Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'xfs-4.14-fixes-5' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux

Pull xfs fixes from Darrick Wong:

- Fix a stale kernel memory exposure when logging inodes.

- Fix some build problems with CONFIG_XFS_RT=n

- Don't change inode mode if the acl write fails, leaving the file
totally inaccessible.

- Fix a dangling pointer problem when removing an attr fork under
memory pressure.

- Don't crash while trying to invalidate a null buffer associated with
a corrupt metadata pointer.

* tag 'xfs-4.14-fixes-5' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux:
xfs: handle error if xfs_btree_get_bufs fails
xfs: reinit btree pointer on attr tree inactivation walk
xfs: Fix bool initialization/comparison
xfs: don't change inode mode if ACL update fails
xfs: move more RT specific code under CONFIG_XFS_RT
xfs: Don't log uninitialised fields in inode structures

+109 -70
+8
fs/xfs/libxfs/xfs_alloc.c
··· 1584 1584 1585 1585 bp = xfs_btree_get_bufs(args->mp, args->tp, 1586 1586 args->agno, fbno, 0); 1587 + if (!bp) { 1588 + error = -EFSCORRUPTED; 1589 + goto error0; 1590 + } 1587 1591 xfs_trans_binval(args->tp, bp); 1588 1592 } 1589 1593 args->len = 1; ··· 2145 2141 if (error) 2146 2142 goto out_agbp_relse; 2147 2143 bp = xfs_btree_get_bufs(mp, tp, args->agno, bno, 0); 2144 + if (!bp) { 2145 + error = -EFSCORRUPTED; 2146 + goto out_agbp_relse; 2147 + } 2148 2148 xfs_trans_binval(tp, bp); 2149 2149 } 2150 2150
+2 -2
fs/xfs/libxfs/xfs_bmap.c
··· 1477 1477 int is_empty; 1478 1478 int error; 1479 1479 1480 - bma->aeof = 0; 1480 + bma->aeof = false; 1481 1481 error = xfs_bmap_last_extent(NULL, bma->ip, whichfork, &rec, 1482 1482 &is_empty); 1483 1483 if (error) 1484 1484 return error; 1485 1485 1486 1486 if (is_empty) { 1487 - bma->aeof = 1; 1487 + bma->aeof = true; 1488 1488 return 0; 1489 1489 } 1490 1490
+2 -2
fs/xfs/libxfs/xfs_ialloc.c
··· 1962 1962 if (!(mp->m_flags & XFS_MOUNT_IKEEP) && 1963 1963 rec.ir_free == XFS_INOBT_ALL_FREE && 1964 1964 mp->m_sb.sb_inopblock <= XFS_INODES_PER_CHUNK) { 1965 - xic->deleted = 1; 1965 + xic->deleted = true; 1966 1966 xic->first_ino = XFS_AGINO_TO_INO(mp, agno, rec.ir_startino); 1967 1967 xic->alloc = xfs_inobt_irec_to_allocmask(&rec); 1968 1968 ··· 1989 1989 1990 1990 xfs_difree_inode_chunk(mp, agno, &rec, dfops); 1991 1991 } else { 1992 - xic->deleted = 0; 1992 + xic->deleted = false; 1993 1993 1994 1994 error = xfs_inobt_update(cur, &rec); 1995 1995 if (error) {
+8 -19
fs/xfs/libxfs/xfs_log_format.h
