linux.git/fs/open.c, branch v3.6 Linux kernel source tree vfs: canonicalize create mode in build_open_flags() 2012-08-15T11:01:24+00:00 Miklos Szeredi mszeredi@suse.cz 2012-08-15T11:01:24+00:00 e68726ff72cf7ba5e7d789857fcd9a75ca573f03 Userspace can pass weird create mode in open(2) that we canonicalize to "(mode & S_IALLUGO) | S_IFREG" in vfs_create(). The problem is that we use the uncanonicalized mode before calling vfs_create() with unforseen consequences. So do the canonicalization early in build_open_flags(). Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> Tested-by: Richard W.M. Jones <rjones@redhat.com> CC: stable@vger.kernel.org 
Userspace can pass weird create mode in open(2) that we canonicalize to 
"(mode & S_IALLUGO) | S_IFREG" in vfs_create().

The problem is that we use the uncanonicalized mode before calling vfs_create()
with unforseen consequences.

So do the canonicalization early in build_open_flags().

Signed-off-by: Miklos Szeredi <mszeredi@suse.cz>
Tested-by: Richard W.M. Jones <rjones@redhat.com>
CC: stable@vger.kernel.org
missed mnt_drop_write() in do_dentry_open() 2012-08-04T08:15:41+00:00 Al Viro viro@zeniv.linux.org.uk 2012-08-04T04:39:23+00:00 fe7c80518e34d1786f4a940ce673a0bfcbe53298 This one ought to be __mnt_drop_write(), to match __mnt_want_write() in the beginning... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
This one ought to be __mnt_drop_write(), to match __mnt_want_write()
in the beginning...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
fs: Protect write paths by sb_start_write - sb_end_write 2012-07-31T05:45:47+00:00 Jan Kara jack@suse.cz 2012-06-12T14:20:37+00:00 14da9200140f8d722ad1767dfabadebd8b34f2ad There are several entry points which dirty pages in a filesystem. mmap (handled by block_page_mkwrite()), buffered write (handled by __generic_file_aio_write()), splice write (generic_file_splice_write), truncate, and fallocate (these can dirty last partial page - handled inside each filesystem separately). Protect these places with sb_start_write() and sb_end_write(). ->page_mkwrite() calls are particularly complex since they are called with mmap_sem held and thus we cannot use standard sb_start_write() due to lock ordering constraints. We solve the problem by using a special freeze protection sb_start_pagefault() which ranks below mmap_sem. BugLink: https://bugs.launchpad.net/bugs/897421 Tested-by: Kamal Mostafa <kamal@canonical.com> Tested-by: Peter M. Petrakis <peter.petrakis@canonical.com> Tested-by: Dann Frazier <dann.frazier@canonical.com> Tested-by: Massimo Morana <massimo.morana@canonical.com> Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
There are several entry points which dirty pages in a filesystem.  mmap
(handled by block_page_mkwrite()), buffered write (handled by
__generic_file_aio_write()), splice write (generic_file_splice_write),
truncate, and fallocate (these can dirty last partial page - handled inside
each filesystem separately). Protect these places with sb_start_write() and
sb_end_write().

->page_mkwrite() calls are particularly complex since they are called with
mmap_sem held and thus we cannot use standard sb_start_write() due to lock
ordering constraints. We solve the problem by using a special freeze protection
sb_start_pagefault() which ranks below mmap_sem.

BugLink: https://bugs.launchpad.net/bugs/897421
Tested-by: Kamal Mostafa <kamal@canonical.com>
Tested-by: Peter M. Petrakis <peter.petrakis@canonical.com>
Tested-by: Dann Frazier <dann.frazier@canonical.com>
Tested-by: Massimo Morana <massimo.morana@canonical.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
fs: Add freezing handling to mnt_want_write() / mnt_drop_write() 2012-07-31T05:40:38+00:00 Jan Kara jack@suse.cz 2012-06-12T14:20:35+00:00 eb04c28288bb0098d0e75d81ba2a575239de71d8 Most of places where we want freeze protection coincides with the places where we also have remount-ro protection. So make mnt_want_write() and mnt_drop_write() (and their _file alternative) prevent freezing as well. For the few cases that are really interested only in remount-ro protection provide new function variants. BugLink: https://bugs.launchpad.net/bugs/897421 Tested-by: Kamal Mostafa <kamal@canonical.com> Tested-by: Peter M. Petrakis <peter.petrakis@canonical.com> Tested-by: Dann Frazier <dann.frazier@canonical.com> Tested-by: Massimo Morana <massimo.morana@canonical.com> Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
Most of places where we want freeze protection coincides with the places where
we also have remount-ro protection. So make mnt_want_write() and
mnt_drop_write() (and their _file alternative) prevent freezing as well.
For the few cases that are really interested only in remount-ro protection
provide new function variants.

BugLink: https://bugs.launchpad.net/bugs/897421
Tested-by: Kamal Mostafa <kamal@canonical.com>
Tested-by: Peter M. Petrakis <peter.petrakis@canonical.com>
Tested-by: Dann Frazier <dann.frazier@canonical.com>
Tested-by: Massimo Morana <massimo.morana@canonical.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
take grabbing f->f_path to do_dentry_open() 2012-07-29T17:24:18+00:00 Al Viro viro@zeniv.linux.org.uk 2012-07-20T19:28:46+00:00 b5bcdda32736b94a7d178d156d80a69f536ad468 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
switch dentry_open() to struct path, make it grab references itself 2012-07-22T20:01:29+00:00 Al Viro viro@zeniv.linux.org.uk 2012-06-26T17:58:53+00:00 765927b2d508712d320c8934db963bbe14c3fcec Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
VFS: Make chown() and lchown() call fchownat() 2012-07-14T12:35:54+00:00 David Howells dhowells@redhat.com 2012-06-25T11:55:09+00:00 55e4def0a6e79e7eb53017c4935adfed76510cd7 Make the chown() and lchown() syscalls jump to the fchownat() syscall with the appropriate extra arguments. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
Make the chown() and lchown() syscalls jump to the fchownat() syscall with the
appropriate extra arguments.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
do_dentry_open(): close the race with mark_files_ro() in failure exit 2012-07-14T12:35:50+00:00 Al Viro viro@zeniv.linux.org.uk 2012-06-23T18:49:45+00:00 c3c4f69424db0760239762d36d0b1b6ae524008b we want to take it out of mark_files_ro() reach *before* we start checking if we ought to drop write access. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
we want to take it out of mark_files_ro() reach *before* we start
checking if we ought to drop write access.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
do_dentry_open(): take initialization of file->f_path to caller 2012-07-14T12:33:54+00:00 Al Viro viro@zeniv.linux.org.uk 2012-06-10T18:32:45+00:00 02e5180d991f203441687cecd0b7e6a2ba0a34d3 ... and get rid of a couple of arguments and a pointless reassignment in finish_open() case. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
... and get rid of a couple of arguments and a pointless reassignment
in finish_open() case.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
fold __dentry_open() into its sole caller 2012-07-14T12:33:52+00:00 Al Viro viro@zeniv.linux.org.uk 2012-06-10T18:24:38+00:00 2a027e7a1873812240cbdac0f55c4734ff0042a5 Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>