fail: 642fail:
645 kfree(rgd->rd_bits); 643 kfree(rgd->rd_bits);
@@ -927,6 +925,10 @@ int gfs2_fitrim(struct file *filp, void __user *argp)
927 } else if (copy_from_user(&r, argp, sizeof(r))) 925 } else if (copy_from_user(&r, argp, sizeof(r)))
928 return -EFAULT; 926 return -EFAULT;
929 927
928 ret = gfs2_rindex_update(sdp);
929 if (ret)
930 return ret;
931
930 rgd = gfs2_blk2rgrpd(sdp, r.start, 0); 932 rgd = gfs2_blk2rgrpd(sdp, r.start, 0);
931 rgd_end = gfs2_blk2rgrpd(sdp, r.start + r.len, 0); 933 rgd_end = gfs2_blk2rgrpd(sdp, r.start + r.len, 0);
932 934
diff --git a/fs/gfs2/xattr.c b/fs/gfs2/xattr.c
index 2e5ba425cae7..927f4df874ae 100644
--- a/fs/gfs2/xattr.c
+++ b/fs/gfs2/xattr.c
@@ -238,6 +238,10 @@ static int ea_dealloc_unstuffed(struct gfs2_inode *ip, struct buffer_head *bh,
238 unsigned int x; 238 unsigned int x;
239 int error; 239 int error;
240 240
241 error = gfs2_rindex_update(sdp);
242 if (error)
243 return error;
244
241 if (GFS2_EA_IS_STUFFED(ea)) 245 if (GFS2_EA_IS_STUFFED(ea))
242 return 0; 246 return 0;
243 247
@@ -1330,6 +1334,10 @@ static int ea_dealloc_indirect(struct gfs2_inode *ip)
1330 unsigned int x; 1334 unsigned int x;
1331 int error; 1335 int error;
1332 1336
1337 error = gfs2_rindex_update(sdp);
1338 if (error)
1339 return error;
1340
1333 memset(&rlist, 0, sizeof(struct gfs2_rgrp_list)); 1341 memset(&rlist, 0, sizeof(struct gfs2_rgrp_list));
1334 1342
1335 error = gfs2_meta_read(ip->i_gl, ip->i_eattr, DIO_WAIT, &indbh); 1343 error = gfs2_meta_read(ip->i_gl, ip->i_eattr, DIO_WAIT, &indbh);
@@ -1439,6 +1447,10 @@ static int ea_dealloc_block(struct gfs2_inode *ip)
1439 struct gfs2_holder gh; 1447 struct gfs2_holder gh;
1440 int error; 1448 int error;
1441 1449
1450 error = gfs2_rindex_update(sdp);
1451 if (error)
1452 return error;
1453
1442 rgd = gfs2_blk2rgrpd(sdp, ip->i_eattr, 1); 1454 rgd = gfs2_blk2rgrpd(sdp, ip->i_eattr, 1);
1443 if (!rgd) { 1455 if (!rgd) {
1444 gfs2_consist_inode(ip); 1456 gfs2_consist_inode(ip);
diff --git a/fs/hfsplus/catalog.c b/fs/hfsplus/catalog.c
index 4dfbfec357e8..ec2a9c23f0c9 100644
--- a/fs/hfsplus/catalog.c
+++ b/fs/hfsplus/catalog.c
@@ -366,6 +366,10 @@ int hfsplus_rename_cat(u32 cnid,
366 err = hfs_brec_find(&src_fd); 366 err = hfs_brec_find(&src_fd);
367 if (err) 367 if (err)
368 goto out; 368 goto out;
369 if (src_fd.entrylength > sizeof(entry) || src_fd.entrylength < 0) {
370 err = -EIO;
371 goto out;
372 }
369 373
370 hfs_bnode_read(src_fd.bnode, &entry, src_fd.entryoffset, 374 hfs_bnode_read(src_fd.bnode, &entry, src_fd.entryoffset,
371 src_fd.entrylength); 375 src_fd.entrylength);
diff --git a/fs/hfsplus/dir.c b/fs/hfsplus/dir.c
index 88e155f895c6..26b53fb09f68 100644
--- a/fs/hfsplus/dir.c
+++ b/fs/hfsplus/dir.c
@@ -150,6 +150,11 @@ static int hfsplus_readdir(struct file *filp, void *dirent, filldir_t filldir)
150 filp->f_pos++; 150 filp->f_pos++;
151 /* fall through */ 151 /* fall through */
152 case 1: 152 case 1:
153 if (fd.entrylength > sizeof(entry) || fd.entrylength < 0) {
154 err = -EIO;
155 goto out;
156 }
157
153 hfs_bnode_read(fd.bnode, &entry, fd.entryoffset, 158 hfs_bnode_read(fd.bnode, &entry, fd.entryoffset,
154 fd.entrylength); 159 fd.entrylength);
155 if (be16_to_cpu(entry.type) != HFSPLUS_FOLDER_THREAD) { 160 if (be16_to_cpu(entry.type) != HFSPLUS_FOLDER_THREAD) {
@@ -181,6 +186,12 @@ static int hfsplus_readdir(struct file *filp, void *dirent, filldir_t filldir)
181 err = -EIO; 186 err = -EIO;
182 goto out; 187 goto out;
183 } 188 }
189
190 if (fd.entrylength > sizeof(entry) || fd.entrylength < 0) {
191 err = -EIO;
192 goto out;
193 }
194
184 hfs_bnode_read(fd.bnode, &entry, fd.entryoffset, 195 hfs_bnode_read(fd.bnode, &entry, fd.entryoffset,
185 fd.entrylength); 196 fd.entrylength);
186 type = be16_to_cpu(entry.type); 197 type = be16_to_cpu(entry.type);
diff --git a/fs/hugetlbfs/inode.c b/fs/hugetlbfs/inode.c
index ea251749d9d5..001ef01d2fe2 100644
--- a/fs/hugetlbfs/inode.c
+++ b/fs/hugetlbfs/inode.c
@@ -485,6 +485,7 @@ static struct inode *hugetlbfs_get_root(struct super_block *sb,
485 inode->i_fop = &simple_dir_operations; 485 inode->i_fop = &simple_dir_operations;
486 /* directory inodes start off with i_nlink == 2 (for "." entry) */ 486 /* directory inodes start off with i_nlink == 2 (for "." entry) */
487 inc_nlink(inode); 487 inc_nlink(inode);
488 lockdep_annotate_inode_mutex_key(inode);
488 } 489 }
489 return inode; 490 return inode;
490} 491}
@@ -1031,7 +1032,6 @@ static int __init init_hugetlbfs_fs(void)
1031 } 1032 }
1032 1033
1033 error = PTR_ERR(vfsmount); 1034 error = PTR_ERR(vfsmount);
1034 unregister_filesystem(&hugetlbfs_fs_type);
1035 1035
1036 out: 1036 out:
1037 kmem_cache_destroy(hugetlbfs_inode_cachep); 1037 kmem_cache_destroy(hugetlbfs_inode_cachep);
diff --git a/fs/jbd2/commit.c b/fs/jbd2/commit.c
index 806525a7269c..840f70f50792 100644
--- a/fs/jbd2/commit.c
+++ b/fs/jbd2/commit.c
@@ -723,7 +723,7 @@ start_journal_io:
723 if (commit_transaction->t_need_data_flush && 723 if (commit_transaction->t_need_data_flush &&
724 (journal->j_fs_dev != journal->j_dev) && 724 (journal->j_fs_dev != journal->j_dev) &&
725 (journal->j_flags & JBD2_BARRIER)) 725 (journal->j_flags & JBD2_BARRIER))
726 blkdev_issue_flush(journal->j_fs_dev, GFP_KERNEL, NULL); 726 blkdev_issue_flush(journal->j_fs_dev, GFP_NOFS, NULL);
727 727
728 /* Done it all: now write the commit record asynchronously. */ 728 /* Done it all: now write the commit record asynchronously. */
729 if (JBD2_HAS_INCOMPAT_FEATURE(journal, 729 if (JBD2_HAS_INCOMPAT_FEATURE(journal,
@@ -859,7 +859,7 @@ wait_for_iobuf:
859 if (JBD2_HAS_INCOMPAT_FEATURE(journal, 859 if (JBD2_HAS_INCOMPAT_FEATURE(journal,
860 JBD2_FEATURE_INCOMPAT_ASYNC_COMMIT) && 860 JBD2_FEATURE_INCOMPAT_ASYNC_COMMIT) &&
861 journal->j_flags & JBD2_BARRIER) { 861 journal->j_flags & JBD2_BARRIER) {
862 blkdev_issue_flush(journal->j_dev, GFP_KERNEL, NULL); 862 blkdev_issue_flush(journal->j_dev, GFP_NOFS, NULL);
863 } 863 }
864 864
865 if (err) 865 if (err)
diff --git a/fs/libfs.c b/fs/libfs.c
index 4a0d1f06da57..18d08f5db53a 100644
--- a/fs/libfs.c
+++ b/fs/libfs.c
@@ -264,6 +264,13 @@ Enomem:
264 return ERR_PTR(-ENOMEM); 264 return ERR_PTR(-ENOMEM);
265} 265}
266 266
267int simple_open(struct inode *inode, struct file *file)
268{
269 if (inode->i_private)
270 file->private_data = inode->i_private;
271 return 0;
272}
273
267int simple_link(struct dentry *old_dentry, struct inode *dir, struct dentry *dentry) 274int simple_link(struct dentry *old_dentry, struct inode *dir, struct dentry *dentry)
268{ 275{
269 struct inode *inode = old_dentry->d_inode; 276 struct inode *inode = old_dentry->d_inode;
@@ -522,6 +529,7 @@ int simple_fill_super(struct super_block *s, unsigned long magic,
522 return 0; 529 return 0;
523out: 530out:
524 d_genocide(root); 531 d_genocide(root);
532 shrink_dcache_parent(root);
525 dput(root); 533 dput(root);
526 return -ENOMEM; 534 return -ENOMEM;
527} 535}
@@ -984,6 +992,7 @@ EXPORT_SYMBOL(simple_dir_operations);
984EXPORT_SYMBOL(simple_empty); 992EXPORT_SYMBOL(simple_empty);
985EXPORT_SYMBOL(simple_fill_super); 993EXPORT_SYMBOL(simple_fill_super);
986EXPORT_SYMBOL(simple_getattr); 994EXPORT_SYMBOL(simple_getattr);
995EXPORT_SYMBOL(simple_open);
987EXPORT_SYMBOL(simple_link); 996EXPORT_SYMBOL(simple_link);
988EXPORT_SYMBOL(simple_lookup); 997EXPORT_SYMBOL(simple_lookup);
989EXPORT_SYMBOL(simple_pin_fs); 998EXPORT_SYMBOL(simple_pin_fs);
diff --git a/fs/lockd/clnt4xdr.c b/fs/lockd/clnt4xdr.c
index 3ddcbb1c0a43..13ad1539fbf2 100644
--- a/fs/lockd/clnt4xdr.c
+++ b/fs/lockd/clnt4xdr.c
@@ -241,7 +241,7 @@ static int decode_nlm4_stat(struct xdr_stream *xdr, __be32 *stat)
241 p = xdr_inline_decode(xdr, 4); 241 p = xdr_inline_decode(xdr, 4);
242 if (unlikely(p == NULL)) 242 if (unlikely(p == NULL))
243 goto out_overflow; 243 goto out_overflow;
244 if (unlikely(*p > nlm4_failed)) 244 if (unlikely(ntohl(*p) > ntohl(nlm4_failed)))
245 goto out_bad_xdr; 245 goto out_bad_xdr;
246 *stat = *p; 246 *stat = *p;
247 return 0; 247 return 0;
diff --git a/fs/lockd/clntxdr.c b/fs/lockd/clntxdr.c
index 3d35e3e80c1c..d269ada7670e 100644
--- a/fs/lockd/clntxdr.c
+++ b/fs/lockd/clntxdr.c
@@ -236,7 +236,7 @@ static int decode_nlm_stat(struct xdr_stream *xdr,
236 p = xdr_inline_decode(xdr, 4); 236 p = xdr_inline_decode(xdr, 4);
237 if (unlikely(p == NULL)) 237 if (unlikely(p == NULL))
238 goto out_overflow; 238 goto out_overflow;
239 if (unlikely(*p > nlm_lck_denied_grace_period)) 239 if (unlikely(ntohl(*p) > ntohl(nlm_lck_denied_grace_period)))
240 goto out_enum; 240 goto out_enum;
241 *stat = *p; 241 *stat = *p;
242 return 0; 242 return 0;
diff --git a/fs/locks.c b/fs/locks.c
index 637694bf3a03..0d68f1f81799 100644
--- a/fs/locks.c
+++ b/fs/locks.c
@@ -510,12 +510,13 @@ static void __locks_delete_block(struct file_lock *waiter)
510 510
511/* 511/*
512 */ 512 */
513static void locks_delete_block(struct file_lock *waiter) 513void locks_delete_block(struct file_lock *waiter)
514{ 514{
515 lock_flocks(); 515 lock_flocks();
516 __locks_delete_block(waiter); 516 __locks_delete_block(waiter);
517 unlock_flocks(); 517 unlock_flocks();
518} 518}
519EXPORT_SYMBOL(locks_delete_block);
519 520
520/* Insert waiter into blocker's block list. 521/* Insert waiter into blocker's block list.
521 * We use a circular list so that processes can be easily woken up in 522 * We use a circular list so that processes can be easily woken up in
diff --git a/fs/namei.c b/fs/namei.c
index 1898198abc3d..c42791914f82 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1407,18 +1407,9 @@ static inline int can_lookup(struct inode *inode)
1407 */ 1407 */
1408#ifdef CONFIG_DCACHE_WORD_ACCESS 1408#ifdef CONFIG_DCACHE_WORD_ACCESS
1409 1409
1410#ifdef CONFIG_64BIT 1410#include <asm/word-at-a-time.h>
1411 1411
1412/* 1412#ifdef CONFIG_64BIT
1413 * Jan Achrenius on G+: microoptimized version of
1414 * the simpler "(mask & ONEBYTES) * ONEBYTES >> 56"
1415 * that works for the bytemasks without having to
1416 * mask them first.
