cb6bbff7e6
1370079 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Linus Torvalds
|
cb6bbff7e6 |
hfs/hfsplus updates for v6.17
- hfs: fix general protection fault in hfs_find_init()
- hfs: fix slab-out-of-bounds in hfs_bnode_read()
- hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
- hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
- hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
- hfsplus: don't set REQ_SYNC for hfsplus_submit_bio()
- hfsplus: remove mutex_lock check in hfsplus_free_extents
- hfs: make splice write available again
- hfsplus: make splice write available again
- hfs: fix not erasing deleted b-tree node issue
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQT4wVoLCG92poNnMFAhI4xTh21NnQUCaIQQ0wAKCRAhI4xTh21N
nW3yAQDMhJcNyjP1j2dhNRq8l2PO6jDJqLhxAYGKwWMwv1GTvQD5AaOUSeMQbmcs
hNkMtjzb7OlfBLUthvrWlaCfLKWCmAk=
=dI94
-----END PGP SIGNATURE-----
Merge tag 'hfs-v6.17-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/vdubeyko/hfs
Pull hfs/hfsplus updates from Viacheslav Dubeyko:
"Johannes Thumshirn has made nice cleanup in hfsplus_submit_bio().
Tetsuo Handa has fixed the syzbot reported issue in
hfsplus_create_attributes_file() for the case of corruption the
Attributes File's metadata.
Yangtao Li has fixed the syzbot reported issue by removing the
uneccessary WARN_ON() in hfsplus_free_extents().
Other fixes:
- restore generic/001 successful execution by erasing deleted b-tree
nodes
- eliminate slab-out-of-bounds issue in hfs_bnode_read() and
hfsplus_bnode_read() by checking correctness of offset and length
when accessing b-tree node contents
- eliminate slab-out-of-bounds read in hfsplus_uni2asc() if the
b-tree node record has corrupted length of a name that could be
bigger than HFSPLUS_MAX_STRLEN
- eliminate general protection fault in hfs_find_init() for the case
of initial b-tree object creation"
* tag 'hfs-v6.17-tag1' of git://git.kernel.org/pub/scm/linux/kernel/git/vdubeyko/hfs:
hfs: fix general protection fault in hfs_find_init()
hfs: fix slab-out-of-bounds in hfs_bnode_read()
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
hfsplus: don't set REQ_SYNC for hfsplus_submit_bio()
hfsplus: remove mutex_lock check in hfsplus_free_extents
hfs: make splice write available again
hfsplus: make splice write available again
hfs: fix not erasing deleted b-tree node issue
|
||
|
Linus Torvalds
|
c7bfaff47a |
\n
-----BEGIN PGP SIGNATURE----- iQEzBAABCAAdFiEEq1nRK9aeMoq1VSgcnJ2qBz9kQNkFAmiHny8ACgkQnJ2qBz9k QNl/dQf/Wh/wsQwnYbZ1P1Mk1aGq+5xLAZJrt8dY8umHfCklWzjrmrpbxV11KbSX sxnAzRRGP/GlP9Atb6J4oBH2odIY57aKZcfeA64FYYM7yDo3ZvNQvNe+Il3Wr5Zn UBCGxr6mbeGt1GjBiP77kZzgLeHNnDKBR8Eu9i6zqYBsPk6wBM83oC2g+Ala++vM leb+uph2fL0rGqXu07LUpQDeLadBjhqRkzdgKOYJ6OXmckWASpYBkQlnCNTnAPYv AvDod+Mh5UNR0Sq+zB/EYEQn6OTFq+IB6MpGypQjVKxACUt3pTlRyraKWpvakR6r tih1TyOS5z1wZXBcoU2EtA9N/xYnjw== =Kj02 -----END PGP SIGNATURE----- Merge tag 'fs_for_v6.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs Pull udf and ext2 updates from Jan Kara: "A few udf and ext2 fixes and cleanups" * tag 'fs_for_v6.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs: udf: Verify partition map count udf: stop using write_cache_pages ext2: Handle fiemap on empty files to prevent EINVAL |
||
|
Klara Modin
|
1edaac340f |
block: change blk_get_meta_cap() stub return -ENOIOCTLCMD
When introduced in commit 9eb22f7fedfc ("fs: add ioctl to query metadata
and protection info capabilities") the stub of blk_get_meta_cap() for
!BLK_DEV_INTEGRITY always returns -EOPNOTSUPP. The motivation was that
while the command was unsupported in that configuration it was still
recognized.
A later change instead assumed -ENOIOCTLCMD as is required for unknown
ioctl commands per Documentation/driver-api/ioctl.rst. The result being
that on !BLK_DEV_INTEGRITY configs, any ioctl which reaches
blkdev_common_ioctl() will return -EOPNOTSUPP.
Change the stub to return -ENOIOCTLCMD, fixing the issue and better
matching with expectations.
[ The blkdev_common_ioctl() confusion has been fixed, but -ENOIOCTLCMD
is the right thing to return for unrecognized ioctls, so the patch
remains the right thing to do. - Linus ]
Link: https://lore.kernel.org/lkml/CACzX3AsRd__fXb9=CJPTTJC494SDnYAtYrN2=+bZgMCvM6UQDg@mail.gmail.com
Fixes: 42b0ef01e6b5 ("block: fix FS_IOC_GETLBMD_CAP parsing in blkdev_common_ioctl()")
Signed-off-by: Klara Modin <klarasmodin@gmail.com>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||
|
Joanne Koong
|
595d7ebeaf |
fuse: remove page alignment check for writeback len
Remove incorrect page alignment check for the writeback len arg in
fuse_iomap_writeback_range(). len will always be block-aligned as
passed in by iomap.
On regular fuse filesystems, i_blkbits is set to PAGE_SHIFT so this is
not a problem but for fuseblk filesystems, the block size is set to a
default of 512 bytes or a block size passed in at mount time.
Please note that non-page-aligned lengths are fine for the logic in
fuse_iomap_writeback_range(). The check was originally added as a
safeguard to detect conspicuously wrong ranges.
Signed-off-by: Joanne Koong <joannelkoong@gmail.com>
Fixes: ef7e7cbb323f ("fuse: use iomap for writeback")
Reported-by: Linux Kernel Functional Testing <lkft@linaro.org>
Link: https://lore.kernel.org/linux-fsdevel/CA+G9fYs5AdVM-T2Tf3LciNCwLZEHetcnSkHsjZajVwwpM2HmJw@mail.gmail.com/
Reported-by: Sasha Levin <sashal@kernel.org>
Reviewed-by: Darrick J. Wong <djwong@kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||
|
Linus Torvalds
|
b5d760d53a |
vfs-6.17-rc1.iomap
-----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINCtwAKCRCRxhvAZXjc ogPuAQChc4tCjlNp+yAwbSmuzWooKTN8PHI6v+3ftjdaKSy9AgD/Yya1i8aBYBA8 9HBtIKGAqvcgNB3por7yN+GJ8fxb/Ag= =YmLL -----END PGP SIGNATURE----- Merge tag 'vfs-6.17-rc1.iomap' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs iomap updates from Christian Brauner: - Refactor the iomap writeback code and split the generic and ioend/bio based writeback code. There are two methods that define the split between the generic writeback code, and the implemementation of it, and all knowledge of ioends and bios now sits below that layer. - Add fuse iomap support for buffered writes and dirty folio writeback. This is needed so that granular uptodate and dirty tracking can be used in fuse when large folios are enabled. This has two big advantages. For writes, instead of the entire folio needing to be read into the page cache, only the relevant portions need to be. For writeback, only the dirty portions need to be written back instead of the entire folio. * tag 'vfs-6.17-rc1.iomap' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: fuse: refactor writeback to use iomap_writepage_ctx inode fuse: hook into iomap for invalidating and checking partial uptodateness fuse: use iomap for folio laundering fuse: use iomap for writeback fuse: use iomap for buffered writes iomap: build the writeback code without CONFIG_BLOCK iomap: add read_folio_range() handler for buffered writes iomap: improve argument passing to iomap_read_folio_sync iomap: replace iomap_folio_ops with iomap_write_ops iomap: export iomap_writeback_folio iomap: move folio_unlock out of iomap_writeback_folio iomap: rename iomap_writepage_map to iomap_writeback_folio iomap: move all ioend handling to ioend.c iomap: add public helpers for uptodate state manipulation iomap: hide ioends from the generic writeback code iomap: refactor the writeback interface iomap: cleanup the pending writeback tracking in iomap_writepage_map_blocks iomap: pass more arguments using the iomap writeback context iomap: header diet |
||
|
Linus Torvalds
|
0965549d6f |
vfs-6.17-rc1.super
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINCsAAKCRCRxhvAZXjc
op1/AQCYRmE6MsFclZ/6Qhpd8Xxl6jYaw0VuSIGneh/HA5EmqQEAiE3/Q0paC1HB
PHryCsVau1yOfJtE1P05/3JLA73hWA4=
=MBdP
-----END PGP SIGNATURE-----
Merge tag 'vfs-6.17-rc1.super' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
Pull superblock callback update from Christian Brauner:
"Currently all filesystems which implement super_operations::shutdown()
can not afford losing a device.
Thus fs_bdev_mark_dead() will just call the ->shutdown() callback for
the involved filesystem.
But it will no longer be the case, as multi-device filesystems like
btrfs can handle certain device loss without the need to shutdown the
whole filesystem.
To allow those multi-device filesystems to be integrated to use
fs_holder_ops:
- Add a new super_operations::remove_bdev() callback
- Try ->remove_bdev() callback first inside fs_bdev_mark_dead().
If the callback returned 0, meaning the fs can handling the device
loss, then exit without doing anything else.
If there is no such callback or the callback returned non-zero
value, continue to shutdown the filesystem as usual.
This means the new remove_bdev() should only do the check on whether
the operation can continue, and if so do the fs specific handlings.
The shutdown handling should still be handled by the existing
->shutdown() callback.
For all existing filesystems with shutdown callback, there is no
change to the code nor behavior.
Btrfs is going to implement both the ->remove_bdev() and ->shutdown()
callbacks soon"
* tag 'vfs-6.17-rc1.super' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs:
fs: add a new remove_bdev() callback
|
||
|
Linus Torvalds
|
57fcb7d930 |
vfs-6.17-rc1.fileattr
-----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINCpgAKCRCRxhvAZXjc oqfFAQDcy3rROUF3W34KcSi7rDmaKVSX53d1tUoqH+1zDRpSlwEAriKDNC1ybudp YAnxVzkRHjHs1296WIuwKq5lfhJ60Q4= =geAl -----END PGP SIGNATURE----- Merge tag 'vfs-6.17-rc1.fileattr' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull fileattr updates from Christian Brauner: "This introduces the new file_getattr() and file_setattr() system calls after lengthy discussions. Both system calls serve as successors and extensible companions to the FS_IOC_FSGETXATTR and FS_IOC_FSSETXATTR system calls which have started to show their age in addition to being named in a way that makes it easy to conflate them with extended attribute related operations. These syscalls allow userspace to set filesystem inode attributes on special files. One of the usage examples is the XFS quota projects. XFS has project quotas which could be attached to a directory. All new inodes in these directories inherit project ID set on parent directory. The project is created from userspace by opening and calling FS_IOC_FSSETXATTR on each inode. This is not possible for special files such as FIFO, SOCK, BLK etc. Therefore, some inodes are left with empty project ID. Those inodes then are not shown in the quota accounting but still exist in the directory. This is not critical but in the case when special files are created in the directory with already existing project quota, these new inodes inherit extended attributes. This creates a mix of special files with and without attributes. Moreover, special files with attributes don't have a possibility to become clear or change the attributes. This, in turn, prevents userspace from re-creating quota project on these existing files. In addition, these new system calls allow the implementation of additional attributes that we couldn't or didn't want to fit into the legacy ioctls anymore" * tag 'vfs-6.17-rc1.fileattr' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: fs: tighten a sanity check in file_attr_to_fileattr() tree-wide: s/struct fileattr/struct file_kattr/g fs: introduce file_getattr and file_setattr syscalls fs: prepare for extending file_get/setattr() fs: make vfs_fileattr_[get|set] return -EOPNOTSUPP selinux: implement inode_file_[g|s]etattr hooks lsm: introduce new hooks for setting/getting inode fsxattr fs: split fileattr related helpers into separate file |
||
|
Linus Torvalds
|
cec40a7c80 |
vfs-6.17-rc1.integrity
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINCngAKCRCRxhvAZXjc
ogAMAP9LqNHFf7JfDIvF/PJBxzYa0ToWwPsWACERknwkvtBRCwEAhkmscIcIMQ4t
LPGLGha17dfpaE4RurRhBYgS9x2/1Ao=
=jSnJ
-----END PGP SIGNATURE-----
Merge tag 'vfs-6.17-rc1.integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
Pull vfs 'protection info' updates from Christian Brauner:
"This adds the new FS_IOC_GETLBMD_CAP ioctl() to query metadata and
protection info (PI) capabilities. This ioctl returns information
about the files integrity profile. This is useful for userspace
applications to understand a files end-to-end data protection support
and configure the I/O accordingly.
