aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2008-12-02[XFS] Move copy_from_user calls out of ioctl helpers into ioctl switch.sandeen@sandeen.net
Moving the copy_from_user out of some of the ioctl helpers will make it easier for the compat ioctl switch to copy in the right struct, then just pass to the underlying helper. Also, move common access checks into the helpers themselves, and out of the native ioctl switch code, to reduce code duplication between native & compat ioctl callers. Signed-off-by: Eric Sandeen <sandeen@sandeen.net> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Lachlan McIlroy <lachlan@sgi.com>
2008-12-01[XFS] fix error handling in xlog_recover_process_one_iunlinkChristoph Hellwig
If we fail after xfs_iget we have to drop the reference count, spotted by Dave Chinner. Also remove some useless asserts and stop trying to deal with di_mode == 0 inodes because never gets those without passing the IGET_CREATE flag to xfs_iget. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Eric Sandeen <sandeen@sandeen.net> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] move inode allocation out xfs_ireadChristoph Hellwig
Allocate the inode in xfs_iget_cache_miss and pass it into xfs_iread. This simplifies the error handling and allows xfs_iread to be shared with userspace which already uses these semantics. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] kill the XFS_IMAP_BULKSTAT flagChristoph Hellwig
Just pass down the XFS_IGET_* flags all the way down to xfs_imap instead of translating them mid-way. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] embededd struct xfs_imap into xfs_inodeChristoph Hellwig
Most uses of struct xfs_imap are to map and inode to a buffer. To avoid copying around the inode location information we should just embedd a strcut xfs_imap into the xfs_inode. To make sure it doesn't bloat an inode the im_len is changed to a ushort, which is fine as that's what the users exepect anyway. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] merge xfs_imap into xfs_dilocateChristoph Hellwig
xfs_imap is the only caller of xfs_dilocate and doesn't add any significant value. Merge the two functions and document the various cases we have for inode cluster lookup in the new xfs_imap. Also remove the unused im_agblkno and im_ioffset fields from struct xfs_imap while we're at it. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] remove dead code for old inode item recoveryChristoph Hellwig
We have removed the support for old-style inode items a while ago and xlog_recover_do_inode_trans is now only called for XFS_LI_INODE items. That means we can remove the call to xfs_imap there and with it the XFS_IMAP_LOOKUP that is set by all other callers. We can also mark xfs_imap static now. (First sent on October 21st) Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] stop using xfs_itobp in xfs_ireadChristoph Hellwig
The only caller of xfs_itobp that doesn't have i_blkno setup is now the initial inode read. It needs access to the whole xfs_imap so using xfs_inotobp is not an option. Instead opencode the buffer lookup in xfs_iread and kill all the functionality for the initial map from xfs_itobp. (First sent on October 21st) Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] split up xlog_recover_process_iunlinksChristoph Hellwig
Split out the body of the main loop into a separate helper to make the code readable. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] kill XFS_DINODE_VERSION_ definesChristoph Hellwig
These names don't add any value at all over just using the numerical values. (First sent on October 9th) Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] kill xfs_dinode_core_tChristoph Hellwig
Now that we have a separate xfs_icdinode_t for the in-core inode which gets logged there is no need anymore for the xfs_dinode vs xfs_dinode_core split - the fact that part of the structure gets logged through the inode log item and a small part not can better be described in a comment. All sizeof operations on the dinode_core either really wanted the icdinode and are switched to that one, or had already added the size of the agi unlinked list pointer. Later both will be replaced with helpers once we get the larger CRC-enabled dinode. Removing the data and attribute fork unions also has the advantage that xfs_dinode.h doesn't need to pull in every header under the sun. While we're at it also add some more comments describing the dinode structure. (First sent on October 7th) Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] kill xfs_ialloc_log_diChristoph Hellwig
xfs_ialloc_log_di is only used to log the full inode core + di_next_unlinked. That means all the offset magic is not nessecary and we can simply use xfs_trans_log_buf directly. Also add a comment describing what we should do here instead. (First sent on October 7th) Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] sanitize xlog_in_core_t definitionChristoph Hellwig