1417 */
1418static inline long count_masked_bytes(unsigned long mask)
1419{
1420 return mask*0x0001020304050608ul >> 56;
1421}
1422 1413
1423static inline unsigned int fold_hash(unsigned long hash) 1414static inline unsigned int fold_hash(unsigned long hash)
1424{ 1415{
@@ -1428,15 +1419,6 @@ static inline unsigned int fold_hash(unsigned long hash)
1428 1419
1429#else /* 32-bit case */ 1420#else /* 32-bit case */
1430 1421
1431/* Carl Chatfield / Jan Achrenius G+ version for 32-bit */
1432static inline long count_masked_bytes(long mask)
1433{
1434 /* (000000 0000ff 00ffff ffffff) -> ( 1 1 2 3 ) */
1435 long a = (0x0ff0001+mask) >> 23;
1436 /* Fix the 1 for 00 case */
1437 return a & mask;
1438}
1439
1440#define fold_hash(x) (x) 1422#define fold_hash(x) (x)
1441 1423
1442#endif 1424#endif
@@ -1447,7 +1429,7 @@ unsigned int full_name_hash(const unsigned char *name, unsigned int len)
1447 unsigned long hash = 0; 1429 unsigned long hash = 0;
1448 1430
1449 for (;;) { 1431 for (;;) {
1450 a = *(unsigned long *)name; 1432 a = load_unaligned_zeropad(name);
1451 if (len < sizeof(unsigned long)) 1433 if (len < sizeof(unsigned long))
1452 break; 1434 break;
1453 hash += a; 1435 hash += a;
@@ -1464,17 +1446,6 @@ done:
1464} 1446}
1465EXPORT_SYMBOL(full_name_hash); 1447EXPORT_SYMBOL(full_name_hash);
1466 1448
1467#define REPEAT_BYTE(x) ((~0ul / 0xff) * (x))
1468#define ONEBYTES REPEAT_BYTE(0x01)
1469#define SLASHBYTES REPEAT_BYTE('/')
1470#define HIGHBITS REPEAT_BYTE(0x80)
1471
1472/* Return the high bit set in the first byte that is a zero */
1473static inline unsigned long has_zero(unsigned long a)
1474{
1475 return ((a - ONEBYTES) & ~a) & HIGHBITS;
1476}
1477
1478/* 1449/*
1479 * Calculate the length and hash of the path component, and 1450 * Calculate the length and hash of the path component, and
1480 * return the length of the component; 1451 * return the length of the component;
@@ -1488,9 +1459,9 @@ static inline unsigned long hash_name(const char *name, unsigned int *hashp)
1488 do { 1459 do {
1489 hash = (hash + a) * 9; 1460 hash = (hash + a) * 9;
1490 len += sizeof(unsigned long); 1461 len += sizeof(unsigned long);
1491 a = *(unsigned long *)(name+len); 1462 a = load_unaligned_zeropad(name+len);
1492 /* Do we have any NUL or '/' bytes in this word? */ 1463 /* Do we have any NUL or '/' bytes in this word? */
1493 mask = has_zero(a) | has_zero(a ^ SLASHBYTES); 1464 mask = has_zero(a) | has_zero(a ^ REPEAT_BYTE('/'));
1494 } while (!mask); 1465 } while (!mask);
1495 1466
1496 /* The mask *below* the first high bit set */ 1467 /* The mask *below* the first high bit set */
diff --git a/fs/nfs/blocklayout/blocklayout.c b/fs/nfs/blocklayout/blocklayout.c
index 9c94297bb70e..7f6a23f0244e 100644
--- a/fs/nfs/blocklayout/blocklayout.c
+++ b/fs/nfs/blocklayout/blocklayout.c
@@ -38,6 +38,8 @@
38#include <linux/buffer_head.h> /* various write calls */ 38#include <linux/buffer_head.h> /* various write calls */
39#include <linux/prefetch.h> 39#include <linux/prefetch.h>
40 40
41#include "../pnfs.h"
42#include "../internal.h"
41#include "blocklayout.h" 43#include "blocklayout.h"
42 44
43#define NFSDBG_FACILITY NFSDBG_PNFS_LD 45#define NFSDBG_FACILITY NFSDBG_PNFS_LD
@@ -868,7 +870,7 @@ nfs4_blk_get_deviceinfo(struct nfs_server *server, const struct nfs_fh *fh,
868 * GETDEVICEINFO's maxcount 870 * GETDEVICEINFO's maxcount
869 */ 871 */
870 max_resp_sz = server->nfs_client->cl_session->fc_attrs.max_resp_sz; 872 max_resp_sz = server->nfs_client->cl_session->fc_attrs.max_resp_sz;
871 max_pages = max_resp_sz >> PAGE_SHIFT; 873 max_pages = nfs_page_array_len(0, max_resp_sz);
872 dprintk("%s max_resp_sz %u max_pages %d\n", 874 dprintk("%s max_resp_sz %u max_pages %d\n",
873 __func__, max_resp_sz, max_pages); 875 __func__, max_resp_sz, max_pages);
874 876
diff --git a/fs/nfs/client.c b/fs/nfs/client.c
index da7b5e4ff9ec..60f7e4ec842c 100644
--- a/fs/nfs/client.c
+++ b/fs/nfs/client.c
@@ -1729,7 +1729,8 @@ error:
1729 */ 1729 */
1730struct nfs_server *nfs_clone_server(struct nfs_server *source, 1730struct nfs_server *nfs_clone_server(struct nfs_server *source,
1731 struct nfs_fh *fh, 1731 struct nfs_fh *fh,
1732 struct nfs_fattr *fattr) 1732 struct nfs_fattr *fattr,
1733 rpc_authflavor_t flavor)
1733{ 1734{
1734 struct nfs_server *server; 1735 struct nfs_server *server;
1735 struct nfs_fattr *fattr_fsinfo; 1736 struct nfs_fattr *fattr_fsinfo;
@@ -1758,7 +1759,7 @@ struct nfs_server *nfs_clone_server(struct nfs_server *source,
1758 1759
1759 error = nfs_init_server_rpcclient(server, 1760 error = nfs_init_server_rpcclient(server,
1760 source->client->cl_timeout, 1761 source->client->cl_timeout,
1761 source->client->cl_auth->au_flavor); 1762 flavor);
1762 if (error < 0) 1763 if (error < 0)
1763 goto out_free_server; 1764 goto out_free_server;
1764 if (!IS_ERR(source->client_acl)) 1765 if (!IS_ERR(source->client_acl))
diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c
index 4aaf0316d76a..8789210c6905 100644
--- a/fs/nfs/dir.c
+++ b/fs/nfs/dir.c
@@ -1429,7 +1429,7 @@ static struct dentry *nfs_atomic_lookup(struct inode *dir, struct dentry *dentry
1429 } 1429 }
1430 1430
1431 open_flags = nd->intent.open.flags; 1431 open_flags = nd->intent.open.flags;
1432 attr.ia_valid = 0; 1432 attr.ia_valid = ATTR_OPEN;
1433 1433
1434 ctx = create_nfs_open_context(dentry, open_flags); 1434 ctx = create_nfs_open_context(dentry, open_flags);
1435 res = ERR_CAST(ctx); 1435 res = ERR_CAST(ctx);
@@ -1536,7 +1536,7 @@ static int nfs_open_revalidate(struct dentry *dentry, struct nameidata *nd)
1536 if (IS_ERR(ctx)) 1536 if (IS_ERR(ctx))
1537 goto out; 1537 goto out;
1538 1538
1539 attr.ia_valid = 0; 1539 attr.ia_valid = ATTR_OPEN;
1540 if (openflags & O_TRUNC) { 1540 if (openflags & O_TRUNC) {
1541 attr.ia_valid |= ATTR_SIZE; 1541 attr.ia_valid |= ATTR_SIZE;
1542 attr.ia_size = 0; 1542 attr.ia_size = 0;
diff --git a/fs/nfs/idmap.c b/fs/nfs/idmap.c
index b7f348bb618b..ba3019f5934c 100644
--- a/fs/nfs/idmap.c
+++ b/fs/nfs/idmap.c
@@ -554,12 +554,16 @@ static int rpc_pipefs_event(struct notifier_block *nb, unsigned long event,
554 struct nfs_client *clp; 554 struct nfs_client *clp;
555 int error = 0; 555 int error = 0;
556 556
557 if (!try_module_get(THIS_MODULE))
558 return 0;
559
557 while ((clp = nfs_get_client_for_event(sb->s_fs_info, event))) { 560 while ((clp = nfs_get_client_for_event(sb->s_fs_info, event))) {
558 error = __rpc_pipefs_event(clp, event, sb); 561 error = __rpc_pipefs_event(clp, event, sb);
559 nfs_put_client(clp); 562 nfs_put_client(clp);
560 if (error) 563 if (error)
561 break; 564 break;
562 } 565 }
566 module_put(THIS_MODULE);
563 return error; 567 return error;
564} 568}
565 569
diff --git a/fs/nfs/internal.h b/fs/nfs/internal.h
index 2476dc69365f..b777bdaba4c5 100644
--- a/fs/nfs/internal.h
+++ b/fs/nfs/internal.h
@@ -165,7 +165,8 @@ extern struct nfs_server *nfs4_create_referral_server(struct nfs_clone_mount *,
165extern void nfs_free_server(struct nfs_server *server); 165extern void nfs_free_server(struct nfs_server *server);
166extern struct nfs_server *nfs_clone_server(struct nfs_server *, 166extern struct nfs_server *nfs_clone_server(struct nfs_server *,
167 struct nfs_fh *, 167 struct nfs_fh *,
168 struct nfs_fattr *); 168 struct nfs_fattr *,
169 rpc_authflavor_t);
169extern void nfs_mark_client_ready(struct nfs_client *clp, int state); 170extern void nfs_mark_client_ready(struct nfs_client *clp, int state);
170extern int nfs4_check_client_ready(struct nfs_client *clp); 171extern int nfs4_check_client_ready(struct nfs_client *clp);
171extern struct nfs_client *nfs4_set_ds_client(struct nfs_client* mds_clp, 172extern struct nfs_client *nfs4_set_ds_client(struct nfs_client* mds_clp,
@@ -186,10 +187,10 @@ static inline void nfs_fs_proc_exit(void)
186 187
187/* nfs4namespace.c */ 188/* nfs4namespace.c */
188#ifdef CONFIG_NFS_V4 189#ifdef CONFIG_NFS_V4
189extern struct vfsmount *nfs_do_refmount(struct dentry *dentry); 190extern struct vfsmount *nfs_do_refmount(struct rpc_clnt *client, struct dentry *dentry);
190#else 191#else
191static inline 192static inline
192struct vfsmount *nfs_do_refmount(struct dentry *dentry) 193struct vfsmount *nfs_do_refmount(struct rpc_clnt *client, struct dentry *dentry)
193{ 194{
194 return ERR_PTR(-ENOENT); 195 return ERR_PTR(-ENOENT);
195} 196}
@@ -234,7 +235,6 @@ extern const u32 nfs41_maxwrite_overhead;
234/* nfs4proc.c */ 235/* nfs4proc.c */
235#ifdef CONFIG_NFS_V4 236#ifdef CONFIG_NFS_V4
236extern struct rpc_procinfo nfs4_procedures[]; 237extern struct rpc_procinfo nfs4_procedures[];
237void nfs_fixup_secinfo_attributes(struct nfs_fattr *, struct nfs_fh *);
238#endif 238#endif
239 239
240extern int nfs4_init_ds_session(struct nfs_client *clp); 240extern int nfs4_init_ds_session(struct nfs_client *clp);
diff --git a/fs/nfs/namespace.c b/fs/nfs/namespace.c
index 1807866bb3ab..d51868e5683c 100644
--- a/fs/nfs/namespace.c
+++ b/fs/nfs/namespace.c
@@ -148,66 +148,31 @@ rpc_authflavor_t nfs_find_best_sec(struct nfs4_secinfo_flavors *flavors)
148 return pseudoflavor; 148 return pseudoflavor;
149} 149}
150 150
151static int nfs_negotiate_security(const struct dentry *parent, 151static struct rpc_clnt *nfs_lookup_mountpoint(struct inode *dir,
152 const struct dentry *dentry, 152 struct qstr *name,
153 rpc_authflavor_t *flavor) 153 struct nfs_fh *fh,
154 struct nfs_fattr *fattr)
154{ 155{
155 struct page *page;
156 struct nfs4_secinfo_flavors *flavors;
157 int (*secinfo)(struct inode *, const struct qstr *, struct nfs4_secinfo_flavors *);
158 int ret = -EPERM;
159
160 secinfo = NFS_PROTO(parent->d_inode)->secinfo;
161 if (secinfo != NULL) {
162 page = alloc_page(GFP_KERNEL);
163 if (!page) {
164 ret = -ENOMEM;
165 goto out;
166 }
167 flavors = page_address(page);
168 ret = secinfo(parent->d_inode, &dentry->d_name, flavors);
169 *flavor = nfs_find_best_sec(flavors);
170 put_page(page);
171 }
172
173out:
174 return ret;
175}
176
177static int nfs_lookup_with_sec(struct nfs_server *server, struct dentry *parent,
178 struct dentry *dentry, struct path *path,
179 struct nfs_fh *fh, struct nfs_fattr *fattr,
180 rpc_authflavor_t *flavor)
181{
182 struct rpc_clnt *clone;
183 struct rpc_auth *auth;
184 int err; 156 int err;
185 157
186 err = nfs_negotiate_security(parent, path->dentry, flavor); 158 if (NFS_PROTO(dir)->version == 4)
187 if (err < 0) 159 return nfs4_proc_lookup_mountpoint(dir, name, fh, fattr);
188 goto out; 160
189 clone = rpc_clone_client(server->client); 161 err = NFS_PROTO(dir)->lookup(NFS_SERVER(dir)->client, dir, name, fh, fattr);
190 auth = rpcauth_create(*flavor, clone); 162 if (err)
191 if (!auth) { 163 return ERR_PTR(err);
192 err = -EIO; 164 return rpc_clone_client(NFS_SERVER(dir)->client);
193 goto out_shutdown;
194 }
195 err = server->nfs_client->rpc_ops->lookup(clone, parent->d_inode,
196 &path->dentry->d_name,
197 fh, fattr);
198out_shutdown:
199 rpc_shutdown_client(clone);
200out:
201 return err;
202} 165}
203#else /* CONFIG_NFS_V4 */ 166#else /* CONFIG_NFS_V4 */
204static inline int nfs_lookup_with_sec(struct nfs_server *server, 167static inline struct rpc_clnt *nfs_lookup_mountpoint(struct inode *dir,
205 struct dentry *parent, struct dentry *dentry, 168 struct qstr *name,
206 struct path *path, struct nfs_fh *fh, 169 struct nfs_fh *fh,
207 struct nfs_fattr *fattr, 170 struct nfs_fattr *fattr)
208 rpc_authflavor_t *flavor)
209{ 171{
210 return -EPERM; 172 int err = NFS_PROTO(dir)->lookup(NFS_SERVER(dir)->client, dir, name, fh, fattr);
