From b2411dd202e854d1f3be541135af8bb9872ea8b6 Mon Sep 17 00:00:00 2001 From: Andrew Morton Date: Fri, 6 May 2005 17:41:01 -0700 Subject: [PATCH] revert msdos partitioning fix This change from March 3rd causes the partition parsing code to ignore partitions which have a signature byte of zero. Turns out that more people have such partitions than we expected, and their device numbering is coming up wrong in post-2.6.11 kernels. So revert the change while we think about the problem a bit more. Cc: Andries Brouwer Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/partitions/msdos.c | 5 ----- 1 file changed, 5 deletions(-) (limited to 'fs') diff --git a/fs/partitions/msdos.c b/fs/partitions/msdos.c index 17ee1b4ff087..584a27b2bbd5 100644 --- a/fs/partitions/msdos.c +++ b/fs/partitions/msdos.c @@ -114,9 +114,6 @@ parse_extended(struct parsed_partitions *state, struct block_device *bdev, */ for (i=0; i<4; i++, p++) { u32 offs, size, next; - - if (SYS_IND(p) == 0) - continue; if (!NR_SECTS(p) || is_extended_partition(p)) continue; @@ -433,8 +430,6 @@ int msdos_partition(struct parsed_partitions *state, struct block_device *bdev) for (slot = 1 ; slot <= 4 ; slot++, p++) { u32 start = START_SECT(p)*sector_size; u32 size = NR_SECTS(p)*sector_size; - if (SYS_IND(p) == 0) - continue; if (!size) continue; if (is_extended_partition(p)) { -- cgit v1.2.3 From a84a505956f5c795a9ab3d60d97b6b91a27aa571 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Wed, 11 May 2005 00:10:44 -0700 Subject: [PATCH] fix Linux kernel ELF core dump privilege elevation As reported by Paul Starzetz Reference: CAN-2005-1263 Signed-off-by: Greg Kroah-Hartman --- fs/binfmt_elf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'fs') diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c index ce9423bb2de3..c374be51b041 100644 --- a/fs/binfmt_elf.c +++ b/fs/binfmt_elf.c @@ -251,7 +251,7 @@ create_elf_tables(struct linux_binprm *bprm, struct elfhdr * exec, } /* Populate argv and envp */ - p = current->mm->arg_start; + p = current->mm->arg_end = current->mm->arg_start; while (argc-- > 0) { size_t len; __put_user((elf_addr_t)p, argv++); @@ -1301,7 +1301,7 @@ static void fill_prstatus(struct elf_prstatus *prstatus, static int fill_psinfo(struct elf_prpsinfo *psinfo, struct task_struct *p, struct mm_struct *mm) { - int i, len; + unsigned int i, len; /* first copy the parameters from user space */ memset(psinfo, 0, sizeof(struct elf_prpsinfo)); -- cgit v1.2.3 From 64d13c00cf1f7c3d2c1ff449e2a0500ab568d319 Mon Sep 17 00:00:00 2001 From: Hugh Dickins Date: Mon, 16 May 2005 21:53:09 -0700 Subject: [PATCH] fix impossible VmallocChunk VmallocTotal: 34359738367 kB VmallocUsed: 266288 kB VmallocChunk: 18014366299193295 kB is unsettling - x86_64 and some other architectures keep a separate address range for modules in vmalloc's vmlist, which /proc/meminfo should pass over. Signed-off-by: Hugh Dickins Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/proc/mmu.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'fs') diff --git a/fs/proc/mmu.c b/fs/proc/mmu.c index a7041038ad56..25d2d9c6e329 100644 --- a/fs/proc/mmu.c +++ b/fs/proc/mmu.c @@ -50,13 +50,23 @@ void get_vmalloc_info(struct vmalloc_info *vmi) read_lock(&vmlist_lock); for (vma = vmlist; vma; vma = vma->next) { + unsigned long addr = (unsigned long) vma->addr; + + /* + * Some archs keep another range for modules in vmlist + */ + if (addr < VMALLOC_START) + continue; + if (addr >= VMALLOC_END) + break; + vmi->used += vma->size; - free_area_size = (unsigned long) vma->addr - prev_end; + free_area_size = addr - prev_end; if (vmi->largest_chunk < free_area_size) vmi->largest_chunk = free_area_size; - prev_end = vma->size + (unsigned long) vma->addr; + prev_end = vma->size + addr; } if (VMALLOC_END - prev_end > vmi->largest_chunk) -- cgit v1.2.3 From c64610ba585fabb36be78782868277f3d9741a2e Mon Sep 17 00:00:00 2001 From: Andrew Morton Date: Mon, 16 May 2005 21:53:49 -0700 Subject: [PATCH] block_read_full_page() get_block() error handling fix If block_read_full_page() detects an error when running get_block() it will run SetPageError(), then it will zero out the block in pagecache and will mark the buffer_head uptodate. So at the end of readahead we end up with a non-uptodate pagecache page which is marked PageError. But it has uptodate buffers. The pagefault code will run ClearPageError, will launch readpage a second time and block_read_full_page() will notice the uptodate buffers and will mark the page uptodate as well. We end up with an uptodate, !PageError page full of zeros and the error is lost. (It seems a little odd that filemap_nopage() runs ClearPageError(). I guess all of this adds up to meaning that for each attempted access to the page, the pagefault handler will retry the I/O. Which is good and bad. If the app is ignoring SIGBUS for some reason we could get a lot of back-to-back I/O errors.) Fix it by not marking the pagecache buffer_head as uptodate if the attempt to map that buffer to a disk block failed. Credit-to: Qu Fuping For reporting the bug and identifying its source. Signed-off-by: Qu Fuping Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/buffer.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'fs') diff --git a/fs/buffer.c b/fs/buffer.c index 6f88dcc6d002..7e9e409feaa7 100644 --- a/fs/buffer.c +++ b/fs/buffer.c @@ -2094,9 +2094,12 @@ int block_read_full_page(struct page *page, get_block_t *get_block) continue; if (!buffer_mapped(bh)) { + int err = 0; + fully_mapped = 0; if (iblock < lblock) { - if (get_block(inode, iblock, bh, 0)) + err = get_block(inode, iblock, bh, 0); + if (err) SetPageError(page); } if (!buffer_mapped(bh)) { @@ -2104,7 +2107,8 @@ int block_read_full_page(struct page *page, get_block_t *get_block) memset(kaddr + i * blocksize, 0, blocksize); flush_dcache_page(page); kunmap_atomic(kaddr, KM_USER0); - set_buffer_uptodate(bh); + if (!err) + set_buffer_uptodate(bh); continue; } /* -- cgit v1.2.3 From 301216244b1e39c4346e56d38b079ca53d528580 Mon Sep 17 00:00:00 2001 From: Stephen Tweedie Date: Wed, 18 May 2005 11:47:17 -0400 Subject: [PATCH] Avoid console spam with ext3 aborted journal. Avoid console spam with ext3 aborted journal. ext3 usually reports error conditions that it detects in its environment. But when its journal gets aborted due to such errors, it can sometimes continue to report that condition forever, spamming the console to such an extent that the initial first cause of the journal abort can be lost. When the journal aborts, we put the filesystem into readonly mode. Most subsequent filesystem operations will get rejected immediately by checks for MS_RDONLY either in the filesystem or in the VFS. But some paths do not have such checks --- for example, if we continue to write to a file handle that was opened before the fs went readonly. (We only check for the ROFS condition when the file is first opened.) In these cases, we can continue to generate log errors similar to EXT3-fs error (device $DEV) in start_transaction: Journal has aborted for each subsequent write. There is really no point in generating these errors after the initial error has been fully reported. Specifically, if we're starting a completely new filesystem operation, and the filesystem is *already* readonly (ie. the ext3 layer has already detected and handled the underlying jbd abort), and we see an EROFS error, then there is simply no point in reporting it again. Signed-off-by: Stephen Tweedie Signed-off-by: Linus Torvalds --- fs/ext3/super.