issue (also affected userspace) of incorrect permissions being granted
to users who have access to multiple different CephFS instances within
the same cluster from Kotresh and a bunch of assorted CephFS fixes from
Slava.
-----BEGIN PGP SIGNATURE-----
iQFFBAABCAAxFiEEydHwtzie9C7TfviiSn/eOAIR84sFAmjpShsTHGlkcnlvbW92
QGdtYWlsLmNvbQAKCRBKf944AhHzizoaB/C7qTw5Olh8NDpX8I+ljEO50XNduurf
fp2eNn0ub5brhcvh8iACSPKE2oer/bDvv3b2SN9310GmBX3f7H2Ht5TeH2tGBRN0
clg+C2DmY/2watHovo+ua7YAd+HiPH2XMbpeU38Pu1nEdmiU6cQ0YaOn8n2p+c1E
bID0dMHWb4HTmFRURqWqKPDkM1fLHRxIVgyOMaov5vs0T7XdglwPja3S2W6epvqF
hKSMSvO/j9qYlOsBM6G6IuHDMJomzBqOQKqsQqC4XZN6uXeaKPTLYRnzxKfJUEWj
P5JTaum7NGGtfIs0L9wr6zpou/GY2zTFiyXhLZsLJMn894bBO5nArg==
=wGIB
-----END PGP SIGNATURE-----
Merge tag 'ceph-for-6.18-rc1' of https://github.com/ceph/ceph-client
Pull ceph updates from Ilya Dryomov:
- some messenger improvements (Eric and Max)
- address an issue (also affected userspace) of incorrect permissions
being granted to users who have access to multiple different CephFS
instances within the same cluster (Kotresh)
- a bunch of assorted CephFS fixes (Slava)
* tag 'ceph-for-6.18-rc1' of https://github.com/ceph/ceph-client:
ceph: add bug tracking system info to MAINTAINERS
ceph: fix multifs mds auth caps issue
ceph: cleanup in ceph_alloc_readdir_reply_buffer()
ceph: fix potential NULL dereference issue in ceph_fill_trace()
libceph: add empty check to ceph_con_get_out_msg()
libceph: pass the message pointer instead of loading con->out_msg
libceph: make ceph_con_get_out_msg() return the message pointer
ceph: fix potential race condition on operations with CEPH_I_ODIRECT flag
ceph: refactor wake_up_bit() pattern of calling
ceph: fix potential race condition in ceph_ioctl_lazyio()
ceph: fix overflowed constant issue in ceph_do_objects_copy()
ceph: fix wrong sizeof argument issue in register_session()
ceph: add checking of wait_for_completion_killable() return value
ceph: make ceph_start_io_*() killable
libceph: Use HMAC-SHA256 library instead of crypto_shash
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmjpMA0ACgkQiiy9cAdy
T1Emcgv/WWk7+nRyHQwnv4fLkIMXt+OwJUhVrHvxoMUjbi4L2635wyOWQJ2pYAdt
oy3J6ozk/TkvSI7KzUGAo+5vVXjAkX3fKWWA8R2jrVcmSOgXGjVSm4NSQ2bO8B35
7OXyW8ke1V5swzRGUhmn0Ppv6As8Hb77puZD7NzcYLLKhRTeuL9DuPyy2kNYYnIN
WL6Cs3wApRAwNw7d6bI/0IQZPG2z0F0ShnLEytlgCxrifpMLSwj+8rfu8oy1Ks0S
9NzeZtku9RIct+zkgDUS0Msg6+w6greynaLy2UzN6Ki4pgOp48sbPZ3TRVT0iNPC
amtgqazY3+1Pbs6cdGcSv2VeJCJ9RvF9dzqmQFEIsPysOhVCjDvyQ3oQru2a7lsQ
ImPqwmMGSW7t1jtBJsKDxVKcANgDM0w6GdPGaBPlN3Zpw+jVO1UgA+7fWKTW+30L
JiKjBQYYXcAieFJsHUkcpWDTi6asr0Xcmx4Sy2nnJ9msDmdsevlLQzY7hBSFySjn
/tvSQiQf
=/qIG
-----END PGP SIGNATURE-----
Merge tag 'v6.18-rc-part2-smb-client-fixes' of git://git.samba.org/sfrench/cifs-2.6
Pull more smb client updates from Steve French:
- fix i_size in fallocate
- two truncate fixes
- utime fix
- minor cleanups
- SMB1 fixes
- improve error check in read
- improve perf of copy file_range (copy_chunk)
* tag 'v6.18-rc-part2-smb-client-fixes' of git://git.samba.org/sfrench/cifs-2.6:
cifs: update internal version number
cifs: Add comments for DeletePending assignments in open functions
cifs: Add fallback code path for cifs_mkdir_setinfo()
cifs: Allow fallback code in smb_set_file_info() also for directories
cifs: Query EA $LXMOD in cifs_query_path_info() for WSL reparse points
smb: client: remove cfids_invalidation_worker
smb: client: remove redudant assignment in cifs_strict_fsync()
smb: client: fix race with fallocate(2) and AIO+DIO
smb: client: fix missing timestamp updates after utime(2)
smb: client: fix missing timestamp updates after ftruncate(2)
smb: client: fix missing timestamp updates with O_TRUNC
cifs: Fix copy_to_iter return value check
smb: client: batch SRV_COPYCHUNK entries to cut round trips
smb: client: Omit an if branch in smb2_find_smb_tcon()
smb: client: Return directly after a failed genlmsg_new() in cifs_swn_send_register_message()
smb: client: Use common code in cifs_do_create()
smb: client: Improve unlocking of a mutex in cifs_get_swn_reg()
smb: client: Return a status code only as a constant in cifs_spnego_key_instantiate()
smb: client: Use common code in cifs_lookup()
smb: client: Reduce the scopes for a few variables in two functions
-----BEGIN PGP SIGNATURE-----
iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmjoDmUQHGF4Ym9lQGtl
cm5lbC5kawAKCRD301j7KXHgptyjD/94YYv1sabG9M6UHq7j9lOAgruqXaaEMOw+
Blnm4ejuLNcM8FMCBcuvbhp3ktzT7v1/bWal7FLnmujuKBfhAe+t2AVcHFWUQie2
CIfMjc3p77U/bwL5wt0O5WFqu1UPDVe+qzrppqRYduTxvPKk9Fi6mqpYCXKlYN7K
FhINsytoZp/CvTdf5EDSsPv2r4W85OhrPeq0VjYufFBD1wxXD94ii8WAvyfsl20s
0gIfdlfa2vaNVwH1kdCd+IeATrSBpyCZKGEVTzcHYoo/1MgfNFigrJ8GUA5c+DLM
fmNE+E+wFtobq5WBmbrtmAxtBnzzV49HS1OT1amUktuq87ryiY5Svn6vFAqEJQl6
2HLE9nNN2PBdPMAmQ57u1bvp/3nGD0mk/hC1666MTDxHpxg5c6cugCSlJGVG+uC9
ShLgi8bWV6RXelso0qMaSmNNCA8dskxJg/YDJ06AViTSuW8Y1+adoXddCjE7jne9
3lci/r2WiuwqTJuub9D7LUtC7VhbCY19VVkgDE64VB2+CjR8B9AlLVG3sGl1HDOY
EFAddJ3lAEOz5F1H2AzcOBPqqeBfuipr6lEpdb9+6hNu5wRILAHtme8W76c4PtuF
PRk/3JYcHE77DZlFeE+iN8n0y1tNdWR/6QzWIOsGcNlUyeGGV/zvgGOodtFRpHt2
t7Eue56EFw==
=/1jf
-----END PGP SIGNATURE-----
Merge tag 'block-6.18-20251009' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux
Pull block fixes from Jens Axboe:
- Don't include __GFP_NOWARN for loop worker allocation, as it already
uses GFP_NOWAIT which has __GFP_NOWARN set already
- Small series cleaning up the recent bio_iov_iter_get_pages() changes
- loop fix for leaking the backing reference file, if validation fails
- Update of a comment pertaining to disk/partition stat locking
* tag 'block-6.18-20251009' of git://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux:
loop: remove redundant __GFP_NOWARN flag
block: move bio_iov_iter_get_bdev_pages to block/fops.c
iomap: open code bio_iov_iter_get_bdev_pages
block: rename bio_iov_iter_get_pages_aligned to bio_iov_iter_get_pages
block: remove bio_iov_iter_get_pages
block: Update a comment of disk statistics
loop: fix backing file reference leak on validation error
On more places is set DeletePending member to 0. Add comments why is 0 the
correct value. Paths in DELETE_PENDING state cannot be opened by new calls.
So if the newly issued open for that path succeed then it means that the
path cannot be in DELETE_PENDING state.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
Use SMBSetInformation() as a fallback function (when CIFSSMBSetPathInfo()
fails) which can set attribudes on the directory, including changing
read-only attribute.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
On NT systems, it is possible to do SMB open call also for directories.
Open argument CREATE_NOT_DIR disallows opening directories. So in fallback
code path in smb_set_file_info() remove CREATE_NOT_DIR restriction to allow
it also for directories.
Similar fallback is implemented also in CIFSSMBSetPathInfoFB() function and
this function already allows to call operation for directories.
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
EA $LXMOD is required for WSL non-symlink reparse points.
Fixes: ef86ab131d ("cifs: Fix querying of WSL CHR and BLK reparse points over SMB1")
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>
- polling fix for trans fd that ought to have been fixed otherwise back
in March, but apparently came back somewhere else...
- USB transport buffer overflow fix
- Some dentry lifetime rework to handle metadata update for currently
opened files in uncached mode, or inode type change in cached mode
- a double-put on invalid flush found by syzbot
- and finally /sys/fs/9p/caches not advancing buffer and overwriting
itself for large contents
Thanks to everyone involved!