173 if (err)
174 return ERR_PTR(err);
175 return rpc_clone_client(NFS_SERVER(dir)->client);
211} 176}
212#endif /* CONFIG_NFS_V4 */ 177#endif /* CONFIG_NFS_V4 */
213 178
@@ -226,12 +191,10 @@ static inline int nfs_lookup_with_sec(struct nfs_server *server,
226struct vfsmount *nfs_d_automount(struct path *path) 191struct vfsmount *nfs_d_automount(struct path *path)
227{ 192{
228 struct vfsmount *mnt; 193 struct vfsmount *mnt;
229 struct nfs_server *server = NFS_SERVER(path->dentry->d_inode);
230 struct dentry *parent; 194 struct dentry *parent;
231 struct nfs_fh *fh = NULL; 195 struct nfs_fh *fh = NULL;
232 struct nfs_fattr *fattr = NULL; 196 struct nfs_fattr *fattr = NULL;
233 int err; 197 struct rpc_clnt *client;
234 rpc_authflavor_t flavor = RPC_AUTH_UNIX;
235 198
236 dprintk("--> nfs_d_automount()\n"); 199 dprintk("--> nfs_d_automount()\n");
237 200
@@ -249,21 +212,19 @@ struct vfsmount *nfs_d_automount(struct path *path)
249 212
250 /* Look it up again to get its attributes */ 213 /* Look it up again to get its attributes */
251 parent = dget_parent(path->dentry); 214 parent = dget_parent(path->dentry);
252 err = server->nfs_client->rpc_ops->lookup(server->client, parent->d_inode, 215 client = nfs_lookup_mountpoint(parent->d_inode, &path->dentry->d_name, fh, fattr);
253 &path->dentry->d_name,
254 fh, fattr);
255 if (err == -EPERM && NFS_PROTO(parent->d_inode)->secinfo != NULL)
256 err = nfs_lookup_with_sec(server, parent, path->dentry, path, fh, fattr, &flavor);
257 dput(parent); 216 dput(parent);
258 if (err != 0) { 217 if (IS_ERR(client)) {
259 mnt = ERR_PTR(err); 218 mnt = ERR_CAST(client);
260 goto out; 219 goto out;
261 } 220 }
262 221
263 if (fattr->valid & NFS_ATTR_FATTR_V4_REFERRAL) 222 if (fattr->valid & NFS_ATTR_FATTR_V4_REFERRAL)
264 mnt = nfs_do_refmount(path->dentry); 223 mnt = nfs_do_refmount(client, path->dentry);
265 else 224 else
266 mnt = nfs_do_submount(path->dentry, fh, fattr, flavor); 225 mnt = nfs_do_submount(path->dentry, fh, fattr, client->cl_auth->au_flavor);
226 rpc_shutdown_client(client);
227
267 if (IS_ERR(mnt)) 228 if (IS_ERR(mnt))
268 goto out; 229 goto out;
269 230
diff --git a/fs/nfs/nfs4_fs.h b/fs/nfs/nfs4_fs.h
index 97ecc863dd76..8d75021020b3 100644
--- a/fs/nfs/nfs4_fs.h
+++ b/fs/nfs/nfs4_fs.h
@@ -59,6 +59,7 @@ struct nfs_unique_id {
59 59
60#define NFS_SEQID_CONFIRMED 1 60#define NFS_SEQID_CONFIRMED 1
61struct nfs_seqid_counter { 61struct nfs_seqid_counter {
62 ktime_t create_time;
62 int owner_id; 63 int owner_id;
63 int flags; 64 int flags;
64 u32 counter; 65 u32 counter;
@@ -204,6 +205,9 @@ struct nfs4_state_maintenance_ops {
204extern const struct dentry_operations nfs4_dentry_operations; 205extern const struct dentry_operations nfs4_dentry_operations;
205extern const struct inode_operations nfs4_dir_inode_operations; 206extern const struct inode_operations nfs4_dir_inode_operations;
206 207
208/* nfs4namespace.c */
209struct rpc_clnt *nfs4_create_sec_client(struct rpc_clnt *, struct inode *, struct qstr *);
210
207/* nfs4proc.c */ 211/* nfs4proc.c */
208extern int nfs4_proc_setclientid(struct nfs_client *, u32, unsigned short, struct rpc_cred *, struct nfs4_setclientid_res *); 212extern int nfs4_proc_setclientid(struct nfs_client *, u32, unsigned short, struct rpc_cred *, struct nfs4_setclientid_res *);
209extern int nfs4_proc_setclientid_confirm(struct nfs_client *, struct nfs4_setclientid_res *arg, struct rpc_cred *); 213extern int nfs4_proc_setclientid_confirm(struct nfs_client *, struct nfs4_setclientid_res *arg, struct rpc_cred *);
@@ -212,8 +216,11 @@ extern int nfs4_init_clientid(struct nfs_client *, struct rpc_cred *);
212extern int nfs41_init_clientid(struct nfs_client *, struct rpc_cred *); 216extern int nfs41_init_clientid(struct nfs_client *, struct rpc_cred *);
213extern int nfs4_do_close(struct nfs4_state *state, gfp_t gfp_mask, int wait, bool roc); 217extern int nfs4_do_close(struct nfs4_state *state, gfp_t gfp_mask, int wait, bool roc);
214extern int nfs4_server_capabilities(struct nfs_server *server, struct nfs_fh *fhandle); 218extern int nfs4_server_capabilities(struct nfs_server *server, struct nfs_fh *fhandle);
215extern int nfs4_proc_fs_locations(struct inode *dir, const struct qstr *name, 219extern int nfs4_proc_fs_locations(struct rpc_clnt *, struct inode *, const struct qstr *,
216 struct nfs4_fs_locations *fs_locations, struct page *page); 220 struct nfs4_fs_locations *, struct page *);
221extern struct rpc_clnt *nfs4_proc_lookup_mountpoint(struct inode *, struct qstr *,
222 struct nfs_fh *, struct nfs_fattr *);
223extern int nfs4_proc_secinfo(struct inode *, const struct qstr *, struct nfs4_secinfo_flavors *);
217extern int nfs4_release_lockowner(struct nfs4_lock_state *); 224extern int nfs4_release_lockowner(struct nfs4_lock_state *);
218extern const struct xattr_handler *nfs4_xattr_handlers[]; 225extern const struct xattr_handler *nfs4_xattr_handlers[];
219 226
diff --git a/fs/nfs/nfs4filelayoutdev.c b/fs/nfs/nfs4filelayoutdev.c
index a866bbd2890a..c9cff9adb2d3 100644
--- a/fs/nfs/nfs4filelayoutdev.c
+++ b/fs/nfs/nfs4filelayoutdev.c
@@ -699,7 +699,7 @@ get_device_info(struct inode *inode, struct nfs4_deviceid *dev_id, gfp_t gfp_fla
699 * GETDEVICEINFO's maxcount 699 * GETDEVICEINFO's maxcount
700 */ 700 */
701 max_resp_sz = server->nfs_client->cl_session->fc_attrs.max_resp_sz; 701 max_resp_sz = server->nfs_client->cl_session->fc_attrs.max_resp_sz;
702 max_pages = max_resp_sz >> PAGE_SHIFT; 702 max_pages = nfs_page_array_len(0, max_resp_sz);
703 dprintk("%s inode %p max_resp_sz %u max_pages %d\n", 703 dprintk("%s inode %p max_resp_sz %u max_pages %d\n",
704 __func__, inode, max_resp_sz, max_pages); 704 __func__, inode, max_resp_sz, max_pages);
705 705
diff --git a/fs/nfs/nfs4namespace.c b/fs/nfs/nfs4namespace.c
index 9c8eca315f43..a7f3dedc4ec7 100644
--- a/fs/nfs/nfs4namespace.c
+++ b/fs/nfs/nfs4namespace.c
@@ -52,6 +52,30 @@ Elong:
52} 52}
53 53
54/* 54/*
55 * return the path component of "<server>:<path>"
56 * nfspath - the "<server>:<path>" string
57 * end - one past the last char that could contain "<server>:"
58 * returns NULL on failure
59 */
60static char *nfs_path_component(const char *nfspath, const char *end)
61{
62 char *p;
63
64 if (*nfspath == '[') {
65 /* parse [] escaped IPv6 addrs */
66 p = strchr(nfspath, ']');
67 if (p != NULL && ++p < end && *p == ':')
68 return p + 1;
69 } else {
70 /* otherwise split on first colon */
71 p = strchr(nfspath, ':');
72 if (p != NULL && p < end)
73 return p + 1;
74 }
75 return NULL;
76}
77
78/*
55 * Determine the mount path as a string 79 * Determine the mount path as a string
56 */ 80 */
57static char *nfs4_path(struct dentry *dentry, char *buffer, ssize_t buflen) 81static char *nfs4_path(struct dentry *dentry, char *buffer, ssize_t buflen)
@@ -59,9 +83,9 @@ static char *nfs4_path(struct dentry *dentry, char *buffer, ssize_t buflen)
59 char *limit; 83 char *limit;
60 char *path = nfs_path(&limit, dentry, buffer, buflen); 84 char *path = nfs_path(&limit, dentry, buffer, buflen);
61 if (!IS_ERR(path)) { 85 if (!IS_ERR(path)) {
62 char *colon = strchr(path, ':'); 86 char *path_component = nfs_path_component(path, limit);
63 if (colon && colon < limit) 87 if (path_component)
64 path = colon + 1; 88 return path_component;
65 } 89 }
66 return path; 90 return path;
67} 91}
@@ -108,6 +132,58 @@ static size_t nfs_parse_server_name(char *string, size_t len,
108 return ret; 132 return ret;
109} 133}
110 134
135static rpc_authflavor_t nfs4_negotiate_security(struct inode *inode, struct qstr *name)
136{
137 struct page *page;
138 struct nfs4_secinfo_flavors *flavors;
139 rpc_authflavor_t flavor;
140 int err;
141
142 page = alloc_page(GFP_KERNEL);
143 if (!page)
144 return -ENOMEM;
145 flavors = page_address(page);
146
147 err = nfs4_proc_secinfo(inode, name, flavors);
148 if (err < 0) {
149 flavor = err;
150 goto out;
151 }
152
153 flavor = nfs_find_best_sec(flavors);
154
155out:
156 put_page(page);
157 return flavor;
158}
159
160/*
161 * Please call rpc_shutdown_client() when you are done with this client.
162 */
163struct rpc_clnt *nfs4_create_sec_client(struct rpc_clnt *clnt, struct inode *inode,
164 struct qstr *name)
165{
166 struct rpc_clnt *clone;
167 struct rpc_auth *auth;
168 rpc_authflavor_t flavor;
169
170 flavor = nfs4_negotiate_security(inode, name);
171 if (flavor < 0)
172 return ERR_PTR(flavor);
173
174 clone = rpc_clone_client(clnt);
175 if (IS_ERR(clone))
176 return clone;
177
178 auth = rpcauth_create(flavor, clone);
179 if (!auth) {
180 rpc_shutdown_client(clone);
181 clone = ERR_PTR(-EIO);
182 }
183
184 return clone;
185}
186
111static struct vfsmount *try_location(struct nfs_clone_mount *mountdata, 187static struct vfsmount *try_location(struct nfs_clone_mount *mountdata,
112 char *page, char *page2, 188 char *page, char *page2,
113 const struct nfs4_fs_location *location) 189 const struct nfs4_fs_location *location)
@@ -224,7 +300,7 @@ out:
224 * @dentry - dentry of referral 300 * @dentry - dentry of referral
225 * 301 *
226 */ 302 */
227struct vfsmount *nfs_do_refmount(struct dentry *dentry) 303struct vfsmount *nfs_do_refmount(struct rpc_clnt *client, struct dentry *dentry)
228{ 304{
229 struct vfsmount *mnt = ERR_PTR(-ENOMEM); 305 struct vfsmount *mnt = ERR_PTR(-ENOMEM);
230 struct dentry *parent; 306 struct dentry *parent;
@@ -250,7 +326,7 @@ struct vfsmount *nfs_do_refmount(struct dentry *dentry)
250 dprintk("%s: getting locations for %s/%s\n", 326 dprintk("%s: getting locations for %s/%s\n",
251 __func__, parent->d_name.name, dentry->d_name.name); 327 __func__, parent->d_name.name, dentry->d_name.name);
252 328
253 err = nfs4_proc_fs_locations(parent->d_inode, &dentry->d_name, fs_locations, page); 329 err = nfs4_proc_fs_locations(client, parent->d_inode, &dentry->d_name, fs_locations, page);
254 dput(parent); 330 dput(parent);
255 if (err != 0 || 331 if (err != 0 ||
256 fs_locations->nlocations <= 0 || 332 fs_locations->nlocations <= 0 ||
diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c
index f82bde005a82..99650aaf8937 100644
--- a/fs/nfs/nfs4proc.c
+++ b/fs/nfs/nfs4proc.c
@@ -838,7 +838,8 @@ static struct nfs4_opendata *nfs4_opendata_alloc(struct dentry *dentry,
838 p->o_arg.open_flags = flags; 838 p->o_arg.open_flags = flags;
839 p->o_arg.fmode = fmode & (FMODE_READ|FMODE_WRITE); 839 p->o_arg.fmode = fmode & (FMODE_READ|FMODE_WRITE);
840 p->o_arg.clientid = server->nfs_client->cl_clientid; 840 p->o_arg.clientid = server->nfs_client->cl_clientid;
841 p->o_arg.id = sp->so_seqid.owner_id; 841 p->o_arg.id.create_time = ktime_to_ns(sp->so_seqid.create_time);
842 p->o_arg.id.uniquifier = sp->so_seqid.owner_id;
842 p->o_arg.name = &dentry->d_name; 843 p->o_arg.name = &dentry->d_name;
843 p->o_arg.server = server; 844 p->o_arg.server = server;
844 p->o_arg.bitmask = server->attr_bitmask; 845 p->o_arg.bitmask = server->attr_bitmask;
@@ -1466,8 +1467,7 @@ static void nfs4_open_prepare(struct rpc_task *task, void *calldata)
1466 goto unlock_no_action; 1467 goto unlock_no_action;
1467 rcu_read_unlock(); 1468 rcu_read_unlock();
1468 } 1469 }
1469 /* Update sequence id. */ 1470 /* Update client id. */
1470 data->o_arg.id = sp->so_seqid.owner_id;
1471 data->o_arg.clientid = sp->so_server->nfs_client->cl_clientid; 1471 data->o_arg.clientid = sp->so_server->nfs_client->cl_clientid;
1472 if (data->o_arg.claim == NFS4_OPEN_CLAIM_PREVIOUS) { 1472 if (data->o_arg.claim == NFS4_OPEN_CLAIM_PREVIOUS) {