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'fs') diff --git a/fs/ext3/super.c b/fs/ext3/super.c index 545b440a2d2f..981ccb233ef5 100644 --- a/fs/ext3/super.c +++ b/fs/ext3/super.c @@ -225,8 +225,16 @@ void __ext3_std_error (struct super_block * sb, const char * function, int errno) { char nbuf[16]; - const char *errstr = ext3_decode_error(sb, errno, nbuf); + const char *errstr; + + /* Special case: if the error is EROFS, and we're not already + * inside a transaction, then there's really no point in logging + * an error. */ + if (errno == -EROFS && journal_current_handle() == NULL && + (sb->s_flags & MS_RDONLY)) + return; + errstr = ext3_decode_error(sb, errno, nbuf); printk (KERN_CRIT "EXT3-fs error (device %s) in %s: %s\n", sb->s_id, function, errstr); -- cgit v1.2.3 From f81a0bffa116ea22149aa7cfb0b4ee09096d9d92 Mon Sep 17 00:00:00 2001 From: Christoph Hellwig Date: Thu, 19 May 2005 12:26:43 -0700 Subject: [AF_UNIX]: Use lookup_create(). currently it opencodes it, but that's in the way of chaning the lookup_hash interface. I'd prefer to disallow modular af_unix over exporting lookup_create, but I'll leave that to you. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller --- fs/namei.c | 1 + 1 file changed, 1 insertion(+) (limited to 'fs') diff --git a/fs/namei.c b/fs/namei.c index defe6781e003..dd78f01b6de8 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -1580,6 +1580,7 @@ enoent: fail: return dentry; } +EXPORT_SYMBOL_GPL(lookup_create); int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev) { -- cgit v1.2.3 From f359b74c80bc76c1f6c2cb8f2837882f2335ba0c Mon Sep 17 00:00:00 2001 From: Vladimir Saveliev Date: Sat, 21 May 2005 16:33:34 -0700 Subject: [PATCH] reiserfs: max_key fix This patch fixes a bug introduced by Al Viro's patch: [patch 136/174] reiserfs endianness: clone struct reiserfs_key The problem is MAX_KEY and MAX_IN_CORE_KEY defined in this patch do not look equal from reiserfs comp_key's point of view. This caused reiserfs' sanity check to complain. Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- fs/reiserfs/stree.c | 1 - fs/reiserfs/super.c | 4 +++- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'fs') diff --git a/fs/reiserfs/stree.c b/fs/reiserfs/stree.c index da23ba75f3d5..c47f8fd31a2d 100644 --- a/fs/reiserfs/stree.c +++ b/fs/reiserfs/stree.c @@ -230,7 +230,6 @@ const struct reiserfs_key MAX_KEY = { __constant_cpu_to_le32(0xffffffff)},} }; -const struct in_core_key MAX_IN_CORE_KEY = {~0U, ~0U, ~0ULL>>4, 15}; /* Get delimiting key of the buffer by looking for it in the buffers in the path, starting from the bottom of the path, and going upwards. We must check the path's validity at each step. If the key is not in diff --git a/fs/reiserfs/super.c b/fs/reiserfs/super.c index 31e75125f48b..b35b87744983 100644 --- a/fs/reiserfs/super.c +++ b/fs/reiserfs/super.c @@ -164,7 +164,9 @@ static int finish_unfinished (struct super_block * s) /* compose key to look for "save" links */ max_cpu_key.version = KEY_FORMAT_3_5; - max_cpu_key.on_disk_key = MAX_IN_CORE_KEY; + max_cpu_key.on_disk_key.k_dir_id = ~0U; + max_cpu_key.on_disk_key.k_objectid = ~0U; + set_cpu_key_k_offset (&max_cpu_key, ~0U); max_cpu_key.key_length = 3; #ifdef CONFIG_QUOTA -- cgit v1.2.3