Move all fields from xlog_iclog_fields_t into xlog_in_core_t instead of having them in a substructure and the using #defines to make it look like they were directly in xlog_in_core_t. Also document that xlog_in_core_2_t is grossly misnamed, and make all references to it typesafe. (First sent on Semptember 15th) Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] factor out xfs_read_agf helperFrom: Christoph Hellwig
Add a helper to read the AGF header and perform basic verification. Based on hunks from a larger patch from Dave Chinner. (First sent on Juli 23rd) Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] factor out xfs_read_agi helperChristoph Hellwig
Add a helper to read the AGI header and perform basic verification. Based on hunks from a larger patch from Dave Chinner. (First sent on Juli 23rd) Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] remove i_gen from incore inodeDave Chinner
i_gen is incremented in directory operations when the directory is changed. It is never read or otherwise used so it should be removed to help reduce the size of the struct xfs_inode. The patch also removes a duplicate logging of the directory inode core. We only need to do this once per transaction so kill the one associated with the i_gen increment. Signed-off-by: Dave Chinner <david@fromorbit.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] remove xfs_vfsops.hChristoph Hellwig
The only thing left is xfs_do_force_shutdown which already has a defintion in xfs_mount.h. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] remove xfs_vfs.hChristoph Hellwig
The only thing left are the forced shutdown flags and freeze macros which fit into xfs_mount.h much better. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] remove bhv_statvfs_t typedefChristoph Hellwig
Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] Hook up the fiemap ioctl.Eric Sandeen
This adds the fiemap inode_operation, which for us converts the fiemap values & flags into a getbmapx structure which can be sent to xfs_getbmap. The formatter then copies the bmv array back into the user's fiemap buffer via the fiemap helpers. If we wanted to be more clever, we could also return mapping data for in-inode attributes, but I'm not terribly motivated to do that just yet. Signed-off-by: Eric Sandeen <sandeen@sandeen.net> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] Add new getbmap flags.Eric Sandeen
This adds a new output flag, BMV_OF_LAST to indicate if we've hit the last extent in the inode. This potentially saves an extra call from userspace to see when the whole mapping is done. It also adds BMV_IF_DELALLOC and BMV_OF_DELALLOC to request, and indicate, delayed-allocation extents. In this case bmv_block is set to -2 (-1 was already taken for HOLESTARTBLOCK; unfortunately these are the reverse of the in-kernel constants.) These new flags facilitate addition of the new fiemap interface. Rather than adding sh_delalloc, remove sh_unwritten & just test the flags directly. Signed-off-by: Eric Sandeen <sandeen@sandeen.net> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] convert xfs_getbmap to take formatter functionsEric Sandeen
Preliminary work to hook up fiemap, this allows us to pass in an arbitrary formatter to copy extent data back to userspace. The formatter takes info for 1 extent, a pointer to the user "thing*" and a pointer to a "filled" variable to indicate whether a userspace buffer did get filled in (for fiemap, hole "extents" are skipped). I'm just using the getbmapx struct as a "common denominator" because as far as I can see, it holds all info that any formatters will care about. ("*thing" because fiemap doesn't pass the user pointer around, but rather has a pointer to a fiemap info structure, and helpers associated with it) Signed-off-by: Eric Sandeen <sandeen@sandeen.net> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] fix uninitialised variable bug in dquot release.Dave Chinner
gcc is warning about an uninitialised variable in xfs_growfs_rt(). This is a false positive. Fix it by changing the scope of the transaction pointer to wholly within the internal loop inside the function. While there, preemptively change xfs_growfs_rt_alloc() in the same way as it has exactly the same structure as xfs_growfs_rt() but gcc is not warning about it. Yet. Signed-off-by: Dave Chinner <david@fromorbit.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] fix error inversion problems with data flushingDave Chinner