1473 task->tk_msg.rpc_proc = &nfs4_procedures[NFSPROC4_CLNT_OPEN_NOATTR]; 1473 task->tk_msg.rpc_proc = &nfs4_procedures[NFSPROC4_CLNT_OPEN_NOATTR];
@@ -1954,10 +1954,19 @@ static int nfs4_do_setattr(struct inode *inode, struct rpc_cred *cred,
1954 }; 1954 };
1955 int err; 1955 int err;
1956 do { 1956 do {
1957 err = nfs4_handle_exception(server, 1957 err = _nfs4_do_setattr(inode, cred, fattr, sattr, state);
1958 _nfs4_do_setattr(inode, cred, fattr, sattr, state), 1958 switch (err) {
1959 &exception); 1959 case -NFS4ERR_OPENMODE:
1960 if (state && !(state->state & FMODE_WRITE)) {
1961 err = -EBADF;
1962 if (sattr->ia_valid & ATTR_OPEN)
1963 err = -EACCES;
1964 goto out;
1965 }
1966 }
1967 err = nfs4_handle_exception(server, err, &exception);
1960 } while (exception.retry); 1968 } while (exception.retry);
1969out:
1961 return err; 1970 return err;
1962} 1971}
1963 1972
@@ -2368,8 +2377,9 @@ static int nfs4_proc_get_root(struct nfs_server *server, struct nfs_fh *fhandle,
2368 * Note that we'll actually follow the referral later when 2377 * Note that we'll actually follow the referral later when
2369 * we detect fsid mismatch in inode revalidation 2378 * we detect fsid mismatch in inode revalidation
2370 */ 2379 */
2371static int nfs4_get_referral(struct inode *dir, const struct qstr *name, 2380static int nfs4_get_referral(struct rpc_clnt *client, struct inode *dir,
2372 struct nfs_fattr *fattr, struct nfs_fh *fhandle) 2381 const struct qstr *name, struct nfs_fattr *fattr,
2382 struct nfs_fh *fhandle)
2373{ 2383{
2374 int status = -ENOMEM; 2384 int status = -ENOMEM;
2375 struct page *page = NULL; 2385 struct page *page = NULL;
@@ -2382,7 +2392,7 @@ static int nfs4_get_referral(struct inode *dir, const struct qstr *name,
2382 if (locations == NULL) 2392 if (locations == NULL)
2383 goto out; 2393 goto out;
2384 2394
2385 status = nfs4_proc_fs_locations(dir, name, locations, page); 2395 status = nfs4_proc_fs_locations(client, dir, name, locations, page);
2386 if (status != 0) 2396 if (status != 0)
2387 goto out; 2397 goto out;
2388 /* Make sure server returned a different fsid for the referral */ 2398 /* Make sure server returned a different fsid for the referral */
@@ -2519,39 +2529,84 @@ static int _nfs4_proc_lookup(struct rpc_clnt *clnt, struct inode *dir,
2519 return status; 2529 return status;
2520} 2530}
2521 2531
2522void nfs_fixup_secinfo_attributes(struct nfs_fattr *fattr, struct nfs_fh *fh) 2532static void nfs_fixup_secinfo_attributes(struct nfs_fattr *fattr)
2523{ 2533{
2524 memset(fh, 0, sizeof(struct nfs_fh));
2525 fattr->fsid.major = 1;
2526 fattr->valid |= NFS_ATTR_FATTR_TYPE | NFS_ATTR_FATTR_MODE | 2534 fattr->valid |= NFS_ATTR_FATTR_TYPE | NFS_ATTR_FATTR_MODE |
2527 NFS_ATTR_FATTR_NLINK | NFS_ATTR_FATTR_FSID | NFS_ATTR_FATTR_MOUNTPOINT; 2535 NFS_ATTR_FATTR_NLINK | NFS_ATTR_FATTR_MOUNTPOINT;
2528 fattr->mode = S_IFDIR | S_IRUGO | S_IXUGO; 2536 fattr->mode = S_IFDIR | S_IRUGO | S_IXUGO;
2529 fattr->nlink = 2; 2537 fattr->nlink = 2;
2530} 2538}
2531 2539
2532static int nfs4_proc_lookup(struct rpc_clnt *clnt, struct inode *dir, struct qstr *name, 2540static int nfs4_proc_lookup_common(struct rpc_clnt **clnt, struct inode *dir,
2533 struct nfs_fh *fhandle, struct nfs_fattr *fattr) 2541 struct qstr *name, struct nfs_fh *fhandle,
2542 struct nfs_fattr *fattr)
2534{ 2543{
2535 struct nfs4_exception exception = { }; 2544 struct nfs4_exception exception = { };
2545 struct rpc_clnt *client = *clnt;
2536 int err; 2546 int err;
2537 do { 2547 do {
2538 int status; 2548 err = _nfs4_proc_lookup(client, dir, name, fhandle, fattr);
2539 2549 switch (err) {
2540 status = _nfs4_proc_lookup(clnt, dir, name, fhandle, fattr);
2541 switch (status) {
2542 case -NFS4ERR_BADNAME: 2550 case -NFS4ERR_BADNAME:
2543 return -ENOENT; 2551 err = -ENOENT;
2552 goto out;
2544 case -NFS4ERR_MOVED: 2553 case -NFS4ERR_MOVED:
2545 return nfs4_get_referral(dir, name, fattr, fhandle); 2554 err = nfs4_get_referral(client, dir, name, fattr, fhandle);
2555 goto out;
2546 case -NFS4ERR_WRONGSEC: 2556 case -NFS4ERR_WRONGSEC:
2547 nfs_fixup_secinfo_attributes(fattr, fhandle); 2557 err = -EPERM;
2558 if (client != *clnt)
2559 goto out;
2560
2561 client = nfs4_create_sec_client(client, dir, name);
2562 if (IS_ERR(client))
2563 return PTR_ERR(client);
2564
2565 exception.retry = 1;
2566 break;
2567 default:
2568 err = nfs4_handle_exception(NFS_SERVER(dir), err, &exception);
2548 } 2569 }
2549 err = nfs4_handle_exception(NFS_SERVER(dir),
2550 status, &exception);
2551 } while (exception.retry); 2570 } while (exception.retry);
2571
2572out:
2573 if (err == 0)
2574 *clnt = client;
2575 else if (client != *clnt)
2576 rpc_shutdown_client(client);
2577
2552 return err; 2578 return err;
2553} 2579}
2554 2580
2581static int nfs4_proc_lookup(struct rpc_clnt *clnt, struct inode *dir, struct qstr *name,
2582 struct nfs_fh *fhandle, struct nfs_fattr *fattr)
2583{
2584 int status;
2585 struct rpc_clnt *client = NFS_CLIENT(dir);
2586
2587 status = nfs4_proc_lookup_common(&client, dir, name, fhandle, fattr);
2588 if (client != NFS_CLIENT(dir)) {
2589 rpc_shutdown_client(client);
2590 nfs_fixup_secinfo_attributes(fattr);
2591 }
2592 return status;
2593}
2594
2595struct rpc_clnt *
2596nfs4_proc_lookup_mountpoint(struct inode *dir, struct qstr *name,
2597 struct nfs_fh *fhandle, struct nfs_fattr *fattr)
2598{
2599 int status;
2600 struct rpc_clnt *client = rpc_clone_client(NFS_CLIENT(dir));
2601
2602 status = nfs4_proc_lookup_common(&client, dir, name, fhandle, fattr);
2603 if (status < 0) {
2604 rpc_shutdown_client(client);
2605 return ERR_PTR(status);
2606 }
2607 return client;
2608}
2609
2555static int _nfs4_proc_access(struct inode *inode, struct nfs_access_entry *entry) 2610static int _nfs4_proc_access(struct inode *inode, struct nfs_access_entry *entry)
2556{ 2611{
2557 struct nfs_server *server = NFS_SERVER(inode); 2612 struct nfs_server *server = NFS_SERVER(inode);
@@ -3619,16 +3674,16 @@ out:
3619 return ret; 3674 return ret;
3620} 3675}
3621 3676
3622static void nfs4_write_cached_acl(struct inode *inode, const char *buf, size_t acl_len) 3677static void nfs4_write_cached_acl(struct inode *inode, struct page **pages, size_t pgbase, size_t acl_len)
3623{ 3678{
3624 struct nfs4_cached_acl *acl; 3679 struct nfs4_cached_acl *acl;
3625 3680
3626 if (buf && acl_len <= PAGE_SIZE) { 3681 if (pages && acl_len <= PAGE_SIZE) {
3627 acl = kmalloc(sizeof(*acl) + acl_len, GFP_KERNEL); 3682 acl = kmalloc(sizeof(*acl) + acl_len, GFP_KERNEL);
3628 if (acl == NULL) 3683 if (acl == NULL)
3629 goto out; 3684 goto out;
3630 acl->cached = 1; 3685 acl->cached = 1;
3631 memcpy(acl->data, buf, acl_len); 3686 _copy_from_pages(acl->data, pages, pgbase, acl_len);
3632 } else { 3687 } else {
3633 acl = kmalloc(sizeof(*acl), GFP_KERNEL); 3688 acl = kmalloc(sizeof(*acl), GFP_KERNEL);
3634 if (acl == NULL) 3689 if (acl == NULL)
@@ -3661,7 +3716,6 @@ static ssize_t __nfs4_get_acl_uncached(struct inode *inode, void *buf, size_t bu
3661 struct nfs_getaclres res = { 3716 struct nfs_getaclres res = {
3662 .acl_len = buflen, 3717 .acl_len = buflen,
3663 }; 3718 };
3664 void *resp_buf;
3665 struct rpc_message msg = { 3719 struct rpc_message msg = {
3666 .rpc_proc = &nfs4_procedures[NFSPROC4_CLNT_GETACL], 3720 .rpc_proc = &nfs4_procedures[NFSPROC4_CLNT_GETACL],
3667 .rpc_argp = &args, 3721 .rpc_argp = &args,
@@ -3675,24 +3729,27 @@ static ssize_t __nfs4_get_acl_uncached(struct inode *inode, void *buf, size_t bu
3675 if (npages == 0) 3729 if (npages == 0)
3676 npages = 1; 3730 npages = 1;
3677 3731
3732 /* Add an extra page to handle the bitmap returned */
3733 npages++;
3734
3678 for (i = 0; i < npages; i++) { 3735 for (i = 0; i < npages; i++) {
3679 pages[i] = alloc_page(GFP_KERNEL); 3736 pages[i] = alloc_page(GFP_KERNEL);
3680 if (!pages[i]) 3737 if (!pages[i])
3681 goto out_free; 3738 goto out_free;
3682 } 3739 }
3683 if (npages > 1) { 3740
3684 /* for decoding across pages */ 3741 /* for decoding across pages */
3685 res.acl_scratch = alloc_page(GFP_KERNEL); 3742 res.acl_scratch = alloc_page(GFP_KERNEL);
3686 if (!res.acl_scratch) 3743 if (!res.acl_scratch)
3687 goto out_free; 3744 goto out_free;
3688 } 3745
3689 args.acl_len = npages * PAGE_SIZE; 3746 args.acl_len = npages * PAGE_SIZE;
3690 args.acl_pgbase = 0; 3747 args.acl_pgbase = 0;
3748
3691 /* Let decode_getfacl know not to fail if the ACL data is larger than 3749 /* Let decode_getfacl know not to fail if the ACL data is larger than
3692 * the page we send as a guess */ 3750 * the page we send as a guess */
3693 if (buf == NULL) 3751 if (buf == NULL)
3694 res.acl_flags |= NFS4_ACL_LEN_REQUEST; 3752 res.acl_flags |= NFS4_ACL_LEN_REQUEST;
3695 resp_buf = page_address(pages[0]);
3696 3753
3697 dprintk("%s buf %p buflen %zu npages %d args.acl_len %zu\n", 3754 dprintk("%s buf %p buflen %zu npages %d args.acl_len %zu\n",
3698 __func__, buf, buflen, npages, args.acl_len); 3755 __func__, buf, buflen, npages, args.acl_len);
@@ -3703,9 +3760,9 @@ static ssize_t __nfs4_get_acl_uncached(struct inode *inode, void *buf, size_t bu
3703 3760
3704 acl_len = res.acl_len - res.acl_data_offset; 3761 acl_len = res.acl_len - res.acl_data_offset;
3705 if (acl_len > args.acl_len) 3762 if (acl_len > args.acl_len)
3706 nfs4_write_cached_acl(inode, NULL, acl_len); 3763 nfs4_write_cached_acl(inode, NULL, 0, acl_len);
3707 else 3764 else
3708 nfs4_write_cached_acl(inode, resp_buf + res.acl_data_offset, 3765 nfs4_write_cached_acl(inode, pages, res.acl_data_offset,
3709 acl_len); 3766 acl_len);
3710 if (buf) { 3767 if (buf) {
3711 ret = -ERANGE; 3768 ret = -ERANGE;
@@ -4558,7 +4615,9 @@ static int _nfs4_do_setlk(struct nfs4_state *state, int cmd, struct file_lock *f
4558static int nfs4_lock_reclaim(struct nfs4_state *state, struct file_lock *request) 4615static int nfs4_lock_reclaim(struct nfs4_state *state, struct file_lock *request)
4559{ 4616{
4560 struct nfs_server *server = NFS_SERVER(state->inode); 4617 struct nfs_server *server = NFS_SERVER(state->inode);
4561 struct nfs4_exception exception = { }; 4618 struct nfs4_exception exception = {
4619 .inode = state->inode,
4620 };
4562 int err; 4621 int err;
4563 4622
4564 do { 4623 do {
@@ -4576,7 +4635,9 @@ static int nfs4_lock_reclaim(struct nfs4_state *state, struct file_lock *request
4576static int nfs4_lock_expired(struct nfs4_state *state, struct file_lock *request) 4635static int nfs4_lock_expired(struct nfs4_state *state, struct file_lock *request)
4577{ 4636{
4578 struct nfs_server *server = NFS_SERVER(state->inode); 4637 struct nfs_server *server = NFS_SERVER(state->inode);
4579 struct nfs4_exception exception = { }; 4638 struct nfs4_exception exception = {
4639 .inode = state->inode,
4640 };
4580 int err; 4641 int err;
4581 4642
4582 err = nfs4_set_lock_state(state, request); 4643 err = nfs4_set_lock_state(state, request);
@@ -4676,6 +4737,7 @@ static int nfs4_proc_setlk(struct nfs4_state *state, int cmd, struct file_lock *
4676{ 4737{
4677 struct nfs4_exception exception = { 4738 struct nfs4_exception exception = {
4678 .state = state, 4739 .state = state,
4740 .inode = state->inode,
4679 }; 4741 };
4680 int err; 4742 int err;
4681 4743
@@ -4721,6 +4783,20 @@ nfs4_proc_lock(struct file *filp, int cmd, struct file_lock *request)
4721 4783
4722 if (state == NULL) 4784 if (state == NULL)
4723 return -ENOLCK; 4785 return -ENOLCK;
4786 /*
4787 * Don't rely on the VFS having checked the file open mode,
4788 * since it won't do this for flock() locks.