For now this interface is only supported by block devices. However the
design and placement of this ioctl in generic FS ioctl space allows us
to extend it to work over files as well. This maybe useful when
filesystems start supporting PI-aware layouts.
A new structure struct logical_block_metadata_cap is introduced, which
contains the following fields:
- lbmd_flags:
bitmask of logical block metadata capability flags
- lbmd_interval:
the amount of data described by each unit of logical block metadata
- lbmd_size:
size in bytes of the logical block metadata associated with each
interval
- lbmd_opaque_size:
size in bytes of the opaque block tag associated with each interval
- lbmd_opaque_offset:
offset in bytes of the opaque block tag within the logical block
metadata
- lbmd_pi_size:
size in bytes of the T10 PI tuple associated with each interval
- lbmd_pi_offset:
offset in bytes of T10 PI tuple within the logical block metadata
- lbmd_pi_guard_tag_type:
T10 PI guard tag type
- lbmd_pi_app_tag_size:
size in bytes of the T10 PI application tag
- lbmd_pi_ref_tag_size:
size in bytes of the T10 PI reference tag
- lbmd_pi_storage_tag_size:
size in bytes of the T10 PI storage tag
The internal logic to fetch the capability is encapsulated in a helper
function blk_get_meta_cap(), which uses the blk_integrity profile
associated with the device. The ioctl returns -EOPNOTSUPP, if
CONFIG_BLK_DEV_INTEGRITY is not enabled"
* tag 'vfs-6.17-rc1.integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs:
block: fix lbmd_guard_tag_type assignment in FS_IOC_GETLBMD_CAP
block: fix FS_IOC_GETLBMD_CAP parsing in blkdev_common_ioctl()
fs: add ioctl to query metadata and protection info capabilities
nvme: set pi_offset only when checksum type is not BLK_INTEGRITY_CSUM_NONE
block: introduce pi_tuple_size field in blk_integrity
block: rename tuple_size field in blk_integrity to metadata_size
|
||
|
Linus Torvalds
|
add07519ea |
vfs-6.17-rc1.rust
-----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINClgAKCRCRxhvAZXjc otDpAQCvI4ASuGHsDY7NMF/sOjVeeXIAQHNaxfrVnYzppqZw1wD+IFhE//BIyJoC 22zmr/o72h4YH0PazIl85NuVS2n9UA4= =EFWZ -----END PGP SIGNATURE----- Merge tag 'vfs-6.17-rc1.rust' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs rust updates from Christian Brauner: - Allow poll_table pointers to be NULL - Add Rust files to vfs MAINTAINERS entry * tag 'vfs-6.17-rc1.rust' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: vfs: add Rust files to MAINTAINERS poll: rust: allow poll_table ptrs to be null |
||
|
Linus Torvalds
|
7e7bc8335b |
vfs-6.17-rc1.bpf
-----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINCjwAKCRCRxhvAZXjc osnVAQCv4rM7sF4yJvGlm1myIJcJy5Sabk2q31qMdI1VHmkcOwD+Mxs7d1aByTS8 /6djhVleq6lcT2LpP9j8YI3Rb+x30QY= =PF3o -----END PGP SIGNATURE----- Merge tag 'vfs-6.17-rc1.bpf' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs bpf updates from Christian Brauner: "These changes allow bpf to read extended attributes from cgroupfs. This is useful in redirecting AF_UNIX socket connections based on cgroup membership of the socket. One use-case is the ability to implement log namespaces in systemd so services and containers are redirected to different journals" * tag 'vfs-6.17-rc1.bpf' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: selftests/kernfs: test xattr retrieval selftests/bpf: Add tests for bpf_cgroup_read_xattr bpf: Mark cgroup_subsys_state->cgroup RCU safe bpf: Introduce bpf_cgroup_read_xattr to read xattr of cgroup's node kernfs: remove iattr_mutex |
||
|
Linus Torvalds
|
672dcda246 |
vfs-6.17-rc1.pidfs
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINCiQAKCRCRxhvAZXjc
orltAQDq3y1anYETz5/FD6P2gXY1W5hXdSm3EHHeacQ1JjTXvgEA2g1lWO7J4anf
oOVE8aSvMow/FOjivLZBYmI65pkYJAE=
=oDKB
-----END PGP SIGNATURE-----
Merge tag 'vfs-6.17-rc1.pidfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
Pull pidfs updates from Christian Brauner:
- persistent info
Persist exit and coredump information independent of whether anyone
currently holds a pidfd for the struct pid.
The current scheme allocated pidfs dentries on-demand repeatedly.
This scheme is reaching it's limits as it makes it impossible to pin
information that needs to be available after the task has exited or
coredumped and that should not be lost simply because the pidfd got
closed temporarily. The next opener should still see the stashed
information.
This is also a prerequisite for supporting extended attributes on
pidfds to allow attaching meta information to them.
If someone opens a pidfd for a struct pid a pidfs dentry is allocated
and stashed in pid->stashed. Once the last pidfd for the struct pid
is closed the pidfs dentry is released and removed from pid->stashed.
So if 10 callers create a pidfs dentry for the same struct pid
sequentially, i.e., each closing the pidfd before the other creates a
new one then a new pidfs dentry is allocated every time.
Because multiple tasks acquiring and releasing a pidfd for the same
struct pid can race with each another a task may still find a valid
pidfs entry from the previous task in pid->stashed and reuse it. Or
it might find a dead dentry in there and fail to reuse it and so
stashes a new pidfs dentry. Multiple tasks may race to stash a new
pidfs dentry but only one will succeed, the other ones will put their
dentry.
The current scheme aims to ensure that a pidfs dentry for a struct
pid can only be created if the task is still alive or if a pidfs
dentry already existed before the task was reaped and so exit
information has been was stashed in the pidfs inode.
That's great except that it's buggy. If a pidfs dentry is stashed in
pid->stashed after pidfs_exit() but before __unhash_process() is
called we will return a pidfd for a reaped task without exit
information being available.
The pidfds_pid_valid() check does not guard against this race as it
doens't sync at all with pidfs_exit(). The pid_has_task() check might
be successful simply because we're before __unhash_process() but
after pidfs_exit().
Introduce a new scheme where the lifetime of information associated
with a pidfs entry (coredump and exit information) isn't bound to the
lifetime of the pidfs inode but the struct pid itself.
The first time a pidfs dentry is allocated for a struct pid a struct
pidfs_attr will be allocated which will be used to store exit and
coredump information.
If all pidfs for the pidfs dentry are closed the dentry and inode can
be cleaned up but the struct pidfs_attr will stick until the struct
pid itself is freed. This will ensure minimal memory usage while
persisting relevant information.
The new scheme has various advantages. First, it allows to close the
race where we end up handing out a pidfd for a reaped task for which
no exit information is available. Second, it minimizes memory usage.
Third, it allows to remove complex lifetime tracking via dentries
when registering a struct pid with pidfs. There's no need to get or
put a reference. Instead, the lifetime of exit and coredump
information associated with a struct pid is bound to the lifetime of
struct pid itself.
- extended attributes
Now that we have a way to persist information for pidfs dentries we
can start supporting extended attributes on pidfds. This will allow
userspace to attach meta information to tasks.
One natural extension would be to introduce a custom pidfs.* extended
attribute space and allow for the inheritance of extended attributes
across fork() and exec().
The first simple scheme will allow privileged userspace to set
trusted extended attributes on pidfs inodes.
- Allow autonomous pidfs file handles
Various filesystems such as pidfs and drm support opening file
handles without having to require a file descriptor to identify the
filesystem. The filesystem are global single instances and can be
trivially identified solely on the information encoded in the file
handle.
This makes it possible to not have to keep or acquire a sentinal file
descriptor just to pass it to open_by_handle_at() to identify the
filesystem. That's especially useful when such sentinel file
descriptor cannot or should not be acquired.
For pidfs this means a file handle can function as full replacement
for storing a pid in a file. Instead a file handle can be stored and
reopened purely based on the file handle.
Such autonomous file handles can be opened with or without specifying
a a file descriptor. If no proper file descriptor is used the
FD_PIDFS_ROOT sentinel must be passed. This allows us to define
further special negative fd sentinels in the future.
Userspace can trivially test for support by trying to open the file
handle with an invalid file descriptor.
- Allow pidfds for reaped tasks with SCM_PIDFD messages
This is a logical continuation of the earlier work to create pidfds
for reaped tasks through the SO_PEERPIDFD socket option merged in
923ea4d4482b ("Merge patch series "net, pidfs: enable handing out
pidfds for reaped sk->sk_peer_pid"").
- Two minor fixes:
* Fold fs_struct->{lock,seq} into a seqlock
* Don't bother with path_{get,put}() in unix_open_file()
* tag 'vfs-6.17-rc1.pidfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: (37 commits)
don't bother with path_get()/path_put() in unix_open_file()
fold fs_struct->{lock,seq} into a seqlock
selftests: net: extend SCM_PIDFD test to cover stale pidfds
af_unix: enable handing out pidfds for reaped tasks in SCM_PIDFD
af_unix: stash pidfs dentry when needed
af_unix/scm: fix whitespace errors
af_unix: introduce and use scm_replace_pid() helper
af_unix: introduce unix_skb_to_scm helper
af_unix: rework unix_maybe_add_creds() to allow sleep
selftests/pidfd: decode pidfd file handles withou having to specify an fd
fhandle, pidfs: support open_by_handle_at() purely based on file handle
uapi/fcntl: add FD_PIDFS_ROOT
uapi/fcntl: add FD_INVALID
fcntl/pidfd: redefine PIDFD_SELF_THREAD_GROUP
uapi/fcntl: mark range as reserved
fhandle: reflow get_path_anchor()
pidfs: add pidfs_root_path() helper
fhandle: rename to get_path_anchor()
fhandle: hoist copy_from_user() above get_path_from_fd()
fhandle: raise FILEID_IS_DIR in handle_type
...
|
||
|
Linus Torvalds
|
7031769e10 |
vfs-6.17-rc1.mmap_prepare
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINCgQAKCRCRxhvAZXjc
os+nAP9LFHUwWO6EBzHJJGEVjJvvzsbzqeYrRFamYiMc5ulPJwD+KW4RIgJa/MWO
pcYE40CacaekD8rFWwYUyszpgmv6ewc=
=wCwp
-----END PGP SIGNATURE-----
Merge tag 'vfs-6.17-rc1.mmap_prepare' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
Pull mmap_prepare updates from Christian Brauner:
"Last cycle we introduce f_op->mmap_prepare() in c84bf6dd2b83 ("mm:
introduce new .mmap_prepare() file callback").
This is preferred to the existing f_op->mmap() hook as it does require
a VMA to be established yet, thus allowing the mmap logic to invoke
this hook far, far earlier, prior to inserting a VMA into the virtual
address space, or performing any other heavy handed operations.
This allows for much simpler unwinding on error, and for there to be a
single attempt at merging a VMA rather than having to possibly
reattempt a merge based on potentially altered VMA state.
Far more importantly, it prevents inappropriate manipulation of
incompletely initialised VMA state, which is something that has been
the cause of bugs and complexity in the past.
The intent is to gradually deprecate f_op->mmap, and in that vein this
series coverts the majority of file systems to using f_op->mmap_prepare.
Prerequisite steps are taken - firstly ensuring all checks for mmap
capabilities use the file_has_valid_mmap_hooks() helper rather than
directly checking for f_op->mmap (which is now not a valid check) and
secondly updating daxdev_mapping_supported() to not require a VMA
parameter to allow ext4 and xfs to be converted.
Commit bb666b7c2707 ("mm: add mmap_prepare() compatibility layer for
nested file systems") handles the nasty edge-case of nested file
systems like overlayfs, which introduces a compatibility shim to allow
f_op->mmap_prepare() to be invoked from an f_op->mmap() callback.
