aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
Diffstat (limited to 'fs')
-rw-r--r--fs/aio.c1
-rw-r--r--fs/compat.c4
-rw-r--r--fs/dcache.c3
-rw-r--r--fs/eventpoll.c40
-rw-r--r--fs/exec.c10
-rw-r--r--fs/fat/file.c37
-rw-r--r--fs/fat/inode.c26
-rw-r--r--fs/file.c10
-rw-r--r--fs/locks.c3
-rw-r--r--fs/ntfs/ChangeLog2
-rw-r--r--fs/ntfs/aops.c122
-rw-r--r--fs/ntfs/inode.c9
-rw-r--r--fs/ntfs/malloc.h2
-rw-r--r--fs/ntfs/runlist.c169
-rw-r--r--fs/proc/array.c3
-rw-r--r--fs/proc/base.c84
16 files changed, 321 insertions, 204 deletions
diff --git a/fs/aio.c b/fs/aio.c
index 38f62680fd63..0e11e31dbb77 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -562,6 +562,7 @@ static inline void lock_kiocb(struct kiocb *iocb)
562static inline void unlock_kiocb(struct kiocb *iocb) 562static inline void unlock_kiocb(struct kiocb *iocb)
563{ 563{
564 kiocbClearLocked(iocb); 564 kiocbClearLocked(iocb);
565 smp_mb__after_clear_bit();
565 wake_up_bit(&iocb->ki_flags, KIF_LOCKED); 566 wake_up_bit(&iocb->ki_flags, KIF_LOCKED);
566} 567}
567 568
diff --git a/fs/compat.c b/fs/compat.c
index ac3fb9ed8eea..a719e158e002 100644
--- a/fs/compat.c
+++ b/fs/compat.c
@@ -44,6 +44,8 @@
44#include <linux/nfsd/syscall.h> 44#include <linux/nfsd/syscall.h>
45#include <linux/personality.h> 45#include <linux/personality.h>
46#include <linux/rwsem.h> 46#include <linux/rwsem.h>
47#include <linux/acct.h>
48#include <linux/mm.h>
47 49
48#include <net/sock.h> /* siocdevprivate_ioctl */ 50#include <net/sock.h> /* siocdevprivate_ioctl */
49 51
@@ -1487,6 +1489,8 @@ int compat_do_execve(char * filename,
1487 1489
1488 /* execve success */ 1490 /* execve success */
1489 security_bprm_free(bprm); 1491 security_bprm_free(bprm);
1492 acct_update_integrals(current);
1493 update_mem_hiwater(current);
1490 kfree(bprm); 1494 kfree(bprm);
1491 return retval; 1495 return retval;
1492 } 1496 }
diff --git a/fs/dcache.c b/fs/dcache.c
index 7376b61269fb..fb10386c59be 100644
--- a/fs/dcache.c
+++ b/fs/dcache.c
@@ -102,7 +102,8 @@ static inline void dentry_iput(struct dentry * dentry)
102 list_del_init(&dentry->d_alias); 102 list_del_init(&dentry->d_alias);
103 spin_unlock(&dentry->d_lock); 103 spin_unlock(&dentry->d_lock);
104 spin_unlock(&dcache_lock); 104 spin_unlock(&dcache_lock);
105 fsnotify_inoderemove(inode); 105 if (!inode->i_nlink)
106 fsnotify_inoderemove(inode);
106 if (dentry->d_op && dentry->d_op->d_iput) 107 if (dentry->d_op && dentry->d_op->d_iput)
107 dentry->d_op->d_iput(dentry, inode); 108 dentry->d_op->d_iput(dentry, inode);
108 else 109 else
diff --git a/fs/eventpoll.c b/fs/eventpoll.c
index 6ab1dd0ca904..403b90a1213d 100644
--- a/fs/eventpoll.c
+++ b/fs/eventpoll.c
@@ -231,8 +231,9 @@ struct ep_pqueue {
231 231
232static void ep_poll_safewake_init(struct poll_safewake *psw); 232static void ep_poll_safewake_init(struct poll_safewake *psw);
233static void ep_poll_safewake(struct poll_safewake *psw, wait_queue_head_t *wq); 233static void ep_poll_safewake(struct poll_safewake *psw, wait_queue_head_t *wq);
234static int ep_getfd(int *efd, struct inode **einode, struct file **efile); 234static int ep_getfd(int *efd, struct inode **einode, struct file **efile,
235static int ep_file_init(struct file *file); 235 struct eventpoll *ep);
236static int ep_alloc(struct eventpoll **pep);
236static void ep_free(struct eventpoll *ep); 237static void ep_free(struct eventpoll *ep);
237static struct epitem *ep_find(struct eventpoll *ep, struct file *file, int fd); 238static struct epitem *ep_find(struct eventpoll *ep, struct file *file, int fd);
238static void ep_use_epitem(struct epitem *epi); 239static void ep_use_epitem(struct epitem *epi);
@@ -501,38 +502,37 @@ void eventpoll_release_file(struct file *file)
501asmlinkage long sys_epoll_create(int size) 502asmlinkage long sys_epoll_create(int size)
502{ 503{
503 int error, fd; 504 int error, fd;
505 struct eventpoll *ep;
504 struct inode *inode; 506 struct inode *inode;
505 struct file *file; 507 struct file *file;
506 508
507 DNPRINTK(3, (KERN_INFO "[%p] eventpoll: sys_epoll_create(%d)\n", 509 DNPRINTK(3, (KERN_INFO "[%p] eventpoll: sys_epoll_create(%d)\n",
508 current, size)); 510 current, size));
509 511
510 /* Sanity check on the size parameter */ 512 /*
513 * Sanity check on the size parameter, and create the internal data
514 * structure ( "struct eventpoll" ).
515 */
511 error = -EINVAL; 516 error = -EINVAL;
512 if (size <= 0) 517 if (size <= 0 || (error = ep_alloc(&ep)) != 0)
513 goto eexit_1; 518 goto eexit_1;
514 519
515 /* 520 /*
516 * Creates all the items needed to setup an eventpoll file. That is, 521 * Creates all the items needed to setup an eventpoll file. That is,
517 * a file structure, and inode and a free file descriptor. 522 * a file structure, and inode and a free file descriptor.
518 */ 523 */
519 error = ep_getfd(&fd, &inode, &file); 524 error = ep_getfd(&fd, &inode, &file, ep);
520 if (error)
521 goto eexit_1;
522
523 /* Setup the file internal data structure ( "struct eventpoll" ) */
524 error = ep_file_init(file);
525 if (error) 525 if (error)
526 goto eexit_2; 526 goto eexit_2;
527 527
528
529 DNPRINTK(3, (KERN_INFO "[%p] eventpoll: sys_epoll_create(%d) = %d\n", 528 DNPRINTK(3, (KERN_INFO "[%p] eventpoll: sys_epoll_create(%d) = %d\n",
530 current, size, fd)); 529 current, size, fd));
531 530
532 return fd; 531 return fd;
533 532
534eexit_2: 533eexit_2:
535 sys_close(fd); 534 ep_free(ep);
535 kfree(ep);
536eexit_1: 536eexit_1:
537 DNPRINTK(3, (KERN_INFO "[%p] eventpoll: sys_epoll_create(%d) = %d\n", 537 DNPRINTK(3, (KERN_INFO "[%p] eventpoll: sys_epoll_create(%d) = %d\n",
538 current, size, error)); 538 current, size, error));
@@ -706,7 +706,8 @@ eexit_1:
706/* 706/*
707 * Creates the file descriptor to be used by the epoll interface. 707 * Creates the file descriptor to be used by the epoll interface.