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE/IPbcYBuWt0zoYhOq06b7GqY5nAFAmjns5cACgkQq06b7GqY
5nDGLg/+Ltsiwj51CDwyJxFPX4ki1jM3j2iA8BNpdjjzCev6Jp1vuWBPiV+sTtgM
zKmIw9joyvzaIXKzA3h7tMe7h7y8H4p7KZyD3YSDSNW5XIb5UYXeQwYVw39OxENk
nVQkQ41H+bPepmz3R0t/F4la9myVLBtfdcPWJN+JfkOLgdeemCGf+TShJ6F+9Qaq
PTd3UKfdv8JRlKQmeLH7pPlBoWYRoC2Tq3pZbyC3D1A50bWkTfxusW0k3MUzRyHO
t/jNbhHt0ai+densQ6O5M+ALMI7KIIzR+obVaBHfzSUcwFeGhmW2x84Mo0qX6YMF
0B/fY3mCXi8QO6my1hfwmbRtY5mEV967wM/uF7E/SuvyNVizOMBZn8FgWfVPVszr
ix1iNBgQJdoOEMbHvDfCAtGNorFrMiybyLvoabL7YCwFo68LdYqj2br3/feajoYM
5g46nUcidH4fVBLtiBGE8w0ko8aa3zLB4iu/fdATuEZ1r+gPt40SWo1mKahoCgY3
BOtYxEZTnd4l4GPJDQIaYgVckgSiex0xcE9pRJ5LtBwdyw9g4jwfb39WHx4MT2sE
u5xWDbadU/ZM6ppLJ/iBkotvU9D7ohKTviN1IfCwjqL7IMBNz5c+nBwLQZWK4YTR
2ySKpv1VOMROglt1KvnHfdpmdJ+CjAJLLNE+XSz9AHXinK5v8aM=
=bUN1
-----END PGP SIGNATURE-----
Merge tag '9p-for-6.18-rc1' of https://github.com/martinetd/linux
Pull 9p updates from Dominique Martinet:
"A bunch of unrelated fixes:
- polling fix for trans fd that ought to have been fixed otherwise
back in March, but apparently came back somewhere else...
- USB transport buffer overflow fix
- Some dentry lifetime rework to handle metadata update for currently
opened files in uncached mode, or inode type change in cached mode
- a double-put on invalid flush found by syzbot
- and finally /sys/fs/9p/caches not advancing buffer and overwriting
itself for large contents
Thanks to everyone involved!"
* tag '9p-for-6.18-rc1' of https://github.com/martinetd/linux:
9p: sysfs_init: don't hardcode error to ENOMEM
9p: fix /sys/fs/9p/caches overwriting itself
9p: clean up comment typos
9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN
net/9p: fix double req put in p9_fd_cancelled
net/9p: Fix buffer overflow in USB transport layer
fs/9p: Add p9_debug(VFS) in d_revalidate
fs/9p: Invalidate dentry if inode type change detected in cached mode
fs/9p: Refresh metadata in d_revalidate for uncached mode too
We can do the same cleanup on laundromat.
On invalidate_all_cached_dirs(), run laundromat worker with 0 timeout
and flush it for immediate + sync cleanup.
Signed-off-by: Enzo Matsumiya <ematsumiya@suse.de>
Signed-off-by: Steve French <stfrench@microsoft.com>
Remove redudant assignment of @rc as it will be overwritten by the
following cifs_file_flush() call.
Reported-by: Steve French <stfrench@microsoft.com>
Addresses-Coverity: 1665925
Fixes: 210627b0aca9 ("smb: client: fix missing timestamp updates with O_TRUNC")
Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
Cc: linux-cifs@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>
AIO+DIO may extend the file size, hence we need to make sure ->i_size
is stable across the entire fallocate(2) operation, otherwise it would
become a truncate and then inode size reduced back down when it
finishes.
Fix this by calling netfs_wait_for_outstanding_io() right after
acquiring ->i_rwsem exclusively in cifs_fallocate() and then guarantee
a stable ->i_size across fallocate(2).
Also call netfs_wait_for_outstanding_io() after truncating pagecache
to avoid any potential races with writeback.
Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
Reviewed-by: David Howells <dhowells@redhat.com>
Fixes: 210627b0aca9 ("smb: client: fix missing timestamp updates with O_TRUNC")
Cc: Frank Sorenson <sorenson@redhat.com>
Cc: linux-cifs@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>
Don't reuse open handle when changing timestamps to prevent the server
from disabling automatic timestamp updates as per MS-FSA 2.1.4.17.
---8<---
import os
import time
filename = '/mnt/foo'
def print_stat(prefix):
st = os.stat(filename)
print(prefix, ': ', time.ctime(st.st_atime), time.ctime(st.st_ctime))
fd = os.open(filename, os.O_CREAT|os.O_TRUNC|os.O_WRONLY, 0o644)
print_stat('old')
os.utime(fd, None)
time.sleep(2)
os.write(fd, b'foo')
os.close(fd)
time.sleep(2)
print_stat('new')
---8<---
Before patch:
$ mount.cifs //srv/share /mnt -o ...
$ python3 run.py
old : Fri Oct 3 14:01:21 2025 Fri Oct 3 14:01:21 2025
new : Fri Oct 3 14:01:21 2025 Fri Oct 3 14:01:21 2025
After patch:
$ mount.cifs //srv/share /mnt -o ...
$ python3 run.py
old : Fri Oct 3 17:03:34 2025 Fri Oct 3 17:03:34 2025
new : Fri Oct 3 17:03:36 2025 Fri Oct 3 17:03:36 2025
Fixes: b6f2a0f89d ("cifs: for compound requests, use open handle if possible")
Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
Cc: Frank Sorenson <sorenson@redhat.com>
Reviewed-by: David Howells <dhowells@redhat.com>
Cc: linux-cifs@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>
Mask off ATTR_MTIME|ATTR_CTIME bits on ATTR_SIZE (e.g. ftruncate(2))
to prevent the client from sending set info calls and then disabling
automatic timestamp updates on server side as per MS-FSA 2.1.4.17.
---8<---
import os
import time
filename = '/mnt/foo'
def print_stat(prefix):
st = os.stat(filename)
print(prefix, ': ', time.ctime(st.st_atime), time.ctime(st.st_ctime))
fd = os.open(filename, os.O_CREAT|os.O_TRUNC|os.O_WRONLY, 0o644)
print_stat('old')
os.ftruncate(fd, 10)
time.sleep(2)
os.write(fd, b'foo')
os.close(fd)
time.sleep(2)
print_stat('new')
---8<---
Before patch:
$ mount.cifs //srv/share /mnt -o ...
$ python3 run.py
old : Fri Oct 3 13:47:03 2025 Fri Oct 3 13:47:03 2025
new : Fri Oct 3 13:47:00 2025 Fri Oct 3 13:47:03 2025
After patch:
$ mount.cifs //srv/share /mnt -o ...
$ python3 run.py
old : Fri Oct 3 13:48:39 2025 Fri Oct 3 13:48:39 2025
new : Fri Oct 3 13:48:41 2025 Fri Oct 3 13:48:41 2025
Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
Cc: Frank Sorenson <sorenson@redhat.com>
Reviewed-by: David Howells <dhowells@redhat.com>
Cc: linux-cifs@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>
Don't call ->set_file_info() on open handle to prevent the server from
stopping [cm]time updates automatically as per MS-FSA 2.1.4.17.
Fix this by checking for ATTR_OPEN bit earlier in cifs_setattr() to
prevent ->set_file_info() from being called when opening a file with
O_TRUNC. Do the truncation in ->open() instead.
This also saves two roundtrips when opening a file with O_TRUNC and
there are currently no open handles to be reused.
Before patch:
$ mount.cifs //srv/share /mnt -o ...
$ cd /mnt
$ exec 3>foo; stat -c 'old: %z %y' foo; sleep 2; echo test >&3; exec 3>&-; sleep 2; stat -c 'new: %z %y' foo
old: 2025-10-03 13:26:23.151030500 -0300 2025-10-03 13:26:23.151030500 -0300
new: 2025-10-03 13:26:23.151030500 -0300 2025-10-03 13:26:23.151030500 -0300
After patch:
$ mount.cifs //srv/share /mnt -o ...
$ cd /mnt
$ exec 3>foo; stat -c 'old: %z %y' foo; sleep 2; echo test >&3; exec 3>&-; sleep 2; stat -c 'new: %z %y' foo
$ exec 3>foo; stat -c 'old: %z %y' foo; sleep 2; echo test >&3; exec 3>&-; sleep 2; stat -c 'new: %z %y' foo
old: 2025-10-03 13:28:13.911933800 -0300 2025-10-03 13:28:13.911933800 -0300
new: 2025-10-03 13:28:26.647492700 -0300 2025-10-03 13:28:26.647492700 -0300
Reported-by: Frank Sorenson <sorenson@redhat.com>
Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.org>
Reviewed-by: David Howells <dhowells@redhat.com>
Cc: linux-cifs@vger.kernel.org
Signed-off-by: Steve French <stfrench@microsoft.com>
The return value of copy_to_iter() function will never be negative,
it is the number of bytes copied, or zero if nothing was copied.
Update the check to treat 0 as an error, and return -1 in that case.
Fixes: d08089f649 ("cifs: Change the I/O paths to use an iterator rather than a page list")
Acked-by: Tom Talpey <tom@talpey.com>
Reviewed-by: David Howells <dhowells@redhat.com>
Signed-off-by: Fushuai Wang <wangfushuai@baidu.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
smb2_copychunk_range() used to send a single SRV_COPYCHUNK per
SRV_COPYCHUNK_COPY IOCTL.
Implement variable Chunks[] array in struct copychunk_ioctl and fill it
with struct copychunk (MS-SMB2 2.2.31.1.1), bounded by server-advertised
limits.
This reduces the number of IOCTL requests for large copies.
While we are at it, rename a couple variables to follow the terminology
used in the specification.