This allows for nested filesystems to continue to function correctly
with all file systems regardless of which callback is used. Once we
finally convert all file systems, this shim can be removed.
As a result, ecryptfs, fuse, and overlayfs remain unaltered so they
can nest all other file systems.
We additionally do not update resctl - as this requires an update to
remap_pfn_range() (or an alternative to it) which we defer to a later
series, equally we do not update cramfs which needs a mixed mapping
insertion with the same issue, nor do we update procfs, hugetlbfs,
syfs or kernfs all of which require VMAs for internal state and hooks.
We shall return to all of these later"
* tag 'vfs-6.17-rc1.mmap_prepare' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs:
doc: update porting, vfs documentation to describe mmap_prepare()
fs: replace mmap hook with .mmap_prepare for simple mappings
fs: convert most other generic_file_*mmap() users to .mmap_prepare()
fs: convert simple use of generic_file_*_mmap() to .mmap_prepare()
mm/filemap: introduce generic_file_*_mmap_prepare() helpers
fs/xfs: transition from deprecated .mmap hook to .mmap_prepare
fs/ext4: transition from deprecated .mmap hook to .mmap_prepare
fs/dax: make it possible to check dev dax support without a VMA
fs: consistently use can_mmap_file() helper
mm/nommu: use file_has_valid_mmap_hooks() helper
mm: rename call_mmap/mmap_prepare to vfs_mmap/mmap_prepare
|
||
|
Linus Torvalds
|
278c7d9b5e |
vfs-6.17-rc1.fallocate
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINCeQAKCRCRxhvAZXjc
otqEAP9bWFExQtnzrNR+1s4UBfPVDAaTJzDnBWj6z0+Idw9oegEAoxF2ifdCPnR4
t/xWiM4FmSA+9pwvP3U5z3sOReDDsgo=
=WMMB
-----END PGP SIGNATURE-----
Merge tag 'vfs-6.17-rc1.fallocate' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
Pull fallocate updates from Christian Brauner:
"fallocate() currently supports creating preallocated files
efficiently. However, on most filesystems fallocate() will preallocate
blocks in an unwriten state even if FALLOC_FL_ZERO_RANGE is specified.
The extent state must later be converted to a written state when the
user writes data into this range, which can trigger numerous metadata
changes and journal I/O. This may leads to significant write
amplification and performance degradation in synchronous write mode.
At the moment, the only method to avoid this is to create an empty
file and write zero data into it (for example, using 'dd' with a large
block size). However, this method is slow and consumes a considerable
amount of disk bandwidth.
Now that more and more flash-based storage devices are available it is
possible to efficiently write zeros to SSDs using the unmap write
zeroes command if the devices do not write physical zeroes to the
media.
For example, if SCSI SSDs support the UMMAP bit or NVMe SSDs support
the DEAC bit[1], the write zeroes command does not write actual data
to the device, instead, NVMe converts the zeroed range to a
deallocated state, which works fast and consumes almost no disk write
bandwidth.
This series implements the BLK_FEAT_WRITE_ZEROES_UNMAP feature and
BLK_FLAG_WRITE_ZEROES_UNMAP_DISABLED flag for SCSI, NVMe and
device-mapper drivers, and add the FALLOC_FL_WRITE_ZEROES and
STATX_ATTR_WRITE_ZEROES_UNMAP support for ext4 and raw bdev devices.
fallocate() is subsequently extended with the FALLOC_FL_WRITE_ZEROES
flag. FALLOC_FL_WRITE_ZEROES zeroes a specified file range in such a
way that subsequent writes to that range do not require further
changes to the file mapping metadata. This flag is beneficial for
subsequent pure overwriting within this range, as it can save on block
allocation and, consequently, significant metadata changes"
* tag 'vfs-6.17-rc1.fallocate' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs:
ext4: add FALLOC_FL_WRITE_ZEROES support
block: add FALLOC_FL_WRITE_ZEROES support
block: factor out common part in blkdev_fallocate()
fs: introduce FALLOC_FL_WRITE_ZEROES to fallocate
dm: clear unmap write zeroes limits when disabling write zeroes
scsi: sd: set max_hw_wzeroes_unmap_sectors if device supports SD_ZERO_*_UNMAP
nvmet: set WZDS and DRB if device enables unmap write zeroes operation
nvme: set max_hw_wzeroes_unmap_sectors if device supports DEAC bit
block: introduce max_{hw|user}_wzeroes_unmap_sectors to queue limits
|
||
|
Linus Torvalds
|
0c4ec4a339 |
vfs-6.17-rc1.async.dir
-----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINCcgAKCRCRxhvAZXjc ose6AQDUhwws5T7FYbqQRZC7tc19xJ4CJN2MH6WQsRJ8PrXMtQD/dY/KVPGtOZgb +fFGcOPkO9c+D9WUNXjcGtGMv+fsegc= =iV8T -----END PGP SIGNATURE----- Merge tag 'vfs-6.17-rc1.async.dir' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull async directory updates from Christian Brauner: "This contains preparatory changes for the asynchronous directory locking scheme. While the locking scheme is still very much controversial and we're still far away from landing any actual changes in that area the preparatory work that we've been upstreaming for a while now has been very useful. This is another set of minor changes and cleanups" * tag 'vfs-6.17-rc1.async.dir' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: exportfs: use lookup_one_unlocked() coda: use iterate_dir() in coda_readdir() VFS: Minor fixes for porting.rst VFS: merge lookup_one_qstr_excl_raw() back into lookup_one_qstr_excl() |
||
|
Linus Torvalds
|
f70d24c230 |
vfs-6.17-rc1.nsfs
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINCaAAKCRCRxhvAZXjc
ouTCAQCrNCM3h9MpgcMDDUbi9b+lIR11JlvtWNGRUACv3RSNLgEA1vm30+u+JM87
KpVYg1RrkXDyMFXXuzy7UWpzLcBRywI=
=L0eW
-----END PGP SIGNATURE-----
Merge tag 'vfs-6.17-rc1.nsfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
Pull namespace updates from Christian Brauner:
"This contains namespace updates. This time specifically for nsfs:
- Userspace heavily relies on the root inode numbers for namespaces
to identify the initial namespaces. That's already a hard
dependency. So we cannot change that anymore. Move the initial
inode numbers to a public header and align the only two namespaces
that currently don't do that with all the other namespaces.
- The root inode of /proc having a fixed inode number has been part
of the core kernel ABI since its inception, and recently some
userspace programs (mainly container runtimes) have started to
explicitly depend on this behaviour.
The main reason this is useful to userspace is that by checking
that a suspect /proc handle has fstype PROC_SUPER_MAGIC and is
PROCFS_ROOT_INO, they can then use openat2() together with
RESOLVE_{NO_{XDEV,MAGICLINK},BENEATH} to ensure that there isn't a
bind-mount that replaces some procfs file with a different one.
This kind of attack has lead to security issues in container
runtimes in the past (such as CVE-2019-19921) and libraries like
libpathrs[1] use this feature of procfs to provide safe procfs
handling functions"
* tag 'vfs-6.17-rc1.nsfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs:
uapi: export PROCFS_ROOT_INO
mntns: use stable inode number for initial mount ns
netns: use stable inode number for initial mount ns
nsfs: move root inode number to uapi
|
||
|
Linus Torvalds
|
934600daa7 |
vfs-6.17-rc1.ovl
-----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINakQAKCRCRxhvAZXjc okGZAP9CUQfiiT3DUq0pAeuXR2BjpjM8hnNTlO7REC/AmoDWcQD/SDZWfjP2uhtk TgGlT1fS5cVcRf72+8JBtT7LGmDB7wA= =5vdH -----END PGP SIGNATURE----- Merge tag 'vfs-6.17-rc1.ovl' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull overlayfs updates from Christian Brauner: "This contains overlayfs updates for this cycle. The changes for overlayfs in here are primarily focussed on preparing for some proposed changes to directory locking. Overlayfs currently will sometimes lock a directory on the upper filesystem and do a few different things while holding the lock. This is incompatible with the new potential scheme. This series narrows the region of code protected by the directory lock, taking it multiple times when necessary. This theoretically opens up the possibilty of other changes happening on the upper filesytem between the unlock and the lock. To some extent the patches guard against that by checking the dentries still have the expect parent after retaking the lock. In general, concurrent changes to the upper and lower filesystems aren't supported properly anyway" * tag 'vfs-6.17-rc1.ovl' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: (25 commits) ovl: properly print correct variable ovl: rename ovl_cleanup_unlocked() to ovl_cleanup() ovl: change ovl_create_real() to receive dentry parent ovl: narrow locking in ovl_check_rename_whiteout() ovl: narrow locking in ovl_whiteout() ovl: change ovl_cleanup_and_whiteout() to take rename lock as needed ovl: narrow locking on ovl_remove_and_whiteout() ovl: change ovl_workdir_cleanup() to take dir lock as needed. ovl: narrow locking in ovl_workdir_cleanup_recurse() ovl: narrow locking in ovl_indexdir_cleanup() ovl: narrow locking in ovl_workdir_create() ovl: narrow locking in ovl_cleanup_index() ovl: narrow locking in ovl_cleanup_whiteouts() ovl: narrow locking in ovl_rename() ovl: simplify gotos in ovl_rename() ovl: narrow locking in ovl_create_over_whiteout() ovl: narrow locking in ovl_clear_empty() ovl: narrow locking in ovl_create_upper() ovl: narrow the locked region in ovl_copy_up_workdir() ovl: Call ovl_create_temp() without lock held. ... |
||
|
Linus Torvalds
|
117eab5c6e |
vfs-6.17-rc1.coredump
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaINAYAAKCRCRxhvAZXjc
opJiAQDXGs+gQcxJ+4BpV4QszT2OJC19oI/f5AQ4PWMJdHgr4AEA7fc6NbBrpmW7
L/tbdAwIiWp8bL1Q8Wy7Q2qldHtcggM=
=KbD9
-----END PGP SIGNATURE-----
Merge tag 'vfs-6.17-rc1.coredump' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
Pull coredump updates from Christian Brauner:
"This contains an extension to the coredump socket and a proper rework
of the coredump code.
- This extends the coredump socket to allow the coredump server to
tell the kernel how to process individual coredumps. This allows
for fine-grained coredump management. Userspace can decide to just
let the kernel write out the coredump, or generate the coredump
itself, or just reject it.
* COREDUMP_KERNEL
The kernel will write the coredump data to the socket.
* COREDUMP_USERSPACE
The kernel will not write coredump data but will indicate to the
parent that a coredump has been generated. This is used when
userspace generates its own coredumps.
* COREDUMP_REJECT
The kernel will skip generating a coredump for this task.
* COREDUMP_WAIT
The kernel will prevent the task from exiting until the coredump
server has shutdown the socket connection.
The flexible coredump socket can be enabled by using the "@@"
prefix instead of the single "@" prefix for the regular coredump
socket:
@@/run/systemd/coredump.socket
- Cleanup the coredump code properly while we have to touch it
anyway.
Split out each coredump mode in a separate helper so it's easy to
grasp what is going on and make the code easier to follow. The core
coredump function should now be very trivial to follow"
* tag 'vfs-6.17-rc1.coredump' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: (31 commits)
cleanup: add a scoped version of CLASS()
coredump: add coredump_skip() helper
coredump: avoid pointless variable
coredump: order auto cleanup variables at the top
coredump: add coredump_cleanup()
coredump: auto cleanup prepare_creds()
cred: add auto cleanup method
coredump: directly return
coredump: auto cleanup argv
coredump: add coredump_write()
coredump: use a single helper for the socket
coredump: move pipe specific file check into coredump_pipe()
coredump: split pipe coredumping into coredump_pipe()
coredump: move core_pipe_count to global variable
coredump: prepare to simplify exit paths
coredump: split file coredumping into coredump_file()
coredump: rename do_coredump() to vfs_coredump()
selftests/coredump: make sure invalid paths are rejected
coredump: validate socket path in coredump_parse()
coredump: don't allow ".." in coredump socket path
...
|
||
|
Linus Torvalds
|
7879d7aff0 |
vfs-6.17-rc1.misc
-----BEGIN PGP SIGNATURE-----
iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaIM/KwAKCRCRxhvAZXjc
opT+AP407JwhRSBjUEmHg5JzUyDoivkOySdnthunRjaBKD8rlgEApM6SOIZYucU7
cPC3ZY6ORFM6Mwaw+iDW9lasM5ucHQ8=
=CHha
-----END PGP SIGNATURE-----
Merge tag 'vfs-6.17-rc1.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
Pull misc VFS updates from Christian Brauner:
"This contains the usual selections of misc updates for this cycle.