4789 */
4790 switch (request->fl_type & (F_RDLCK|F_WRLCK|F_UNLCK)) {
4791 case F_RDLCK:
4792 if (!(filp->f_mode & FMODE_READ))
4793 return -EBADF;
4794 break;
4795 case F_WRLCK:
4796 if (!(filp->f_mode & FMODE_WRITE))
4797 return -EBADF;
4798 }
4799
4724 do { 4800 do {
4725 status = nfs4_proc_setlk(state, cmd, request); 4801 status = nfs4_proc_setlk(state, cmd, request);
4726 if ((status != -EAGAIN) || IS_SETLK(cmd)) 4802 if ((status != -EAGAIN) || IS_SETLK(cmd))
@@ -4891,8 +4967,10 @@ static void nfs_fixup_referral_attributes(struct nfs_fattr *fattr)
4891 fattr->nlink = 2; 4967 fattr->nlink = 2;
4892} 4968}
4893 4969
4894int nfs4_proc_fs_locations(struct inode *dir, const struct qstr *name, 4970static int _nfs4_proc_fs_locations(struct rpc_clnt *client, struct inode *dir,
4895 struct nfs4_fs_locations *fs_locations, struct page *page) 4971 const struct qstr *name,
4972 struct nfs4_fs_locations *fs_locations,
4973 struct page *page)
4896{ 4974{
4897 struct nfs_server *server = NFS_SERVER(dir); 4975 struct nfs_server *server = NFS_SERVER(dir);
4898 u32 bitmask[2] = { 4976 u32 bitmask[2] = {
@@ -4926,11 +5004,26 @@ int nfs4_proc_fs_locations(struct inode *dir, const struct qstr *name,
4926 nfs_fattr_init(&fs_locations->fattr); 5004 nfs_fattr_init(&fs_locations->fattr);
4927 fs_locations->server = server; 5005 fs_locations->server = server;
4928 fs_locations->nlocations = 0; 5006 fs_locations->nlocations = 0;
4929 status = nfs4_call_sync(server->client, server, &msg, &args.seq_args, &res.seq_res, 0); 5007 status = nfs4_call_sync(client, server, &msg, &args.seq_args, &res.seq_res, 0);
4930 dprintk("%s: returned status = %d\n", __func__, status); 5008 dprintk("%s: returned status = %d\n", __func__, status);
4931 return status; 5009 return status;
4932} 5010}
4933 5011
5012int nfs4_proc_fs_locations(struct rpc_clnt *client, struct inode *dir,
5013 const struct qstr *name,
5014 struct nfs4_fs_locations *fs_locations,
5015 struct page *page)
5016{
5017 struct nfs4_exception exception = { };
5018 int err;
5019 do {
5020 err = nfs4_handle_exception(NFS_SERVER(dir),
5021 _nfs4_proc_fs_locations(client, dir, name, fs_locations, page),
5022 &exception);
5023 } while (exception.retry);
5024 return err;
5025}
5026
4934static int _nfs4_proc_secinfo(struct inode *dir, const struct qstr *name, struct nfs4_secinfo_flavors *flavors) 5027static int _nfs4_proc_secinfo(struct inode *dir, const struct qstr *name, struct nfs4_secinfo_flavors *flavors)
4935{ 5028{
4936 int status; 5029 int status;
@@ -4953,8 +5046,8 @@ static int _nfs4_proc_secinfo(struct inode *dir, const struct qstr *name, struct
4953 return status; 5046 return status;
4954} 5047}
4955 5048
4956static int nfs4_proc_secinfo(struct inode *dir, const struct qstr *name, 5049int nfs4_proc_secinfo(struct inode *dir, const struct qstr *name,
4957 struct nfs4_secinfo_flavors *flavors) 5050 struct nfs4_secinfo_flavors *flavors)
4958{ 5051{
4959 struct nfs4_exception exception = { }; 5052 struct nfs4_exception exception = { };
4960 int err; 5053 int err;
@@ -5029,10 +5122,9 @@ int nfs4_proc_exchange_id(struct nfs_client *clp, struct rpc_cred *cred)
5029 nfs4_construct_boot_verifier(clp, &verifier); 5122 nfs4_construct_boot_verifier(clp, &verifier);
5030 5123
5031 args.id_len = scnprintf(args.id, sizeof(args.id), 5124 args.id_len = scnprintf(args.id, sizeof(args.id),
5032 "%s/%s.%s/%u", 5125 "%s/%s/%u",
5033 clp->cl_ipaddr, 5126 clp->cl_ipaddr,
5034 init_utsname()->nodename, 5127 clp->cl_rpcclient->cl_nodename,
5035 init_utsname()->domainname,
5036 clp->cl_rpcclient->cl_auth->au_flavor); 5128 clp->cl_rpcclient->cl_auth->au_flavor);
5037 5129
5038 res.server_scope = kzalloc(sizeof(struct server_scope), GFP_KERNEL); 5130 res.server_scope = kzalloc(sizeof(struct server_scope), GFP_KERNEL);
diff --git a/fs/nfs/nfs4state.c b/fs/nfs/nfs4state.c
index 0f43414eb25a..7f0fcfc1fe9d 100644
--- a/fs/nfs/nfs4state.c
+++ b/fs/nfs/nfs4state.c
@@ -393,6 +393,7 @@ nfs4_remove_state_owner_locked(struct nfs4_state_owner *sp)
393static void 393static void
394nfs4_init_seqid_counter(struct nfs_seqid_counter *sc) 394nfs4_init_seqid_counter(struct nfs_seqid_counter *sc)
395{ 395{
396 sc->create_time = ktime_get();
396 sc->flags = 0; 397 sc->flags = 0;
397 sc->counter = 0; 398 sc->counter = 0;
398 spin_lock_init(&sc->lock); 399 spin_lock_init(&sc->lock);
@@ -434,13 +435,17 @@ nfs4_alloc_state_owner(struct nfs_server *server,
434static void 435static void
435nfs4_drop_state_owner(struct nfs4_state_owner *sp) 436nfs4_drop_state_owner(struct nfs4_state_owner *sp)
436{ 437{
437 if (!RB_EMPTY_NODE(&sp->so_server_node)) { 438 struct rb_node *rb_node = &sp->so_server_node;
439
440 if (!RB_EMPTY_NODE(rb_node)) {
438 struct nfs_server *server = sp->so_server; 441 struct nfs_server *server = sp->so_server;
439 struct nfs_client *clp = server->nfs_client; 442 struct nfs_client *clp = server->nfs_client;
440 443
441 spin_lock(&clp->cl_lock); 444 spin_lock(&clp->cl_lock);
442 rb_erase(&sp->so_server_node, &server->state_owners); 445 if (!RB_EMPTY_NODE(rb_node)) {
443 RB_CLEAR_NODE(&sp->so_server_node); 446 rb_erase(rb_node, &server->state_owners);
447 RB_CLEAR_NODE(rb_node);
448 }
444 spin_unlock(&clp->cl_lock); 449 spin_unlock(&clp->cl_lock);
445 } 450 }
446} 451}
@@ -516,6 +521,14 @@ out:
516/** 521/**
517 * nfs4_put_state_owner - Release a nfs4_state_owner 522 * nfs4_put_state_owner - Release a nfs4_state_owner
518 * @sp: state owner data to release 523 * @sp: state owner data to release
524 *
525 * Note that we keep released state owners on an LRU
526 * list.
527 * This caches valid state owners so that they can be
528 * reused, to avoid the OPEN_CONFIRM on minor version 0.
529 * It also pins the uniquifier of dropped state owners for
530 * a while, to ensure that those state owner names are
531 * never reused.
519 */ 532 */
520void nfs4_put_state_owner(struct nfs4_state_owner *sp) 533void nfs4_put_state_owner(struct nfs4_state_owner *sp)
521{ 534{
@@ -525,15 +538,9 @@ void nfs4_put_state_owner(struct nfs4_state_owner *sp)
525 if (!atomic_dec_and_lock(&sp->so_count, &clp->cl_lock)) 538 if (!atomic_dec_and_lock(&sp->so_count, &clp->cl_lock))
526 return; 539 return;
527 540
528 if (!RB_EMPTY_NODE(&sp->so_server_node)) { 541 sp->so_expires = jiffies;
529 sp->so_expires = jiffies; 542 list_add_tail(&sp->so_lru, &server->state_owners_lru);
530 list_add_tail(&sp->so_lru, &server->state_owners_lru); 543 spin_unlock(&clp->cl_lock);
531 spin_unlock(&clp->cl_lock);
532 } else {
533 nfs4_remove_state_owner_locked(sp);
534 spin_unlock(&clp->cl_lock);
535 nfs4_free_state_owner(sp);
536 }
537} 544}
538 545
539/** 546/**
diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c
index c74fdb114b48..c54aae364bee 100644
--- a/fs/nfs/nfs4xdr.c
+++ b/fs/nfs/nfs4xdr.c
@@ -74,7 +74,7 @@ static int nfs4_stat_to_errno(int);
74/* lock,open owner id: 74/* lock,open owner id:
75 * we currently use size 2 (u64) out of (NFS4_OPAQUE_LIMIT >> 2) 75 * we currently use size 2 (u64) out of (NFS4_OPAQUE_LIMIT >> 2)
76 */ 76 */
77#define open_owner_id_maxsz (1 + 1 + 4) 77#define open_owner_id_maxsz (1 + 2 + 1 + 1 + 2)
78#define lock_owner_id_maxsz (1 + 1 + 4) 78#define lock_owner_id_maxsz (1 + 1 + 4)
79#define decode_lockowner_maxsz (1 + XDR_QUADLEN(IDMAP_NAMESZ)) 79#define decode_lockowner_maxsz (1 + XDR_QUADLEN(IDMAP_NAMESZ))
80#define compound_encode_hdr_maxsz (3 + (NFS4_MAXTAGLEN >> 2)) 80#define compound_encode_hdr_maxsz (3 + (NFS4_MAXTAGLEN >> 2))
@@ -1340,12 +1340,13 @@ static inline void encode_openhdr(struct xdr_stream *xdr, const struct nfs_opena
1340 */ 1340 */
1341 encode_nfs4_seqid(xdr, arg->seqid); 1341 encode_nfs4_seqid(xdr, arg->seqid);
1342 encode_share_access(xdr, arg->fmode); 1342 encode_share_access(xdr, arg->fmode);
1343 p = reserve_space(xdr, 32); 1343 p = reserve_space(xdr, 36);
1344 p = xdr_encode_hyper(p, arg->clientid); 1344 p = xdr_encode_hyper(p, arg->clientid);
1345 *p++ = cpu_to_be32(20); 1345 *p++ = cpu_to_be32(24);
1346 p = xdr_encode_opaque_fixed(p, "open id:", 8); 1346 p = xdr_encode_opaque_fixed(p, "open id:", 8);
1347 *p++ = cpu_to_be32(arg->server->s_dev); 1347 *p++ = cpu_to_be32(arg->server->s_dev);
1348 xdr_encode_hyper(p, arg->id); 1348 *p++ = cpu_to_be32(arg->id.uniquifier);
1349 xdr_encode_hyper(p, arg->id.create_time);
1349} 1350}
1350 1351
1351static inline void encode_createmode(struct xdr_stream *xdr, const struct nfs_openargs *arg) 1352static inline void encode_createmode(struct xdr_stream *xdr, const struct nfs_openargs *arg)
@@ -4257,8 +4258,6 @@ static int decode_getfattr_attrs(struct xdr_stream *xdr, uint32_t *bitmap,
4257 status = decode_attr_error(xdr, bitmap, &err); 4258 status = decode_attr_error(xdr, bitmap, &err);
4258 if (status < 0) 4259 if (status < 0)
4259 goto xdr_error; 4260 goto xdr_error;
4260 if (err == -NFS4ERR_WRONGSEC)
4261 nfs_fixup_secinfo_attributes(fattr, fh);
4262 4261
4263 status = decode_attr_filehandle(xdr, bitmap, fh); 4262 status = decode_attr_filehandle(xdr, bitmap, fh);
4264 if (status < 0) 4263 if (status < 0)
@@ -4901,11 +4900,19 @@ static int decode_getacl(struct xdr_stream *xdr, struct rpc_rqst *req,
4901 bitmap[3] = {0}; 4900 bitmap[3] = {0};
4902 struct kvec *iov = req->rq_rcv_buf.head; 4901 struct kvec *iov = req->rq_rcv_buf.head;
4903 int status; 4902 int status;
4903 size_t page_len = xdr->buf->page_len;
4904 4904
4905 res->acl_len = 0; 4905 res->acl_len = 0;
4906 if ((status = decode_op_hdr(xdr, OP_GETATTR)) != 0) 4906 if ((status = decode_op_hdr(xdr, OP_GETATTR)) != 0)
4907 goto out; 4907 goto out;
4908
4908 bm_p = xdr->p; 4909 bm_p = xdr->p;
4910 res->acl_data_offset = be32_to_cpup(bm_p) + 2;
4911 res->acl_data_offset <<= 2;
4912 /* Check if the acl data starts beyond the allocated buffer */
4913 if (res->acl_data_offset > page_len)
4914 return -ERANGE;
4915
4909 if ((status = decode_attr_bitmap(xdr, bitmap)) != 0) 4916 if ((status = decode_attr_bitmap(xdr, bitmap)) != 0)
4910 goto out; 4917 goto out;
4911 if ((status = decode_attr_length(xdr, &attrlen, &savep)) != 0) 4918 if ((status = decode_attr_length(xdr, &attrlen, &savep)) != 0)
@@ -4915,28 +4922,24 @@ static int decode_getacl(struct xdr_stream *xdr, struct rpc_rqst *req,
4915 return -EIO; 4922 return -EIO;
4916 if (likely(bitmap[0] & FATTR4_WORD0_ACL)) { 4923 if (likely(bitmap[0] & FATTR4_WORD0_ACL)) {
4917 size_t hdrlen; 4924 size_t hdrlen;
4918 u32 recvd;
4919 4925
4920 /* The bitmap (xdr len + bitmaps) and the attr xdr len words 4926 /* The bitmap (xdr len + bitmaps) and the attr xdr len words
4921 * are stored with the acl data to handle the problem of 4927 * are stored with the acl data to handle the problem of
4922 * variable length bitmaps.*/ 4928 * variable length bitmaps.*/
4923 xdr->p = bm_p; 4929 xdr->p = bm_p;
4924 res->acl_data_offset = be32_to_cpup(bm_p) + 2;
4925 res->acl_data_offset <<= 2;
4926 4930
4927 /* We ignore &savep and don't do consistency checks on 4931 /* We ignore &savep and don't do consistency checks on
4928 * the attr length. Let userspace figure it out.... */ 4932 * the attr length. Let userspace figure it out.... */
4929 hdrlen = (u8 *)xdr->p - (u8 *)iov->iov_base; 4933 hdrlen = (u8 *)xdr->p - (u8 *)iov->iov_base;
4930 attrlen += res->acl_data_offset; 4934 attrlen += res->acl_data_offset;
4931 recvd = req->rq_rcv_buf.len - hdrlen; 4935 if (attrlen > page_len) {
4932 if (attrlen > recvd) {
4933 if (res->acl_flags & NFS4_ACL_LEN_REQUEST) { 4936 if (res->acl_flags & NFS4_ACL_LEN_REQUEST) {
4934 /* getxattr interface called with a NULL buf */ 4937 /* getxattr interface called with a NULL buf */
4935 res->acl_len = attrlen; 4938 res->acl_len = attrlen;
4936 goto out; 4939 goto out;
4937 } 4940 }
4938 dprintk("NFS: acl reply: attrlen %u > recvd %u\n", 4941 dprintk("NFS: acl reply: attrlen %u > page_len %zu\n",
4939 attrlen, recvd); 4942 attrlen, page_len);
4940 return -EINVAL; 4943 return -EINVAL;
4941 } 4944 }
4942 xdr_read_pages(xdr, attrlen); 4945 xdr_read_pages(xdr, attrlen);
@@ -5089,16 +5092,13 @@ out_err:
5089 return -EINVAL; 5092 return -EINVAL;
5090} 5093}
5091 5094
5092static int decode_secinfo(struct xdr_stream *xdr, struct nfs4_secinfo_res *res) 5095static int decode_secinfo_common(struct xdr_stream *xdr, struct nfs4_secinfo_res *res)
5093{ 5096{
5094 struct nfs4_secinfo_flavor *sec_flavor; 5097 struct nfs4_secinfo_flavor *sec_flavor;
5095 int status; 5098 int status;
5096 __be32 *p; 5099 __be32 *p;
5097 int i, num_flavors; 5100 int i, num_flavors;
5098 5101
5099 status = decode_op_hdr(xdr, OP_SECINFO);
5100 if (status)
5101 goto out;
5102 p = xdr_inline_decode(xdr, 4); 5102 p = xdr_inline_decode(xdr, 4);
5103 if (unlikely(!p)) 5103 if (unlikely(!p))
5104 goto out_overflow; 5104 goto out_overflow;
@@ -5124,6 +5124,7 @@ static int decode_secinfo(struct xdr_stream *xdr, struct nfs4_secinfo_res *res)
5124 res->flavors->num_flavors++; 5124 res->flavors->num_flavors++;