708 */ 708 */
709static int ep_getfd(int *efd, struct inode **einode, struct file **efile) 709static int ep_getfd(int *efd, struct inode **einode, struct file **efile,
710 struct eventpoll *ep)
710{ 711{
711 struct qstr this; 712 struct qstr this;
712 char name[32]; 713 char name[32];
@@ -756,7 +757,7 @@ static int ep_getfd(int *efd, struct inode **einode, struct file **efile)
756 file->f_op = &eventpoll_fops; 757 file->f_op = &eventpoll_fops;
757 file->f_mode = FMODE_READ; 758 file->f_mode = FMODE_READ;
758 file->f_version = 0; 759 file->f_version = 0;
759 file->private_data = NULL; 760 file->private_data = ep;
760 761
761 /* Install the new setup file into the allocated fd. */ 762 /* Install the new setup file into the allocated fd. */
762 fd_install(fd, file); 763 fd_install(fd, file);
@@ -777,14 +778,13 @@ eexit_1:
777} 778}
778 779
779 780
780static int ep_file_init(struct file *file) 781static int ep_alloc(struct eventpoll **pep)
781{ 782{
782 struct eventpoll *ep; 783 struct eventpoll *ep = kzalloc(sizeof(*ep), GFP_KERNEL);
783 784
784 if (!(ep = kmalloc(sizeof(struct eventpoll), GFP_KERNEL))) 785 if (!ep)
785 return -ENOMEM; 786 return -ENOMEM;
786 787
787 memset(ep, 0, sizeof(*ep));
788 rwlock_init(&ep->lock); 788 rwlock_init(&ep->lock);
789 init_rwsem(&ep->sem); 789 init_rwsem(&ep->sem);
790 init_waitqueue_head(&ep->wq); 790 init_waitqueue_head(&ep->wq);
@@ -792,9 +792,9 @@ static int ep_file_init(struct file *file)
792 INIT_LIST_HEAD(&ep->rdllist); 792 INIT_LIST_HEAD(&ep->rdllist);
793 ep->rbr = RB_ROOT; 793 ep->rbr = RB_ROOT;
794 794
795 file->private_data = ep; 795 *pep = ep;
796 796
797 DNPRINTK(3, (KERN_INFO "[%p] eventpoll: ep_file_init() ep=%p\n", 797 DNPRINTK(3, (KERN_INFO "[%p] eventpoll: ep_alloc() ep=%p\n",
798 current, ep)); 798 current, ep));
799 return 0; 799 return 0;
800} 800}
diff --git a/fs/exec.c b/fs/exec.c
index 14dd03907ccb..a04a575ad433 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -421,11 +421,6 @@ int setup_arg_pages(struct linux_binprm *bprm,
421 if (!mpnt) 421 if (!mpnt)
422 return -ENOMEM; 422 return -ENOMEM;
423 423
424 if (security_vm_enough_memory(arg_size >> PAGE_SHIFT)) {
425 kmem_cache_free(vm_area_cachep, mpnt);
426 return -ENOMEM;
427 }
428
429 memset(mpnt, 0, sizeof(*mpnt)); 424 memset(mpnt, 0, sizeof(*mpnt));
430 425
431 down_write(&mm->mmap_sem); 426 down_write(&mm->mmap_sem);
@@ -745,8 +740,8 @@ static inline int de_thread(struct task_struct *tsk)
745 } 740 }
746 741
747 /* 742 /*
748 * Now there are really no other threads at all, 743 * There may be one thread left which is just exiting,
749 * so it's safe to stop telling them to kill themselves. 744 * but it's safe to stop telling the group to kill themselves.
750 */ 745 */
751 sig->flags = 0; 746 sig->flags = 0;
752 747
@@ -785,7 +780,6 @@ no_thread_group:
785 kmem_cache_free(sighand_cachep, oldsighand); 780 kmem_cache_free(sighand_cachep, oldsighand);
786 } 781 }
787 782
788 BUG_ON(!thread_group_empty(current));
789 BUG_ON(!thread_group_leader(current)); 783 BUG_ON(!thread_group_leader(current));
790 return 0; 784 return 0;
791} 785}
diff --git a/fs/fat/file.c b/fs/fat/file.c
index 62ffa9139400..7134403d5be2 100644
--- a/fs/fat/file.c
+++ b/fs/fat/file.c
@@ -12,39 +12,6 @@
12#include <linux/smp_lock.h> 12#include <linux/smp_lock.h>
13#include <linux/buffer_head.h> 13#include <linux/buffer_head.h>
14 14
15static ssize_t fat_file_aio_write(struct kiocb *iocb, const char __user *buf,
16 size_t count, loff_t pos)
17{
18 struct inode *inode = iocb->ki_filp->f_dentry->d_inode;
19 int retval;
20
21 retval = generic_file_aio_write(iocb, buf, count, pos);
22 if (retval > 0) {
23 inode->i_mtime = inode->i_ctime = CURRENT_TIME_SEC;
24 MSDOS_I(inode)->i_attrs |= ATTR_ARCH;
25 mark_inode_dirty(inode);
26// check the locking rules
27// if (IS_SYNC(inode))
28// fat_sync_inode(inode);
29 }
30 return retval;
31}
32
33static ssize_t fat_file_writev(struct file *filp, const struct iovec *iov,
34 unsigned long nr_segs, loff_t *ppos)
35{
36 struct inode *inode = filp->f_dentry->d_inode;
37 int retval;
38
39 retval = generic_file_writev(filp, iov, nr_segs, ppos);
40 if (retval > 0) {
41 inode->i_mtime = inode->i_ctime = CURRENT_TIME_SEC;
42 MSDOS_I(inode)->i_attrs |= ATTR_ARCH;
43 mark_inode_dirty(inode);
44 }
45 return retval;
46}
47
48int fat_generic_ioctl(struct inode *inode, struct file *filp, 15int fat_generic_ioctl(struct inode *inode, struct file *filp,
49 unsigned int cmd, unsigned long arg) 16 unsigned int cmd, unsigned long arg)
50{ 17{
@@ -148,9 +115,9 @@ struct file_operations fat_file_operations = {
148 .read = do_sync_read, 115 .read = do_sync_read,
149 .write = do_sync_write, 116 .write = do_sync_write,
150 .readv = generic_file_readv, 117 .readv = generic_file_readv,
151 .writev = fat_file_writev, 118 .writev = generic_file_writev,
152 .aio_read = generic_file_aio_read, 119 .aio_read = generic_file_aio_read,
153 .aio_write = fat_file_aio_write, 120 .aio_write = generic_file_aio_write,
154 .mmap = generic_file_mmap, 121 .mmap = generic_file_mmap,
155 .ioctl = fat_generic_ioctl, 122 .ioctl = fat_generic_ioctl,
156 .fsync = file_fsync, 123 .fsync = file_fsync,
diff --git a/fs/fat/inode.c b/fs/fat/inode.c
index a7cbe68e2259..e2effe2dc9b2 100644
--- a/fs/fat/inode.c
+++ b/fs/fat/inode.c
@@ -102,6 +102,19 @@ static int fat_prepare_write(struct file *file, struct page *page,
102 &MSDOS_I(page->mapping->host)->mmu_private); 102 &MSDOS_I(page->mapping->host)->mmu_private);
103} 103}
104 104
105static int fat_commit_write(struct file *file, struct page *page,
106 unsigned from, unsigned to)
107{
108 struct inode *inode = page->mapping->host;
109 int err = generic_commit_write(file, page, from, to);
110 if (!err && !(MSDOS_I(inode)->i_attrs & ATTR_ARCH)) {
111 inode->i_mtime = inode->i_ctime = CURRENT_TIME_SEC;