Signed-off-by: Henrique Carvalho <henrique.carvalho@suse.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Statements from an if branch and the end of this function implementation
were equivalent.
Thus delete duplicate source code.
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Steve French <stfrench@microsoft.com>
The mds auth caps check should also validate the
fsname along with the associated caps. Not doing
so would result in applying the mds auth caps of
one fs on to the other fs in a multifs ceph cluster.
The bug causes multiple issues w.r.t user
authentication, following is one such example.
Steps to Reproduce (on vstart cluster):
1. Create two file systems in a cluster, say 'fsname1' and 'fsname2'
2. Authorize read only permission to the user 'client.usr' on fs 'fsname1'
$ceph fs authorize fsname1 client.usr / r
3. Authorize read and write permission to the same user 'client.usr' on fs 'fsname2'
$ceph fs authorize fsname2 client.usr / rw
4. Update the keyring
$ceph auth get client.usr >> ./keyring
With above permssions for the user 'client.usr', following is the
expectation.
a. The 'client.usr' should be able to only read the contents
and not allowed to create or delete files on file system 'fsname1'.
b. The 'client.usr' should be able to read/write on file system 'fsname2'.
But, with this bug, the 'client.usr' is allowed to read/write on file
system 'fsname1'. See below.
5. Mount the file system 'fsname1' with the user 'client.usr'
$sudo bin/mount.ceph usr@.fsname1=/ /kmnt_fsname1_usr/
6. Try creating a file on file system 'fsname1' with user 'client.usr'. This
should fail but passes with this bug.
$touch /kmnt_fsname1_usr/file1
7. Mount the file system 'fsname1' with the user 'client.admin' and create a
file.
$sudo bin/mount.ceph admin@.fsname1=/ /kmnt_fsname1_admin
$echo "data" > /kmnt_fsname1_admin/admin_file1
8. Try removing an existing file on file system 'fsname1' with the user
'client.usr'. This shoudn't succeed but succeeds with the bug.
$rm -f /kmnt_fsname1_usr/admin_file1
For more information, please take a look at the corresponding mds/fuse patch
and tests added by looking into the tracker mentioned below.
v2: Fix a possible null dereference in doutc
v3: Don't store fsname from mdsmap, validate against
ceph_mount_options's fsname and use it
v4: Code refactor, better warning message and
fix possible compiler warning
[ Slava.Dubeyko: "fsname check failed" -> "fsname mismatch" ]
Link: https://tracker.ceph.com/issues/72167
Signed-off-by: Kotresh HR <khiremat@redhat.com>
Reviewed-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
The Coverity Scan service has reported potential issue
in ceph_alloc_readdir_reply_buffer() [1]. If order could
be negative one, then it expects the issue in the logic:
num_entries = (PAGE_SIZE << order) / size;
Technically speaking, this logic [2] should prevent from
making the order variable negative:
if (!rinfo->dir_entries)
return -ENOMEM;
However, the allocation logic requires some cleanup.
This patch makes sure that calculated bytes count
will never exceed ULONG_MAX before get_order()
calculation. And it adds the checking of order
variable on negative value to guarantee that second
half of the function's code will never operate by
negative value of order variable even if something
will be wrong or to be changed in the first half of
the function's logic.
v2
Alex Markuze suggested to add unlikely() macro
for introduced condition checks.
[1] https://scan5.scan.coverity.com/#/project-view/64304/10063?selectedIssue=1198252
[2] https://elixir.bootlin.com/linux/v6.17-rc3/source/fs/ceph/mds_client.c#L2553
Signed-off-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Reviewed-by: Alex Markuze <amarkuze@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
The Coverity Scan service has detected a potential dereference of
an explicit NULL value in ceph_fill_trace() [1].
The variable in is declared in the beggining of
ceph_fill_trace() [2]:
struct inode *in = NULL;
However, the initialization of the variable is happening under
condition [3]:
if (rinfo->head->is_target) {
<skipped>
in = req->r_target_inode;
<skipped>
}
Potentially, if rinfo->head->is_target == FALSE, then
in variable continues to be NULL and later the dereference of
NULL value could happen in ceph_fill_trace() logic [4,5]:
else if ((req->r_op == CEPH_MDS_OP_LOOKUPSNAP ||
req->r_op == CEPH_MDS_OP_MKSNAP) &&
test_bit(CEPH_MDS_R_PARENT_LOCKED, &req->r_req_flags) &&
!test_bit(CEPH_MDS_R_ABORTED, &req->r_req_flags)) {
<skipped>
ihold(in);
err = splice_dentry(&req->r_dentry, in);
if (err < 0)
goto done;
}
This patch adds the checking of in variable for NULL value
and it returns -EINVAL error code if it has NULL value.
v2
Alex Markuze suggested to add unlikely macro
in the checking condition.
[1] https://scan5.scan.coverity.com/#/project-view/64304/10063?selectedIssue=1141197
[2] https://elixir.bootlin.com/linux/v6.17-rc3/source/fs/ceph/inode.c#L1522
[3] https://elixir.bootlin.com/linux/v6.17-rc3/source/fs/ceph/inode.c#L1629
[4] https://elixir.bootlin.com/linux/v6.17-rc3/source/fs/ceph/inode.c#L1745
[5] https://elixir.bootlin.com/linux/v6.17-rc3/source/fs/ceph/inode.c#L1777
Signed-off-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Reviewed-by: Alex Markuze <amarkuze@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
The Coverity Scan service has detected potential
race conditions in ceph_block_o_direct(), ceph_start_io_read(),
ceph_block_buffered(), and ceph_start_io_direct() [1 - 4].
The CID 1590942, 1590665, 1589664, 1590377 contain explanation:
"The value of the shared data will be determined by
the interleaving of thread execution. Thread shared data is accessed
without holding an appropriate lock, possibly causing
a race condition (CWE-366)".
This patch reworks the pattern of accessing/modification of
CEPH_I_ODIRECT flag by means of adding smp_mb__before_atomic()
before reading the status of CEPH_I_ODIRECT flag and
smp_mb__after_atomic() after clearing set/clear this flag.
Also, it was reworked the pattern of using of ci->i_ceph_lock
in ceph_block_o_direct(), ceph_start_io_read(),
ceph_block_buffered(), and ceph_start_io_direct() methods.
[1] https://scan5.scan.coverity.com/#/project-view/64304/10063?selectedIssue=1590942
[2] https://scan5.scan.coverity.com/#/project-view/64304/10063?selectedIssue=1590665
[3] https://scan5.scan.coverity.com/#/project-view/64304/10063?selectedIssue=1589664
[4] https://scan5.scan.coverity.com/#/project-view/64304/10063?selectedIssue=1590377
Signed-off-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Reviewed-by: Alex Markuze <amarkuze@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
The wake_up_bit() is called in ceph_async_unlink_cb(),
wake_async_create_waiters(), and ceph_finish_async_create().
It makes sense to switch on clear_bit() function, because
it makes the code much cleaner and easier to understand.
More important rework is the adding of smp_mb__after_atomic()
memory barrier after the bit modification and before
wake_up_bit() call. It can prevent potential race condition
of accessing the modified bit in other threads. Luckily,
clear_and_wake_up_bit() already implements the required
functionality pattern:
static inline void clear_and_wake_up_bit(int bit, unsigned long *word)
{
clear_bit_unlock(bit, word);
/* See wake_up_bit() for which memory barrier you need to use. */
smp_mb__after_atomic();
wake_up_bit(word, bit);
}
Signed-off-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Reviewed-by: Alex Markuze <amarkuze@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
The Coverity Scan service has detected potential
race condition in ceph_ioctl_lazyio() [1].
The CID 1591046 contains explanation: "Check of thread-shared
field evades lock acquisition (LOCK_EVASION). Thread1 sets
fmode to a new value. Now the two threads have an inconsistent
view of fmode and updates to fields correlated with fmode
may be lost. The data guarded by this critical section may
be read while in an inconsistent state or modified by multiple
racing threads. In ceph_ioctl_lazyio: Checking the value of
a thread-shared field outside of a locked region to determine
if a locked operation involving that thread shared field
has completed. (CWE-543)".
The patch places fi->fmode field access under ci->i_ceph_lock
protection. Also, it introduces the is_file_already_lazy
variable that is set under the lock and it is checked later
out of scope of critical section.
[1] https://scan5.scan.coverity.com/#/project-view/64304/10063?selectedIssue=1591046
Signed-off-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Reviewed-by: Alex Markuze <amarkuze@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
The Coverity Scan service has detected overflowed constant
issue in ceph_do_objects_copy() [1]. The CID 1624308
defect contains explanation: "The overflowed value due to
arithmetic on constants is too small or unexpectedly
negative, causing incorrect computations. Expression bytes,
which is equal to -95, where ret is known to be equal to -95,
underflows the type that receives it, an unsigned integer
64 bits wide. In ceph_do_objects_copy: Integer overflow occurs
in arithmetic on constant operands (CWE-190)".
The patch changes the type of bytes variable from size_t
to ssize_t with the goal of to be capable to receive
negative values.
[1] https://scan5.scan.coverity.com/#/project-view/64304/10063?selectedIssue=1624308
Signed-off-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Reviewed-by: Alex Markuze <amarkuze@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
The Coverity Scan service has detected the wrong sizeof
argument in register_session() [1]. The CID 1598909 defect
contains explanation: "The wrong sizeof value is used in
an expression or as argument to a function. The result is
an incorrect value that may cause unexpected program behaviors.
In register_session: The sizeof operator is invoked on
the wrong argument (CWE-569)".
The patch introduces a ptr_size variable that is initialized
by sizeof(struct ceph_mds_session *). And this variable is used
instead of sizeof(void *) in the code.