5125 } 5125 }
5126 5126
5127 status = 0;
5127out: 5128out:
5128 return status; 5129 return status;
5129out_overflow: 5130out_overflow:
@@ -5131,7 +5132,23 @@ out_overflow:
5131 return -EIO; 5132 return -EIO;
5132} 5133}
5133 5134
5135static int decode_secinfo(struct xdr_stream *xdr, struct nfs4_secinfo_res *res)
5136{
5137 int status = decode_op_hdr(xdr, OP_SECINFO);
5138 if (status)
5139 return status;
5140 return decode_secinfo_common(xdr, res);
5141}
5142
5134#if defined(CONFIG_NFS_V4_1) 5143#if defined(CONFIG_NFS_V4_1)
5144static int decode_secinfo_no_name(struct xdr_stream *xdr, struct nfs4_secinfo_res *res)
5145{
5146 int status = decode_op_hdr(xdr, OP_SECINFO_NO_NAME);
5147 if (status)
5148 return status;
5149 return decode_secinfo_common(xdr, res);
5150}
5151
5135static int decode_exchange_id(struct xdr_stream *xdr, 5152static int decode_exchange_id(struct xdr_stream *xdr,
5136 struct nfs41_exchange_id_res *res) 5153 struct nfs41_exchange_id_res *res)
5137{ 5154{
@@ -6816,7 +6833,7 @@ static int nfs4_xdr_dec_secinfo_no_name(struct rpc_rqst *rqstp,
6816 status = decode_putrootfh(xdr); 6833 status = decode_putrootfh(xdr);
6817 if (status) 6834 if (status)
6818 goto out; 6835 goto out;
6819 status = decode_secinfo(xdr, res); 6836 status = decode_secinfo_no_name(xdr, res);
6820out: 6837out:
6821 return status; 6838 return status;
6822} 6839}
diff --git a/fs/nfs/objlayout/objlayout.c b/fs/nfs/objlayout/objlayout.c
index 8d45f1c318ce..595c5fc21a19 100644
--- a/fs/nfs/objlayout/objlayout.c
+++ b/fs/nfs/objlayout/objlayout.c
@@ -604,7 +604,6 @@ int objlayout_get_deviceinfo(struct pnfs_layout_hdr *pnfslay,
604{ 604{
605 struct objlayout_deviceinfo *odi; 605 struct objlayout_deviceinfo *odi;
606 struct pnfs_device pd; 606 struct pnfs_device pd;
607 struct super_block *sb;
608 struct page *page, **pages; 607 struct page *page, **pages;
609 u32 *p; 608 u32 *p;
610 int err; 609 int err;
@@ -623,7 +622,6 @@ int objlayout_get_deviceinfo(struct pnfs_layout_hdr *pnfslay,
623 pd.pglen = PAGE_SIZE; 622 pd.pglen = PAGE_SIZE;
624 pd.mincount = 0; 623 pd.mincount = 0;
625 624
626 sb = pnfslay->plh_inode->i_sb;
627 err = nfs4_proc_getdeviceinfo(NFS_SERVER(pnfslay->plh_inode), &pd); 625 err = nfs4_proc_getdeviceinfo(NFS_SERVER(pnfslay->plh_inode), &pd);
628 dprintk("%s nfs_getdeviceinfo returned %d\n", __func__, err); 626 dprintk("%s nfs_getdeviceinfo returned %d\n", __func__, err);
629 if (err) 627 if (err)
diff --git a/fs/nfs/pnfs.c b/fs/nfs/pnfs.c
index b5d451586943..38512bcd2e98 100644
--- a/fs/nfs/pnfs.c
+++ b/fs/nfs/pnfs.c
@@ -587,7 +587,7 @@ send_layoutget(struct pnfs_layout_hdr *lo,
587 587
588 /* allocate pages for xdr post processing */ 588 /* allocate pages for xdr post processing */
589 max_resp_sz = server->nfs_client->cl_session->fc_attrs.max_resp_sz; 589 max_resp_sz = server->nfs_client->cl_session->fc_attrs.max_resp_sz;
590 max_pages = max_resp_sz >> PAGE_SHIFT; 590 max_pages = nfs_page_array_len(0, max_resp_sz);
591 591
592 pages = kcalloc(max_pages, sizeof(struct page *), gfp_flags); 592 pages = kcalloc(max_pages, sizeof(struct page *), gfp_flags);
593 if (!pages) 593 if (!pages)
diff --git a/fs/nfs/read.c b/fs/nfs/read.c
index 9a0e8ef4a409..0a4be28c2ea3 100644
--- a/fs/nfs/read.c
+++ b/fs/nfs/read.c
@@ -322,7 +322,7 @@ out_bad:
322 while (!list_empty(res)) { 322 while (!list_empty(res)) {
323 data = list_entry(res->next, struct nfs_read_data, list); 323 data = list_entry(res->next, struct nfs_read_data, list);
324 list_del(&data->list); 324 list_del(&data->list);
325 nfs_readdata_free(data); 325 nfs_readdata_release(data);
326 } 326 }
327 nfs_readpage_release(req); 327 nfs_readpage_release(req);
328 return -ENOMEM; 328 return -ENOMEM;
diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index 37412f706b32..4ac7fca7e4bf 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -2428,7 +2428,7 @@ nfs_xdev_mount(struct file_system_type *fs_type, int flags,
2428 dprintk("--> nfs_xdev_mount()\n"); 2428 dprintk("--> nfs_xdev_mount()\n");
2429 2429
2430 /* create a new volume representation */ 2430 /* create a new volume representation */
2431 server = nfs_clone_server(NFS_SB(data->sb), data->fh, data->fattr); 2431 server = nfs_clone_server(NFS_SB(data->sb), data->fh, data->fattr, data->authflavor);
2432 if (IS_ERR(server)) { 2432 if (IS_ERR(server)) {
2433 error = PTR_ERR(server); 2433 error = PTR_ERR(server);
2434 goto out_err_noserver; 2434 goto out_err_noserver;
@@ -2767,11 +2767,15 @@ static struct vfsmount *nfs_do_root_mount(struct file_system_type *fs_type,
2767 char *root_devname; 2767 char *root_devname;
2768 size_t len; 2768 size_t len;
2769 2769
2770 len = strlen(hostname) + 3; 2770 len = strlen(hostname) + 5;
2771 root_devname = kmalloc(len, GFP_KERNEL); 2771 root_devname = kmalloc(len, GFP_KERNEL);
2772 if (root_devname == NULL) 2772 if (root_devname == NULL)
2773 return ERR_PTR(-ENOMEM); 2773 return ERR_PTR(-ENOMEM);
2774 snprintf(root_devname, len, "%s:/", hostname); 2774 /* Does hostname needs to be enclosed in brackets? */
2775 if (strchr(hostname, ':'))
2776 snprintf(root_devname, len, "[%s]:/", hostname);
2777 else
2778 snprintf(root_devname, len, "%s:/", hostname);
2775 root_mnt = vfs_kern_mount(fs_type, flags, root_devname, data); 2779 root_mnt = vfs_kern_mount(fs_type, flags, root_devname, data);
2776 kfree(root_devname); 2780 kfree(root_devname);
2777 return root_mnt; 2781 return root_mnt;
@@ -2951,7 +2955,7 @@ nfs4_xdev_mount(struct file_system_type *fs_type, int flags,
2951 dprintk("--> nfs4_xdev_mount()\n"); 2955 dprintk("--> nfs4_xdev_mount()\n");
2952 2956
2953 /* create a new volume representation */ 2957 /* create a new volume representation */
2954 server = nfs_clone_server(NFS_SB(data->sb), data->fh, data->fattr); 2958 server = nfs_clone_server(NFS_SB(data->sb), data->fh, data->fattr, data->authflavor);
2955 if (IS_ERR(server)) { 2959 if (IS_ERR(server)) {
2956 error = PTR_ERR(server); 2960 error = PTR_ERR(server);
2957 goto out_err_noserver; 2961 goto out_err_noserver;
diff --git a/fs/nfs/write.c b/fs/nfs/write.c
index 2c68818f68ac..c07462320f6b 100644
--- a/fs/nfs/write.c
+++ b/fs/nfs/write.c
@@ -682,7 +682,8 @@ static struct nfs_page *nfs_try_to_update_request(struct inode *inode,
682 req->wb_bytes = rqend - req->wb_offset; 682 req->wb_bytes = rqend - req->wb_offset;
683out_unlock: 683out_unlock:
684 spin_unlock(&inode->i_lock); 684 spin_unlock(&inode->i_lock);
685 nfs_clear_request_commit(req); 685 if (req)
686 nfs_clear_request_commit(req);
686 return req; 687 return req;
687out_flushme: 688out_flushme:
688 spin_unlock(&inode->i_lock); 689 spin_unlock(&inode->i_lock);
@@ -1018,7 +1019,7 @@ out_bad:
1018 while (!list_empty(res)) { 1019 while (!list_empty(res)) {
1019 data = list_entry(res->next, struct nfs_write_data, list); 1020 data = list_entry(res->next, struct nfs_write_data, list);
1020 list_del(&data->list); 1021 list_del(&data->list);
1021 nfs_writedata_free(data); 1022 nfs_writedata_release(data);
1022 } 1023 }
1023 nfs_redirty_request(req); 1024 nfs_redirty_request(req);
1024 return -ENOMEM; 1025 return -ENOMEM;
diff --git a/fs/nfsd/nfs3xdr.c b/fs/nfsd/nfs3xdr.c
index 08c6e36ab2eb..43f46cd9edea 100644
--- a/fs/nfsd/nfs3xdr.c
+++ b/fs/nfsd/nfs3xdr.c
@@ -803,13 +803,13 @@ encode_entry_baggage(struct nfsd3_readdirres *cd, __be32 *p, const char *name,
803 return p; 803 return p;
804} 804}
805 805
806static int 806static __be32
807compose_entry_fh(struct nfsd3_readdirres *cd, struct svc_fh *fhp, 807compose_entry_fh(struct nfsd3_readdirres *cd, struct svc_fh *fhp,
808 const char *name, int namlen) 808 const char *name, int namlen)
809{ 809{
810 struct svc_export *exp; 810 struct svc_export *exp;
811 struct dentry *dparent, *dchild; 811 struct dentry *dparent, *dchild;
812 int rv = 0; 812 __be32 rv = nfserr_noent;
813 813
814 dparent = cd->fh.fh_dentry; 814 dparent = cd->fh.fh_dentry;
815 exp = cd->fh.fh_export; 815 exp = cd->fh.fh_export;
@@ -817,26 +817,20 @@ compose_entry_fh(struct nfsd3_readdirres *cd, struct svc_fh *fhp,
817 if (isdotent(name, namlen)) { 817 if (isdotent(name, namlen)) {
818 if (namlen == 2) { 818 if (namlen == 2) {
819 dchild = dget_parent(dparent); 819 dchild = dget_parent(dparent);
820 if (dchild == dparent) { 820 /* filesystem root - cannot return filehandle for ".." */
821 /* filesystem root - cannot return filehandle for ".." */ 821 if (dchild == dparent)
822 dput(dchild); 822 goto out;
823 return -ENOENT;
824 }
825 } else 823 } else
826 dchild = dget(dparent); 824 dchild = dget(dparent);
827 } else 825 } else
828 dchild = lookup_one_len(name, dparent, namlen); 826 dchild = lookup_one_len(name, dparent, namlen);
829 if (IS_ERR(dchild)) 827 if (IS_ERR(dchild))
830 return -ENOENT; 828 return rv;
831 rv = -ENOENT;
832 if (d_mountpoint(dchild)) 829 if (d_mountpoint(dchild))
833 goto out; 830 goto out;
834 rv = fh_compose(fhp, exp, dchild, &cd->fh);
835 if (rv)
836 goto out;
837 if (!dchild->d_inode) 831 if (!dchild->d_inode)
838 goto out; 832 goto out;
839 rv = 0; 833 rv = fh_compose(fhp, exp, dchild, &cd->fh);
840out: 834out:
841 dput(dchild); 835 dput(dchild);
842 return rv; 836 return rv;
@@ -845,7 +839,7 @@ out:
845static __be32 *encode_entryplus_baggage(struct nfsd3_readdirres *cd, __be32 *p, const char *name, int namlen) 839static __be32 *encode_entryplus_baggage(struct nfsd3_readdirres *cd, __be32 *p, const char *name, int namlen)
846{ 840{
847 struct svc_fh fh; 841 struct svc_fh fh;
848 int err; 842 __be32 err;
849 843
850 fh_init(&fh, NFS3_FHSIZE); 844 fh_init(&fh, NFS3_FHSIZE);
851 err = compose_entry_fh(cd, &fh, name, namlen); 845 err = compose_entry_fh(cd, &fh, name, namlen);
diff --git a/fs/nfsd/nfs4proc.c b/fs/nfsd/nfs4proc.c
index 2ed14dfd00a2..987e719fbae8 100644
--- a/fs/nfsd/nfs4proc.c
+++ b/fs/nfsd/nfs4proc.c
@@ -235,17 +235,17 @@ do_open_lookup(struct svc_rqst *rqstp, struct svc_fh *current_fh, struct nfsd4_o
235 */ 235 */
236 if (open->op_createmode == NFS4_CREATE_EXCLUSIVE && status == 0) 236 if (open->op_createmode == NFS4_CREATE_EXCLUSIVE && status == 0)
237 open->op_bmval[1] = (FATTR4_WORD1_TIME_ACCESS | 237 open->op_bmval[1] = (FATTR4_WORD1_TIME_ACCESS |
238 FATTR4_WORD1_TIME_MODIFY); 238 FATTR4_WORD1_TIME_MODIFY);
239 } else { 239 } else {
240 status = nfsd_lookup(rqstp, current_fh, 240 status = nfsd_lookup(rqstp, current_fh,
241 open->op_fname.data, open->op_fname.len, resfh); 241 open->op_fname.data, open->op_fname.len, resfh);
242 fh_unlock(current_fh); 242 fh_unlock(current_fh);
243 if (status)
244 goto out;
245 status = nfsd_check_obj_isreg(resfh);
246 } 243 }
247 if (status) 244 if (status)
248 goto out; 245 goto out;
246 status = nfsd_check_obj_isreg(resfh);
247 if (status)
248 goto out;
249 249
250 if (is_create_with_attrs(open) && open->op_acl != NULL) 250 if (is_create_with_attrs(open) && open->op_acl != NULL)
251 do_set_nfs4_acl(rqstp, resfh, open->op_acl, open->op_bmval); 251 do_set_nfs4_acl(rqstp, resfh, open->op_acl, open->op_bmval);
@@ -841,6 +841,7 @@ nfsd4_setattr(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
841 struct nfsd4_setattr *setattr) 841 struct nfsd4_setattr *setattr)
842{ 842{
843 __be32 status = nfs_ok; 843 __be32 status = nfs_ok;
844 int err;
844 845
845 if (setattr->sa_iattr.ia_valid & ATTR_SIZE) { 846 if (setattr->sa_iattr.ia_valid & ATTR_SIZE) {
846 nfs4_lock_state(); 847 nfs4_lock_state();
@@ -852,9 +853,9 @@ nfsd4_setattr(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
852 return status; 853 return status;
853 } 854 }
854 } 855 }
855 status = fh_want_write(&cstate->current_fh); 856 err = fh_want_write(&cstate->current_fh);
856 if (status) 857 if (err)
857 return status; 858 return nfserrno(err);
858 status = nfs_ok; 859 status = nfs_ok;
859 860
860 status = check_attr_support(rqstp, cstate, setattr->sa_bmval, 861 status = check_attr_support(rqstp, cstate, setattr->sa_bmval,
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c
index 4767429264a2..ed3f9206a0ee 100644
--- a/fs/nfsd/nfs4recover.c
+++ b/fs/nfsd/nfs4recover.c
@@ -577,7 +577,7 @@ cld_pipe_downcall(struct file *filp, const char __user *src, size_t mlen)
577 struct cld_net *cn = nn->cld_net; 577 struct cld_net *cn = nn->cld_net;
578 578
579 if (mlen != sizeof(*cmsg)) { 579 if (mlen != sizeof(*cmsg)) {
580 dprintk("%s: got %lu bytes, expected %lu\n", __func__, mlen, 580 dprintk("%s: got %zu bytes, expected %zu\n", __func__, mlen,
581 sizeof(*cmsg)); 581 sizeof(*cmsg));
582 return -EINVAL; 582 return -EINVAL;
583 } 583 }
diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
index 1841f8bf845e..7f71c69cdcdf 100644
--- a/fs/nfsd/nfs4state.c
+++ b/fs/nfsd/nfs4state.c
@@ -4211,16 +4211,14 @@ out:
4211 * vfs_test_lock. (Arguably perhaps test_lock should be done with an 4211 * vfs_test_lock. (Arguably perhaps test_lock should be done with an
4212 * inode operation.) 4212 * inode operation.)