112 MSDOS_I(inode)->i_attrs |= ATTR_ARCH;
113 mark_inode_dirty(inode);
114 }
115 return err;
116}
117
105static sector_t _fat_bmap(struct address_space *mapping, sector_t block) 118static sector_t _fat_bmap(struct address_space *mapping, sector_t block)
106{ 119{
107 return generic_block_bmap(mapping, block, fat_get_block); 120 return generic_block_bmap(mapping, block, fat_get_block);
@@ -112,7 +125,7 @@ static struct address_space_operations fat_aops = {
112 .writepage = fat_writepage, 125 .writepage = fat_writepage,
113 .sync_page = block_sync_page, 126 .sync_page = block_sync_page,
114 .prepare_write = fat_prepare_write, 127 .prepare_write = fat_prepare_write,
115 .commit_write = generic_commit_write, 128 .commit_write = fat_commit_write,
116 .bmap = _fat_bmap 129 .bmap = _fat_bmap
117}; 130};
118 131
@@ -287,9 +300,9 @@ static int fat_fill_inode(struct inode *inode, struct msdos_dir_entry *de)
287 inode->i_blksize = sbi->cluster_size; 300 inode->i_blksize = sbi->cluster_size;
288 inode->i_blocks = ((inode->i_size + (sbi->cluster_size - 1)) 301 inode->i_blocks = ((inode->i_size + (sbi->cluster_size - 1))
289 & ~((loff_t)sbi->cluster_size - 1)) >> 9; 302 & ~((loff_t)sbi->cluster_size - 1)) >> 9;
290 inode->i_mtime.tv_sec = inode->i_atime.tv_sec = 303 inode->i_mtime.tv_sec =
291 date_dos2unix(le16_to_cpu(de->time), le16_to_cpu(de->date)); 304 date_dos2unix(le16_to_cpu(de->time), le16_to_cpu(de->date));
292 inode->i_mtime.tv_nsec = inode->i_atime.tv_nsec = 0; 305 inode->i_mtime.tv_nsec = 0;
293 if (sbi->options.isvfat) { 306 if (sbi->options.isvfat) {
294 int secs = de->ctime_cs / 100; 307 int secs = de->ctime_cs / 100;
295 int csecs = de->ctime_cs % 100; 308 int csecs = de->ctime_cs % 100;
@@ -297,8 +310,11 @@ static int fat_fill_inode(struct inode *inode, struct msdos_dir_entry *de)
297 date_dos2unix(le16_to_cpu(de->ctime), 310 date_dos2unix(le16_to_cpu(de->ctime),
298 le16_to_cpu(de->cdate)) + secs; 311 le16_to_cpu(de->cdate)) + secs;
299 inode->i_ctime.tv_nsec = csecs * 10000000; 312 inode->i_ctime.tv_nsec = csecs * 10000000;
313 inode->i_atime.tv_sec =
314 date_dos2unix(le16_to_cpu(0), le16_to_cpu(de->adate));
315 inode->i_atime.tv_nsec = 0;
300 } else 316 } else
301 inode->i_ctime = inode->i_mtime; 317 inode->i_ctime = inode->i_atime = inode->i_mtime;
302 318
303 return 0; 319 return 0;
304} 320}
@@ -500,7 +516,9 @@ retry:
500 raw_entry->starthi = cpu_to_le16(MSDOS_I(inode)->i_logstart >> 16); 516 raw_entry->starthi = cpu_to_le16(MSDOS_I(inode)->i_logstart >> 16);
501 fat_date_unix2dos(inode->i_mtime.tv_sec, &raw_entry->time, &raw_entry->date); 517 fat_date_unix2dos(inode->i_mtime.tv_sec, &raw_entry->time, &raw_entry->date);
502 if (sbi->options.isvfat) { 518 if (sbi->options.isvfat) {
519 __le16 atime;
503 fat_date_unix2dos(inode->i_ctime.tv_sec,&raw_entry->ctime,&raw_entry->cdate); 520 fat_date_unix2dos(inode->i_ctime.tv_sec,&raw_entry->ctime,&raw_entry->cdate);
521 fat_date_unix2dos(inode->i_atime.tv_sec,&atime,&raw_entry->adate);
504 raw_entry->ctime_cs = (inode->i_ctime.tv_sec & 1) * 100 + 522 raw_entry->ctime_cs = (inode->i_ctime.tv_sec & 1) * 100 +
505 inode->i_ctime.tv_nsec / 10000000; 523 inode->i_ctime.tv_nsec / 10000000;
506 } 524 }
diff --git a/fs/file.c b/fs/file.c
index 2127a7b9dc3a..fd066b261c75 100644
--- a/fs/file.c
+++ b/fs/file.c
@@ -69,13 +69,9 @@ void free_fd_array(struct file **array, int num)
69 69
70static void __free_fdtable(struct fdtable *fdt) 70static void __free_fdtable(struct fdtable *fdt)
71{ 71{
72 int fdset_size, fdarray_size; 72 free_fdset(fdt->open_fds, fdt->max_fdset);
73 73 free_fdset(fdt->close_on_exec, fdt->max_fdset);
74 fdset_size = fdt->max_fdset / 8; 74 free_fd_array(fdt->fd, fdt->max_fds);
75 fdarray_size = fdt->max_fds * sizeof(struct file *);
76 free_fdset(fdt->open_fds, fdset_size);
77 free_fdset(fdt->close_on_exec, fdset_size);
78 free_fd_array(fdt->fd, fdarray_size);
79 kfree(fdt); 75 kfree(fdt);
80} 76}
81 77
diff --git a/fs/locks.c b/fs/locks.c
index c2c09b4798d6..f7daa5f48949 100644
--- a/fs/locks.c
+++ b/fs/locks.c
@@ -124,6 +124,7 @@
124#include <linux/smp_lock.h> 124#include <linux/smp_lock.h>
125#include <linux/syscalls.h> 125#include <linux/syscalls.h>
126#include <linux/time.h> 126#include <linux/time.h>
127#include <linux/rcupdate.h>
127 128
128#include <asm/semaphore.h> 129#include <asm/semaphore.h>
129#include <asm/uaccess.h> 130#include <asm/uaccess.h>
@@ -2205,6 +2206,7 @@ void steal_locks(fl_owner_t from)
2205 2206
2206 lock_kernel(); 2207 lock_kernel();
2207 j = 0; 2208 j = 0;
2209 rcu_read_lock();
2208 fdt = files_fdtable(files); 2210 fdt = files_fdtable(files);
2209 for (;;) { 2211 for (;;) {
2210 unsigned long set; 2212 unsigned long set;
@@ -2222,6 +2224,7 @@ void steal_locks(fl_owner_t from)
2222 set >>= 1; 2224 set >>= 1;
2223 } 2225 }
2224 } 2226 }
2227 rcu_read_unlock();
2225 unlock_kernel(); 2228 unlock_kernel();
2226} 2229}
2227EXPORT_SYMBOL(steal_locks); 2230EXPORT_SYMBOL(steal_locks);
diff --git a/fs/ntfs/ChangeLog b/fs/ntfs/ChangeLog
index 49eafbdb15c1..c7e9237379c2 100644
--- a/fs/ntfs/ChangeLog
+++ b/fs/ntfs/ChangeLog
@@ -92,6 +92,8 @@ ToDo/Notes:
92 an octal number to conform to how chmod(1) works, too. Thanks to 92 an octal number to conform to how chmod(1) works, too. Thanks to
93 Giuseppe Bilotta and Horst von Brand for pointing out the errors of 93 Giuseppe Bilotta and Horst von Brand for pointing out the errors of
94 my ways. 94 my ways.
95 - Fix various bugs in the runlist merging code. (Based on libntfs
96 changes by Richard Russon.)
95 97
962.1.23 - Implement extension of resident files and make writing safe as well as 982.1.23 - Implement extension of resident files and make writing safe as well as
97 many bug fixes, cleanups, and enhancements... 99 many bug fixes, cleanups, and enhancements...