XFS gets the sign of the error wrong in several places when gathering the error from generic linux functions. These functions return negative error values, while the core XFS code returns positive error values. Hence when XFS inverts the error to be returned to the VFS, it can incorrectly invert a negative error and this error will be ignored by the syscall return. Fix all the problems related to calling filemap_* functions. Problem initially identified by Nick Piggin in xfs_fsync(). Signed-off-by: Dave Chinner <david@fromorbit.com> Reviewed-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] fix spurious gcc warningsChristoph Hellwig
Some recent gcc warnings don't like passing string variables to printf-like functions without using at least a "%s" format string. Change the two occurances of that in xfs to please gcc. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Eric Sandeen <sandeen@sandeen.net> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] allow inode64 mount option on 32 bit systemsChristoph Hellwig
Now that we've stopped using the Linux inode cache when can trivally support the inode64 mount option on 32bit architectures. As far as the kernel and most userspace is concerned this works perfectly, but applications still using really old stat and readdir interfaces will get an EOVERFLOW error when hitting an inode number not fitting into 32 bits (that problem of course also exists when using these applications on a 64bit kernel). Note that because inode64 is simply a mount option we can currently mount a filesystem having > 32 bit inode numbers and cause a variety of problems, all this is solved but this patch which enables XFS_BIG_INUMS, even when inode64 is not used. (First sent on October 18th) Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] wire up ->open for directoriesChristoph Hellwig
Currently there's no ->open method set for directories on XFS. That means we don't perform any check for opening too large directories without O_LARGEFILE, we don't check for shut down filesystems, and we don't actually do the readahead for the first block in the directory. Instead of just setting the directories open routine to xfs_file_open we merge the shutdown check directly into xfs_file_open and create a new xfs_dir_open that first calls xfs_file_open and then performs the readahead for block 0. (First sent on September 29th) Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Dave Chinner <david@fromorbit.com> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-12-01[XFS] fix NULL pointer dereference in xfs_log_force_umountChristoph Hellwig
xfs_log_force_umount may be called very early during log recovery where If we fail a buffer read in xlog_recover_do_inode_trans we abort the mount. But at that point log recovery has started delayed writeback of inode buffers. As part of the aborted mount we try to flush out all delwri buffers, but at that point we have already freed the superblock, and set mp->m_sb_bp to NULL, and xfs_log_force_umount which gets called after the inode buffer writeback trips over it. Make xfs_log_force_umount a little more careful when accessing mp->m_sb_bp to avoid this. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Eric Sandeen <sandeen@sandeen.net> Signed-off-by: Niv Sardi <xaiki@sgi.com>
2008-11-28Merge git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6Lachlan McIlroy
2008-11-20Merge master.kernel.org:/home/rmk/linux-2.6-armLinus Torvalds
* master.kernel.org:/home/rmk/linux-2.6-arm: [ARM] 5330/1: mach-pxa: Fixup reset for systems using reboot=cold or other strings [ARM] pxa: fix incorrect PCMCIA PSKTSEL pin configuration for spitz [ARM] pxa: fix I2C controller device being registered twice on Akita pxafb: only initialize the smart panel thread when dealing with a smartpanel pxafb: introduce LCD_TYPE_MASK and use it.
2008-11-20Linux 2.6.28-rc6Linus Torvalds
2008-11-20Merge branch 'release' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6 * 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/aegl/linux-2.6: [IA64] xen: fix xen_get_eflags. [IA64] ia64/pv_ops/pv_cpu_ops: fix _IA64_REG_IP case. [IA64] remove duplicate include iommu.h [IA64] use mprintk instead of printk, in ia64_mca_modify_original_stack [IA64] Rationalize kernel mode alignment checking
2008-11-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6: USB: ACE1001 patch for cp2101.c USB: usbmon: fix read(2) USB: gadget rndis: send notifications USB: gadget rndis: stop windows self-immolation USB: storage: update unusual_devs entries for Nokia 5300 and 5310 USB: storage: updates unusual_devs entry for the Nokia 6300 usb: musb: fix bug in musb_schedule USB: fix SB700 usb subsystem hang bug
2008-11-20[IA64] xen: fix xen_get_eflags.Isaku Yamahata
fix xen_get_eflags. It doesn't take any argument. Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp> Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-11-20[IA64] ia64/pv_ops/pv_cpu_ops: fix _IA64_REG_IP case.Isaku Yamahata