4213 */ 4213 */
4214static int nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock) 4214static __be32 nfsd_test_lock(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file_lock *lock)
4215{ 4215{
4216 struct file *file; 4216 struct file *file;
4217 int err; 4217 __be32 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file);
4218 4218 if (!err) {
4219 err = nfsd_open(rqstp, fhp, S_IFREG, NFSD_MAY_READ, &file); 4219 err = nfserrno(vfs_test_lock(file, lock));
4220 if (err) 4220 nfsd_close(file);
4221 return err; 4221 }
4222 err = vfs_test_lock(file, lock);
4223 nfsd_close(file);
4224 return err; 4222 return err;
4225} 4223}
4226 4224
@@ -4234,7 +4232,6 @@ nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4234 struct inode *inode; 4232 struct inode *inode;
4235 struct file_lock file_lock; 4233 struct file_lock file_lock;
4236 struct nfs4_lockowner *lo; 4234 struct nfs4_lockowner *lo;
4237 int error;
4238 __be32 status; 4235 __be32 status;
4239 4236
4240 if (locks_in_grace()) 4237 if (locks_in_grace())
@@ -4280,12 +4277,10 @@ nfsd4_lockt(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
4280 4277
4281 nfs4_transform_lock_offset(&file_lock); 4278 nfs4_transform_lock_offset(&file_lock);
4282 4279
4283 status = nfs_ok; 4280 status = nfsd_test_lock(rqstp, &cstate->current_fh, &file_lock);
4284 error = nfsd_test_lock(rqstp, &cstate->current_fh, &file_lock); 4281 if (status)
4285 if (error) {
4286 status = nfserrno(error);
4287 goto out; 4282 goto out;
4288 } 4283
4289 if (file_lock.fl_type != F_UNLCK) { 4284 if (file_lock.fl_type != F_UNLCK) {
4290 status = nfserr_denied; 4285 status = nfserr_denied;
4291 nfs4_set_lock_denied(&file_lock, &lockt->lt_denied); 4286 nfs4_set_lock_denied(&file_lock, &lockt->lt_denied);
diff --git a/fs/nfsd/nfs4xdr.c b/fs/nfsd/nfs4xdr.c
index bcd8904ab1e3..74c00bc92b9a 100644
--- a/fs/nfsd/nfs4xdr.c
+++ b/fs/nfsd/nfs4xdr.c
@@ -1392,7 +1392,7 @@ nfsd4_decode_test_stateid(struct nfsd4_compoundargs *argp, struct nfsd4_test_sta
1392 for (i = 0; i < test_stateid->ts_num_ids; i++) { 1392 for (i = 0; i < test_stateid->ts_num_ids; i++) {
1393 stateid = kmalloc(sizeof(struct nfsd4_test_stateid_id), GFP_KERNEL); 1393 stateid = kmalloc(sizeof(struct nfsd4_test_stateid_id), GFP_KERNEL);
1394 if (!stateid) { 1394 if (!stateid) {
1395 status = PTR_ERR(stateid); 1395 status = nfserrno(-ENOMEM);
1396 goto out; 1396 goto out;
1397 } 1397 }
1398 1398
@@ -3410,7 +3410,7 @@ nfsd4_encode_test_stateid(struct nfsd4_compoundres *resp, int nfserr,
3410 *p++ = htonl(test_stateid->ts_num_ids); 3410 *p++ = htonl(test_stateid->ts_num_ids);
3411 3411
3412 list_for_each_entry_safe(stateid, next, &test_stateid->ts_stateid_list, ts_id_list) { 3412 list_for_each_entry_safe(stateid, next, &test_stateid->ts_stateid_list, ts_id_list) {
3413 *p++ = htonl(stateid->ts_id_status); 3413 *p++ = stateid->ts_id_status;
3414 } 3414 }
3415 3415
3416 ADJUST_ARGS(); 3416 ADJUST_ARGS();
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index 296d671654d6..568666156ea4 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -1458,7 +1458,7 @@ do_nfsd_create(struct svc_rqst *rqstp, struct svc_fh *fhp,
1458 switch (createmode) { 1458 switch (createmode) {
1459 case NFS3_CREATE_UNCHECKED: 1459 case NFS3_CREATE_UNCHECKED:
1460 if (! S_ISREG(dchild->d_inode->i_mode)) 1460 if (! S_ISREG(dchild->d_inode->i_mode))
1461 err = nfserr_exist; 1461 goto out;
1462 else if (truncp) { 1462 else if (truncp) {
1463 /* in nfsv4, we need to treat this case a little 1463 /* in nfsv4, we need to treat this case a little
1464 * differently. we don't want to truncate the 1464 * differently. we don't want to truncate the
diff --git a/fs/ocfs2/alloc.c b/fs/ocfs2/alloc.c
index 3165aebb43c8..31b9463fba1f 100644
--- a/fs/ocfs2/alloc.c
+++ b/fs/ocfs2/alloc.c
@@ -1134,7 +1134,7 @@ static int ocfs2_adjust_rightmost_branch(handle_t *handle,
1134 } 1134 }
1135 1135
1136 el = path_leaf_el(path); 1136 el = path_leaf_el(path);
1137 rec = &el->l_recs[le32_to_cpu(el->l_next_free_rec) - 1]; 1137 rec = &el->l_recs[le16_to_cpu(el->l_next_free_rec) - 1];
1138 1138
1139 ocfs2_adjust_rightmost_records(handle, et, path, rec); 1139 ocfs2_adjust_rightmost_records(handle, et, path, rec);
1140 1140
diff --git a/fs/ocfs2/refcounttree.c b/fs/ocfs2/refcounttree.c
index cf7823382664..9f32d7cbb7a3 100644
--- a/fs/ocfs2/refcounttree.c
+++ b/fs/ocfs2/refcounttree.c
@@ -1036,14 +1036,14 @@ static int ocfs2_get_refcount_cpos_end(struct ocfs2_caching_info *ci,
1036 1036
1037 tmp_el = left_path->p_node[subtree_root].el; 1037 tmp_el = left_path->p_node[subtree_root].el;
1038 blkno = left_path->p_node[subtree_root+1].bh->b_blocknr; 1038 blkno = left_path->p_node[subtree_root+1].bh->b_blocknr;
1039 for (i = 0; i < le32_to_cpu(tmp_el->l_next_free_rec); i++) { 1039 for (i = 0; i < le16_to_cpu(tmp_el->l_next_free_rec); i++) {
1040 if (le64_to_cpu(tmp_el->l_recs[i].e_blkno) == blkno) { 1040 if (le64_to_cpu(tmp_el->l_recs[i].e_blkno) == blkno) {
1041 *cpos_end = le32_to_cpu(tmp_el->l_recs[i+1].e_cpos); 1041 *cpos_end = le32_to_cpu(tmp_el->l_recs[i+1].e_cpos);
1042 break; 1042 break;
1043 } 1043 }
1044 } 1044 }
1045 1045
1046 BUG_ON(i == le32_to_cpu(tmp_el->l_next_free_rec)); 1046 BUG_ON(i == le16_to_cpu(tmp_el->l_next_free_rec));
1047 1047
1048out: 1048out:
1049 ocfs2_free_path(left_path); 1049 ocfs2_free_path(left_path);
@@ -1468,7 +1468,7 @@ static int ocfs2_divide_leaf_refcount_block(struct buffer_head *ref_leaf_bh,
1468 1468
1469 trace_ocfs2_divide_leaf_refcount_block( 1469 trace_ocfs2_divide_leaf_refcount_block(
1470 (unsigned long long)ref_leaf_bh->b_blocknr, 1470 (unsigned long long)ref_leaf_bh->b_blocknr,
1471 le32_to_cpu(rl->rl_count), le32_to_cpu(rl->rl_used)); 1471 le16_to_cpu(rl->rl_count), le16_to_cpu(rl->rl_used));
1472 1472
1473 /* 1473 /*
1474 * XXX: Improvement later. 1474 * XXX: Improvement later.
@@ -2411,7 +2411,7 @@ static int ocfs2_calc_refcount_meta_credits(struct super_block *sb,
2411 rb = (struct ocfs2_refcount_block *) 2411 rb = (struct ocfs2_refcount_block *)
2412 prev_bh->b_data; 2412 prev_bh->b_data;
2413 2413
2414 if (le64_to_cpu(rb->rf_records.rl_used) + 2414 if (le16_to_cpu(rb->rf_records.rl_used) +
2415 recs_add > 2415 recs_add >
2416 le16_to_cpu(rb->rf_records.rl_count)) 2416 le16_to_cpu(rb->rf_records.rl_count))
2417 ref_blocks++; 2417 ref_blocks++;
@@ -2476,7 +2476,7 @@ static int ocfs2_calc_refcount_meta_credits(struct super_block *sb,
2476 if (prev_bh) { 2476 if (prev_bh) {
2477 rb = (struct ocfs2_refcount_block *)prev_bh->b_data; 2477 rb = (struct ocfs2_refcount_block *)prev_bh->b_data;
2478 2478
2479 if (le64_to_cpu(rb->rf_records.rl_used) + recs_add > 2479 if (le16_to_cpu(rb->rf_records.rl_used) + recs_add >
2480 le16_to_cpu(rb->rf_records.rl_count)) 2480 le16_to_cpu(rb->rf_records.rl_count))
2481 ref_blocks++; 2481 ref_blocks++;
2482 2482
@@ -3629,7 +3629,7 @@ int ocfs2_refcounted_xattr_delete_need(struct inode *inode,
3629 * one will split a refcount rec, so totally we need 3629 * one will split a refcount rec, so totally we need
3630 * clusters * 2 new refcount rec. 3630 * clusters * 2 new refcount rec.
3631 */ 3631 */
3632 if (le64_to_cpu(rb->rf_records.rl_used) + clusters * 2 > 3632 if (le16_to_cpu(rb->rf_records.rl_used) + clusters * 2 >
3633 le16_to_cpu(rb->rf_records.rl_count)) 3633 le16_to_cpu(rb->rf_records.rl_count))
3634 ref_blocks++; 3634 ref_blocks++;
3635 3635
diff --git a/fs/ocfs2/suballoc.c b/fs/ocfs2/suballoc.c
index ba5d97e4a73e..f169da4624fd 100644
--- a/fs/ocfs2/suballoc.c
+++ b/fs/ocfs2/suballoc.c
@@ -600,7 +600,7 @@ static void ocfs2_bg_alloc_cleanup(handle_t *handle,
600 ret = ocfs2_free_clusters(handle, cluster_ac->ac_inode, 600 ret = ocfs2_free_clusters(handle, cluster_ac->ac_inode,
601 cluster_ac->ac_bh, 601 cluster_ac->ac_bh,
602 le64_to_cpu(rec->e_blkno), 602 le64_to_cpu(rec->e_blkno),
603 le32_to_cpu(rec->e_leaf_clusters)); 603 le16_to_cpu(rec->e_leaf_clusters));
604 if (ret) 604 if (ret)
605 mlog_errno(ret); 605 mlog_errno(ret);
606 /* Try all the clusters to free */ 606 /* Try all the clusters to free */
@@ -1628,7 +1628,7 @@ static int ocfs2_bg_discontig_fix_by_rec(struct ocfs2_suballoc_result *res,
1628{ 1628{
1629 unsigned int bpc = le16_to_cpu(cl->cl_bpc); 1629 unsigned int bpc = le16_to_cpu(cl->cl_bpc);
1630 unsigned int bitoff = le32_to_cpu(rec->e_cpos) * bpc; 1630 unsigned int bitoff = le32_to_cpu(rec->e_cpos) * bpc;
1631 unsigned int bitcount = le32_to_cpu(rec->e_leaf_clusters) * bpc; 1631 unsigned int bitcount = le16_to_cpu(rec->e_leaf_clusters) * bpc;
1632 1632
1633 if (res->sr_bit_offset < bitoff) 1633 if (res->sr_bit_offset < bitoff)
1634 return 0; 1634 return 0;
diff --git a/fs/pipe.c b/fs/pipe.c
index 25feaa3faac0..fec5e4ad071a 100644
--- a/fs/pipe.c
+++ b/fs/pipe.c
@@ -346,6 +346,16 @@ static const struct pipe_buf_operations anon_pipe_buf_ops = {
346 .get = generic_pipe_buf_get, 346 .get = generic_pipe_buf_get,
347}; 347};
348 348
349static const struct pipe_buf_operations packet_pipe_buf_ops = {
350 .can_merge = 0,
351 .map = generic_pipe_buf_map,
352 .unmap = generic_pipe_buf_unmap,
353 .confirm = generic_pipe_buf_confirm,
354 .release = anon_pipe_buf_release,
355 .steal = generic_pipe_buf_steal,
356 .get = generic_pipe_buf_get,
357};
358
349static ssize_t 359static ssize_t
350pipe_read(struct kiocb *iocb, const struct iovec *_iov, 360pipe_read(struct kiocb *iocb, const struct iovec *_iov,
351 unsigned long nr_segs, loff_t pos) 361 unsigned long nr_segs, loff_t pos)
@@ -407,6 +417,13 @@ redo:
407 ret += chars; 417 ret += chars;
408 buf->offset += chars; 418 buf->offset += chars;
409 buf->len -= chars; 419 buf->len -= chars;
420
421 /* Was it a packet buffer? Clean up and exit */
422 if (buf->flags & PIPE_BUF_FLAG_PACKET) {
423 total_len = chars;
424 buf->len = 0;
425 }
426
410 if (!buf->len) { 427 if (!buf->len) {
411 buf->ops = NULL; 428 buf->ops = NULL;
412 ops->release(pipe, buf); 429 ops->release(pipe, buf);
@@ -459,6 +476,11 @@ redo:
459 return ret; 476 return ret;
460} 477}
461 478
479static inline int is_packetized(struct file *file)
480{
481 return (file->f_flags & O_DIRECT) != 0;
482}
483
462static ssize_t 484static ssize_t
463pipe_write(struct kiocb *iocb, const struct iovec *_iov, 485pipe_write(struct kiocb *iocb, const struct iovec *_iov,
464 unsigned long nr_segs, loff_t ppos) 486 unsigned long nr_segs, loff_t ppos)
@@ -593,6 +615,11 @@ redo2:
593 buf->ops = &anon_pipe_buf_ops; 615 buf->ops = &anon_pipe_buf_ops;
594 buf->offset = 0; 616 buf->offset = 0;
595 buf->len = chars; 617 buf->len = chars;
618 buf->flags = 0;
619 if (is_packetized(filp)) {
620 buf->ops = &packet_pipe_buf_ops;
621 buf->flags = PIPE_BUF_FLAG_PACKET;
622 }
596 pipe->nrbufs = ++bufs; 623 pipe->nrbufs = ++bufs;
597 pipe->tmp_page = NULL; 624 pipe->tmp_page = NULL;
598 625
@@ -1013,7 +1040,7 @@ struct file *create_write_pipe(int flags)
1013 goto err_dentry; 1040 goto err_dentry;
1014 f->f_mapping = inode->i_mapping; 1041 f->f_mapping = inode->i_mapping;
1015 1042