diff --git a/fs/ntfs/aops.c b/fs/ntfs/aops.c
index b6cc8cf24626..5e80c07c6a4d 100644
--- a/fs/ntfs/aops.c
+++ b/fs/ntfs/aops.c
@@ -59,39 +59,49 @@ static void ntfs_end_buffer_async_read(struct buffer_head *bh, int uptodate)
59 unsigned long flags; 59 unsigned long flags;
60 struct buffer_head *first, *tmp; 60 struct buffer_head *first, *tmp;
61 struct page *page; 61 struct page *page;
62 struct inode *vi;
62 ntfs_inode *ni; 63 ntfs_inode *ni;
63 int page_uptodate = 1; 64 int page_uptodate = 1;
64 65
65 page = bh->b_page; 66 page = bh->b_page;
66 ni = NTFS_I(page->mapping->host); 67 vi = page->mapping->host;
68 ni = NTFS_I(vi);
67 69
68 if (likely(uptodate)) { 70 if (likely(uptodate)) {
69 s64 file_ofs, initialized_size; 71 loff_t i_size;
72 s64 file_ofs, init_size;
70 73
71 set_buffer_uptodate(bh); 74 set_buffer_uptodate(bh);
72 75
73 file_ofs = ((s64)page->index << PAGE_CACHE_SHIFT) + 76 file_ofs = ((s64)page->index << PAGE_CACHE_SHIFT) +
74 bh_offset(bh); 77 bh_offset(bh);
75 read_lock_irqsave(&ni->size_lock, flags); 78 read_lock_irqsave(&ni->size_lock, flags);
76 initialized_size = ni->initialized_size; 79 init_size = ni->initialized_size;
80 i_size = i_size_read(vi);
77 read_unlock_irqrestore(&ni->size_lock, flags); 81 read_unlock_irqrestore(&ni->size_lock, flags);
82 if (unlikely(init_size > i_size)) {
83 /* Race with shrinking truncate. */
84 init_size = i_size;
85 }
78 /* Check for the current buffer head overflowing. */ 86 /* Check for the current buffer head overflowing. */
79 if (file_ofs + bh->b_size > initialized_size) { 87 if (unlikely(file_ofs + bh->b_size > init_size)) {
80 char *addr; 88 u8 *kaddr;
81 int ofs = 0; 89 int ofs;
82 90
83 if (file_ofs < initialized_size) 91 ofs = 0;
84 ofs = initialized_size - file_ofs; 92 if (file_ofs < init_size)
85 addr = kmap_atomic(page, KM_BIO_SRC_IRQ); 93 ofs = init_size - file_ofs;
86 memset(addr + bh_offset(bh) + ofs, 0, bh->b_size - ofs); 94 kaddr = kmap_atomic(page, KM_BIO_SRC_IRQ);
95 memset(kaddr + bh_offset(bh) + ofs, 0,
96 bh->b_size - ofs);
97 kunmap_atomic(kaddr, KM_BIO_SRC_IRQ);
87 flush_dcache_page(page); 98 flush_dcache_page(page);
88 kunmap_atomic(addr, KM_BIO_SRC_IRQ);
89 } 99 }
90 } else { 100 } else {
91 clear_buffer_uptodate(bh); 101 clear_buffer_uptodate(bh);
92 SetPageError(page); 102 SetPageError(page);
93 ntfs_error(ni->vol->sb, "Buffer I/O error, logical block %llu.", 103 ntfs_error(ni->vol->sb, "Buffer I/O error, logical block "
94 (unsigned long long)bh->b_blocknr); 104 "0x%llx.", (unsigned long long)bh->b_blocknr);
95 } 105 }
96 first = page_buffers(page); 106 first = page_buffers(page);
97 local_irq_save(flags); 107 local_irq_save(flags);
@@ -124,7 +134,7 @@ static void ntfs_end_buffer_async_read(struct buffer_head *bh, int uptodate)
124 if (likely(page_uptodate && !PageError(page))) 134 if (likely(page_uptodate && !PageError(page)))
125 SetPageUptodate(page); 135 SetPageUptodate(page);
126 } else { 136 } else {
127 char *addr; 137 u8 *kaddr;
128 unsigned int i, recs; 138 unsigned int i, recs;
129 u32 rec_size; 139 u32 rec_size;
130 140
@@ -132,12 +142,12 @@ static void ntfs_end_buffer_async_read(struct buffer_head *bh, int uptodate)
132 recs = PAGE_CACHE_SIZE / rec_size; 142 recs = PAGE_CACHE_SIZE / rec_size;
133 /* Should have been verified before we got here... */ 143 /* Should have been verified before we got here... */
134 BUG_ON(!recs); 144 BUG_ON(!recs);
135 addr = kmap_atomic(page, KM_BIO_SRC_IRQ); 145 kaddr = kmap_atomic(page, KM_BIO_SRC_IRQ);
136 for (i = 0; i < recs; i++) 146 for (i = 0; i < recs; i++)
137 post_read_mst_fixup((NTFS_RECORD*)(addr + 147 post_read_mst_fixup((NTFS_RECORD*)(kaddr +
138 i * rec_size), rec_size); 148 i * rec_size), rec_size);
149 kunmap_atomic(kaddr, KM_BIO_SRC_IRQ);
139 flush_dcache_page(page); 150 flush_dcache_page(page);
140 kunmap_atomic(addr, KM_BIO_SRC_IRQ);
141 if (likely(page_uptodate && !PageError(page))) 151 if (likely(page_uptodate && !PageError(page)))
142 SetPageUptodate(page); 152 SetPageUptodate(page);
143 } 153 }
@@ -168,8 +178,11 @@ still_busy:
168 */ 178 */
169static int ntfs_read_block(struct page *page) 179static int ntfs_read_block(struct page *page)
170{ 180{
181 loff_t i_size;
171 VCN vcn; 182 VCN vcn;
172 LCN lcn; 183 LCN lcn;
184 s64 init_size;
185 struct inode *vi;
173 ntfs_inode *ni; 186 ntfs_inode *ni;
174 ntfs_volume *vol; 187 ntfs_volume *vol;
175 runlist_element *rl; 188 runlist_element *rl;
@@ -180,7 +193,8 @@ static int ntfs_read_block(struct page *page)
180 int i, nr; 193 int i, nr;
181 unsigned char blocksize_bits; 194 unsigned char blocksize_bits;
182 195
183 ni = NTFS_I(page->mapping->host); 196 vi = page->mapping->host;
197 ni = NTFS_I(vi);
184 vol = ni->vol; 198 vol = ni->vol;
185 199
186 /* $MFT/$DATA must have its complete runlist in memory at all times. */ 200 /* $MFT/$DATA must have its complete runlist in memory at all times. */
@@ -199,11 +213,28 @@ static int ntfs_read_block(struct page *page)
199 bh = head = page_buffers(page); 213 bh = head = page_buffers(page);
200 BUG_ON(!bh); 214 BUG_ON(!bh);
201 215
216 /*
217 * We may be racing with truncate. To avoid some of the problems we
218 * now take a snapshot of the various sizes and use those for the whole
219 * of the function. In case of an extending truncate it just means we
220 * may leave some buffers unmapped which are now allocated. This is
221 * not a problem since these buffers will just get mapped when a write
222 * occurs. In case of a shrinking truncate, we will detect this later
223 * on due to the runlist being incomplete and if the page is being
224 * fully truncated, truncate will throw it away as soon as we unlock
225 * it so no need to worry what we do with it.
226 */
202 iblock = (s64)page->index << (PAGE_CACHE_SHIFT - blocksize_bits); 227 iblock = (s64)page->index << (PAGE_CACHE_SHIFT - blocksize_bits);
203 read_lock_irqsave(&ni->size_lock, flags); 228 read_lock_irqsave(&ni->size_lock, flags);
204 lblock = (ni->allocated_size + blocksize - 1) >> blocksize_bits; 229 lblock = (ni->allocated_size + blocksize - 1) >> blocksize_bits;
205 zblock = (ni->initialized_size + blocksize - 1) >> blocksize_bits; 230 init_size = ni->initialized_size;
231 i_size = i_size_read(vi);
206 read_unlock_irqrestore(&ni->size_lock, flags); 232 read_unlock_irqrestore(&ni->size_lock, flags);
233 if (unlikely(init_size > i_size)) {
234 /* Race with shrinking truncate. */
235 init_size = i_size;
236 }
237 zblock = (init_size + blocksize - 1) >> blocksize_bits;
207 238
208 /* Loop through all the buffers in the page. */ 239 /* Loop through all the buffers in the page. */
209 rl = NULL; 240 rl = NULL;
@@ -366,6 +397,8 @@ handle_zblock:
366 */ 397 */
367static int ntfs_readpage(struct file *file, struct page *page) 398static int ntfs_readpage(struct file *file, struct page *page)
368{ 399{
400 loff_t i_size;
401 struct inode *vi;
369 ntfs_inode *ni, *base_ni; 402 ntfs_inode *ni, *base_ni;
370 u8 *kaddr; 403 u8 *kaddr;
371 ntfs_attr_search_ctx *ctx; 404 ntfs_attr_search_ctx *ctx;
@@ -384,14 +417,17 @@ retry_readpage:
384 unlock_page(page); 417 unlock_page(page);
385 return 0; 418 return 0;
386 } 419 }
387 ni = NTFS_I(page->mapping->host); 420 vi = page->mapping->host;
421 ni = NTFS_I(vi);
388 /* 422 /*
389 * Only $DATA attributes can be encrypted and only unnamed $DATA 423 * Only $DATA attributes can be encrypted and only unnamed $DATA
390 * attributes can be compressed. Index root can have the flags set but 424 * attributes can be compressed. Index root can have the flags set but
391 * this means to create compressed/encrypted files, not that the 425 * this means to create compressed/encrypted files, not that the
392 * attribute is compressed/encrypted. 426 * attribute is compressed/encrypted. Note we need to check for
427 * AT_INDEX_ALLOCATION since this is the type of both directory and
428 * index inodes.