[1] https://scan5.scan.coverity.com/#/project-view/64304/10063?selectedIssue=1598909
Signed-off-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Reviewed-by: Alex Markuze <amarkuze@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
The Coverity Scan service has detected the calling of
wait_for_completion_killable() without checking the return
value in ceph_lock_wait_for_completion() [1]. The CID 1636232
defect contains explanation: "If the function returns an error
value, the error value may be mistaken for a normal value.
In ceph_lock_wait_for_completion(): Value returned from
a function is not checked for errors before being used. (CWE-252)".
The patch adds the checking of wait_for_completion_killable()
return value and return the error code from
ceph_lock_wait_for_completion().
[1] https://scan5.scan.coverity.com/#/project-view/64304/10063?selectedIssue=1636232
Signed-off-by: Viacheslav Dubeyko <Slava.Dubeyko@ibm.com>
Reviewed-by: Alex Markuze <amarkuze@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
This allows killing processes that wait for a lock when one process is
stuck waiting for the Ceph server. This is similar to the NFS commit
38a125b315 ("fs/nfs/io: make nfs_start_io_*() killable").
[ idryomov: drop comment on include, formatting ]
Signed-off-by: Max Kellermann <max.kellermann@ionos.com>
Reviewed-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
* Return directly after a call of the function “genlmsg_new” failed
at the beginning.
* Delete the label “fail” which became unnecessary
with this refactoring.
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Steve French <stfrench@microsoft.com>
Use a label once more so that a bit of common code can be better reused
at the end of this function implementation.
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Acked-by: Enzo Matsumiya <ematsumiya@suse.de>
Reviewed-by: David Howells <dhowells@redhat.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Use two additional labels so that another bit of common code can be better
reused at the end of this function implementation.
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Steve French <stfrench@microsoft.com>
* Return a status code without storing it in an intermediate variable.
* Delete the local variable “ret” and the label “error”
which became unnecessary with this refactoring.
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Acked-by: Enzo Matsumiya <ematsumiya@suse.de>
Signed-off-by: Steve French <stfrench@microsoft.com>
Prepare for passing different alignments, and to retired
bio_iov_iter_get_bdev_pages as a global helper.
Signed-off-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Martin K. Petersen <martin.petersen@oracle.com>
Reviewed-by: Johannes Thumshirn <johannes.thumshirn@wdc.com>
Reviewed-by: Keith Busch <kbusch@kernel.org>
Reviewed-by: Qu Wenruo <wqu@suse.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
Use three additional labels so that another bit of common code can be
better reused at the end of this function implementation.
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Signed-off-by: Steve French <stfrench@microsoft.com>
* cifs_lookup():
Move the definition for the local variable “cfid” into an else branch
so that the corresponding setting will only be performed if a NULL inode
was detected during lookup by this function.
* cifs_d_revalidate():
Move the definition for the local variables “inode” and “rc” into
an if branch so that the corresponding setting will only be performed
after a d_really_is_positive() call.
Move the definition for the local variable “cfid” into an else branch
so that the corresponding setting will only be performed if further data
processing will be needed for an open_cached_dir_by_dentry() call.
Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
Acked-by: Henrique Carvalho <henrique.carvalho@suse.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE8rQSAMVO+zA4DBdWxWXV+ddtWDsFAmjj18wACgkQxWXV+ddt
WDvotw//Z50Clttkc87HLmrRbLC/A2xm0YRtaDA6HvaQGMtI17+QegdNZB+yiC7K
wSXeh/Je+kdb97YGW2NjBtY5bwMaIpSaAxxvumPd1xsKwrgGRx/BbwKAeOMn4KWq
3lTynA0vKkL7F3GfsYY0W8IPvUsw4zb0sigSNK6/eDAGCRf6m3jWZCC9EBvaVb84
VumPKsGK/KNCRo2xvXEqcqCA4KVrE3JUa/jMyddkTjIPm7tqD2l0J8P0v99AG5+s
OaqJU3pUEukpzw41va1JF3eaOVQ8PfFhwGAHvVBKoGy3ownRXikwf05inq93+EBX
cbcb4j2mxjv+H6Zy415GBg6kK9A/y9KTI1us/eQgOZtKLXwrySLLocA7aYw/AdxS
kGTgwBgUc3BPbpa/mLj6HOemRl+fHNC6EgdsX1/PN+vx9cend7kOJsw1YCqe5c7E
5s8YHFbBca53HzeUS78yqikjG9B3KRY+rKyO8wO0dwozTkDD9Dy3SFO3dtMNaTdm
ipxqOjMNYgUDUauKQzDiCdZiQ1yHb3NjTANP6sP35PlBdmjXHqp9TsgsxSNezv6V
GBsgcSyZtawyaZlUvg0c4MLYLx3kOsY97ywn7n/dbcZC/EC07tauwD6XnlbARqJu
nYQ/drZIImvuDekrIBLxvSpJOinsZ60jYlkRhREbEXT47jUE9zU=
=SVmB
-----END PGP SIGNATURE-----
Merge tag 'for-6.18-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux
Pull btrfs fixes from David Sterba:
"Two short fixes that would be good to have before rc1"
* tag 'for-6.18-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux:
btrfs: fix PAGE_SIZE format specifier in open_ctree()
btrfs: avoid potential out-of-bounds in btrfs_encode_fh()
Mike Snitzer has prototyped a mechanism for disabling I/O caching in
NFSD. This is introduced in v6.18 as an experimental feature. This
enables scaling NFSD in /both/ directions:
- NFS service can be supported on systems with small memory
footprints, such as low-cost cloud instances
- Large NFS workloads will be less likely to force the eviction of
server-local activity, helping it avoid thrashing
Jeff Layton contributed a number of fixes to the new attribute
delegation implementation (based on a pending Internet RFC) that we
hope will make attribute delegation reliable enough to enable by
default, as it is on the Linux NFS client.
The remaining patches in this pull request are clean-ups and minor
optimizations. Many thanks to the contributors, reviewers, testers,
and bug reporters who participated during the v6.18 NFSD development
cycle.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEKLLlsBKG3yQ88j7+M2qzM29mf5cFAmjjxZMACgkQM2qzM29m
f5dhcA//f6ha4lQ2qq3HfJCa4jLe55LEEYiPPgsBLyuAJtQcEQEVJtb1+0qmdeoE
4ROW/ooE6TmgRX3hJxpUqMeJPj99lC/Y29gsDfWvl9+EM1Dii4JborEBXFwKXn5b
KQhM/UK0H8nsZSDys5nr45eai0LQhjL6kbG2k2OoRxDjj1VpOdqVMYWKBVFDwYLc
LDqv/zh4mB30faMATfLkLpGQb2J9sWd6+Ks45m0H6+KkEEjINlHB5WTX601Omyw5
7YgIiR9/OPLiEcY0rK1iDjiY5g3sFza/W+hqzBADi9i5BDdadYUhUvQWgR+Y4SDD
04UltS5eVRtLM74S3JErWqQ4yuS5/aiUcinNeHV6wyfunuipusG2Hc5ZehcJAH78
Pt8D9KcBCsCMv2sBJl3vH7++rpBeiP9WHONrydK25Omk5as7eOGFjxE++KQ69BOB
+AtHIKEtw1VqX8IpLaG1EL3Ux22z4/PRw2sVx1Oql3mgOCXIsBTr7KPVhjwfBoQO
qlGpnj+xGV1b082BBMfTp1TLtRdD2PKOMaUQeF8XhyEXw92iGQfi0fCrAsbpFKfn
D3+BK3mR+tOcaEhpHhqU/XwiYfSTU0NYrimmjEvGbFhsT0Tz+RSoNQUBth2tJaqZ
hMEBmVujtu5LWnD0+dUNuylL10I4XDge+NVEmJa9pg2nFmjcojw=
=/nLS
-----END PGP SIGNATURE-----
Merge tag 'nfsd-6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux
Pull nfsd updates from Chuck Lever:
"Mike Snitzer has prototyped a mechanism for disabling I/O caching in
NFSD. This is introduced in v6.18 as an experimental feature. This
enables scaling NFSD in /both/ directions:
- NFS service can be supported on systems with small memory
footprints, such as low-cost cloud instances
- Large NFS workloads will be less likely to force the eviction of
server-local activity, helping it avoid thrashing
Jeff Layton contributed a number of fixes to the new attribute
delegation implementation (based on a pending Internet RFC) that we
hope will make attribute delegation reliable enough to enable by
default, as it is on the Linux NFS client.
The remaining patches in this pull request are clean-ups and minor
optimizations. Many thanks to the contributors, reviewers, testers,
and bug reporters who participated during the v6.18 NFSD development
cycle"
* tag 'nfsd-6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux: (42 commits)
nfsd: discard nfserr_dropit
SUNRPC: Make RPCSEC_GSS_KRB5 select CRYPTO instead of depending on it
NFSD: Add io_cache_{read,write} controls to debugfs
NFSD: Do the grace period check in ->proc_layoutget
nfsd: delete unnecessary NULL check in __fh_verify()
NFSD: Allow layoutcommit during grace period
NFSD: Disallow layoutget during grace period
sunrpc: fix "occurence"->"occurrence"
nfsd: Don't force CRYPTO_LIB_SHA256 to be built-in
nfsd: nfserr_jukebox in nlm_fopen should lead to a retry
NFSD: Reduce DRC bucket size
NFSD: Delay adding new entries to LRU
SUNRPC: Move the svc_rpcb_cleanup() call sites
NFS: Remove rpcbind cleanup for NFSv4.0 callback
nfsd: unregister with rpcbind when deleting a transport
NFSD: Drop redundant conversion to bool
sunrpc: eliminate return pointer in svc_tcp_sendmsg()
sunrpc: fix pr_notice in svc_tcp_sendto() to show correct length
nfsd: decouple the xprtsec policy check from check_nfsd_access()
NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul()
...