··· 270 270 uint32_t ilf_fields; /* flags for fields logged */ 271 271 uint16_t ilf_asize; /* size of attr d/ext/root */ 272 272 uint16_t ilf_dsize; /* size of data/ext/root */ 273 + uint32_t ilf_pad; /* pad for 64 bit boundary */ 273 274 uint64_t ilf_ino; /* inode number */ 274 275 union { 275 276 uint32_t ilfu_rdev; /* rdev value for dev inode*/ ··· 281 280 int32_t ilf_boffset; /* off of inode in buffer */ 282 281 } xfs_inode_log_format_t; 283 282 284 - typedef struct xfs_inode_log_format_32 { 283 + /* 284 + * Old 32 bit systems will log in this format without the 64 bit 285 + * alignment padding. Recovery will detect this and convert it to the 286 + * correct format. 287 + */ 288 + struct xfs_inode_log_format_32 { 285 289 uint16_t ilf_type; /* inode log item type */ 286 290 uint16_t ilf_size; /* size of this item */ 287 291 uint32_t ilf_fields; /* flags for fields logged */ ··· 300 294 int64_t ilf_blkno; /* blkno of inode buffer */ 301 295 int32_t ilf_len; /* len of inode buffer */ 302 296 int32_t ilf_boffset; /* off of inode in buffer */ 303 - } __attribute__((packed)) xfs_inode_log_format_32_t; 304 - 305 - typedef struct xfs_inode_log_format_64 { 306 - uint16_t ilf_type; /* inode log item type */ 307 - uint16_t ilf_size; /* size of this item */ 308 - uint32_t ilf_fields; /* flags for fields logged */ 309 - uint16_t ilf_asize; /* size of attr d/ext/root */ 310 - uint16_t ilf_dsize; /* size of data/ext/root */ 311 - uint32_t ilf_pad; /* pad for 64 bit boundary */ 312 - uint64_t ilf_ino; /* inode number */ 313 - union { 314 - uint32_t ilfu_rdev; /* rdev value for dev inode*/ 315 - uuid_t ilfu_uuid; /* mount point value */ 316 - } ilf_u; 317 - int64_t ilf_blkno; /* blkno of inode buffer */ 318 - int32_t ilf_len; /* len of inode buffer */ 319 - int32_t ilf_boffset; /* off of inode in buffer */ 320 - } xfs_inode_log_format_64_t; 297 + } __attribute__((packed)); 321 298 322 299 323 300 /*
+16 -6
fs/xfs/xfs_acl.c
··· 247 247 int 248 248 xfs_set_acl(struct inode *inode, struct posix_acl *acl, int type) 249 249 { 250 + umode_t mode; 251 + bool set_mode = false; 250 252 int error = 0; 251 253 252 254 if (!acl) ··· 259 257 return error; 260 258 261 259 if (type == ACL_TYPE_ACCESS) { 262 - umode_t mode; 263 - 264 260 error = posix_acl_update_mode(inode, &mode, &acl); 265 261 if (error) 266 262 return error; 267 - error = xfs_set_mode(inode, mode); 268 - if (error) 269 - return error; 263 + set_mode = true; 270 264 } 271 265 272 266 set_acl: 273 - return __xfs_set_acl(inode, acl, type); 267 + error = __xfs_set_acl(inode, acl, type); 268 + if (error) 269 + return error; 270 + 271 + /* 272 + * We set the mode after successfully updating the ACL xattr because the 273 + * xattr update can fail at ENOSPC and we don't want to change the mode 274 + * if the ACL update hasn't been applied. 275 + */ 276 + if (set_mode) 277 + error = xfs_set_mode(inode, mode); 278 + 279 + return error; 274 280 }
+2
fs/xfs/xfs_attr_inactive.c