Features:
- Add ext4 IOCB_DONTCACHE support
This refactors the address_space_operations write_begin() and
write_end() callbacks to take const struct kiocb * as their first
argument, allowing IOCB flags such as IOCB_DONTCACHE to propagate
to the filesystem's buffered I/O path.
Ext4 is updated to implement handling of the IOCB_DONTCACHE flag
and advertises support via the FOP_DONTCACHE file operation flag.
Additionally, the i915 driver's shmem write paths are updated to
bypass the legacy write_begin/write_end interface in favor of
directly calling write_iter() with a constructed synchronous kiocb.
Another i915 change replaces a manual write loop with
kernel_write() during GEM shmem object creation.
Cleanups:
- don't duplicate vfs_open() in kernel_file_open()
- proc_fd_getattr(): don't bother with S_ISDIR() check
- fs/ecryptfs: replace snprintf with sysfs_emit in show function
- vfs: Remove unnecessary list_for_each_entry_safe() from
evict_inodes()
- filelock: add new locks_wake_up_waiter() helper
- fs: Remove three arguments from block_write_end()
- VFS: change old_dir and new_dir in struct renamedata to dentrys
- netfs: Remove unused declaration netfs_queue_write_request()
Fixes:
- eventpoll: Fix semi-unbounded recursion
- eventpoll: fix sphinx documentation build warning
- fs/read_write: Fix spelling typo
- fs: annotate data race between poll_schedule_timeout() and
pollwake()
- fs/pipe: set FMODE_NOWAIT in create_pipe_files()
- docs/vfs: update references to i_mutex to i_rwsem
- fs/buffer: remove comment about hard sectorsize
- fs/buffer: remove the min and max limit checks in __getblk_slow()
- fs/libfs: don't assume blocksize <= PAGE_SIZE in
generic_check_addressable
- fs_context: fix parameter name in infofc() macro
- fs: Prevent file descriptor table allocations exceeding INT_MAX"
* tag 'vfs-6.17-rc1.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: (24 commits)
netfs: Remove unused declaration netfs_queue_write_request()
eventpoll: fix sphinx documentation build warning
ext4: support uncached buffered I/O
mm/pagemap: add write_begin_get_folio() helper function
fs: change write_begin/write_end interface to take struct kiocb *
drm/i915: Refactor shmem_pwrite() to use kiocb and write_iter
drm/i915: Use kernel_write() in shmem object create
eventpoll: Fix semi-unbounded recursion
vfs: Remove unnecessary list_for_each_entry_safe() from evict_inodes()
fs/libfs: don't assume blocksize <= PAGE_SIZE in generic_check_addressable
fs/buffer: remove the min and max limit checks in __getblk_slow()
fs: Prevent file descriptor table allocations exceeding INT_MAX
fs: Remove three arguments from block_write_end()
fs/ecryptfs: replace snprintf with sysfs_emit in show function
fs: annotate suspected data race between poll_schedule_timeout() and pollwake()
docs/vfs: update references to i_mutex to i_rwsem
fs/buffer: remove comment about hard sectorsize
fs_context: fix parameter name in infofc() macro
VFS: change old_dir and new_dir in struct renamedata to dentrys
proc_fd_getattr(): don't bother with S_ISDIR() check
...
|
||
|
Linus Torvalds
|
794cbac9c0 |
mount changes. I've got more stuff in the local tree, but
this is getting too much for one merge window as it is.
* mount hash conflicts rudiments are gone now - we do not allow
multiple mounts with the same parent/mountpoint to be
hashed at the same time.
* struct mount changes
mnt_umounting is gone;
mnt_slave_list/mnt_slave is an hlist now;
overmounts are kept track of by explicit pointer in mount;
a bunch of flags moved out of mnt_flags to a new field,
with only namespace_sem for protection;
mnt_expiry is protected by mount_lock now (instead of
namespace_sem);
MNT_LOCKED is used only for mounts that need to remain
attached to their parents to prevent mountpoint exposure -
no more overloading it for absolute roots;
all mnt_list uses are transient now - it's used only to
represent temporary sets during umount_tree().
* mount refcounting change
children no longer pin parents for any mounts, whether they'd
passed through umount_tree() or not.
* struct mountpoint changes
refcount is no more; what matters is ->m_list emptiness;
instead of temporary bumping the refcount, we insert a new object
(pinned_mountpoint) into ->m_list;
new calling conventions for lock_mount() and friends.
* do_move_mount()/attach_recursive_mnt() seriously cleaned up.
* globals in fs/pnode.c are gone.
* propagate_mnt(), change_mnt_propagation() and propagate_umount() cleaned up
(in the last case - pretty much completely rewritten).
* freeing of emptied mnt_namespace is done in namespace_unlock()
for one thing, there are subtle ordering requirements there;
for another it simplifies cleanups.
* assorted cleanups.
* restore the machinery for long-term mounts from accumulated bitrot.
This is going to get a followup come next cycle, when #work.fs_context
with its change of vfs_fs_parse_string() calling conventions goes
into -next.
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCaIR2dQAKCRBZ7Krx/gZQ
6/SzAP4x+Fjjc5Tm2UNgGW5dptDY5s9O5RuFauo1MM6rcrekagEApTarcMlPnZvC
mj1TVJFNfdVhZyTXnz5ocHhGX1udmgU=
=qT69
-----END PGP SIGNATURE-----
Merge tag 'pull-mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull vfs mount updates from Al Viro:
- mount hash conflicts rudiments are gone now - we do not allow
multiple mounts with the same parent/mountpoint to be hashed at the
same time.
- 'struct mount' changes:
- mnt_umounting is gone
- mnt_slave_list/mnt_slave is an hlist now
- overmounts are kept track of by explicit pointer in mount
- a bunch of flags moved out of mnt_flags to a new field, with
only namespace_sem for protection
- mnt_expiry is protected by mount_lock now (instead of
namespace_sem)
- MNT_LOCKED is used only for mounts that need to remain attached
to their parents to prevent mountpoint exposure - no more
overloading it for absolute roots
- all mnt_list uses are transient now - it's used only to
represent temporary sets during umount_tree()
- mount refcounting change: children no longer pin parents for any
mounts, whether they'd passed through umount_tree() or not
- 'struct mountpoint' changes:
- refcount is no more; what matters is ->m_list emptiness
- instead of temporary bumping the refcount, we insert a new
object (pinned_mountpoint) into ->m_list
- new calling conventions for lock_mount() and friends
- do_move_mount()/attach_recursive_mnt() seriously cleaned up
- globals in fs/pnode.c are gone
- propagate_mnt(), change_mnt_propagation() and propagate_umount()
cleaned up (in the last case - pretty much completely rewritten).
- freeing of emptied mnt_namespace is done in namespace_unlock(). For
one thing, there are subtle ordering requirements there; for another
it simplifies cleanups.
- assorted cleanups
- restore the machinery for long-term mounts from accumulated bitrot.
This is going to get a followup come next cycle, when the change of
vfs_fs_parse_string() calling conventions goes into -next
* tag 'pull-mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (48 commits)
statmount_mnt_basic(): simplify the logics for group id
invent_group_ids(): zero ->mnt_group_id always implies !IS_MNT_SHARED()
get rid of CL_SHARE_TO_SLAVE
take freeing of emptied mnt_namespace to namespace_unlock()
copy_tree(): don't link the mounts via mnt_list
change_mnt_propagation(): move ->mnt_master assignment into MS_SLAVE case
mnt_slave_list/mnt_slave: turn into hlist_head/hlist_node
turn do_make_slave() into transfer_propagation()
do_make_slave(): choose new master sanely
change_mnt_propagation(): do_make_slave() is a no-op unless IS_MNT_SHARED()
change_mnt_propagation() cleanups, step 1
propagate_mnt(): fix comment and convert to kernel-doc, while we are at it
propagate_mnt(): get rid of last_dest
fs/pnode.c: get rid of globals
propagate_one(): fold into the sole caller
propagate_one(): separate the "what should be the master for this copy" part
propagate_one(): separate the "do we need secondary here?" logics
propagate_mnt(): handle all peer groups in the same loop
propagate_one(): get rid of dest_master
mount: separate the flags accessed only under namespace_sem
...
|
||
|
Linus Torvalds
|
953e117bf4 |
A missing bit of 66635b077624 ("assorted variants of irqfd setup:
convert to CLASS(fd)") a year ago - mshv_eventfd would've been
covered by that, but it had forked slightly before that series
and got merged into mainline later.
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCaIRNHgAKCRBZ7Krx/gZQ
66NpAQCqVYE230nARjNQmpjVyJ8L+ncRHNzWpaFwA9f2LMzYEwD+OTkNvpqtyLQb
qMo71qocHKdfL3euO647Swp20cOgigc=
=XO4e
-----END PGP SIGNATURE-----
Merge tag 'pull-fd' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull CLASS(fd) update from Al Viro:
"A missing bit of commit 66635b077624 ("assorted variants of irqfd
setup: convert to CLASS(fd)") from a year ago.
mshv_eventfd would've been covered by that, but it had forked slightly
before that series and got merged into mainline later"
* tag 'pull-fd' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
mshv_eventfd: convert to CLASS(fd)
|
||
|
Linus Torvalds
|
815d3c1628 |
ceph ->d_name race fixes
-----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCaIRLdAAKCRBZ7Krx/gZQ 6ysfAQDtJazbwSdu5MFLZs0YBv757xiWvsYBWWmgEPedtTRYnAEAnawe/IkQ4IAd 9c5h4IPLOK9wwwFWgHY60L1pwlwrSAY= =B0Yx -----END PGP SIGNATURE----- Merge tag 'pull-ceph-d_name-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull ceph dentry->d_name fixes from Al Viro: "Stuff that had fallen through the cracks back in February; ceph folks tested that pile and said they prefer to have it go through my tree..." * tag 'pull-ceph-d_name-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: ceph: fix a race with rename() in ceph_mdsc_build_path() prep for ceph_encode_encrypted_fname() fixes [ceph] parse_longname(): strrchr() expects NUL-terminated string |
||
|
Linus Torvalds
|
2d9c1336ed |
VFS-related cleanups in various places (mostly of the "that really can't
happen" or "there's a better way to do it" variety) -----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCaIRK0QAKCRBZ7Krx/gZQ 66/LAPoCvj5nAZH41F1VfyinA6V96kKsAazjrG7ttpWenu+6GAD/e9YQIAtYro0Z 6f6EWTgrrEZqpOgc9kfHJq60m/TnSg8= =Ojq4 -----END PGP SIGNATURE----- Merge tag 'pull-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull misc VFS updates from Al Viro: "VFS-related cleanups in various places (mostly of the "that really can't happen" or "there's a better way to do it" variety)" * tag 'pull-misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: gpib: use file_inode() binder_ioctl_write_read(): simplify control flow a bit secretmem: move setting O_LARGEFILE and bumping users' count to the place where we create the file apparmor: file never has NULL f_path.mnt landlock: opened file never has a negative dentry |
||
|
Linus Torvalds
|
8297b790c6 |
securityfs cleanups and fixes:
* one extra reference is enough to pin a dentry down; no need
for two. Switch to regular scheme, similar to shmem, debugfs,
etc. - that fixes securityfs_recursive_remove() dentry leak,
among other things.
* we need to have the filesystem pinned to prevent the contents
disappearing; what we do not need is pinning it for each file.
Doing that only for files and directories in the root is enough.
* the previous two changes allow to get rid of the racy kludges
in efi_secret_unlink(), where we can use simple_unlink() instead
of securityfs_remove(). Which does not require unlocking and
relocking the parent, with all deadlocks that invites.
* Make securityfs_remove() take the entire subtree out, turning
securityfs_recursive_remove() into its alias. Makes a lot more
sense for callers and fixes a mount leak, while we are at it.
* Making securityfs_remove() remove the entire subtree allows for
much simpler life in most of the users - efi_secret, ima_fs,
evm, ipe, tmp get cleaner. I hadn't touched apparmor use of
securityfs, but I suspect that it would be useful there as well.
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCaIRJkgAKCRBZ7Krx/gZQ
67PmAQCCmJ8Czxb0+4P2J8bJFDELvrT3ff0Ns2d/1m77cATdBAEArOxw5iNXfpfU
0WhjMvQFsgob6jtijG1MAWV7Npz4MwE=
=wraS
-----END PGP SIGNATURE-----
Merge tag 'pull-securityfs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull securityfs updates from Al Viro:
"Securityfs cleanups and fixes:
- one extra reference is enough to pin a dentry down; no need for
two. Switch to regular scheme, similar to shmem, debugfs, etc. This
fixes a securityfs_recursive_remove() dentry leak, among other
things.