- Some comment spelling fixes (Xichao)
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQSRPv8tYSvhwAzJdzjdoc3SxdoYdgUCaOMrdwAKCRDdoc3SxdoY
dkGVAP9z3BjpZIcK8DHWHnkQcy4dOuCt2MMSqn7skN6av+Ro/AEA/tOhqAKv1j5k
Lgs1mLsyM2V7fsO2QhQ721DwO0caNAU=
=yhUq
-----END PGP SIGNATURE-----
Merge tag 'zonefs-6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs
Pull zonefs update from Damien Le Moal:
- Some comment spelling fixes (Xichao)
* tag 'zonefs-6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs:
zonefs: correct some spelling mistakes
- Bring the kernel memory-model docs into the Sphinx build in the "literal
include" mode.
- Lots of build-infrastructure work, further cleaning up long-term
kernel-doc technical debt. The sphinx-pre-install tool has been
converted to Python and updated for current systems.
- A new tool to detect when documents have been moved and generate HTML
redirects; this can be used on kernel.org (or any other site hosting the
rendered docs) to avoid breaking links.
- Automated processing of the YAML files describing the netlink protocol.
- A significant update of the maintainer's PGP guide.
...and a seemingly endless series of typo fixes, build-problem fixes, etc.
-----BEGIN PGP SIGNATURE-----
iQEzBAABCgAdFiEEIw+MvkEiF49krdp9F0NaE2wMflgFAmjbwOoACgkQF0NaE2wM
flis1gf/ZvRi3Mo5hIsuGyQfs5kw/jx0N7SG4QYf2rEnt5ZGNa5SkyOVKsWQKTgK
LesQkdaCA0xHMoUWSvZRwn2a0+acpeMm6viXjewd2mU52sSNmSkKG4WsZyxfnOYS
36fkZ1qymQkJ4uSvx5NScTiIBqZx+Qfgkj0eNnXcpJd2vYeAVSu4szsFxeUvcJFj
Ckq3+3DQ5p/dcWwgvdlLKEJGj98Q3cqLrMn8ycbNtwzo3mdVbrlP5+qqNslZC6xY
Nqpv9HXbFWNCaL6YWCybcNOZ4F5UVno1ap2F3imTD8Rp1iG77zAQV5lMlq4Gksf4
kECLc1TtTKSgmgWHmi1sgudqM4Xqpw==
=Qe3Z
-----END PGP SIGNATURE-----
Merge tag 'docs-6.18' of git://git.lwn.net/linux
Pull documentation updates from Jonathan Corbet:
"It has been a relatively busy cycle in docsland, with changes all
over:
- Bring the kernel memory-model docs into the Sphinx build in the
"literal include" mode.
- Lots of build-infrastructure work, further cleaning up long-term
kernel-doc technical debt. The sphinx-pre-install tool has been
converted to Python and updated for current systems.
- A new tool to detect when documents have been moved and generate
HTML redirects; this can be used on kernel.org (or any other site
hosting the rendered docs) to avoid breaking links.
- Automated processing of the YAML files describing the netlink
protocol.
- A significant update of the maintainer's PGP guide.
... and a seemingly endless series of typo fixes, build-problem fixes,
etc"
* tag 'docs-6.18' of git://git.lwn.net/linux: (193 commits)
Documentation/features: Update feature lists for 6.17-rc7
docs: remove cdomain.py
Documentation/process: submitting-patches: fix typo in "were do"
docs: dev-tools/lkmm: Fix typo of missing file extension
Documentation: trace: histogram: Convert ftrace docs cross-reference
Documentation: trace: histogram-design: Wrap introductory note in note:: directive
Documentation: trace: historgram-design: Separate sched_waking histogram section heading and the following diagram
Documentation: trace: histogram-design: Trim trailing vertices in diagram explanation text
Documentation: trace: histogram: Fix histogram trigger subsection number order
docs: driver-api: fix spelling of "buses".
Documentation: fbcon: Use admonition directives
Documentation: fbcon: Reindent 8th step of attach/detach/unload
Documentation: fbcon: Add boot options and attach/detach/unload section headings
docs: filesystems: sysfs: add remaining top level sysfs directory descriptions
docs: filesystems: sysfs: clarify symlink destinations in dev and bus/devices descriptions
docs: filesystems: sysfs: remove top level sysfs net directory
docs: maintainer: Fix ambiguous subheading formatting
docs: kdoc: a few more dump_typedef() tweaks
docs: kdoc: remove redundant comment stripping in dump_typedef()
docs: kdoc: remove some dead code in dump_typedef()
...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCaN3daAAKCRBZ7Krx/gZQ
6zNWAP9kD6rOJRNqDgea4pibDPa47Tps/WM5tsDv3dsLliY29gEA6sveOWZ3guAj
4oY3ts/NtHLWXvhI7Vd/1mr2aTKEZQk=
=YNK+
-----END PGP SIGNATURE-----
Merge tag 'pull-f_path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull file->f_path constification from Al Viro:
"Only one thing was modifying ->f_path of an opened file - acct(2).
Massaging that away and constifying a bunch of struct path * arguments
in functions that might be given &file->f_path ends up with the
situation where we can turn ->f_path into an anon union of const
struct path f_path and struct path __f_path, the latter modified only
in a few places in fs/{file_table,open,namei}.c, all for struct file
instances that are yet to be opened"
* tag 'pull-f_path' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (23 commits)
Have cc(1) catch attempts to modify ->f_path
kernel/acct.c: saner struct file treatment
configfs:get_target() - release path as soon as we grab configfs_item reference
apparmor/af_unix: constify struct path * arguments
ovl_is_real_file: constify realpath argument
ovl_sync_file(): constify path argument
ovl_lower_dir(): constify path argument
ovl_get_verity_digest(): constify path argument
ovl_validate_verity(): constify {meta,data}path arguments
ovl_ensure_verity_loaded(): constify datapath argument
ksmbd_vfs_set_init_posix_acl(): constify path argument
ksmbd_vfs_inherit_posix_acl(): constify path argument
ksmbd_vfs_kern_path_unlock(): constify path argument
ksmbd_vfs_path_lookup_locked(): root_share_path can be const struct path *
check_export(): constify path argument
export_operations->open(): constify path argument
rqst_exp_get_by_name(): constify path argument
nfs: constify path argument of __vfs_getattr()
bpf...d_path(): constify path argument
done_path_create(): constify path argument
...
New Features:
* Add a Kconfig option to redirect dfprintk() to the trace buffer
* Enable use of the RWF_DONTCACHE flag on the NFS client
* Add striped layout handling to pNFS flexfiles
* Add proper localio handling for READ and WRITE O_DIRECT
Bugfixes:
* Handle NFS4ERR_GRACE errors during delegation recall
* Fix NFSv4.1 backchannel max_resp_sz verification check
* Fix mount hang after CREATE_SESSION failure
* Fix d_parent->d_inode locking in nfs4_setup_readdir()
Other Cleanups and Improvements:
* Improvements to write handling tracepoints
* Fix a few trivial spelling mistakes
* Cleanups to the rpcbind cleanup call sites
* Convert the SUNRPC xdr_buf to use a scratch folio instead of scratch page
* Remove unused NFS_WBACK_BUSY() macro
* Remove __GFP_NOWARN flags
* Unexport rpc_malloc() and rpc_free()
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEnZ5MQTpR7cLU7KEp18tUv7ClQOsFAmjgOEkACgkQ18tUv7Cl
QOuX7RAA33AUq4NBxzDOgz4u4eNU/a8z2AazRgAtfmPVLTitrx/kqcfVEtHAdHFi
cWkN2SO+TVzxIGOrudqNyjV2cjfUJV4ZJBkNY6lJvxPNAH27Dk9P2iMF12QYtHOq
qyrwqoUQcyBkmtpgFUyHzydA4J17JDl5A7I/tOkro3ZfV4gmYAUwVdS+VtJoosLp
7FnXv+W5FBWkfKrIT+vPyiBqxl0gZXmzUkJK2lG9m9NvE2Jk2MbPFyhdUEA5JybJ
akNLdBnFwNWw2rLulSqs68ZbCGz6NY634q1Z+ZsRJ907ZdBqJ7zIBFv4yc/bMpZm
Q9kh1M0OyvK0MlLRFe3efOLxRoN9nJPd+kuaw9eYw5V57Jrwj6QGV4nud2C8nzs8
iB+LuJli+FRCeD84SY8NnMFKpXphHCeMXcBMRMsLTOSotJZFithO95+w1pKlK64A
lxY1JXOQYelwJZxfhGPovwac4t1arpDjsumRlTmq12KaQnM3Z1gR2PUgeLxEPHQM
f6gEiN9KDOhW/gZrFQxNs2hVAH68RDKpWxeR2XeVJlJYf37Hgh8bNGEiURi3G57n
ED7tFbK9lzHVFR07hiP3Cvzop4z2mzadgHo+1vzdXmZZQA4gc4MSFfszFLCnQopw
LEb7RqpVVXtQb+f7A+LuD+a2rLEnW+gTf6iLqCR8hAB5k1xmcYQ=
=8wnU
-----END PGP SIGNATURE-----
Merge tag 'nfs-for-6.18-1' of git://git.linux-nfs.org/projects/anna/linux-nfs
Pull NFS client updates from Anna Schumaker:
"New Features:
- Add a Kconfig option to redirect dfprintk() to the trace buffer
- Enable use of the RWF_DONTCACHE flag on the NFS client
- Add striped layout handling to pNFS flexfiles
- Add proper localio handling for READ and WRITE O_DIRECT
Bugfixes:
- Handle NFS4ERR_GRACE errors during delegation recall
- Fix NFSv4.1 backchannel max_resp_sz verification check
- Fix mount hang after CREATE_SESSION failure
- Fix d_parent->d_inode locking in nfs4_setup_readdir()
Other Cleanups and Improvements:
- Improvements to write handling tracepoints
- Fix a few trivial spelling mistakes
- Cleanups to the rpcbind cleanup call sites
- Convert the SUNRPC xdr_buf to use a scratch folio instead of
scratch page
- Remove unused NFS_WBACK_BUSY() macro
- Remove __GFP_NOWARN flags
- Unexport rpc_malloc() and rpc_free()"
* tag 'nfs-for-6.18-1' of git://git.linux-nfs.org/projects/anna/linux-nfs: (46 commits)
NFS: add basic STATX_DIOALIGN and STATX_DIO_READ_ALIGN support
nfs/localio: add tracepoints for misaligned DIO READ and WRITE support
nfs/localio: add proper O_DIRECT support for READ and WRITE
nfs/localio: refactor iocb initialization
nfs/localio: refactor iocb and iov_iter_bvec initialization
nfs/localio: avoid issuing misaligned IO using O_DIRECT
nfs/localio: make trace_nfs_local_open_fh more useful
NFSD: filecache: add STATX_DIOALIGN and STATX_DIO_READ_ALIGN support
sunrpc: unexport rpc_malloc() and rpc_free()
NFSv4/flexfiles: Add support for striped layouts
NFSv4/flexfiles: Update layout stats & error paths for striped layouts
NFSv4/flexfiles: Write path updates for striped layouts
NFSv4/flexfiles: Commit path updates for striped layouts
NFSv4/flexfiles: Read path updates for striped layouts
NFSv4/flexfiles: Update low level helper functions to be DS stripe aware.