··· 302 302 &bp, XFS_ATTR_FORK); 303 303 if (error) 304 304 return error; 305 + node = bp->b_addr; 306 + btree = dp->d_ops->node_tree_p(node); 305 307 child_fsb = be32_to_cpu(btree[i + 1].before); 306 308 xfs_trans_brelse(*trans, bp); 307 309 }
+2
fs/xfs/xfs_bmap_util.c
··· 84 84 GFP_NOFS, 0); 85 85 } 86 86 87 + #ifdef CONFIG_XFS_RT 87 88 int 88 89 xfs_bmap_rtalloc( 89 90 struct xfs_bmalloca *ap) /* bmap alloc argument struct */ ··· 191 190 } 192 191 return 0; 193 192 } 193 + #endif /* CONFIG_XFS_RT */ 194 194 195 195 /* 196 196 * Check if the endoff is outside the last extent. If so the caller will grow
+13
fs/xfs/xfs_bmap_util.h
··· 28 28 struct xfs_trans; 29 29 struct xfs_bmalloca; 30 30 31 + #ifdef CONFIG_XFS_RT 31 32 int xfs_bmap_rtalloc(struct xfs_bmalloca *ap); 33 + #else /* !CONFIG_XFS_RT */ 34 + /* 35 + * Attempts to allocate RT extents when RT is disable indicates corruption and 36 + * should trigger a shutdown. 37 + */ 38 + static inline int 39 + xfs_bmap_rtalloc(struct xfs_bmalloca *ap) 40 + { 41 + return -EFSCORRUPTED; 42 + } 43 + #endif /* CONFIG_XFS_RT */ 44 + 32 45 int xfs_bmap_eof(struct xfs_inode *ip, xfs_fileoff_t endoff, 33 46 int whichfork, int *eof); 34 47 int xfs_bmap_punch_delalloc_range(struct xfs_inode *ip,
+2 -2
fs/xfs/xfs_file.c
··· 764 764 enum xfs_prealloc_flags flags = 0; 765 765 uint iolock = XFS_IOLOCK_EXCL; 766 766 loff_t new_size = 0; 767 - bool do_file_insert = 0; 767 + bool do_file_insert = false; 768 768 769 769 if (!S_ISREG(inode->i_mode)) 770 770 return -EINVAL; ··· 825 825 error = -EINVAL; 826 826 goto out_unlock; 827 827 } 828 - do_file_insert = 1; 828 + do_file_insert = true; 829 829 } else { 830 830 flags |= XFS_PREALLOC_SET; 831 831
+12
fs/xfs/xfs_fsmap.c
··· 521 521 return query_fn(tp, info); 522 522 } 523 523 524 + #ifdef CONFIG_XFS_RT 524 525 /* Actually query the realtime bitmap. */ 525 526 STATIC int 526 527 xfs_getfsmap_rtdev_rtbitmap_query( ··· 562 561 return __xfs_getfsmap_rtdev(tp, keys, xfs_getfsmap_rtdev_rtbitmap_query, 563 562 info); 564 563 } 564 + #endif /* CONFIG_XFS_RT */ 565 565 566 566 /* Execute a getfsmap query against the regular data device. */ 567 567 STATIC int ··· 797 795 return false; 798 796 } 799 797 798 + /* 799 + * There are only two devices if we didn't configure RT devices at build time. 800 + */ 801 + #ifdef CONFIG_XFS_RT 800 802 #define XFS_GETFSMAP_DEVS 3 803 + #else 804 + #define XFS_GETFSMAP_DEVS 2 805 + #endif /* CONFIG_XFS_RT */ 806 + 801 807 /* 802 808 * Get filesystem's extents as described in head, and format for 803 809 * output. Calls formatter to fill the user's buffer until all ··· 863 853 handlers[1].dev = new_encode_dev(mp->m_logdev_targp->bt_dev); 864 854 handlers[1].fn = xfs_getfsmap_logdev; 865 855 } 856 + #ifdef CONFIG_XFS_RT 866 857 if (mp->m_rtdev_targp) { 867 858 handlers[2].dev = new_encode_dev(mp->m_rtdev_targp->bt_dev); 868 859 handlers[2].fn = xfs_getfsmap_rtdev_rtbitmap; 869 860 } 861 + #endif /* CONFIG_XFS_RT */ 870 862 871 863 xfs_sort(handlers, XFS_GETFSMAP_DEVS, sizeof(struct xfs_getfsmap_dev), 872 864 xfs_getfsmap_dev_compare);