- we need to have the filesystem pinned to prevent the contents
disappearing; what we do not need is pinning it for each file.
Doing that only for files and directories in the root is enough.
- the previous two changes allow us to get rid of the racy kludges in
efi_secret_unlink(), where we can use simple_unlink() instead of
securityfs_remove(). Which does not require unlocking and relocking
the parent, with all deadlocks that invites.
- Make securityfs_remove() take the entire subtree out, turning
securityfs_recursive_remove() into its alias. Makes a lot more
sense for callers and fixes a mount leak, while we are at it.
- Making securityfs_remove() remove the entire subtree allows for
much simpler life in most of the users - efi_secret, ima_fs, evm,
ipe, tmp get cleaner. I hadn't touched apparmor use of securityfs,
but I suspect that it would be useful there as well"
* tag 'pull-securityfs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
tpm: don't bother with removal of files in directory we'll be removing
ipe: don't bother with removal of files in directory we'll be removing
evm_secfs: clear securityfs interactions
ima_fs: get rid of lookup-by-dentry stuff
ima_fs: don't bother with removal of files in directory we'll be removing
efi_secret: clean securityfs use up
make securityfs_remove() remove the entire subtree
fix locking in efi_secret_unlink()
securityfs: pin filesystem only for objects directly in root
securityfs: don't pin dentries twice, once is enough...
|
||
|
Linus Torvalds
|
ddf52f12ef |
Massage rpc_pipefs to use saner primitives and clean up the
APIs provided to the rest of the kernel.
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCaIRDbQAKCRBZ7Krx/gZQ
63n6APwNnJXwgtSDi9N0FfHOlYqYSCaCjezVLbq+GR8K+r4wowD/TX/A4Qbyjjic
/VG8VbYe6fRaD53vp1giGI/dJiTI2Qg=
=Ta4H
-----END PGP SIGNATURE-----
Merge tag 'pull-rpc_pipefs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull rpc_pipefs updates from Al Viro:
"Massage rpc_pipefs to use saner primitives and clean up the APIs
provided to the rest of the kernel"
* tag 'pull-rpc_pipefs' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
rpc_create_client_dir(): return 0 or -E...
rpc_create_client_dir(): don't bother with rpc_populate()
rpc_new_dir(): the last argument is always NULL
rpc_pipe: expand the calls of rpc_mkdir_populate()
rpc_gssd_dummy_populate(): don't bother with rpc_populate()
rpc_mkpipe_dentry(): switch to simple_start_creating()
rpc_pipe: saner primitive for creating regular files
rpc_pipe: saner primitive for creating subdirectories
rpc_pipe: don't overdo directory locking
rpc_mkpipe_dentry(): saner calling conventions
rpc_unlink(): saner calling conventions
rpc_populate(): lift cleanup into callers
rpc_unlink(): use simple_recursive_removal()
rpc_{rmdir_,}depopulate(): use simple_recursive_removal() instead
rpc_pipe: clean failure exits in fill_super
new helper: simple_start_creating()
|
||
|
Linus Torvalds
|
1959e18cc0 |
Removing subtrees of kernel filesystems is done in quite a few
places; unfortunately, it's easy to get wrong. A number of open-coded attempts are out there, with varying amount of bogosities. simple_recursive_removal() had been introduced for doing that with all precautions needed; it does an equivalent of rm -rf, with sufficient locking, eviction of anything mounted on top of the subtree, etc. This series converts a bunch of open-coded instances to using that. -----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCaIRCUwAKCRBZ7Krx/gZQ 66XWAP9BNyHcvl9uV/ku/mswYiRBxYoVogciIKeugwYTVLuTJgEA7jdh1eyLkvbS rwbL7XD+Q35/vXZHEet+RLCGH3ae6wc= =yaKF -----END PGP SIGNATURE----- Merge tag 'pull-simple_recursive_removal' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull simple_recursive_removal() update from Al Viro: "Removing subtrees of kernel filesystems is done in quite a few places; unfortunately, it's easy to get wrong. A number of open-coded attempts are out there, with varying amount of bogosities. simple_recursive_removal() had been introduced for doing that with all precautions needed; it does an equivalent of rm -rf, with sufficient locking, eviction of anything mounted on top of the subtree, etc. This series converts a bunch of open-coded instances to using that" * tag 'pull-simple_recursive_removal' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: functionfs, gadgetfs: use simple_recursive_removal() kill binderfs_remove_file() fuse_ctl: use simple_recursive_removal() pstore: switch to locked_recursive_removal() binfmt_misc: switch to locked_recursive_removal() spufs: switch to locked_recursive_removal() add locked_recursive_removal() better lockdep annotations for simple_recursive_removal() simple_recursive_removal(): saner interaction with fsnotify |
||
|
Linus Torvalds
|
11fe69fbd5 |
Current exclusion rules for ->d_flags stores are rather unpleasant.
The basic rules are simple: * stores to dentry->d_flags are OK under dentry->d_lock. * stores to dentry->d_flags are OK in the dentry constructor, before becomes potentially visible to other threads. Unfortunately, there's a couple of exceptions to that, and that's where the headache comes from. Main PITA comes from d_set_d_op(); that primitive sets ->d_op of dentry and adjusts the flags that correspond to presence of individual methods. It's very easy to misuse; existing uses _are_ safe, but proof of correctness is brittle. Use in __d_alloc() is safe (we are within a constructor), but we might as well precalculate the initial value of ->d_flags when we set the default ->d_op for given superblock and set ->d_flags directly instead of messing with that helper. The reasons why other uses are safe are bloody convoluted; I'm not going to reproduce it here. See https://lore.kernel.org/all/20250224010624.GT1977892@ZenIV/ for gory details, if you care. The critical part is using d_set_d_op() only just prior to d_splice_alias(), which makes a combination of d_splice_alias() with setting ->d_op, etc. a natural replacement primitive. Better yet, if we go that way, it's easy to take setting ->d_op and modifying ->d_flags under ->d_lock, which eliminates the headache as far as ->d_flags exclusion rules are concerned. Other exceptions are minor and easy to deal with. What this series does: * d_set_d_op() is no longer available; new primitive (d_splice_alias_ops()) is provided, equivalent to combination of d_set_d_op() and d_splice_alias(). * new field of struct super_block - ->s_d_flags. Default value of ->d_flags to be used when allocating dentries on this filesystem. * new primitive for setting ->s_d_op: set_default_d_op(). Replaces stores to ->s_d_op at mount time. All in-tree filesystems converted; out-of-tree ones will get caught by compiler (->s_d_op is renamed, so stores to it will be caught). ->s_d_flags is set by the same primitive to match the ->s_d_op. * a lot of filesystems had ->s_d_op->d_delete equal to always_delete_dentry; that is equivalent to setting DCACHE_DONTCACHE in ->d_flags, so such filesystems can bloody well set that bit in ->s_d_flags and drop ->d_delete() from dentry_operations. In quite a few cases that results in empty dentry_operations, which means that we can get rid of those. * kill simple_dentry_operations - not needed anymore. * massage d_alloc_parallel() to get rid of the other exception wrt ->d_flags stores - we can set DCACHE_PAR_LOOKUP as soon as we allocate the new dentry; no need to delay that until we commit to using the sucker. As the result, ->d_flags stores are all either under ->d_lock or done before the dentry becomes visible in any shared data structures. -----BEGIN PGP SIGNATURE----- iHUEABYIAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCaIQ/tQAKCRBZ7Krx/gZQ 66AhAQDgQ+S224x5YevNXc9mDoGUBMF4OG0n0fIla9rfdL4I6wEAqpOWMNDcVPCZ GwYOvJ9YuqNdz+MyprAI18Yza4GOmgs= =rTYB -----END PGP SIGNATURE----- Merge tag 'pull-dcache' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull dentry d_flags updates from Al Viro: "The current exclusion rules for dentry->d_flags stores are rather unpleasant. The basic rules are simple: - stores to dentry->d_flags are OK under dentry->d_lock - stores to dentry->d_flags are OK in the dentry constructor, before becomes potentially visible to other threads Unfortunately, there's a couple of exceptions to that, and that's where the headache comes from. The main PITA comes from d_set_d_op(); that primitive sets ->d_op of dentry and adjusts the flags that correspond to presence of individual methods. It's very easy to misuse; existing uses _are_ safe, but proof of correctness is brittle. Use in __d_alloc() is safe (we are within a constructor), but we might as well precalculate the initial value of 'd_flags' when we set the default ->d_op for given superblock and set 'd_flags' directly instead of messing with that helper. The reasons why other uses are safe are bloody convoluted; I'm not going to reproduce it here. See [1] for gory details, if you care. The critical part is using d_set_d_op() only just prior to d_splice_alias(), which makes a combination of d_splice_alias() with setting ->d_op, etc a natural replacement primitive. Better yet, if we go that way, it's easy to take setting ->d_op and modifying 'd_flags' under ->d_lock, which eliminates the headache as far as 'd_flags' exclusion rules are concerned. Other exceptions are minor and easy to deal with. What this series does: - d_set_d_op() is no longer available; instead a new primitive (d_splice_alias_ops()) is provided, equivalent to combination of d_set_d_op() and d_splice_alias(). - new field of struct super_block - 's_d_flags'. This sets the default value of 'd_flags' to be used when allocating dentries on this filesystem. - new primitive for setting 's_d_op': set_default_d_op(). This replaces stores to 's_d_op' at mount time. All in-tree filesystems converted; out-of-tree ones will get caught by the compiler ('s_d_op' is renamed, so stores to it will be caught). 's_d_flags' is set by the same primitive to match the 's_d_op'. - a lot of filesystems had sb->s_d_op->d_delete equal to always_delete_dentry; that is equivalent to setting DCACHE_DONTCACHE in 'd_flags', so such filesystems can bloody well set that bit in 's_d_flags' and drop 'd_delete()' from dentry_operations. In quite a few cases that results in empty dentry_operations, which means that we can get rid of those. - kill simple_dentry_operations - not needed anymore - massage d_alloc_parallel() to get rid of the other exception wrt 'd_flags' stores - we can set DCACHE_PAR_LOOKUP as soon as we allocate the new dentry; no need to delay that until we commit to using the sucker. As the result, 'd_flags' stores are all either under ->d_lock or done before the dentry becomes visible in any shared data structures" Link: https://lore.kernel.org/all/20250224010624.GT1977892@ZenIV/ [1] * tag 'pull-dcache' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (21 commits) configfs: use DCACHE_DONTCACHE debugfs: use DCACHE_DONTCACHE efivarfs: use DCACHE_DONTCACHE instead of always_delete_dentry() 9p: don't bother with always_delete_dentry ramfs, hugetlbfs, mqueue: set DCACHE_DONTCACHE kill simple_dentry_operations devpts, sunrpc, hostfs: don't bother with ->d_op shmem: no dentry retention past the refcount reaching zero d_alloc_parallel(): set DCACHE_PAR_LOOKUP earlier make d_set_d_op() static simple_lookup(): just set DCACHE_DONTCACHE tracefs: Add d_delete to remove negative dentries set_default_d_op(): calculate the matching value for ->d_flags correct the set of flags forbidden at d_set_d_op() time split d_flags calculation out of d_set_d_op() new helper: set_default_d_op() fuse: no need for special dentry_operations for root dentry switch procfs from d_set_d_op() to d_splice_alias_ops() new helper: d_splice_alias_ops() procfs: kill ->proc_dops ... |
||
|
Linus Torvalds
|
126e5754e9 |
This series massages asm/param.h to simpler and more uniform shape.
By the end of it,
* all arch/*/include/uapi/asm/param.h are either generated includes
of <asm-generic/param.h> or a #define or two followed by such include.
* no arch/*/include/asm/param.h anywhere, generated or not.
* include <asm/param.h> resolves to arch/*/include/uapi/asm/param.h
of the architecture in question (or that of host in case of uml).
* include/asm-generic/param.h pulls uapi/asm-generic/param.h and
deals with USER_HZ, CLOCKS_PER_SEC and with HZ redefinition after that.