393 */ 429 */
394 if (ni->type != AT_INDEX_ROOT) { 430 if (ni->type != AT_INDEX_ALLOCATION) {
395 /* If attribute is encrypted, deny access, just like NT4. */ 431 /* If attribute is encrypted, deny access, just like NT4. */
396 if (NInoEncrypted(ni)) { 432 if (NInoEncrypted(ni)) {
397 BUG_ON(ni->type != AT_DATA); 433 BUG_ON(ni->type != AT_DATA);
@@ -456,7 +492,12 @@ retry_readpage:
456 read_lock_irqsave(&ni->size_lock, flags); 492 read_lock_irqsave(&ni->size_lock, flags);
457 if (unlikely(attr_len > ni->initialized_size)) 493 if (unlikely(attr_len > ni->initialized_size))
458 attr_len = ni->initialized_size; 494 attr_len = ni->initialized_size;
495 i_size = i_size_read(vi);
459 read_unlock_irqrestore(&ni->size_lock, flags); 496 read_unlock_irqrestore(&ni->size_lock, flags);
497 if (unlikely(attr_len > i_size)) {
498 /* Race with shrinking truncate. */
499 attr_len = i_size;
500 }
460 kaddr = kmap_atomic(page, KM_USER0); 501 kaddr = kmap_atomic(page, KM_USER0);
461 /* Copy the data to the page. */ 502 /* Copy the data to the page. */
462 memcpy(kaddr, (u8*)ctx->attr + 503 memcpy(kaddr, (u8*)ctx->attr +
@@ -1341,9 +1382,11 @@ retry_writepage:
1341 * Only $DATA attributes can be encrypted and only unnamed $DATA 1382 * Only $DATA attributes can be encrypted and only unnamed $DATA
1342 * attributes can be compressed. Index root can have the flags set but 1383 * attributes can be compressed. Index root can have the flags set but
1343 * this means to create compressed/encrypted files, not that the 1384 * this means to create compressed/encrypted files, not that the
1344 * attribute is compressed/encrypted. 1385 * attribute is compressed/encrypted. Note we need to check for
1386 * AT_INDEX_ALLOCATION since this is the type of both directory and
1387 * index inodes.
1345 */ 1388 */
1346 if (ni->type != AT_INDEX_ROOT) { 1389 if (ni->type != AT_INDEX_ALLOCATION) {
1347 /* If file is encrypted, deny access, just like NT4. */ 1390 /* If file is encrypted, deny access, just like NT4. */
1348 if (NInoEncrypted(ni)) { 1391 if (NInoEncrypted(ni)) {
1349 unlock_page(page); 1392 unlock_page(page);
@@ -1379,8 +1422,8 @@ retry_writepage:
1379 unsigned int ofs = i_size & ~PAGE_CACHE_MASK; 1422 unsigned int ofs = i_size & ~PAGE_CACHE_MASK;
1380 kaddr = kmap_atomic(page, KM_USER0); 1423 kaddr = kmap_atomic(page, KM_USER0);
1381 memset(kaddr + ofs, 0, PAGE_CACHE_SIZE - ofs); 1424 memset(kaddr + ofs, 0, PAGE_CACHE_SIZE - ofs);
1382 flush_dcache_page(page);
1383 kunmap_atomic(kaddr, KM_USER0); 1425 kunmap_atomic(kaddr, KM_USER0);
1426 flush_dcache_page(page);
1384 } 1427 }
1385 /* Handle mst protected attributes. */ 1428 /* Handle mst protected attributes. */
1386 if (NInoMstProtected(ni)) 1429 if (NInoMstProtected(ni))
@@ -1443,34 +1486,33 @@ retry_writepage:
1443 BUG_ON(PageWriteback(page)); 1486 BUG_ON(PageWriteback(page));
1444 set_page_writeback(page); 1487 set_page_writeback(page);
1445 unlock_page(page); 1488 unlock_page(page);
1446 /*
1447 * Here, we do not need to zero the out of bounds area everytime
1448 * because the below memcpy() already takes care of the
1449 * mmap-at-end-of-file requirements. If the file is converted to a
1450 * non-resident one, then the code path use is switched to the
1451 * non-resident one where the zeroing happens on each ntfs_writepage()
1452 * invocation.
1453 */
1454 attr_len = le32_to_cpu(ctx->attr->data.resident.value_length); 1489 attr_len = le32_to_cpu(ctx->attr->data.resident.value_length);
1455 i_size = i_size_read(vi); 1490 i_size = i_size_read(vi);
1456 if (unlikely(attr_len > i_size)) { 1491 if (unlikely(attr_len > i_size)) {
1492 /* Race with shrinking truncate or a failed truncate. */
1457 attr_len = i_size; 1493 attr_len = i_size;
1458 ctx->attr->data.resident.value_length = cpu_to_le32(attr_len); 1494 /*
1495 * If the truncate failed, fix it up now. If a concurrent
1496 * truncate, we do its job, so it does not have to do anything.
1497 */
1498 err = ntfs_resident_attr_value_resize(ctx->mrec, ctx->attr,
1499 attr_len);
1500 /* Shrinking cannot fail. */
1501 BUG_ON(err);
1459 } 1502 }
1460 kaddr = kmap_atomic(page, KM_USER0); 1503 kaddr = kmap_atomic(page, KM_USER0);
1461 /* Copy the data from the page to the mft record. */ 1504 /* Copy the data from the page to the mft record. */
1462 memcpy((u8*)ctx->attr + 1505 memcpy((u8*)ctx->attr +
1463 le16_to_cpu(ctx->attr->data.resident.value_offset), 1506 le16_to_cpu(ctx->attr->data.resident.value_offset),
1464 kaddr, attr_len); 1507 kaddr, attr_len);
1465 flush_dcache_mft_record_page(ctx->ntfs_ino);
1466 /* Zero out of bounds area in the page cache page. */ 1508 /* Zero out of bounds area in the page cache page. */
1467 memset(kaddr + attr_len, 0, PAGE_CACHE_SIZE - attr_len); 1509 memset(kaddr + attr_len, 0, PAGE_CACHE_SIZE - attr_len);
1468 flush_dcache_page(page);
1469 kunmap_atomic(kaddr, KM_USER0); 1510 kunmap_atomic(kaddr, KM_USER0);
1470 1511 flush_dcache_mft_record_page(ctx->ntfs_ino);
1512 flush_dcache_page(page);
1513 /* We are done with the page. */
1471 end_page_writeback(page); 1514 end_page_writeback(page);
1472 1515 /* Finally, mark the mft record dirty, so it gets written back. */
1473 /* Mark the mft record dirty, so it gets written back. */
1474 mark_mft_record_dirty(ctx->ntfs_ino); 1516 mark_mft_record_dirty(ctx->ntfs_ino);
1475 ntfs_attr_put_search_ctx(ctx); 1517 ntfs_attr_put_search_ctx(ctx);
1476 unmap_mft_record(base_ni); 1518 unmap_mft_record(base_ni);
diff --git a/fs/ntfs/inode.c b/fs/ntfs/inode.c
index dc4bbe3acf5c..7ec045131808 100644
--- a/fs/ntfs/inode.c
+++ b/fs/ntfs/inode.c
@@ -1166,6 +1166,8 @@ err_out:
1166 * 1166 *
1167 * Return 0 on success and -errno on error. In the error case, the inode will 1167 * Return 0 on success and -errno on error. In the error case, the inode will
1168 * have had make_bad_inode() executed on it. 1168 * have had make_bad_inode() executed on it.
1169 *
1170 * Note this cannot be called for AT_INDEX_ALLOCATION.
1169 */ 1171 */
1170static int ntfs_read_locked_attr_inode(struct inode *base_vi, struct inode *vi) 1172static int ntfs_read_locked_attr_inode(struct inode *base_vi, struct inode *vi)
1171{ 1173{
@@ -1242,8 +1244,8 @@ static int ntfs_read_locked_attr_inode(struct inode *base_vi, struct inode *vi)
1242 } 1244 }
1243 } 1245 }
1244 /* 1246 /*
1245 * The encryption flag set in an index root just means to 1247 * The compressed/sparse flag set in an index root just means
1246 * compress all files. 1248 * to compress all files.