+39 -36
fs/xfs/xfs_inode_item.c
··· 364 364 to->di_dmstate = from->di_dmstate; 365 365 to->di_flags = from->di_flags; 366 366 367 + /* log a dummy value to ensure log structure is fully initialised */ 368 + to->di_next_unlinked = NULLAGINO; 369 + 367 370 if (from->di_version == 3) { 368 371 to->di_changecount = inode->i_version; 369 372 to->di_crtime.t_sec = from->di_crtime.t_sec; ··· 407 404 * the second with the on-disk inode structure, and a possible third and/or 408 405 * fourth with the inode data/extents/b-tree root and inode attributes 409 406 * data/extents/b-tree root. 407 + * 408 + * Note: Always use the 64 bit inode log format structure so we don't 409 + * leave an uninitialised hole in the format item on 64 bit systems. Log 410 + * recovery on 32 bit systems handles this just fine, so there's no reason 411 + * for not using an initialising the properly padded structure all the time. 410 412 */ 411 413 STATIC void 412 414 xfs_inode_item_format( ··· 420 412 { 421 413 struct xfs_inode_log_item *iip = INODE_ITEM(lip); 422 414 struct xfs_inode *ip = iip->ili_inode; 423 - struct xfs_inode_log_format *ilf; 424 415 struct xfs_log_iovec *vecp = NULL; 416 + struct xfs_inode_log_format *ilf; 425 417 426 418 ASSERT(ip->i_d.di_version > 1); 427 419 ··· 433 425 ilf->ilf_boffset = ip->i_imap.im_boffset; 434 426 ilf->ilf_fields = XFS_ILOG_CORE; 435 427 ilf->ilf_size = 2; /* format + core */ 436 - xlog_finish_iovec(lv, vecp, sizeof(struct xfs_inode_log_format)); 428 + 429 + /* 430 + * make sure we don't leak uninitialised data into the log in the case 431 + * when we don't log every field in the inode. 432 + */ 433 + ilf->ilf_dsize = 0; 434 + ilf->ilf_asize = 0; 435 + ilf->ilf_pad = 0; 436 + uuid_copy(&ilf->ilf_u.ilfu_uuid, &uuid_null); 437 + 438 + xlog_finish_iovec(lv, vecp, sizeof(*ilf)); 437 439 438 440 xfs_inode_item_format_core(ip, lv, &vecp); 439 441 xfs_inode_item_format_data_fork(iip, ilf, lv, &vecp); ··· 873 855 } 874 856 875 857 /* 876 - * convert an xfs_inode_log_format struct from either 32 or 64 bit versions 877 - * (which can have different field alignments) to the native version 858 + * convert an xfs_inode_log_format struct from the old 32 bit version 859 + * (which can have different field alignments) to the native 64 bit version 878 860 */ 879 861 int 880 862 xfs_inode_item_format_convert( 881 - xfs_log_iovec_t *buf, 882 - xfs_inode_log_format_t *in_f) 863 + struct xfs_log_iovec *buf, 864 + struct xfs_inode_log_format *in_f) 883 865 { 884 - if (buf->i_len == sizeof(xfs_inode_log_format_32_t)) { 885 - xfs_inode_log_format_32_t *in_f32 = buf->i_addr; 866 + struct