-----BEGIN PGP SIGNATURE-----
iHUEABYIAB0WIQQqUNBr3gm4hGXdBJlZ7Krx/gZQ6wUCaIRH4wAKCRBZ7Krx/gZQ
6x9+AQDJ8m23WnR8eyKbUbWvJLtUPaAn4HhGYPhsargl8QSBPQEArmW8H7uEnLVQ
yK7fXjHL/Ju+Gh0wPr4EC5o+qKLywgc=
=ydzP
-----END PGP SIGNATURE-----
Merge tag 'pull-headers_param' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
Pull asm/param cleanup from Al Viro:
"This massages asm/param.h to simpler and more uniform shape:
- all arch/*/include/uapi/asm/param.h are either generated includes
of <asm-generic/param.h> or a #define or two followed by such
include
- no arch/*/include/asm/param.h anywhere, generated or not
- include <asm/param.h> resolves to arch/*/include/uapi/asm/param.h
of the architecture in question (or that of host in case of uml)
- include/asm-generic/param.h pulls uapi/asm-generic/param.h and
deals with USER_HZ, CLOCKS_PER_SEC and with HZ redefinition after
that"
* tag 'pull-headers_param' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
loongarch, um, xtensa: get rid of generated arch/$ARCH/include/asm/param.h
alpha: regularize the situation with asm/param.h
xtensa: get rid uapi/asm/param.h
|
||
|
Linus Torvalds
|
ce3f5bb750 |
NFSD 6.17 Release Notes
NFSD is finally able to offer write delegations to clients that open files with O_WRONLY, thanks to patches from Dai Ngo. We're expecting this to accelerate a few interesting corner cases. The cap on the number of operations per NFSv4 COMPOUND has been lifted. Now, clients that send COMPOUNDs containing dozens of operations (for example, a long stream of LOOKUP operations to walk a pathname in a single round trip) will no longer be rejected. This release re-enables the ability for NFSD to perform NFSv4.2 COPY operations asynchronously. This feature has been disabled to mitigate the risk of denial-of-service when too many such requests arrive. Many thanks to the contributors, reviewers, testers, and bug reporters who participated during the v6.17 development cycle. -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEKLLlsBKG3yQ88j7+M2qzM29mf5cFAmiFJAcACgkQM2qzM29m f5fOvA/+I1W3iAXMeuS4MdBD+20976XZNazXKXXfJE9ay/0I7rXka0uD9HH+cTnU 3wY1p+jjTs+Tatc5A39MjuS9a6o23FnHZB7IOimL+9ASRjBgjXisOyb7yEnfcA4s 9NjM5sMHskmrNpLX5kDPNHzTMdaozGl/uSDKg5WSAU/NMrtAT9c9snx4bO5A6mdk 48XPkP5++aBKGehsPqI0WGOeSzGKI7dc/kJS9F8kIbBCAMJSbIY7PKly+y+fbJkk eMapUX257DCRQejA6hnFff0/x1NnR2tC8lQAZE1c7P5D9CV+1UEAQWK4/OOD2aeQ hY9Ieb7CFZRot3VDGnnrYjLbApiZCY9m10ukDTykPErJ4ZEWEjUtMN7oAhRN3/Ie O2NKvyVo4bOI5zHf4iCIVNp/hDHs01FoMfJfQYRACpBtsIKm+1pn4uTJtrezhJvn qsvctMEMtXwZDlntwhQwU54XJyyGq7gJwuRAZ5xgW6WWQQI+NNKUm2XZu3YwJZF+ 4Ji2vj6kRpS46HWG0VRUX12hXdDZdwFjcZ7eXZiSL3gZJ3xuEJDQ3jyyRwfe5t+8 W6eQRW9Sq1gN4OLwWjfltqs9l52XYfw0jitmX8Y98l1K05a4X74iIPRC5s97HV0E XfvW+jRS4+x7tRp4wwcI2cGTPRTdK8xjmRWM3l2PQzgeG3AHUs8= =rC5G -----END PGP SIGNATURE----- Merge tag 'nfsd-6.17' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux Pull nfsd updates from Chuck Lever: "NFSD is finally able to offer write delegations to clients that open files with O_WRONLY, thanks to patches from Dai Ngo. We're expecting this to accelerate a few interesting corner cases. The cap on the number of operations per NFSv4 COMPOUND has been lifted. Now, clients that send COMPOUNDs containing dozens of operations (for example, a long stream of LOOKUP operations to walk a pathname in a single round trip) will no longer be rejected. This release re-enables the ability for NFSD to perform NFSv4.2 COPY operations asynchronously. This feature has been disabled to mitigate the risk of denial-of-service when too many such requests arrive. Many thanks to the contributors, reviewers, testers, and bug reporters who participated during the v6.17 development cycle" * tag 'nfsd-6.17' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux: (32 commits) nfsd: Drop dprintk in blocklayout xdr functions sunrpc: make svc_tcp_sendmsg() take a signed sentp pointer sunrpc: rearrange struct svc_rqst for fewer cachelines sunrpc: return better error in svcauth_gss_accept() on alloc failure sunrpc: reset rq_accept_statp when starting a new RPC sunrpc: remove SVC_SYSERR sunrpc: fix handling of unknown auth status codes NFSD: Simplify struct knfsd_fh NFSD: Access a knfsd_fh's fsid by pointer Revert "NFSD: Force all NFSv4.2 COPY requests to be synchronous" NFSD: Avoid multiple -Wflex-array-member-not-at-end warnings NFSD: Use vfs_iocb_iter_write() NFSD: Use vfs_iocb_iter_read() NFSD: Clean up kdoc for nfsd_open_local_fh() NFSD: Clean up kdoc for nfsd_file_put_local() NFSD: Remove definition for trace_nfsd_ctl_maxconn NFSD: Remove definition for trace_nfsd_file_gc_recent NFSD: Remove definitions for unused trace_nfsd_file_lru trace points NFSD: Remove definition for trace_nfsd_file_unhash_and_queue nfsd: Use correct error code when decoding extents ... |
||
|
Linus Torvalds
|
a90f1b6ad6 |
gfs2 changes
- Prevent cluster nodes from trying to recover their own filesystems
during a withdraw.
- Add two missing migrate_folio aops and an additional exhash directory
consistency check (both triggered by syzbot bug reports).
- Sanitize how dlm results are processed and clean up a few quirks in
the glock code.
- Minor stuff: Get rid of the GIF_ALLOC_FAILED flag; use SECTOR_SIZE and
SECTOR_SHIFT.
-----BEGIN PGP SIGNATURE-----
iQJIBAABCAAyFiEEJZs3krPW0xkhLMTc1b+f6wMTZToFAmiHiqQUHGFncnVlbmJh
QHJlZGhhdC5jb20ACgkQ1b+f6wMTZTrK9w/7BU//ySUwhfK2bXVxhXNgkMACv1UG
MXt08FgmVAg6CLVQzsCxT2J/vBnauY9KaEzNZTspMMZtHJLpIoy095bcPLO1SHFh
AbnLIcfX4wbdPJumeI6DJXSdeInVTBCjaPanHdZ9BvCcl9vSJ5WXUzHVfos2dcSl
P6xKhAOICE7T/ML03o81KtHEypblj3E34i7y1fIBJN2F2/eKCywQOmtYPa6ertIA
WNKiH6OR1YloQF4ddYkU7vpeLgQFItkHIDqGrr2R8FEByprBrs1FbkJKZGQHRZuq
0g5rRdA7KOjc/pJPPl0aiaSlPm6DQx6TJD+suDwerKpu0HZo65QuWCvVq6Dipkp5
Y0dgP1aPZw/LAcJ86BDI/OhBCPEQI4xa92mCPU9OofvgbjhtJi3a5l2GVZtmbbBW
Yp6o+rUCYYlYSzP0FDM9hIdYcpNdDC3v7u8IZ1bd9bgflIgoGb7TEqm8geZ4XcyC
chqjkRcffNRoxuon+Csfv/P/fSvaNxCqaCKTa+4+iewIFTYwpTj8pQqjw/cI6w7Y
8q6nLBFPvPU/nms6kQfOvG0YN1NpemFHp7uvdqwmkqDXMBw7x2mR5+J2bvl6XtCG
yuliqWNYcIvxRG4zlbK+nw4j6CQ71V4aTQVt0XJ9wKYhHLZTowOEm/nkat4O285G
BAwyQjpCULSAQFk=
=Sfn8
-----END PGP SIGNATURE-----
Merge tag 'gfs2-for-6.17' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2
Pull gfs2 updates from Andreas Gruenbacher:
- Prevent cluster nodes from trying to recover their own filesystems
during a withdraw
- Add two missing migrate_folio aops and an additional exhash directory
consistency check (both triggered by syzbot bug reports)
- Sanitize how dlm results are processed and clean up a few quirks in
the glock code
- Minor stuff: Get rid of the GIF_ALLOC_FAILED flag; use SECTOR_SIZE
and SECTOR_SHIFT
* tag 'gfs2-for-6.17' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2:
gfs2: No more self recovery
gfs2: Validate i_depth for exhash directories
gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops
gfs2: a minor finish_xmote cleanup
gfs2: simplify finish_xmote
gfs2: sanitize the gdlm_ast -> finish_xmote interface
gfs2: Minor do_xmote cancelation fix
gfs2: Remove GIF_ALLOC_FAILED flag
gfs2: Use SECTOR_SIZE and SECTOR_SHIFT
|
||
|
Linus Torvalds
|
f3f5edc5e4 |
xfs: New code for 6.17
Signed-off-by: Carlos Maiolino <cem@kernel.org>
-----BEGIN PGP SIGNATURE-----
iJUEABMJAB0WIQSmtYVZ/MfVMGUq1GNcsMJ8RxYuYwUCaIcswwAKCRBcsMJ8RxYu
Y5UqAYCWhEmZNTd0aN4kR3xqGMV+/3bubml4TXB8HvIv35gaOrFCgQkytVJLD74e
A0WtR+4BgJOIKmYfz4AAx6vbsoMWevya1f879i7NI7SYuI0/oB1klRtApZF0Slwv
OKJsN/s6Sg==
=/Q43
-----END PGP SIGNATURE-----
Merge tag 'xfs-merge-6.17' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux
Pull xfs updates from Carlos Maiolino:
"This doesn't contain any new features. It mostly is a collection of
clean ups and code refactoring that I preferred to postpone to the
merge window.
It includes removal of several unused tracepoints, refactoring key
comparing routines under the B-Trees management and cleanup of xfs
journaling code"
* tag 'xfs-merge-6.17' of git://git.kernel.org/pub/scm/fs/xfs/xfs-linux: (44 commits)
xfs: don't use a xfs_log_iovec for ri_buf in log recovery
xfs: don't use a xfs_log_iovec for attr_item names and values
xfs: use better names for size members in xfs_log_vec
xfs: cleanup the ordered item logic in xlog_cil_insert_format_items
xfs: don't pass the old lv to xfs_cil_prepare_item
xfs: remove unused trace event xfs_reflink_cow_enospc
xfs: remove unused trace event xfs_discard_rtrelax
xfs: remove unused trace event xfs_log_cil_return
xfs: remove unused trace event xfs_dqreclaim_dirty
fs/xfs: replace strncpy with memtostr_pad()
xfs: Remove unused label in xfs_dax_notify_dev_failure
xfs: improve the comments in xfs_select_zone_nowait
xfs: improve the comments in xfs_max_open_zones
xfs: stop passing an inode to the zone space reservation helpers
xfs: rename oz_write_pointer to oz_allocated
xfs: use a uint32_t to cache i_used_blocks in xfs_init_zone
xfs: improve the xg_active_ref check in xfs_group_free
xfs: remove the xlog_ticket_t typedef
xfs: remove xrep_trans_{alloc,cancel}_hook_dummy
xfs: return the allocated transaction from xchk_trans_alloc_empty
...
|
||
|
Linus Torvalds
|
76a9701325 |
Changes since last update:
- Add support for metadata compression;
- Enable readahead for directories to improve readdir performance;
- Minor fixes and cleanups.