1247 */ 1249 */
1248 if (NInoMstProtected(ni) && ni->type != AT_INDEX_ROOT) { 1250 if (NInoMstProtected(ni) && ni->type != AT_INDEX_ROOT) {
1249 ntfs_error(vi->i_sb, "Found mst protected attribute " 1251 ntfs_error(vi->i_sb, "Found mst protected attribute "
@@ -1319,8 +1321,7 @@ static int ntfs_read_locked_attr_inode(struct inode *base_vi, struct inode *vi)
1319 "the mapping pairs array."); 1321 "the mapping pairs array.");
1320 goto unm_err_out; 1322 goto unm_err_out;
1321 } 1323 }
1322 if ((NInoCompressed(ni) || NInoSparse(ni)) && 1324 if (NInoCompressed(ni) || NInoSparse(ni)) {
1323 ni->type != AT_INDEX_ROOT) {
1324 if (a->data.non_resident.compression_unit != 4) { 1325 if (a->data.non_resident.compression_unit != 4) {
1325 ntfs_error(vi->i_sb, "Found nonstandard " 1326 ntfs_error(vi->i_sb, "Found nonstandard "
1326 "compression unit (%u instead " 1327 "compression unit (%u instead "
diff --git a/fs/ntfs/malloc.h b/fs/ntfs/malloc.h
index 3288bcc2c4aa..006946efca8c 100644
--- a/fs/ntfs/malloc.h
+++ b/fs/ntfs/malloc.h
@@ -1,7 +1,7 @@
1/* 1/*
2 * malloc.h - NTFS kernel memory handling. Part of the Linux-NTFS project. 2 * malloc.h - NTFS kernel memory handling. Part of the Linux-NTFS project.
3 * 3 *
4 * Copyright (c) 2001-2004 Anton Altaparmakov 4 * Copyright (c) 2001-2005 Anton Altaparmakov
5 * 5 *
6 * This program/include file is free software; you can redistribute it and/or 6 * This program/include file is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License as published 7 * modify it under the terms of the GNU General Public License as published
diff --git a/fs/ntfs/runlist.c b/fs/ntfs/runlist.c
index f5b2ac929081..061b5ff6b73c 100644
--- a/fs/ntfs/runlist.c
+++ b/fs/ntfs/runlist.c
@@ -2,7 +2,7 @@
2 * runlist.c - NTFS runlist handling code. Part of the Linux-NTFS project. 2 * runlist.c - NTFS runlist handling code. Part of the Linux-NTFS project.
3 * 3 *
4 * Copyright (c) 2001-2005 Anton Altaparmakov 4 * Copyright (c) 2001-2005 Anton Altaparmakov
5 * Copyright (c) 2002 Richard Russon 5 * Copyright (c) 2002-2005 Richard Russon
6 * 6 *
7 * This program/include file is free software; you can redistribute it and/or 7 * This program/include file is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License as published 8 * modify it under the terms of the GNU General Public License as published
@@ -158,17 +158,21 @@ static inline BOOL ntfs_are_rl_mergeable(runlist_element *dst,
158 BUG_ON(!dst); 158 BUG_ON(!dst);
159 BUG_ON(!src); 159 BUG_ON(!src);
160 160
161 if ((dst->lcn < 0) || (src->lcn < 0)) { /* Are we merging holes? */ 161 /* We can merge unmapped regions even if they are misaligned. */
162 if (dst->lcn == LCN_HOLE && src->lcn == LCN_HOLE) 162 if ((dst->lcn == LCN_RL_NOT_MAPPED) && (src->lcn == LCN_RL_NOT_MAPPED))
163 return TRUE; 163 return TRUE;
164 /* If the runs are misaligned, we cannot merge them. */
165 if ((dst->vcn + dst->length) != src->vcn)
164 return FALSE; 166 return FALSE;
165 } 167 /* If both runs are non-sparse and contiguous, we can merge them. */
166 if ((dst->lcn + dst->length) != src->lcn) /* Are the runs contiguous? */ 168 if ((dst->lcn >= 0) && (src->lcn >= 0) &&
167 return FALSE; 169 ((dst->lcn + dst->length) == src->lcn))
168 if ((dst->vcn + dst->length) != src->vcn) /* Are the runs misaligned? */ 170 return TRUE;
169 return FALSE; 171 /* If we are merging two holes, we can merge them. */
170 172 if ((dst->lcn == LCN_HOLE) && (src->lcn == LCN_HOLE))
171 return TRUE; 173 return TRUE;
174 /* Cannot merge. */
175 return FALSE;
172} 176}
173 177
174/** 178/**
@@ -214,14 +218,15 @@ static inline void __ntfs_rl_merge(runlist_element *dst, runlist_element *src)
214static inline runlist_element *ntfs_rl_append(runlist_element *dst, 218static inline runlist_element *ntfs_rl_append(runlist_element *dst,
215 int dsize, runlist_element *src, int ssize, int loc) 219 int dsize, runlist_element *src, int ssize, int loc)
216{ 220{
217 BOOL right; 221 BOOL right = FALSE; /* Right end of @src needs merging. */
218 int magic; 222 int marker; /* End of the inserted runs. */
219 223
220 BUG_ON(!dst); 224 BUG_ON(!dst);
221 BUG_ON(!src); 225 BUG_ON(!src);
222 226
223 /* First, check if the right hand end needs merging. */ 227 /* First, check if the right hand end needs merging. */
224 right = ntfs_are_rl_mergeable(src + ssize - 1, dst + loc + 1); 228 if ((loc + 1) < dsize)
229 right = ntfs_are_rl_mergeable(src + ssize - 1, dst + loc + 1);
225 230
226 /* Space required: @dst size + @src size, less one if we merged. */ 231 /* Space required: @dst size + @src size, less one if we merged. */
227 dst = ntfs_rl_realloc(dst, dsize, dsize + ssize - right); 232 dst = ntfs_rl_realloc(dst, dsize, dsize + ssize - right);
@@ -236,18 +241,19 @@ static inline runlist_element *ntfs_rl_append(runlist_element *dst,
236 if (right) 241 if (right)
237 __ntfs_rl_merge(src + ssize - 1, dst + loc + 1); 242 __ntfs_rl_merge(src + ssize - 1, dst + loc + 1);
238 243
239 magic = loc + ssize; 244 /* First run after the @src runs that have been inserted. */
245 marker = loc + ssize + 1;
240 246
241 /* Move the tail of @dst out of the way, then copy in @src. */ 247 /* Move the tail of @dst out of the way, then copy in @src. */
242 ntfs_rl_mm(dst, magic + 1, loc + 1 + right, dsize - loc - 1 - right); 248 ntfs_rl_mm(dst, marker, loc + 1 + right, dsize - (loc + 1 + right));
243 ntfs_rl_mc(dst, loc + 1, src, 0, ssize); 249 ntfs_rl_mc(dst, loc + 1, src, 0, ssize);
244 250
245 /* Adjust the size of the preceding hole. */ 251 /* Adjust the size of the preceding hole. */
246 dst[loc].length = dst[loc + 1].vcn - dst[loc].vcn; 252 dst[loc].length = dst[loc + 1].vcn - dst[loc].vcn;
247 253
248 /* We may have changed the length of the file, so fix the end marker */ 254 /* We may have changed the length of the file, so fix the end marker */
249 if (dst[magic + 1].lcn == LCN_ENOENT) 255 if (dst[marker].lcn == LCN_ENOENT)
250 dst[magic + 1].vcn = dst[magic].vcn + dst[magic].length; 256 dst[marker].vcn = dst[marker - 1].vcn + dst[marker - 1].length;
251 257
252 return dst; 258 return dst;
253} 259}
@@ -279,18 +285,17 @@ static inline runlist_element *ntfs_rl_append(runlist_element *dst,
279static inline runlist_element *ntfs_rl_insert(runlist_element *dst, 285static inline runlist_element *ntfs_rl_insert(runlist_element *dst,
280 int dsize, runlist_element *src, int ssize, int loc) 286 int dsize, runlist_element *src, int ssize, int loc)
281{ 287{
282 BOOL left = FALSE; 288 BOOL left = FALSE; /* Left end of @src needs merging. */
283 BOOL disc = FALSE; /* Discontinuity */ 289 BOOL disc = FALSE; /* Discontinuity between @dst and @src. */
284 BOOL hole = FALSE; /* Following a hole */ 290 int marker; /* End of the inserted runs. */
285 int magic;
286 291
287 BUG_ON(!dst); 292 BUG_ON(!dst);
288 BUG_ON(!src); 293 BUG_ON(!src);
289 294
290 /* disc => Discontinuity between the end of @dst and the start of @src. 295 /*
291 * This means we might need to insert a hole. 296 * disc => Discontinuity between the end of @dst and the start of @src.