pv_cpu_ops.getreg(_IA64_REG_IP) returned constant. But the returned ip valued should be the one in the caller, not of the callee. This patch fixes that. Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp> Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-11-20[IA64] remove duplicate include iommu.hHuang Weiyi
arch/ia64/kernel/pci-dma.c only needs to include iommu once. Signed-off-by: Huang Weiyi <weiyi.huang@gmail.com> Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-11-20[IA64] use mprintk instead of printk, in ia64_mca_modify_original_stackHidetoshi Seto
Using printk from MCA/INIT context is unsafe since it can cause deadlock. The ia64_mca_modify_original_stack is called from both of mca handler and init handler, so it should use mprintk instead of printk. Signed-off-by: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com> Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-11-20[IA64] Rationalize kernel mode alignment checkingTony Luck
Itanium processors can handle some misaligned data accesses. They also provide a mode where all such accesses are forced to trap. The kernel was schizophrenic about use of this mode: * Base kernel code ran in permissive mode where the only traps generated were from those cases that the h/w could not handle. * Interrupt, syscall and trap code ran in strict mode where all unaligned accesses caused traps to the 0x5a00 unaligned reference vector. Use strict alignment checking throughout the kernel, but make sure that we continue to let user mode use more relaxed mode as the default. Signed-off-by: Tony Luck <tony.luck@intel.com>
2008-11-20x86: Fix interrupt leak due to migrationMatthew Wilcox
When we migrate an interrupt from one CPU to another, we set the move_in_progress flag and clean up the vectors later once they're not being used. If you're unlucky and call destroy_irq() before the vectors become un-used, the move_in_progress flag is never cleared, which causes the interrupt to become unusable. This was discovered by Jesse Brandeburg for whom it manifested as an MSI-X device refusing to use MSI-X mode when the driver was unloaded and reloaded repeatedly. Signed-off-by: Matthew Wilcox <willy@linux.intel.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-11-20SUNRPC: Fix a performance regression in the RPC authentication codeTrond Myklebust
Fix a regression reported by Max Kellermann whereby kernel profiling showed that his clients were spending 45% of their time in rpcauth_lookup_credcache. It turns out that although his processes had identical uid/gid/groups, generic_match() was failing to detect this, because the task->group_info pointers were not shared. This again lead to the creation of a huge number of identical credentials at the RPC layer. The regression is fixed by comparing the contents of task->group_info if the actual pointers are not identical. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-11-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/sfrench/cifs-2.6: [CIFS] Do not attempt to close invalidated file handles [CIFS] fix check for dead tcon in smb_init
2008-11-20Merge branch 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linusLinus Torvalds
* 'upstream' of git://ftp.linux-mips.org/pub/scm/upstream-linus: MIPS: csrc-r4k: Fix declaration depending on the wrong CONFIG_ symbol. MIPS: csrc-r4k: Fix spelling mistake. MIPS: RB532: Provide functions for gpio configuration MIPS: IP22: Make indy_sc_ops variable static MIPS: RB532: GPIO register offsets are relative to GPIOBASE MIPS: Malta: Fix include paths in malta-amon.c
2008-11-20Merge branch 'core-fixes-for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'core-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: intel-iommu: fix compile warnings
2008-11-20Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6Linus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6: (23 commits) net: fix tiny output corruption of /proc/net/snmp6 atl2: don't request irq on resume if netif running ipv6: use seq_release_private for ip6mr.c /proc entries pkt_sched: fix missing check for packet overrun in qdisc_dump_stab() smc911x: Fix printf format typo in smc911x driver. asix: Fix asix-based cards connecting to 10/100Mbs LAN. mv643xx_eth: fix recycle check bound mv643xx_eth: fix the order of mdiobus_{unregister, free}() calls sh: sh_eth: Update to change of mii_bus TPROXY: supply a struct flowi->flags argument in inet_sk_rebuild_header() TPROXY: fill struct flowi->flags in udp_sendmsg() net: ipg.c fix bracing on endian swapping phylib: Fix auto-negotiation restart avoidance net: jme.c rxdesc.flags is __le16, other missing endian swaps phylib: fix phy name example in documentation net: Do not fire linkwatch events until the device is registered. phonet: fix compilation with gcc-3.4 ixgbe: fix compilation with gcc-3.4 pktgen: fix multiple queue warning net: fix ip_mr_init() error path ...