1016 f->f_flags = O_WRONLY | (flags & O_NONBLOCK); 1043 f->f_flags = O_WRONLY | (flags & (O_NONBLOCK | O_DIRECT));
1017 f->f_version = 0; 1044 f->f_version = 0;
1018 1045
1019 return f; 1046 return f;
@@ -1057,7 +1084,7 @@ int do_pipe_flags(int *fd, int flags)
1057 int error; 1084 int error;
1058 int fdw, fdr; 1085 int fdw, fdr;
1059 1086
1060 if (flags & ~(O_CLOEXEC | O_NONBLOCK)) 1087 if (flags & ~(O_CLOEXEC | O_NONBLOCK | O_DIRECT))
1061 return -EINVAL; 1088 return -EINVAL;
1062 1089
1063 fw = create_write_pipe(flags); 1090 fw = create_write_pipe(flags);
diff --git a/fs/proc/root.c b/fs/proc/root.c
index 46a15d8a29ca..eed44bfc85db 100644
--- a/fs/proc/root.c
+++ b/fs/proc/root.c
@@ -115,12 +115,13 @@ static struct dentry *proc_mount(struct file_system_type *fs_type,
115 if (IS_ERR(sb)) 115 if (IS_ERR(sb))
116 return ERR_CAST(sb); 116 return ERR_CAST(sb);
117 117
118 if (!proc_parse_options(options, ns)) {
119 deactivate_locked_super(sb);
120 return ERR_PTR(-EINVAL);
121 }
122
118 if (!sb->s_root) { 123 if (!sb->s_root) {
119 sb->s_flags = flags; 124 sb->s_flags = flags;
120 if (!proc_parse_options(options, ns)) {
121 deactivate_locked_super(sb);
122 return ERR_PTR(-EINVAL);
123 }
124 err = proc_fill_super(sb); 125 err = proc_fill_super(sb);
125 if (err) { 126 if (err) {
126 deactivate_locked_super(sb); 127 deactivate_locked_super(sb);
diff --git a/fs/proc/stat.c b/fs/proc/stat.c
index 6a0c62d6e442..64c3b3172367 100644
--- a/fs/proc/stat.c
+++ b/fs/proc/stat.c
@@ -18,19 +18,39 @@
18#ifndef arch_irq_stat 18#ifndef arch_irq_stat
19#define arch_irq_stat() 0 19#define arch_irq_stat() 0
20#endif 20#endif
21#ifndef arch_idle_time 21
22#define arch_idle_time(cpu) 0 22#ifdef arch_idle_time
23#endif 23
24static cputime64_t get_idle_time(int cpu)
25{
26 cputime64_t idle;
27
28 idle = kcpustat_cpu(cpu).cpustat[CPUTIME_IDLE];
29 if (cpu_online(cpu) && !nr_iowait_cpu(cpu))
30 idle += arch_idle_time(cpu);
31 return idle;
32}
33
34static cputime64_t get_iowait_time(int cpu)
35{
36 cputime64_t iowait;
37
38 iowait = kcpustat_cpu(cpu).cpustat[CPUTIME_IOWAIT];
39 if (cpu_online(cpu) && nr_iowait_cpu(cpu))
40 iowait += arch_idle_time(cpu);
41 return iowait;
42}
43
44#else
24 45
25static u64 get_idle_time(int cpu) 46static u64 get_idle_time(int cpu)
26{ 47{
27 u64 idle, idle_time = get_cpu_idle_time_us(cpu, NULL); 48 u64 idle, idle_time = get_cpu_idle_time_us(cpu, NULL);
28 49
29 if (idle_time == -1ULL) { 50 if (idle_time == -1ULL)
30 /* !NO_HZ so we can rely on cpustat.idle */ 51 /* !NO_HZ so we can rely on cpustat.idle */
31 idle = kcpustat_cpu(cpu).cpustat[CPUTIME_IDLE]; 52 idle = kcpustat_cpu(cpu).cpustat[CPUTIME_IDLE];
32 idle += arch_idle_time(cpu); 53 else
33 } else
34 idle = usecs_to_cputime64(idle_time); 54 idle = usecs_to_cputime64(idle_time);
35 55
36 return idle; 56 return idle;
@@ -49,6 +69,8 @@ static u64 get_iowait_time(int cpu)
49 return iowait; 69 return iowait;
50} 70}
51 71
72#endif
73
52static int show_stat(struct seq_file *p, void *v) 74static int show_stat(struct seq_file *p, void *v)
53{ 75{
54 int i, j; 76 int i, j;
diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
index 2b9a7607cbd5..2d60492d6df8 100644
--- a/fs/proc/task_mmu.c
+++ b/fs/proc/task_mmu.c
@@ -597,9 +597,6 @@ static int clear_refs_pte_range(pmd_t *pmd, unsigned long addr,
597 if (!page) 597 if (!page)
598 continue; 598 continue;
599 599
600 if (PageReserved(page))
601 continue;
602
603 /* Clear accessed and referenced bits. */ 600 /* Clear accessed and referenced bits. */
604 ptep_test_and_clear_young(vma, addr, pte); 601 ptep_test_and_clear_young(vma, addr, pte);
605 ClearPageReferenced(page); 602 ClearPageReferenced(page);
diff --git a/fs/pstore/inode.c b/fs/pstore/inode.c
index 50952c9bd06c..19507889bb7f 100644
--- a/fs/pstore/inode.c
+++ b/fs/pstore/inode.c
@@ -52,12 +52,6 @@ struct pstore_private {
52 char data[]; 52 char data[];
53}; 53};
54 54
55static int pstore_file_open(struct inode *inode, struct file *file)
56{
57 file->private_data = inode->i_private;
58 return 0;
59}
60
61static ssize_t pstore_file_read(struct file *file, char __user *userbuf, 55static ssize_t pstore_file_read(struct file *file, char __user *userbuf,
62 size_t count, loff_t *ppos) 56 size_t count, loff_t *ppos)
63{ 57{
@@ -67,7 +61,7 @@ static ssize_t pstore_file_read(struct file *file, char __user *userbuf,
67} 61}
68 62
69static const struct file_operations pstore_file_operations = { 63static const struct file_operations pstore_file_operations = {
70 .open = pstore_file_open, 64 .open = simple_open,
71 .read = pstore_file_read, 65 .read = pstore_file_read,
72 .llseek = default_llseek, 66 .llseek = default_llseek,
73}; 67};
diff --git a/fs/splice.c b/fs/splice.c
index 5f883de7ef3a..f8476841eb04 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -30,6 +30,7 @@
30#include <linux/uio.h> 30#include <linux/uio.h>
31#include <linux/security.h> 31#include <linux/security.h>
32#include <linux/gfp.h> 32#include <linux/gfp.h>
33#include <linux/socket.h>
33 34
34/* 35/*
35 * Attempt to steal a page from a pipe buffer. This should perhaps go into 36 * Attempt to steal a page from a pipe buffer. This should perhaps go into
@@ -690,7 +691,9 @@ static int pipe_to_sendpage(struct pipe_inode_info *pipe,
690 if (!likely(file->f_op && file->f_op->sendpage)) 691 if (!likely(file->f_op && file->f_op->sendpage))
691 return -EINVAL; 692 return -EINVAL;
692 693
693 more = (sd->flags & SPLICE_F_MORE) || sd->len < sd->total_len; 694 more = (sd->flags & SPLICE_F_MORE) ? MSG_MORE : 0;
695 if (sd->len < sd->total_len)
696 more |= MSG_SENDPAGE_NOTLAST;
694 return file->f_op->sendpage(file, buf->page, buf->offset, 697 return file->f_op->sendpage(file, buf->page, buf->offset,
695 sd->len, &pos, more); 698 sd->len, &pos, more);
696} 699}
diff --git a/fs/sysfs/dir.c b/fs/sysfs/dir.c
index 2a7a3f5d1ca6..35a36d39fa2c 100644
--- a/fs/sysfs/dir.c
+++ b/fs/sysfs/dir.c
@@ -729,6 +729,9 @@ int sysfs_create_dir(struct kobject * kobj)
729 else 729 else
730 parent_sd = &sysfs_root; 730 parent_sd = &sysfs_root;
731 731
732 if (!parent_sd)
733 return -ENOENT;
734
732 if (sysfs_ns_type(parent_sd)) 735 if (sysfs_ns_type(parent_sd))
733 ns = kobj->ktype->namespace(kobj); 736 ns = kobj->ktype->namespace(kobj);
734 type = sysfs_read_ns_type(kobj); 737 type = sysfs_read_ns_type(kobj);
@@ -878,7 +881,6 @@ int sysfs_rename(struct sysfs_dirent *sd,
878 881
879 dup_name = sd->s_name; 882 dup_name = sd->s_name;
880 sd->s_name = new_name; 883 sd->s_name = new_name;
881 sd->s_hash = sysfs_name_hash(sd->s_ns, sd->s_name);
882 } 884 }
883 885
884 /* Move to the appropriate place in the appropriate directories rbtree. */ 886 /* Move to the appropriate place in the appropriate directories rbtree. */
@@ -886,6 +888,7 @@ int sysfs_rename(struct sysfs_dirent *sd,
886 sysfs_get(new_parent_sd); 888 sysfs_get(new_parent_sd);
887 sysfs_put(sd->s_parent); 889 sysfs_put(sd->s_parent);
888 sd->s_ns = new_ns; 890 sd->s_ns = new_ns;
891 sd->s_hash = sysfs_name_hash(sd->s_ns, sd->s_name);
889 sd->s_parent = new_parent_sd; 892 sd->s_parent = new_parent_sd;
890 sysfs_link_sibling(sd); 893 sysfs_link_sibling(sd);
891 894
diff --git a/fs/sysfs/group.c b/fs/sysfs/group.c
index dd1701caecc9..2df555c66d57 100644
--- a/fs/sysfs/group.c
+++ b/fs/sysfs/group.c
@@ -67,7 +67,11 @@ static int internal_create_group(struct kobject *kobj, int update,
67 /* Updates may happen before the object has been instantiated */ 67 /* Updates may happen before the object has been instantiated */
68 if (unlikely(update && !kobj->sd)) 68 if (unlikely(update && !kobj->sd))
69 return -EINVAL; 69 return -EINVAL;
70 70 if (!grp->attrs) {
71 WARN(1, "sysfs: attrs not set by subsystem for group: %s/%s\n",
72 kobj->name, grp->name ? "" : grp->name);
73 return -EINVAL;
74 }
71 if (grp->name) { 75 if (grp->name) {
72 error = sysfs_create_subdir(kobj, grp->name, &sd); 76 error = sysfs_create_subdir(kobj, grp->name, &sd);
73 if (error) 77 if (error)
diff --git a/fs/xattr.c b/fs/xattr.c
index d6dfd247bb2f..3c8c1cc333c7 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -19,8 +19,9 @@
19#include <linux/export.h> 19#include <linux/export.h>
20#include <linux/fsnotify.h> 20#include <linux/fsnotify.h>
21#include <linux/audit.h> 21#include <linux/audit.h>
22#include <asm/uaccess.h> 22#include <linux/vmalloc.h>
23 23
24#include <asm/uaccess.h>
24 25
25/* 26/*
26 * Check permissions for extended attribute access. This is a bit complicated 27 * Check permissions for extended attribute access. This is a bit complicated
@@ -320,6 +321,7 @@ setxattr(struct dentry *d, const char __user *name, const void __user *value,
320{ 321{
321 int error; 322 int error;
322 void *kvalue = NULL; 323 void *kvalue = NULL;
324 void *vvalue = NULL; /* If non-NULL, we used vmalloc() */
323 char kname[XATTR_NAME_MAX + 1]; 325 char kname[XATTR_NAME_MAX + 1];
324 326
325 if (flags & ~(XATTR_CREATE|XATTR_REPLACE)) 327 if (flags & ~(XATTR_CREATE|XATTR_REPLACE))
@@ -334,13 +336,25 @@ setxattr(struct dentry *d, const char __user *name, const void __user *value,
334 if (size) { 336 if (size) {
335 if (size > XATTR_SIZE_MAX) 337 if (size > XATTR_SIZE_MAX)
336 return -E2BIG; 338 return -E2BIG;
337 kvalue = memdup_user(value, size); 339 kvalue = kmalloc(size, GFP_KERNEL | __GFP_NOWARN);
338 if (IS_ERR(kvalue)) 340 if (!kvalue) {
339 return PTR_ERR(kvalue); 341 vvalue = vmalloc(size);
342 if (!vvalue)
343 return -ENOMEM;
344 kvalue = vvalue;
345 }
346 if (copy_from_user(kvalue, value, size)) {
347 error = -EFAULT;
348 goto out;
349 }
340 } 350 }
341 351
342 error = vfs_setxattr(d, kname, kvalue, size, flags); 352 error = vfs_setxattr(d, kname, kvalue, size, flags);
343 kfree(kvalue); 353out:
354 if (vvalue)
355 vfree(vvalue);
356 else
357 kfree(kvalue);
344 return error; 358 return error;
345} 359}
346 360
@@ -492,13 +506,18 @@ listxattr(struct dentry *d, char __user *list, size_t size)
492{ 506{
493 ssize_t error; 507 ssize_t error;
494 char *klist = NULL; 508 char *klist = NULL;
509 char *vlist = NULL; /* If non-NULL, we used vmalloc() */
495 510
496 if (size) { 511 if (size) {
497 if (size > XATTR_LIST_MAX) 512 if (size > XATTR_LIST_MAX)
498 size = XATTR_LIST_MAX; 513 size = XATTR_LIST_MAX;
499 klist = kmalloc(size, GFP_KERNEL); 514 klist = kmalloc(size, __GFP_NOWARN | GFP_KERNEL);
500 if (!klist) 515 if (!klist) {
501 return -ENOMEM; 516 vlist = vmalloc(size);
517 if (!vlist)
518 return -ENOMEM;
519 klist = vlist;
520 }
502 } 521 }
503 522
504 error = vfs_listxattr(d, klist, size); 523 error = vfs_listxattr(d, klist, size);
@@ -510,7 +529,10 @@ listxattr(struct dentry *d, char __user *list, size_t size)
510 than XATTR_LIST_MAX bytes. Not possible. */ 529 than XATTR_LIST_MAX bytes. Not possible. */
511 error = -E2BIG; 530 error = -E2BIG;
512 } 531 }
513 kfree(klist); 532 if (vlist)
533 vfree(vlist);
534 else
535 kfree(klist);
514 return error; 536 return error;
515} 537}
516 538
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-26 22:32:56 -0500