292 * hole => @dst ends with a hole or an unmapped region which we can 297 * This means we might need to insert a "not mapped" run.
293 * extend to match the discontinuity. */ 298 */
294 if (loc == 0) 299 if (loc == 0)
295 disc = (src[0].vcn > 0); 300 disc = (src[0].vcn > 0);
296 else { 301 else {
@@ -303,58 +308,49 @@ static inline runlist_element *ntfs_rl_insert(runlist_element *dst,
303 merged_length += src->length; 308 merged_length += src->length;
304 309
305 disc = (src[0].vcn > dst[loc - 1].vcn + merged_length); 310 disc = (src[0].vcn > dst[loc - 1].vcn + merged_length);
306 if (disc)
307 hole = (dst[loc - 1].lcn == LCN_HOLE);
308 } 311 }
309 312 /*
310 /* Space required: @dst size + @src size, less one if we merged, plus 313 * Space required: @dst size + @src size, less one if we merged, plus
311 * one if there was a discontinuity, less one for a trailing hole. */ 314 * one if there was a discontinuity.
312 dst = ntfs_rl_realloc(dst, dsize, dsize + ssize - left + disc - hole); 315 */
316 dst = ntfs_rl_realloc(dst, dsize, dsize + ssize - left + disc);
313 if (IS_ERR(dst)) 317 if (IS_ERR(dst))
314 return dst; 318 return dst;
315 /* 319 /*
316 * We are guaranteed to succeed from here so can start modifying the 320 * We are guaranteed to succeed from here so can start modifying the
317 * original runlist. 321 * original runlist.
318 */ 322 */
319
320 if (left) 323 if (left)
321 __ntfs_rl_merge(dst + loc - 1, src); 324 __ntfs_rl_merge(dst + loc - 1, src);
322 325 /*
323 magic = loc + ssize - left + disc - hole; 326 * First run after the @src runs that have been inserted.
327 * Nominally, @marker equals @loc + @ssize, i.e. location + number of
328 * runs in @src. However, if @left, then the first run in @src has
329 * been merged with one in @dst. And if @disc, then @dst and @src do
330 * not meet and we need an extra run to fill the gap.
331 */
332 marker = loc + ssize - left + disc;
324 333
325 /* Move the tail of @dst out of the way, then copy in @src. */ 334 /* Move the tail of @dst out of the way, then copy in @src. */
326 ntfs_rl_mm(dst, magic, loc, dsize - loc); 335 ntfs_rl_mm(dst, marker, loc, dsize - loc);
327 ntfs_rl_mc(dst, loc + disc - hole, src, left, ssize - left); 336 ntfs_rl_mc(dst, loc + disc, src, left, ssize - left);
328 337
329 /* Adjust the VCN of the last run ... */ 338 /* Adjust the VCN of the first run after the insertion... */
330 if (dst[magic].lcn <= LCN_HOLE) 339 dst[marker].vcn = dst[marker - 1].vcn + dst[marker - 1].length;
331 dst[magic].vcn = dst[magic - 1].vcn + dst[magic - 1].length;
332 /* ... and the length. */ 340 /* ... and the length. */
333 if (dst[magic].lcn == LCN_HOLE || dst[magic].lcn == LCN_RL_NOT_MAPPED) 341 if (dst[marker].lcn == LCN_HOLE || dst[marker].lcn == LCN_RL_NOT_MAPPED)
334 dst[magic].length = dst[magic + 1].vcn - dst[magic].vcn; 342 dst[marker].length = dst[marker + 1].vcn - dst[marker].vcn;
335 343
336 /* Writing beyond the end of the file and there's a discontinuity. */ 344 /* Writing beyond the end of the file and there is a discontinuity. */
337 if (disc) { 345 if (disc) {
338 if (hole) 346 if (loc > 0) {
339 dst[loc - 1].length = dst[loc].vcn - dst[loc - 1].vcn; 347 dst[loc].vcn = dst[loc - 1].vcn + dst[loc - 1].length;
340 else { 348 dst[loc].length = dst[loc + 1].vcn - dst[loc].vcn;
341 if (loc > 0) { 349 } else {
342 dst[loc].vcn = dst[loc - 1].vcn + 350 dst[loc].vcn = 0;
343 dst[loc - 1].length; 351 dst[loc].length = dst[loc + 1].vcn;
344 dst[loc].length = dst[loc + 1].vcn -
345 dst[loc].vcn;
346 } else {
347 dst[loc].vcn = 0;
348 dst[loc].length = dst[loc + 1].vcn;
349 }
350 dst[loc].lcn = LCN_RL_NOT_MAPPED;
351 } 352 }
352 353 dst[loc].lcn = LCN_RL_NOT_MAPPED;
353 magic += hole;
354
355 if (dst[magic].lcn == LCN_ENOENT)
356 dst[magic].vcn = dst[magic - 1].vcn +
357 dst[magic - 1].length;
358 } 354 }
359 return dst; 355 return dst;
360} 356}
@@ -385,20 +381,23 @@ static inline runlist_element *ntfs_rl_insert(runlist_element *dst,
385static inline runlist_element *ntfs_rl_replace(runlist_element *dst, 381static inline runlist_element *ntfs_rl_replace(runlist_element *dst,
386 int dsize, runlist_element *src, int ssize, int loc) 382 int dsize, runlist_element *src, int ssize, int loc)
387{ 383{
388 BOOL left = FALSE; 384 BOOL left = FALSE; /* Left end of @src needs merging. */
389 BOOL right; 385 BOOL right = FALSE; /* Right end of @src needs merging. */
390 int magic; 386 int tail; /* Start of tail of @dst. */
387 int marker; /* End of the inserted runs. */
391 388
392 BUG_ON(!dst); 389 BUG_ON(!dst);
393 BUG_ON(!src); 390 BUG_ON(!src);
394 391
395 /* First, merge the left and right ends, if necessary. */ 392 /* First, see if the left and right ends need merging. */
396 right = ntfs_are_rl_mergeable(src + ssize - 1, dst + loc + 1); 393 if ((loc + 1) < dsize)
394 right = ntfs_are_rl_mergeable(src + ssize - 1, dst + loc + 1);
397 if (loc > 0) 395 if (loc > 0)
398 left = ntfs_are_rl_mergeable(dst + loc - 1, src); 396 left = ntfs_are_rl_mergeable(dst + loc - 1, src);
399 397 /*
400 /* Allocate some space. We'll need less if the left, right, or both 398 * Allocate some space. We will need less if the left, right, or both
401 * ends were merged. */ 399 * ends get merged.
400 */
402 dst = ntfs_rl_realloc(dst, dsize, dsize + ssize - left - right); 401 dst = ntfs_rl_realloc(dst, dsize, dsize + ssize - left - right);
403 if (IS_ERR(dst)) 402 if (IS_ERR(dst))
404 return dst; 403 return dst;
@@ -406,21 +405,37 @@ static inline runlist_element *ntfs_rl_replace(runlist_element *dst,
406 * We are guaranteed to succeed from here so can start modifying the 405 * We are guaranteed to succeed from here so can start modifying the
407 * original runlists. 406 * original runlists.
408 */ 407 */
408
409 /* First, merge the left and right ends, if necessary. */
409 if (right) 410 if (right)
410 __ntfs_rl_merge(src + ssize - 1, dst + loc + 1); 411 __ntfs_rl_merge(src + ssize - 1, dst + loc + 1);
411 if (left) 412 if (left)
412 __ntfs_rl_merge(dst + loc - 1, src); 413 __ntfs_rl_merge(dst + loc - 1, src);
413 414 /*
414 /* FIXME: What does this mean? (AIA) */ 415 * Offset of the tail of @dst. This needs to be moved out of the way
415 magic = loc + ssize - left; 416 * to make space for the runs to be copied from @src, i.e. the first
417 * run of the tail of @dst.