NFSv4/flexfiles: Add data structure support for striped layouts
NFSv4/flexfiles: Use ds_commit_idx when marking a write commit
NFSv4/flexfiles: Remove cred local variable dependency
nfs4_setup_readdir(): insufficient locking for ->d_parent->d_inode dereferencing
NFS: Enable use of the RWF_DONTCACHE flag on the NFS client
...
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmjf7TUACgkQiiy9cAdy
T1EeoQv/cCbhCv5S+wM9mtqtJt3ea+0E4+fXc012198jgphgd39s5cV07flVj4vA
P5gC0ZGQmTsCOhcmYzxOefUpyq5N+ckIY8PoQKEXyHf3e/0GqczkdDokkhB8eOkh
aC/arAcQvYXzcR+RwLdkRa0W/kwoXJ6iQ4+44KS7U6AUzWOR3H21UAJ2tg96xNLk
Qp4dKOG3i1RcBMMX2iuFKbF693XQPhoefs+/kPzWe2R99IIfJrFT7rLPhuwV+iJ7
TIHgXk+UEUiDizLsSi9SPs59X0oOrQ2BlVI6mR0sUso94yQanItla9TTVTVTy2Tz
tB7FUbF5x7a0Yaj3pVai5MXLRaKDEP38KWoM5mUsDyxDLblE5cHLtfxZzPwK8VO0
oTVRDQu9DigOmfyiwJ9tu3O5/ZnAr0A5pJEYHHfue84xuBRb1mUPyzX+ML2yym7u
8K+CUOKXS3M8x4Ep+88MukSX3PNEhJ1ohleyQghJHQVqrcA4tp289X+GJRuG9Q1b
NiII7Tk0
=4Nt1
-----END PGP SIGNATURE-----
Merge tag '6.18-rc-part1-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6
Pull smb client updates from Steve French:
- Fix oops in crypt message
- Remove duplicate arc4 code
- Fix potential io_uring reconnect
- Two important directory leases fixes and three perf improvements
- Three minor cleanups
- Four debug improvements (e.g. for showing more information on leases,
and one for adding more helpful information on reconnect)
* tag '6.18-rc-part1-smb3-client-fixes' of git://git.samba.org/sfrench/cifs-2.6:
cifs: client: force multichannel=off when max_channels=1
smb client: fix bug with newly created file in cached dir
smb: client: short-circuit negative lookups when parent dir is fully cached
smb: client: short-circuit in open_cached_dir_by_dentry() if !dentry
smb: client: remove pointless cfid->has_lease check
smb: client: transport: minor indentation style fix
smb: client: transport: avoid reconnects triggered by pending task work
smb: client: remove unused fid_lock
smb: client: update cfid->last_access_time in open_cached_dir_by_dentry()
smb: client: ensure open_cached_dir_by_dentry() only returns valid cfid
smb: client: account smb directory cache usage and per-tcon totals
smb: client: add drop_dir_cache module parameter to invalidate cached dirents
smb: client: show lease state as R/H/W (or NONE) in open_files
smb: client: fix crypto buffers in non-linear memory
smb: Use arc4 library instead of duplicate arc4 code
smb: client: add tcon information to smb2_reconnect() debug messages
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEE6fsu8pdIjtWE/DpLiiy9cAdyT1EFAmjdnKIACgkQiiy9cAdy
T1GSdQv/ZOTEtqd1g5CKih9gD8QczGDndh1e650fqU7WIPhgoZ9c+Qo50KsXwo7B
pnLp0Rjy8OymfRcm2DZVDiEkiR1ocRTNiPOwwMK7ET3+F8WS0elxu4utF5/MWgkR
QA0CJ1LlulAFeSkp2KLiXzaRUabGrEyIz/+WCl7Rz/DnLRNB2f5+45T4TNozbH0a
W2YaQ/M1udrLJ2g+B+VYH8D5GLGrcnFOJROJ21Wt6mYSbRseUkRawr89WD+lQ4wL
U64vOda4AHR1CIgGnaXPU3but1chdvoiUzgd3p7/Qt9GJNGOL1iH5m0sG/tf53FX
370NhFPeF3zKeje+j0nVkvr1xAcLWQCdIMhN3MRleuepNeNtmC18+TojHg4flf1Z
axuWDjIBZGtGUByGewigW2D6Q46HI8DnjQzsAGTRVrJ2itIJsCiAPvlhM1mw3gCp
5mtClLxuHouUH47C86YVAKN77poXVjx4gc6XCTqt+NqHX0ZJgA8y9TkpxQLR1GvJ
Vgn05FsQ
=rwfk
-----END PGP SIGNATURE-----
Merge tag 'v6.18rc1-part1-ksmbd-server-fixes' of git://git.samba.org/ksmbd
Pull smb server fixes from Steve French:
- Fix potential UAFs and corruptions in rpc open and close
- Fix copy_file_range when ranges overlap
- Improve session, share, connection lookup performance
- Fix potential hash collisions in share and session lists
- Debugging improvement - making per-connection threads easier to
identify
- Improve socket creation
- Fix return code mapping for posix query fs info
- Add support for limiting the maximum number of connections per IP
address, extending the existing connection limiting mechanism to
enforce per-IP connection limits alongside the global connection
limit
* tag 'v6.18rc1-part1-ksmbd-server-fixes' of git://git.samba.org/ksmbd:
ksmbd: increase session and share hash table bits
ksmbd: replace connection list with hash table
ksmbd: add an error print when maximum IP connections limit is reached
ksmbd: add max ip connections parameter
ksmbd: fix error code overwriting in smb2_get_info_filesystem()
ksmbd: copy overlapped range within the same file
ksmbd: use sock_create_kern interface to create kernel socket
ksmbd: make ksmbd thread names distinct by client IP
ksmbd: Fix race condition in RPC handle list access
This release focuses on two primary updates for Android devices. First, it sets
hash-based file name lookup as the default method to improve performance, while
retaining an option to fall back to a linear lookup. Second, it resolves a
persistent issue with the checkpoint=enable feature. The update further boosts
performance by prefetching node blocks, merging FUA writes more efficiently, and
optimizing block allocation policies.
The release is rounded out by a comprehensive set of bug fixes that address
memory safety, data integrity, and potential system hangs, along with minor
documentation and code clean-ups.
Enhancement:
- add mount option and sysfs entry to tune the lookup mode
- dump more information and add a timeout when enabling/disabling checkpoints
- readahead node blocks in F2FS_GET_BLOCK_PRECACHE mode
- merge FUA command with the existing writes
- allocate HOT_DATA for IPU writes
- Use allocate_section_policy to control write priority in multi-devices setups
- add reserved nodes for privileged users
- Add bggc_io_aware to adjust the priority of BG_GC when issuing IO
- show the list of donation files
Bug fix:
- add missing dput() when printing the donation list
- fix UAF issue in f2fs_merge_page_bio()
- add sanity check on ei.len in __update_extent_tree_range()
- fix infinite loop in __insert_extent_tree()
- fix zero-sized extent for precache extents
- fix to mitigate overhead of f2fs_zero_post_eof_page()
- fix to avoid migrating empty section
- fix to truncate first page in error path of f2fs_truncate()
- fix to update map->m_next_extent correctly in f2fs_map_blocks()
- fix wrong layout information on 16KB page
- fix to do sanity check on node footer for non inode dnode
- fix to avoid NULL pointer dereference in f2fs_check_quota_consistency()
- fix to detect potential corrupted nid in free_nid_list
- fix to clear unusable_cap for checkpoint=enable
- fix to zero data after EOF for compressed file correctly
- fix to avoid overflow while left shift operation
- fix condition in __allow_reserved_blocks()
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE00UqedjCtOrGVvQiQBSofoJIUNIFAmjgDGsACgkQQBSofoJI
UNICWQ//VJPl1HPhdvWB1QhGIL/kt0/9yxhmgdz3NAeU399NfE9rTvMQC9gunLV0
EW0o0EUhI/nOM+m/bOKlqwvklYe6AcO4RglXDzE3eq13k3Z3g3phM+YUwXQib/m5
jRcDWnHwSd9YY5iTHcJlxsVlWBe8nEQXJlHjo6+Iq70bLfT50hTiqPbgYwjoBy+B
ISolj70XIFXlPsciG9AW7VOGjJBPMsNsRqrd08neYxVycIhC8rcolTLm+8hUQkLc
9y/E+wYypYlaHrN8jBqYLNOXBffql+9qOFDKAXRwDvfVxt4nIlLUHzcLvtVLDGC3
hTMPIcKm8D3EwqxY4SjpQH66EkC63XrquFm9zveU4ckJhs4++Kb9uwuKUofNhCWj
8gw9OKafb8SSoBimjnCpQpXecvfwMbIoTUPJ5ytpNV+q27eBs+pe3lkDcA2O4Xdu
SEMGeBlrxvOAgrRbnE65uIv/GjXcUK9LqXERuErjNs/YJOrj/ByDT2wJH5yqASwH
9csO/3fKc91EAGy+Kd49z3E8S2wuoI+22noir/AB7WKyRg5ZO7q3ZiZxqsrc1iJN
Z/gh0QrWVQVVnn23z8VPArQX2fMZQ8iOMvcM54G+05ipj3mUBNT5eZlyEPb3FcUe
o4XvTtKkcFhEIawf+WgED07PBpdzz5w1f8hx3EWCLda0LacHILQ=
=cIQy
-----END PGP SIGNATURE-----
Merge tag 'f2fs-for-6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs
Pull f2fs updates from Jaegeuk Kim:
"This focuses on two primary updates for Android devices.