2008-11-20Merge branch 'tracing-fixes-for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'tracing-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: ftrace: fix dyn ftrace filter selection ftrace: make filtered functions effective on setting ftrace: fix set_ftrace_filter trace: introduce missing mutex_unlock() tracing: kernel/trace/trace.c: introduce missing kfree()
2008-11-20Merge branch 'x86-fixes-for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip * 'x86-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip: x86: uaccess_64: fix return value in __copy_from_user() x86: quirk for reboot stalls on a Dell Optiplex 330
2008-11-20parisc: fix bug in compat_arch_ptraceHelge Deller
Commit 81e192d6ce303b6792aa38ff35f41a1a7357f23a ("parisc: convert to generic compat_sys_ptrace") introduced a bug which segfaults the parisc 64bit kernel when stracing 32bit applications: Kernel Fault: Code=15 regs=00000000bafa42b0 (Addr=00000001baf5ab57) YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI PSW: 00001000000001101111111100001011 Tainted: G W r00-03 000000ff0806ff0b 000000004068edc0 00000000401203f8 00000000fb3e2508 r04-07 0000000040686dc0 00000000baf5a800 fffffffffffffffc fffffffffb3e2508 r08-11 00000000baf5a800 000000000004b068 00000000000402b0 0000000000040d68 r12-15 0000000000042a9c 0000000000040a9c 0000000000040d60 0000000000042e9c r16-19 000000000004b060 000000000004b058 0000000000042d9c ffffffffffffffff r20-23 000000000800000b 0000000000000000 000000000800000b fffffffffb3e2508 r24-27 00000000fffffffc 0000000000000003 00000000fffffffc 0000000040686dc0 r28-31 00000001baf5a7ff 00000000bafa4280 00000000bafa42b0 00000000000001d7 sr00-03 0000000000fca000 0000000000000000 0000000000000000 0000000000fca000 sr04-07 0000000000000000 0000000000000000 0000000000000000 0000000000000000 IASQ: 0000000000000000 0000000000000000 IAOQ: 0000000040120400 0000000040120404 IIR: 4b9a06b0 ISR: 0000000000000000 IOR: 00000001baf5ab57 CPU: 0 CR30: 00000000bafa4000 CR31: 00000000d22344e0 ORIG_R28: 00000000fb3e2248 IAOQ[0]: compat_arch_ptrace+0xb8/0x160 IAOQ[1]: compat_arch_ptrace+0xbc/0x160 RP(r2): compat_arch_ptrace+0xb0/0x160 Backtrace: [<00000000401612ac>] compat_sys_ptrace+0x15c/0x180 [<0000000040104ef8>] syscall_exit+0x0/0x14 The problem is that compat_arch_ptrace() enters with an addr value of type compat_ulong_t and calls translate_usr_offset() to translate the address offset into a struct pt_regs offset like this: addr = translate_usr_offset(addr) this means that any return value of translate_usr_offset() is stored back as compat_ulong_t type into the addr variable. But since translate_usr_offset() returns -1 for invalid offsets, addr can now get the value 0xffffffff which then fails the next return-value sanity check and thus the kernel tries to access invalid memory: if (addr < 0) break; Fix this bug by modifying translate_usr_offset() to take and return values of type compat_ulong_t, and by returning the value "sizeof(struct pt_regs)" as an error indicator. Additionally change the sanity check to check for return values for >= sizeof(struct pt_regs). This patch survived my compile and run-tests. Signed-off-by: Helge Deller <deller@gmx.de> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-11-20[CIFS] Do not attempt to close invalidated file handlesSteve French
If a connection with open file handles has gone down and come back up and reconnected without reopening the file handle yet, do not attempt to send an SMB close request for this handle in cifs_close. We were checking for the connection being invalid in cifs_close but since the connection may have been reconnected we also need to check whether the file handle was marked invalid (otherwise we could close the wrong file handle by accident). Acked-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
2008-11-20MIPS: csrc-r4k: Fix declaration depending on the wrong CONFIG_ symbol.Ralf Baechle
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2008-11-20MIPS: csrc-r4k: Fix spelling mistake.Ralf Baechle
Signed-off-by: Ralf Baechle <ralf@linux-mips.org>