418 * Nominally, @tail equals @loc + 1, i.e. location, skipping the
419 * replaced run. However, if @right, then one of @dst's runs is
420 * already merged into @src.
421 */
422 tail = loc + right + 1;
423 /*
424 * First run after the @src runs that have been inserted, i.e. where
425 * the tail of @dst needs to be moved to.
426 * Nominally, @marker equals @loc + @ssize, i.e. location + number of
427 * runs in @src. However, if @left, then the first run in @src has
428 * been merged with one in @dst.
429 */
430 marker = loc + ssize - left;
416 431
417 /* Move the tail of @dst out of the way, then copy in @src. */ 432 /* Move the tail of @dst out of the way, then copy in @src. */
418 ntfs_rl_mm(dst, magic, loc + right + 1, dsize - loc - right - 1); 433 ntfs_rl_mm(dst, marker, tail, dsize - tail);
419 ntfs_rl_mc(dst, loc, src, left, ssize - left); 434 ntfs_rl_mc(dst, loc, src, left, ssize - left);
420 435
421 /* We may have changed the length of the file, so fix the end marker */ 436 /* We may have changed the length of the file, so fix the end marker. */
422 if (dst[magic].lcn == LCN_ENOENT) 437 if (dsize - tail > 0 && dst[marker].lcn == LCN_ENOENT)
423 dst[magic].vcn = dst[magic - 1].vcn + dst[magic - 1].length; 438 dst[marker].vcn = dst[marker - 1].vcn + dst[marker - 1].length;
424 return dst; 439 return dst;
425} 440}
426 441
diff --git a/fs/proc/array.c b/fs/proc/array.c
index d88d518d30f6..d84eecacbeaf 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -74,6 +74,7 @@
74#include <linux/file.h> 74#include <linux/file.h>
75#include <linux/times.h> 75#include <linux/times.h>
76#include <linux/cpuset.h> 76#include <linux/cpuset.h>
77#include <linux/rcupdate.h>
77 78
78#include <asm/uaccess.h> 79#include <asm/uaccess.h>
79#include <asm/pgtable.h> 80#include <asm/pgtable.h>
@@ -180,12 +181,14 @@ static inline char * task_state(struct task_struct *p, char *buffer)
180 p->gid, p->egid, p->sgid, p->fsgid); 181 p->gid, p->egid, p->sgid, p->fsgid);
181 read_unlock(&tasklist_lock); 182 read_unlock(&tasklist_lock);
182 task_lock(p); 183 task_lock(p);
184 rcu_read_lock();
183 if (p->files) 185 if (p->files)
184 fdt = files_fdtable(p->files); 186 fdt = files_fdtable(p->files);
185 buffer += sprintf(buffer, 187 buffer += sprintf(buffer,
186 "FDSize:\t%d\n" 188 "FDSize:\t%d\n"
187 "Groups:\t", 189 "Groups:\t",
188 fdt ? fdt->max_fds : 0); 190 fdt ? fdt->max_fds : 0);
191 rcu_read_unlock();
189 192
190 group_info = p->group_info; 193 group_info = p->group_info;
191 get_group_info(group_info); 194 get_group_info(group_info);
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 23db452ab428..fb34f88a4a74 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -340,6 +340,52 @@ static int proc_root_link(struct inode *inode, struct dentry **dentry, struct vf
340 return result; 340 return result;
341} 341}
342 342
343
344/* Same as proc_root_link, but this addionally tries to get fs from other
345 * threads in the group */
346static int proc_task_root_link(struct inode *inode, struct dentry **dentry, struct vfsmount **mnt)
347{
348 struct fs_struct *fs;
349 int result = -ENOENT;
350 struct task_struct *leader = proc_task(inode);
351
352 task_lock(leader);
353 fs = leader->fs;
354 if (fs) {
355 atomic_inc(&fs->count);
356 task_unlock(leader);
357 } else {
358 /* Try to get fs from other threads */
359 task_unlock(leader);
360 struct task_struct *task = leader;
361 read_lock(&tasklist_lock);
362 if (pid_alive(task)) {
363 while ((task = next_thread(task)) != leader) {
364 task_lock(task);
365 fs = task->fs;
366 if (fs) {
367 atomic_inc(&fs->count);
368 task_unlock(task);
369 break;
370 }
371 task_unlock(task);
372 }
373 }
374 read_unlock(&tasklist_lock);
375 }
376
377 if (fs) {
378 read_lock(&fs->lock);
379 *mnt = mntget(fs->rootmnt);
380 *dentry = dget(fs->root);
381 read_unlock(&fs->lock);
382 result = 0;
383 put_fs_struct(fs);
384 }
385 return result;
386}
387
388
343#define MAY_PTRACE(task) \ 389#define MAY_PTRACE(task) \
344 (task == current || \ 390 (task == current || \
345 (task->parent == current && \ 391 (task->parent == current && \
@@ -471,14 +517,14 @@ static int proc_oom_score(struct task_struct *task, char *buffer)
471 517
472/* permission checks */ 518/* permission checks */
473 519
474static int proc_check_root(struct inode *inode) 520/* If the process being read is separated by chroot from the reading process,
521 * don't let the reader access the threads.
522 */
523static int proc_check_chroot(struct dentry *root, struct vfsmount *vfsmnt)
475{ 524{
476 struct dentry *de, *base, *root; 525 struct dentry *de, *base;
477 struct vfsmount *our_vfsmnt, *vfsmnt, *mnt; 526 struct vfsmount *our_vfsmnt, *mnt;
478 int res = 0; 527 int res = 0;
479
480 if (proc_root_link(inode, &root, &vfsmnt)) /* Ewww... */
481 return -ENOENT;
482 read_lock(&current->fs->lock); 528 read_lock(&current->fs->lock);
483 our_vfsmnt = mntget(current->fs->rootmnt); 529 our_vfsmnt = mntget(current->fs->rootmnt);
484 base = dget(current->fs->root); 530 base = dget(current->fs->root);
@@ -511,6 +557,16 @@ out:
511 goto exit; 557 goto exit;
512} 558}
513 559
560static int proc_check_root(struct inode *inode)
561{
562 struct dentry *root;
563 struct vfsmount *vfsmnt;
564
565 if (proc_root_link(inode, &root, &vfsmnt)) /* Ewww... */
566 return -ENOENT;
567 return proc_check_chroot(root, vfsmnt);
568}
569
514static int proc_permission(struct inode *inode, int mask, struct nameidata *nd) 570static int proc_permission(struct inode *inode, int mask, struct nameidata *nd)
515{ 571{
516 if (generic_permission(inode, mask, NULL) != 0) 572 if (generic_permission(inode, mask, NULL) != 0)
@@ -518,6 +574,20 @@ static int proc_permission(struct inode *inode, int mask, struct nameidata *nd)
518 return proc_check_root(inode); 574 return proc_check_root(inode);
519} 575}
520 576
577static int proc_task_permission(struct inode *inode, int mask, struct nameidata *nd)
578{
579 struct dentry *root;
580 struct vfsmount *vfsmnt;
581
582 if (generic_permission(inode, mask, NULL) != 0)
583 return -EACCES;
584
585 if (proc_task_root_link(inode, &root, &vfsmnt))
586 return -ENOENT;
587
588 return proc_check_chroot(root, vfsmnt);
589}
590
521extern struct seq_operations proc_pid_maps_op; 591extern struct seq_operations proc_pid_maps_op;
522static int maps_open(struct inode *inode, struct file *file) 592static int maps_open(struct inode *inode, struct file *file)
523{ 593{
@@ -1419,7 +1489,7 @@ static struct inode_operations proc_fd_inode_operations = {
1419 1489
1420static struct inode_operations proc_task_inode_operations = { 1490static struct inode_operations proc_task_inode_operations = {
1421 .lookup = proc_task_lookup, 1491 .lookup = proc_task_lookup,
1422 .permission = proc_permission, 1492 .permission = proc_task_permission,
1423}; 1493};
1424 1494
1425#ifdef CONFIG_SECURITY 1495#ifdef CONFIG_SECURITY
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-18 15:22:09 -0500