First, it sets hash-based file name lookup as the default method to
improve performance, while retaining an option to fall back to a
linear lookup.
Second, it resolves a persistent issue with the 'checkpoint=enable'
feature.
The update further boosts performance by prefetching node blocks,
merging FUA writes more efficiently, and optimizing block allocation
policies.
The release is rounded out by a comprehensive set of bug fixes that
address memory safety, data integrity, and potential system hangs,
along with minor documentation and code clean-ups.
Enhancements:
- add mount option and sysfs entry to tune the lookup mode
- dump more information and add a timeout when enabling/disabling
checkpoints
- readahead node blocks in F2FS_GET_BLOCK_PRECACHE mode
- merge FUA command with the existing writes
- allocate HOT_DATA for IPU writes
- Use allocate_section_policy to control write priority in
multi-devices setups
- add reserved nodes for privileged users
- Add bggc_io_aware to adjust the priority of BG_GC when issuing IO
- show the list of donation files
Bug fixes:
- add missing dput() when printing the donation list
- fix UAF issue in f2fs_merge_page_bio()
- add sanity check on ei.len in __update_extent_tree_range()
- fix infinite loop in __insert_extent_tree()
- fix zero-sized extent for precache extents
- fix to mitigate overhead of f2fs_zero_post_eof_page()
- fix to avoid migrating empty section
- fix to truncate first page in error path of f2fs_truncate()
- fix to update map->m_next_extent correctly in f2fs_map_blocks()
- fix wrong layout information on 16KB page
- fix to do sanity check on node footer for non inode dnode
- fix to avoid NULL pointer dereference in
f2fs_check_quota_consistency()
- fix to detect potential corrupted nid in free_nid_list
- fix to clear unusable_cap for checkpoint=enable
- fix to zero data after EOF for compressed file correctly
- fix to avoid overflow while left shift operation
- fix condition in __allow_reserved_blocks()"
* tag 'f2fs-for-6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs: (43 commits)
f2fs: add missing dput() when printing the donation list
f2fs: fix UAF issue in f2fs_merge_page_bio()
f2fs: readahead node blocks in F2FS_GET_BLOCK_PRECACHE mode
f2fs: add sanity check on ei.len in __update_extent_tree_range()
f2fs: fix infinite loop in __insert_extent_tree()
f2fs: fix zero-sized extent for precache extents
f2fs: fix to mitigate overhead of f2fs_zero_post_eof_page()
f2fs: fix to avoid migrating empty section
f2fs: fix to truncate first page in error path of f2fs_truncate()
f2fs: fix to update map->m_next_extent correctly in f2fs_map_blocks()
f2fs: fix wrong layout information on 16KB page
f2fs: clean up error handing of f2fs_submit_page_read()
f2fs: avoid unnecessary folio_clear_uptodate() for cleanup
f2fs: merge FUA command with the existing writes
f2fs: allocate HOT_DATA for IPU writes
f2fs: Use allocate_section_policy to control write priority in multi-devices setups
Documentation: f2fs: Reword title
Documentation: f2fs: Indent compression_mode option list
Documentation: f2fs: Wrap snippets in literal code blocks
Documentation: f2fs: Span write hint table section rows
...
- Add support for FS_IOC_{GET,SET}FSLABEL ioctl.
- Two small clean-up patches.
- Optimizes allocation bitmap loading time on large partitions
with small cluster sizes.
- Allow changes for discard, zero_size_dir, and errors options
via remount.
- Validate that the clusters used for the allocation bitmap are
correctly marked as in-use during mount, preventing potential
data corruption from reallocating the bitmap's own space.
- Uses ratelimit to avoid too many error prints on I/O error path.
-----BEGIN PGP SIGNATURE-----
iQJKBAABCgA0FiEE6NzKS6Uv/XAAGHgyZwv7A1FEIQgFAmjctDoWHGxpbmtpbmpl
b25Aa2VybmVsLm9yZwAKCRBnC/sDUUQhCAouEADLPu8dKqggCL20NRFJQ+GJQ8Gb
1vjVCSNif5ZBMnJzM2UJOh+qjpsUqXFAzYhendJvWXtQyd7OK3GbzBR9WdrURk0c
4V4u/ZviRv4eoUyB9hZq7q+ugUZTQbMxIaFP95sLotxaiSiMG23r8chRmHcQ/+tE
XU50lIvJnXG8oo/nqHmVJIMEFOrtwqYThgiZ+ZWrltjg14f9PeIXfrBaX9PVpKR/
1AEPk4QZquAoLfvLSquib3N83axaYPcRI7JKOS4RW6oMehlsRsa0NTuy2ihItk6k
4KBTUyFHTFYRitkkED9a0fg0QZMijeDSl1lytbb4mly/9N0TizxMg+oupn9fKOto
5qzaEl+Fbf3XzzMpSs/RKS+hvqaiYF9oLgPoFwmrV1XzDp1V7SaKPFybo9e0vvKS
q6pSOpIde5zOuJ7WNyfGQ6/Ado19tEA8ZXEdUHDJ4h/SYw7t7XsYTWzRlVIZuKEC
qQnXpnRs84wy/dUK77lqJlZCq34whqHNjT1lieODzdGWWvYvDa7+YKSRPt968Jw1
DNME3k1XjKhQetz6jgIQH9p3j+UPU1BkCxDDcyYCXsNSMp9T0i73UIst1OukiZK7
v5FXJ9uArm0K76WBW6II/qzSE0zsmguL7rEF/2w8pfmhCnnhtqNR7Z677yEGJ1/F
vYKNaxnGM3KKf3YVkA==
=edGT
-----END PGP SIGNATURE-----
Merge tag 'exfat-for-6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/exfat
Pull exfat updates from Namjae Jeon:
- Add support for FS_IOC_{GET,SET}FSLABEL ioctl
- Two small clean-up patches
- Optimizes allocation bitmap loading time on large partitions with
small cluster sizes
- Allow changes for discard, zero_size_dir, and errors options via
remount
- Validate that the clusters used for the allocation bitmap are
correctly marked as in-use during mount, preventing potential data
corruption from reallocating the bitmap's own space
- Uses ratelimit to avoid too many error prints on I/O error path
* tag 'exfat-for-6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/linkinjeon/exfat:
exfat: Add support for FS_IOC_{GET,SET}FSLABEL
exfat: combine iocharset and utf8 option setup
exfat: support modifying mount options via remount
exfat: optimize allocation bitmap loading time
exfat: Remove unnecessary parentheses
exfat: drop redundant conversion to bool
exfat: validate cluster allocation bits of the allocation bitmap
exfat: limit log print for IO error
Remove unused type in macro fill_default_sys_attrs
Zhen Ni <zhen.ni@easystack.cn>
Replace kzalloc + copy_from_user with memdup_user_nul
Thorsten Blum <thorsten.blum@linux.dev>
fix xattr related buffer overflow...
A message was forwarded to me from Disclosure <disclosure@aisle.com>
indicating a problem with a loop condition in our xattr code. When I
fixed the problem it exposed a related memory leak problem, and I
fixed that too.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEWLOQAZkv9m2xtUCf/Vh1C1u0YnAFAmjf3UoACgkQ/Vh1C1u0
YnD4sRAAn9mzWpNTf/fQjFol99aiq4FD+AXR1BRZcOv+xOkOkMHPzE8hdx2IKXH7
tnLV+DdNrCXr2wsHzCtTtcpbDMRIkrH4FvCA2VP7/vxPu0DwHYKeITFaXVELUT+b
QW7AIu7WxbNwmEfCmv1wla8fjKXeDKTbwuaTSmOx9RL/4xy9/QTomix4QMqtC/G5
ufkbrWWx94lmW8TH3DUex5lfwAXqU+yH5FPRtcxHSMikRoXjSUcNrhCTWJ1uZTaR
uZfwU+pp6LZjxG7/0l+tOZpEEIltCMqs8gaSn3HQdIzPo5TAJksK6pylf/vOGYow
klqgwoTWlylX2QcxE6+zi75EXkAa4EJxGsFI70DtKRy9LYbHQhneh2hS9u+desB+
BnaqwtzAHfYdYl1hHefrp67dm/FkI14e/Mn9PbvnkpGrvZYvRjCBDd44mKaovJ2r
b3Pt4KZTa56kZfNC3YQcVDkEMG9KHMhhDH+Afb7SmhWmvkcLsHTa4Gyc3qw3IR9f
aHoqdN9okBWafI2NbL43PeauzZmTOQKqaBy6zHsvzBvCpCkdaEMDPOx+Tc5/jZGr
eBQ7Ahad4tg+1cVzj3MyFQBdbEHRfc0cIu2iS4i/N0hBno4MvyBE7GkvKRog6ifT
Y1wfPGWMvj9+7yZXlG8yo5n2eR2mBhNVsgrBrUd0RqpgNcU8EmQ=
=FIza
-----END PGP SIGNATURE-----
Merge tag 'for-linus-6.18-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux
Pull orangefs updates from Mike Marshall:
"Two cleanups and a bug fix:
- Remove unused type in macro fill_default_sys_attrs (Zhen Ni)
- Replace kzalloc + copy_from_user with memdup_user_nul (Thorsten Blum)
- Fix xattr related buffer overflow...