-----BEGIN PGP SIGNATURE-----
iQJFBAABCgAvFiEEQ0A6bDUS9Y+83NPFUXZn5Zlu5qoFAmiGgHARHHhpYW5nQGtl
cm5lbC5vcmcACgkQUXZn5Zlu5qrDRA/8CYk5EJVvk5+AtpJJobxYsKR08ERs9QUi
AKjOMDfMkuDsHG5K8M9dUiEm3Xf0PL0+ukqwzlaDCzZswbwoYBp+ghXRIHjWA53Z
8i6Oj1Xdd7lNejKqzKzIEaZY2RuplMtxrRZMrkRVpAfJcv1YQfE142h++kTUHqKr
4ON14L6es7HDPnadRq8Ska3aAAmz3XNNiUUdHZ7Qwx32eH9wtu+ihpLF5R2E2v6o
H4tegJa9lIUF1aLhelYwIqU9racEuqUcsm/s8qFN0HafbRl8LfPq75neMPfXgVOV
Wc8O9yNiD53fMYW7hASOOMl2uTEcid1aLSZ4vfbXAJWS3dQoEoWb8XdLbSz3uIC7
oECRikN/DfhkxmQanMaTt5oRO/PkLQvJk6AtksbJ4kxYhWApQgrJM6YLHE34GNev
le6lyOq9xMIye/tRcywzjCP5FtIg+i28QEK6RVEOUpr2m8SpPhOPqk48q5ZqZXkj
hv9l6y0d1alUSykK/2gNon3b0R3savYPagm1kFkoJbumAVnx7gZjNvtPNhW8UdWv
GiMX3uydpxPm3ar/fNhcjbts/bPBSKHD2zJUCYslIB15cPe105on5a5HmAyV6o2i
ELxWzVsrjmwHY2QLRKfLFkLabaclMn1Qy0VlkNYo/3Z7EjcD9QHjIb+Wdx3gGAvu
45Vr/cJypjM=
=Tl9j
-----END PGP SIGNATURE-----
Merge tag 'erofs-for-6.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs
Pull erofs updates from Gao Xiang:
"We now support metadata compression. It can be useful for embedded use
cases or archiving a large number of small files.
Additionally, readdir performance has been improved by enabling
readahead (note that it was already common practice for ext3/4 non-dx
and f2fs directories). We may consider further improvements later to
align with ext4's s_inode_readahead_blks behavior for slow devices
too.
The remaining commits are minor.
Summary:
- Add support for metadata compression
- Enable readahead for directories to improve readdir performance
- Minor fixes and cleanups"
* tag 'erofs-for-6.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs:
erofs: support to readahead dirent blocks in erofs_readdir()
erofs: implement metadata compression
erofs: add on-disk definition for metadata compression
erofs: fix build error with CONFIG_EROFS_FS_ZIP_ACCEL=y
erofs: remove ENOATTR definition
erofs: refine erofs_iomap_begin()
erofs: unify meta buffers in z_erofs_fill_inode()
erofs: remove need_kmap in erofs_read_metabuf()
erofs: do sanity check on m->type in z_erofs_load_compact_lcluster()
erofs: get rid of {get,put}_page() for ztailpacking data
|
||
|
Linus Torvalds
|
a11b4fa602 |
Changes for 6.17-rc1
Added:
sanity check for file name;
mark live inode as bad and avoid any operations.
Fixed:
handling of symlinks created in windows;
creation of symlinks for relative path.
Changed:
cancel setting inode as bad after removing name fails;
revert "replace inode_trylock with inode_lock".
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEh0DEKNP0I9IjwfWEqbAzH4MkB7YFAmiDiMwACgkQqbAzH4Mk
B7aJFg//Q/L5xNxtXf3bUDCGhEYfex2qvvSnMg8MZEcLXJI9DW/Z701Xs7ay8BBL
Gp982rSX87hnnA/+1YutzAEiyTCnwRWPKNocrfPEqzXDFl4t/4Rua1Wf+Bw2/p5C
YjGd8zFbFel3NDkZa94KSCV6ATsPMnF3UN3Zj0+izyoaxQPnpoAaaOsxS2PlK+97
ePZ9PWeAe6vjW3myKQzSKz8vjeb2bNK3R67Z27igCi78jjsuI6BomBhKjGN3iOk5
eZjCrWL+DesTN43EyV8yL72Mha+BvT5XQx83gzBKghhKCBXa2BMZo3l+KDI4pGr6
Mmynw1i+o1Z+P+xvCAPEiil6x6DNauUCUtgKJEEoRatGjGOPRM4U/NWZiXITZuFD
zkSmToA3ZtJA0XBHRnoPSDg0wEQ965sy6lsGs/O1sUfURJ51lc9EwmnWmGmq4Fs+
HZ3aNbaizi1TEx89R+BEaE7bZqSK0cv4nHHtcepTgVimgSzz02uvCpz9SLLs3JsB
g9a3b6M68Rtex2+unos5Cw9Afq1Y34wcPFn9rAK8+LashAgKKhRuUqwTaZ1k7nMU
hZIFsXCxvgnQgmbF5Dod8uA/2eO+U7BXixZWvGqhAliPuLSrubhb7dZrSANRkFlt
lv9qLmrcD/cpa/JvnrqOf6NyEc9vFoowvio3JQxkIhf7wQviv44=
=OGQG
-----END PGP SIGNATURE-----
Merge tag 'ntfs3_for_6.17' of https://github.com/Paragon-Software-Group/linux-ntfs3
Pull ntfs3 updates from Konstantin Komarov:
"Added:
- sanity check for file name
- mark live inode as bad and avoid any operations
Fixed:
- handling of symlinks created in windows
- creation of symlinks for relative path
Changed:
- cancel setting inode as bad after removing name fails
- revert 'replace inode_trylock with inode_lock'"
* tag 'ntfs3_for_6.17' of https://github.com/Paragon-Software-Group/linux-ntfs3:
Revert "fs/ntfs3: Replace inode_trylock with inode_lock"
fs/ntfs3: Exclude call make_bad_inode for live nodes.
fs/ntfs3: cancle set bad inode after removing name fails
fs/ntfs3: Add sanity check for file name
fs/ntfs3: correctly create symlink for relative path
fs/ntfs3: fix symlinks cannot be handled correctly
|
||
|
Linus Torvalds
|
f92b71ffca |
for-6.17-tag
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEE8rQSAMVO+zA4DBdWxWXV+ddtWDsFAmiAG9MACgkQxWXV+ddt
WDvClg/8DZPAi4MPAtyDTx5Fbm6t6znopWloDORL1+Kg4fMF7KY+ZKMN8hHv57Ov
j+TvHIZ2YdOMYncA8BUYPMY88QUSY+V9fVZoXufFdEXUEWT5v70UmOCK0Z7Ml5L/
FDxypDZVS+hN7zyoLmzRz9DTgXjmiAgRUsw/77MCcTCS1Y6mQJBWktpTUXnEiUXH
9VZ//AUCrNOvXlqyxOLwvGDdkVjvHzgahXzvRYu+rzlGI3kuY+WWEGijCwivd1AW
y2LA1PyqabRC0STlGC9KK2SMymvDdvf2e3iapTHMaj/HqBmlY0eCSh9jQxIqbUf7
oIq92xIjNbTi3rm4rK+FvxSPxPsfUhS7TPBANHhpcYitJuUXBiLcsT8tvnNN+rjp
vIxfkhVuUtSjMDiHgfD7KrGhg9vfYYig5Amip5BAJ0pi/MOP3hMzgT03rFq6iiOi
qP76K2qVNEqwkk07dapL7IVMcaXxldSLHg4Jo2XD79rGVlXiHoFok9K7cAMwHjnD
PGaFYDqQuRmpltp7oigcPIhcSHJ1gPnU+vmIWZ3lcwqZJ7b5kAoEDdELFcdLkMqC
kmS6RUwoWhNY6gsI4e9Roigr4shxB6zv/+mOzV4OSXl757Iuy8Kirl4AMPPElE91
y8+MqS/42Etxt4cmh5w51Ynb5gSpiI8DsPRdasIJanFFrXC7ZlM=
=b9RC
-----END PGP SIGNATURE-----
Merge tag 'for-6.17-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux
Pull btrfs updates from David Sterba:
"A number of usability and feature updates, scattered performance
improvements and fixes. Highlight of the core changes is getting
closer to enabling large folios (now behind a config option).
User visible changes:
- update defrag ioctl, add new flag to request no compression on
existing extents
- restrict writes to block devices after mount
- in experimental config, enable large folios for data, almost
complete but not widely tested
- add stats tracking duration of critical section in transaction
commit to /sys/fs/btrfs/FSID/commit_stats
Performance improvements:
- caching of lookup results of free space bitmap (20% runtime
improvement on an empty file creation benchmark)
- accessors to metadata (b-tree items) simplified and optimized,
minor improvement in metadata-heavy workloads
- readahead on compressed data improves sequential read
- the xarray for extent buffers is indexed by denser keys, leading to
better packing of the nodes (50-70% reduction of leaf nodes)
Notable fixes:
- stricter compression mount option parsing
- send properly emits fallocate command for file holes when protocol
v2 is used
- fix overallocation of chunks with mount option 'ssd_spread', due to
interaction with size classes not finding the right chunk
(workaround: manual reclaim by 'usage' balance filter)
- various quota enable/disable races with rescan, more verbose
notifications about inconsistent state
- populate otime in tree-log during log replay
- handle ENOSPC when NOCOW file is used with mmap()
Core:
- large data folios enabled in experimental config
- improved error handling, transaction abort call sites
- in zoned mode, allocate reloc block group on mount to make sure
there's always one available for zone reclaim under heavy load
- rework device opening, they're always open as read-only and delayed
until the super block is created, allowing the restricted writes
after mount
- preparatory work for adding blk_holder_ops, allowing device
freeze/thaw in the future
Cleanups, refactoring:
- type and naming unifications (int/bool, return variables)
- rb-tree helper refactoring and simplifications
- reorder memory allocations to less critical places
- RCU string (used for device name) refactoring and API removal
- replace all remaining use of strcpy()"
* tag 'for-6.17-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux: (209 commits)
btrfs: send: use fallocate for hole punching with send stream v2
btrfs: unfold transaction aborts when writing dirty block groups
btrfs: use saner variable type and name to indicate extrefs at add_inode_ref()
btrfs: don't skip remaining extrefs if dir not found during log replay
btrfs: don't ignore inode missing when replaying log tree
btrfs: enable large data folios for data reloc inode
btrfs: output more info when btrfs_subpage_assert() failed
btrfs: reloc: unconditionally invalidate the page cache for each cluster
btrfs: defrag: add flag to force no-compression
btrfs: fix ssd_spread overallocation
btrfs: zoned: requeue to unused block group list if zone finish failed
btrfs: zoned: do not remove unwritten non-data block group
btrfs: remove btrfs_clear_extent_bits()
btrfs: use cached state when falling back from NOCoW write to CoW write
btrfs: set EXTENT_NORESERVE before range unlock in btrfs_truncate_block()
btrfs: don't print relocation messages from auto reclaim
btrfs: remove redundant auto reclaim log message
btrfs: make btrfs_check_nocow_lock() check more than one extent
btrfs: assert we can NOCOW the range in btrfs_truncate_block()
btrfs: update function comment for btrfs_check_nocow_lock()
...