xfs_inode_log_format_32 *in_f32 = buf->i_addr; 886 867 887 - in_f->ilf_type = in_f32->ilf_type; 888 - in_f->ilf_size = in_f32->ilf_size; 889 - in_f->ilf_fields = in_f32->ilf_fields; 890 - in_f->ilf_asize = in_f32->ilf_asize; 891 - in_f->ilf_dsize = in_f32->ilf_dsize; 892 - in_f->ilf_ino = in_f32->ilf_ino; 893 - /* copy biggest field of ilf_u */ 894 - uuid_copy(&in_f->ilf_u.ilfu_uuid, &in_f32->ilf_u.ilfu_uuid); 895 - in_f->ilf_blkno = in_f32->ilf_blkno; 896 - in_f->ilf_len = in_f32->ilf_len; 897 - in_f->ilf_boffset = in_f32->ilf_boffset; 898 - return 0; 899 - } else if (buf->i_len == sizeof(xfs_inode_log_format_64_t)){ 900 - xfs_inode_log_format_64_t *in_f64 = buf->i_addr; 868 + if (buf->i_len != sizeof(*in_f32)) 869 + return -EFSCORRUPTED; 901 870 902 - in_f->ilf_type = in_f64->ilf_type; 903 - in_f->ilf_size = in_f64->ilf_size; 904 - in_f->ilf_fields = in_f64->ilf_fields; 905 - in_f->ilf_asize = in_f64->ilf_asize; 906 - in_f->ilf_dsize = in_f64->ilf_dsize; 907 - in_f->ilf_ino = in_f64->ilf_ino; 908 - /* copy biggest field of ilf_u */ 909 - uuid_copy(&in_f->ilf_u.ilfu_uuid, &in_f64->ilf_u.ilfu_uuid); 910 - in_f->ilf_blkno = in_f64->ilf_blkno; 911 - in_f->ilf_len = in_f64->ilf_len; 912 - in_f->ilf_boffset = in_f64->ilf_boffset; 913 - return 0; 914 - } 915 - return -EFSCORRUPTED; 871 + in_f->ilf_type = in_f32->ilf_type; 872 + in_f->ilf_size = in_f32->ilf_size; 873 + in_f->ilf_fields = in_f32->ilf_fields; 874 + in_f->ilf_asize = in_f32->ilf_asize; 875 + in_f->ilf_dsize = in_f32->ilf_dsize; 876 + in_f->ilf_ino = in_f32->ilf_ino; 877 + /* copy biggest field of ilf_u */ 878 + uuid_copy(&in_f->ilf_u.ilfu_uuid, &in_f32->ilf_u.ilfu_uuid); 879 + in_f->ilf_blkno = in_f32->ilf_blkno; 880 + in_f->ilf_len = in_f32->ilf_len; 881 + in_f->ilf_boffset = in_f32->ilf_boffset; 882 + return 0; 916 883 }
+1 -1
fs/xfs/xfs_log.c
··· 2515 2515 if (lv) 2516 2516 vecp = lv->lv_iovecp; 2517 2517 } 2518 - if (record_cnt == 0 && ordered == false) { 2518 + if (record_cnt == 0 && !ordered) { 2519 2519 if (!lv) 2520 2520 return 0; 2521 2521 break;
+1 -1
fs/xfs/xfs_mount.c
··· 704 704 xfs_set_maxicount(mp); 705 705 706 706 /* enable fail_at_unmount as default */ 707 - mp->m_fail_unmount = 1; 707 + mp->m_fail_unmount = true; 708 708 709 709 error = xfs_sysfs_init(&mp->m_kobj, &xfs_mp_ktype, NULL, mp->m_fsname); 710 710 if (error)
+1 -1
fs/xfs/xfs_ondisk.h
··· 134 134 XFS_CHECK_STRUCT_SIZE(struct xfs_icreate_log, 28); 135 135 XFS_CHECK_STRUCT_SIZE(struct xfs_ictimestamp, 8); 136 136 XFS_CHECK_STRUCT_SIZE(struct xfs_inode_log_format_32, 52); 137 - XFS_CHECK_STRUCT_SIZE(struct xfs_inode_log_format_64, 56); 137 + XFS_CHECK_STRUCT_SIZE(struct xfs_inode_log_format, 56); 138 138 XFS_CHECK_STRUCT_SIZE(struct xfs_qoff_logformat, 20); 139 139 XFS_CHECK_STRUCT_SIZE(struct xfs_trans_header, 16); 140 140 }