A message was forwarded to me from Disclosure <disclosure@aisle.com>
indicating a problem with a loop condition in our xattr code. When
I fixed the problem it exposed a related memory leak problem, and I
fixed that too"
* tag 'for-linus-6.18-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux:
fs/orangefs: Replace kzalloc + copy_from_user with memdup_user_nul
orangefs: fix xattr related buffer overflow...
orangefs: Remove unused type in macro fill_default_sys_attrs
Added:
support for FS_IOC_{GET,SET}FSLABEL ioctl
reject index allocation if $BITMAP is empty but blocks exist
Fixed:
integer overflow in run_unpack()
resource leak bug in wnd_extend()
Changed:
pretend $Extend records as regular files
stop using write_cache_pages
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEh0DEKNP0I9IjwfWEqbAzH4MkB7YFAmjbzXcACgkQqbAzH4Mk
B7ZQNQ/+Mhhi3YSa0Eo1f3BXwamf9BSY4twBcPeHze0RuzZIJj//qSzkkVK/3SfC
9qMyS0WaUnYybVo0hMbAycUlhuZOsUD9IMR3F5C06bkFZjiviGYOyefYMGpGD3Hj
6Vq2yNJYzhXEgwhGcz7WlSz1qnzXXIi0M7qXPmFhC5aBcuKz6DvGxSVfr6iGDKoK
rIpN74gluf1XF4/uXL/iAakEPZx5NtTYmq/xSzJIQt3UdM51C8EZAKkIg+5A1aka
c15vcnDQSvEl8e33ZDBZf1Bx97x5ZFdyb+iQMkohkTWRjiZzwD13cv3wAXXf7SVV
Tr+W8xmhH/kC1tvUY4dPF+xPSLQYYzkRPxJVG1/mcTjrB8+tzM/uTzN2yl6oUlCN
3K61LjEJdkomHF/RY1VTrUbdzY/xtXMr76ktLNfQxO6z+D7tY+l/SpQ7YS8/fCsp
AXb6GXC4Pmkfy0O4SB29wD9W1CeTWzVYDLI1+OtTFAyFWKik4uYsA8YbJy1Naq+m
QGchqn2uwfcGNOBbMZQ/5jZAt0+mec3ly1jGJN/iGgh1xtd+51kJx65HVOD4kQr4
TRPJYB3FNYE0vWwP6kZ7R6SKuFLac75d8H7Z+c4UP0Ia3BK7YdGgAvKcQHhwwEXV
aUxGYO7s7TXwYiEnP64JX179DwpZOYlFaJafLeWT81/0iBAXgxI=
=aAFS
-----END PGP SIGNATURE-----
Merge tag 'ntfs3_for_6.18' of https://github.com/Paragon-Software-Group/linux-ntfs3
Pull ntfs3 updates from Konstantin Komarov:
"Added:
- support for FS_IOC_{GET,SET}FSLABEL ioctl
- reject index allocation if $BITMAP is empty but blocks exist
Fixed:
- integer overflow in run_unpack()
- resource leak bug in wnd_extend()
Changed:
- pretend $Extend records as regular files
- stop using write_cache_pages"
* tag 'ntfs3_for_6.18' of https://github.com/Paragon-Software-Group/linux-ntfs3:
ntfs3: stop using write_cache_pages
fs/ntfs3: reject index allocation if $BITMAP is empty but blocks exist
fs/ntfs3: Fix a resource leak bug in wnd_extend()
fs: ntfs3: Fix integer overflow in run_unpack()
ntfs3: pretend $Extend records as regular files
ntfs3: add FS_IOC_SETFSLABEL ioctl
ntfs3: add FS_IOC_GETFSLABEL ioctl
ntfs3: transition magic number to shared constant
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEIodevzQLVs53l6BhNqiEXrVAjGQFAmjdREQACgkQNqiEXrVA
jGRaew/+JTYtPNiWV/1T1jrYBwhnm+66nDasC4bM/JlyCSe6x2Q7sLWNq8KnYV8c
KaVOQk/4QgZx1uvV64LUXJHlU7ayunDPpYo/s9/wjUA4HumFgU4eg1q/OP2BzdFT
QxlXsXXk1Ay/A4tTcI6JHXJJwhux1dZf5APOQ7314OocdK5twCeKJ7uyQjQ5F10E
Zdi/fNGWlsgrf5iabBRow7UfkiK8X0rwOM+ngl3YsZM12ZGkuTawpj/cWVtr7xom
XJr8d5XeLAAzfC5jYaKHbzaQyoPo3LN1uNRIfNDB6Jsa9dsYuZdbtIpToVsrTLX8
jGRdJyS9wzeY4J6uZtKuHtzppJ0f35RIJk1ebeMsk3ezofuZEX2AMR2wLuTwLWcV
bABu6FodwNa9ag2FVZzGK3v7OcOkCIAqySR2+564pjClEHGeXzSFYXz4hNWHMyRc
3L0qw5spjrMR5pQjPLQlraPpmFhwbErrBHam48TM1bz0JUBlXkt3tkiMQQ0uhM+z
/F7fms8uPbI+3UVyMuvYo+qT9yiTmMdlNsk1wf6QkD4FEmBfOSoETOh+u4bytMnQ
REW4oNP5QxZ6iOIkBwNvN04Vdkjbqiul5bLzujFbbgbRd1B89p/+iZVLawcOnbfm
wEtp+uD5fulqVF8XeXdJgaSg1i9yDyK4nQonVmtKbFEDJWq0+v0=
=QpFA
-----END PGP SIGNATURE-----
Merge tag 'jfs-6.18' of github.com:kleikamp/linux-shaggy
Pull jfs updates from Dave Kleikamp:
"A few fixes and cleanups for JFS"
* tag 'jfs-6.18' of github.com:kleikamp/linux-shaggy:
jfs: replace hardcoded magic number with DTPAGEMAXSLOT constant
JFS: Remove redundant 0 value initialization
JFS: Remove unnecessary parentheses
jfs: fix uninitialized waitqueue in transaction manager
jfs: Verify inode mode when loading from disk
* Add support so tune2fs can modify/update the superblock using an
ioctl, without needing write access to the block device.
* Add support for 32-bit reserved uid's and gid's.
Bug fixes:
* Fix potential warnings and other failures caused by corrupted / fuzzed
file systems.
* Fail unaligned direct I/O write with EINVAL instead of silently
falling back to buffered I/O
* Correectly handle fsmap queries for metadata mappings
* Avoid journal stalls caused by writeback throttling
* Add some missing GFP_NOFAIL flags to avoid potential deadlocks
under extremem memory pressure
Cleanups:
* Remove obsolete EXT3 Kconfigs
-----BEGIN PGP SIGNATURE-----
iQEyBAABCAAdFiEEK2m5VNv+CHkogTfJ8vlZVpUNgaMFAmjclvEACgkQ8vlZVpUN
gaPjJgf4vnWF6DdV/eQfD9d41h+cOuBv0w/pLBMP5nsJn1NtI057hnIEs4DyWqIn
M5O6qT4ktgoeS2zsKDnhdXWLjpnWJfqWKnYR76CoaZjNzg/2A3aT5+/H5fFRpBcT
gkoh1xJbcdo5rglktAyAqYGIUAgRIimNPaLyeffMqHAOdhaiBpzIVU0D4Z24kGUg
nBEMhQ6Km8Bvp1mJUiT9EsFXdC9BakUVrXLiliJsCBWitEYpBk/nScs7U/QQ4KVU
IvK7jiacYapLHwRm/7d9rlr2VQw1rWa584B4seq7H+FWNNAuQcV5Bml05bbUeKGc
9KKZDPA55UqcMBDkcHwro2GkYIFc
=8Z1N
-----END PGP SIGNATURE-----
Merge tag 'ext4_for_linus-6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
Pull ext4 updates from Ted Ts'o:
"New ext4 features:
- Add support so tune2fs can modify/update the superblock using an
ioctl, without needing write access to the block device
- Add support for 32-bit reserved uid's and gid's
Bug fixes:
- Fix potential warnings and other failures caused by corrupted /
fuzzed file systems
- Fail unaligned direct I/O write with EINVAL instead of silently
falling back to buffered I/O
- Correectly handle fsmap queries for metadata mappings
- Avoid journal stalls caused by writeback throttling
- Add some missing GFP_NOFAIL flags to avoid potential deadlocks
under extremem memory pressure
Cleanups:
- Remove obsolete EXT3 Kconfigs"
* tag 'ext4_for_linus-6.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
ext4: fix checks for orphan inodes
ext4: validate ea_ino and size in check_xattrs
ext4: guard against EA inode refcount underflow in xattr update
ext4: implemet new ioctls to set and get superblock parameters
ext4: add support for 32-bit default reserved uid and gid values
ext4: avoid potential buffer over-read in parse_apply_sb_mount_options()
ext4: fix an off-by-one issue during moving extents
ext4: increase i_disksize to offset + len in ext4_update_disksize_before_punch()
ext4: verify orphan file size is not too big
ext4: fail unaligned direct IO write with EINVAL
ext4: correctly handle queries for metadata mappings
ext4: increase IO priority of fastcommit
ext4: remove obsolete EXT3 config options
jbd2: increase IO priority of checkpoint
ext4: fix potential null deref in ext4_mb_init()
ext4: add ext4_sb_bread_nofail() helper function for ext4_free_branches()
ext4: replace min/max nesting with clamp()
fs: ext4: change GFP_KERNEL to GFP_NOFS to avoid deadlock