|
||
|
Linus Torvalds
|
038d61fd64 | Linux 6.16 | ||
|
Linus Torvalds
|
b711733e89 |
A single fix for the PTP systemcounter mechanism:
The rework of this mechanism added a 'use_nsec' member to struct system_counterval. get_device_system_crosststamp() instantiates that struct on the stack and hands a pointer to the driver callback. Only the drivers which set use_nsec to true, initialize that field, but all others ignore it. As get_device_system_crosststamp() does not initialize the struct, the use_nsec field contains random stack content in those cases. That causes a miscalulation usually resulting in a failing range check in the best case. Initialize the structure before handing it to the drivers to cure that. -----BEGIN PGP SIGNATURE----- iQJHBAABCgAxFiEEQp8+kY+LLUocC4bMphj1TA10mKEFAmiGFA4THHRnbHhAbGlu dXRyb25peC5kZQAKCRCmGPVMDXSYoRcsEACvQI0LmKTOigzSZvBT1CZnGcwpeqYi Ez0v/w+tpyfbwQgf9kxR+ZbjNdwqCYFnR8PZPFKFuvsanWRTIcYaTkIQWvDhcEX/ U4AFI3VkdZUFckCEY/fv7j3/jkp7pbLVHMq001Z9xaMMcE+ox1AlHpEW0Khd3gqL VFLXU5S7Q9H6J6ujjFAXAMuhgjk6WOz8q+ew3hnc3dxwyuEBAz83jOScH/be3dTl 10ydzoxFEa+ZlacAHX+SqZ7nhS7ExxNlwlUuTYj/EkBCQ8UIoS93YLA5bYMcWCao W5rs6vFJmMO6NR6lkqwfKmKyjovx79jHMVNKoxydZGvkqcNMtfc/eUfByxAkyCDP gmTCFwgKVGdjGsYwkGqafejmJt5OFrD1hMyWfBhGWQ/Z8CXuuJNEa/8trSyUK/CS DFD1InOLltbYuw7rY5gRxb+xmgBTxUMj8gF/hXYs7wNzJqNJXXNae/2Sue+Xi+mV iieEF8UonmpMe9k9w3+fFGGDWYa4lYnT5O3VMQ0nEjj6dt5RVQqRvjTa+GtQJzUs h4fUs+BIKyCkh6DgRKyIsDruzryOSnZ+vqMcGMm0gvPttc3cGYksLiQVlWYjQhxs pTFrHNGOSXMT5WBQ7KWKzGypHlf3WYhVWk1+dmPJedrdyr23AfgKAGM6zva1Oqjc 81w9DvppBL0sOA== =j6Po -----END PGP SIGNATURE----- Merge tag 'timers-urgent-2025-07-27' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip Pull timer fix from Thomas Gleixner: "A single fix for the PTP systemcounter mechanism: The rework of this mechanism added a 'use_nsec' member to struct system_counterval. get_device_system_crosststamp() instantiates that struct on the stack and hands a pointer to the driver callback. Only the drivers which set use_nsec to true, initialize that field, but all others ignore it. As get_device_system_crosststamp() does not initialize the struct, the use_nsec field contains random stack content in those cases. That causes a miscalulation usually resulting in a failing range check in the best case. Initialize the structure before handing it to the drivers to cure that" * tag 'timers-urgent-2025-07-27' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip: timekeeping: Zero initialize system_counterval when querying time from phc drivers |
||
|
Linus Torvalds
|
ec2df43646 |
spi: Fix for v6.16
One last fix for v6.16, removing some hard coding to avoid data corruption on some NAND devices in the QPIC driver. -----BEGIN PGP SIGNATURE----- iQEzBAABCgAdFiEEreZoqmdXGLWf4p/qJNaLcl1Uh9AFAmiFSgwACgkQJNaLcl1U h9BChwf9Epc80iYZruJgP+o0wZTVMUDSU3gdVP6Zl177M4G7adGn4piW7CamJxgn HcrlZNN9PNCLgIjw5n6w6ZRTXGU0Jd/3+gyZ39kB6Hn+1HDQMLJhz4hOibdotolu KRbZy/j4beTgDFJSSgG0Vnqo/f8Ew+XGHBzhAflbxp3s/jgju4OCIyCpB8MBo98R HLgQ+uJ+vpJp3sDleACF0LrQxYrGe7/GjFaoCGfHA2+pvi0pt17Oc/CVMCjRi/bs ojlSm7myg9Os0/Q2wv/3JPCGaLHPvZ/nWQ3blEQjoXsu0fxZbPjz/pWDNLYa8UV1 CfUlNT4+dmgHrQEcmX4ysVHGpFAqLg== =Cu4n -----END PGP SIGNATURE----- Merge tag 'spi-fix-v6.16-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi Pull spi fix from Mark Brown: "One last fix for v6.16, removing some hard coding to avoid data corruption on some NAND devices in the QPIC driver" * tag 'spi-fix-v6.16-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi: spi: spi-qpic-snand: don't hardcode ECC steps |
||
|
Linus Torvalds
|
513fc69f8f |
i2c-for-6.16-rc8
qup: avoid potential hang when waiting for bus idle tegra: improve ACPI reset error handling virtio: use interruptible wait to prevent hang during transfer -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEOZGx6rniZ1Gk92RdFA3kzBSgKbYFAmiFQ4YACgkQFA3kzBSg KbZO3BAArkTbL/wlJHHheexhXgK8ZJQC8aBR4AfFWgUIU9uPvJ4sR+OFkL62oqDH eAbVOaUXmD1KpqC+TwhGWGl6c+QYB8xfuEzI10TYs7S8DqGkU3AhYtFPwmjYL4xq LChLGmjvZdt7WeKqvrcCWczcI4NJJFQlBe9K/lEdhbI/CUKUxvUM0AHo0nmmrXoi 3Rl/EcWyC8T2S5+42oXmUtNn9uvEQKzcSKj3XC3qmEE6kXrtnKthUhkJ/5eOl7OJ +Uvccn6DecxwNrL5uwPXT5af+NgPILLkAvnnV2HBdIdR4aanZ4BV7XmOCgG5OmCE MMjY52eXg/gG7b+CHsa0GtajHspTo4xzgrrbX0qIyiUO7RRROifBmgy9XhKrU1Tw AeH41Z5JrIRdD0D7d2GgLAHro83ckJCZLrsQRB/2cgx02HrWTFngvse7MN+QOSZ9 RwCez8BKoETd2rf1r5PXYqf+24jKp+wKrG6+H/al3RCUOUKeH1fE/eojNc7rcpYM 5Ner5BRKTSSztk06KyOo/cT9wiiQTbQ093kKZdBl0cEpyeP48TJFoPlI9WTCdW+t e0rIoC2+GVwb2W08KTwlsjLcyWyvr/yHGmSWjKI1LvvLTwsce5RRGXHSpbR+fRrj FZBjYklq3rn3eY3mBZeVdeWAb+5lgYVExdtgIMLVzn3ClHzlsLk= =rpOM -----END PGP SIGNATURE----- Merge tag 'i2c-for-6.16-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux Pull i2c fixes from Wolfram Sang: - qup: avoid potential hang when waiting for bus idle - tegra: improve ACPI reset error handling - virtio: use interruptible wait to prevent hang during transfer * tag 'i2c-for-6.16-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux: i2c: qup: jump out of the loop in case of timeout i2c: virtio: Avoid hang by using interruptible completion wait i2c: tegra: Fix reset error handling with ACPI |
||
|
Linus Torvalds
|
874885990b |
A few Allwinner clk driver fixes:
- Mark Allwinner A523 MBUS clock as critical to avoid system
stalls
- Fix names of CSI related clocks on Allwinner V3s. This
includes changes to the driver, DT bindings and DT files.
- Fix parents of TCON clock on Allwinner V3s
-----BEGIN PGP SIGNATURE-----
iQJIBAABCAAyFiEE9L57QeeUxqYDyoaDrQKIl8bklSUFAmiFLZcUHHN3Ym95ZEBj
aHJvbWl1bS5vcmcACgkQrQKIl8bklSUyyw//VGy/Am1BDCsALNp4JeLeklq4n+/9
Ly0Knl3MFXP+pMum/RF2vlVPaur/ry/Lo9NpY/Te4P+R/i4baJlajDyz6NOicw5W
cIt0aJTt2x9U/YWFofu1NzQkXiK8CntJ8RNy96SwyFWcj8V9+Q9n+lww67daGddk
zNVGA8GpiXF09Vzwx1xTOBT1n2pWuK8r9jH9Sv3Wei4NZGVdKbC61NEP7fpTKkKR
K7BwKhRO98qRr8BYiyhanAtWgrslgVW4lJHO0fkCpyCmNkuBo6pyeO39QXcoHejT
aaSUPE/mb3AAtEa8eiSMmV9KExIX2p9+UNul3aADKrr2408O5eN8usvMI8XYOw1m
03wLCojmSB0qz8R+BQP9SG+vRdokWxsqQjgi7IXecOslvXjJ3kR7ttQhyae2jjqk
p/K8ceMv5imA2FrKMRaSNcbiNo6qRjwXaLgQX5w7qpvGmsdPi2WPvJrn96tye5kz
CM7gfHUflKgpptZnSDeFwk+IU8wjMNtUhvR3CAFtTf4MX3zuI+s60Q8S8z/IJ565
ILVMEqlso9SiGEiUlUs219CkdgBxavh2JMKxPqSH8IG2VeFP7ZHOAE0La6mlgU9W
KSfM8CrpJmfHsmIEB/Wz6mXo3o0B2GYCBFL8xqh3lvCU5TQ8LQmrSaPcB4nTC830
EBNXR311TY7tbeo=
=Q0zO
-----END PGP SIGNATURE-----
Merge tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux
Pull clk fixes from Stephen Boyd:
"A few Allwinner clk driver fixes:
- Mark Allwinner A523 MBUS clock as critical to avoid
system stalls
- Fix names of CSI related clocks on Allwinner V3s. This
includes changes to the driver, DT bindings and DT files.
- Fix parents of TCON clock on Allwinner V3s"
* tag 'clk-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/clk/linux:
clk: sunxi-ng: v3s: Fix TCON clock parents
clk: sunxi-ng: v3s: Fix CSI1 MCLK clock name
clk: sunxi-ng: v3s: Fix CSI SCLK clock name
clk: sunxi-ng: a523: Mark MBUS clock as critical
|
||
|
Linus Torvalds
|
302f88ff35 |
ARM fixes for 6.16
- use an absolute path for asm/unified.h in KBUILD_AFLAGS to solve
a regression caused by commit d5c8d6e0fa61
("kbuild: Update assembler calls to use proper flags and language
target"),
- fix dead code elimination binutils version check again.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEuNNh8scc2k/wOAE+9OeQG+StrGQFAmiDnecACgkQ9OeQG+St
rGRzHxAAjYw0d2oa59q8hDuOfvHw52ZB6sUZBCqydQOl0nfGpCpgqm391NT+y1Hd
Bnlxk0h0hDT5XDO7cKaq0y5qf6l0i0KKMYv1rUMjsKQeRZbIj+1+1XmLdSNOtUyy
ON1SxpQEBAnwq9EUa/aBbiteFtv3N0xOrbI6lqnL20EW/VTou96eTwY8Suc6wBaZ
xQHAPGF3+8JMMs6xEkAAG1TEmvOiHiIBxngm+kaXyL7SgHSYFLfVxqDyKP+bUYkL
kVrT0nT+XU10W34LLTsNtLUTUTX+Z0gFdJ6Hj7Osnx/K7Bd8wGZBryzg/ywVPVQh
4isxo9R1XXKrp7pGnz0CVRr3B7F9c9a8oK9AE2qMQuCDWQMx/VcVCZ0CNBmI6yQ0
QfJuXfGwnLRzCdf1lHogIOAC2rDjjKkOgrGya1lbwt6Bl3haXXK718jm4x5M2ysC
QK0oacopVxqc+a39GDSyQPzBaf23aPj5tdeGsnSibMxGpZj9rXpPkQQycbEv3uvJ
xRbZhxJwclAyNAeD6Whgdi8Gyn8W2fRwcqdyZfZx7949Pqi0HXsDSJkckgCJIdPG
9cO2q3D2S5xSnGy+shPzAhg7ve41WPvRHQWHHAUrn5KHGxTQUGG+qFuZAxy0WPxy
M2wCYwGxTSF70xyHsmNxxxfrY6OBDVXaMPCqiTuI85mqnzufdn8=
=ouRB
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux
Pull ARM fixes from Russell King:
- use an absolute path for asm/unified.h in KBUILD_AFLAGS to solve a
regression caused by commit d5c8d6e0fa61 ("kbuild: Update assembler
calls to use proper flags and language target")
- fix dead code elimination binutils version check again
* tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rmk/linux:
ARM: 9450/1: Fix allowing linker DCE with binutils < 2.36
ARM: 9448/1: Use an absolute path to unified.h in KBUILD_AFLAGS
|
||
|
Linus Torvalds
|
6121f69c36 |
soc: fixes for 6.16, part 3
These are two fixes that came in late, one addresses a regression on a rockchips based board, the other is for ensuring a consistent dt binding for a device added in 6.16 before the incorrect one makes it into a release. -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmiEr0kACgkQmmx57+YA GNnqng//bMqUF0zvPePqhIuDlrAPyHqczDl+2STs6LM1Y89483QFbqlH1481b5dO dKeSu/4G4ePcpUcM5ZST5961mLds7JReSDOjQt2RE1P5q2JQCHOnwJD0ptGH0AwJ LCWFQc5lhj1lUNqj+zkJydoeos48HC7KBniP1E2d00d7vfqq5CoEHHjsAiaz5Yu1 bkd2ATbazFv0eE3W1KEEu6HgPjt+jzz9I8tjhXp9M1oYMA9M7g6Eu08X6Befr7tA dWDro81YwnoVdXdSGeCHE58Vl413jcpfzDV+RrUG/rzJ8Jb4/5OrIRg4fiH2di// qSSsD6kgAEajuK36ys7Z3h74cjm6eJif8QkDkA/qGWl9t6fL0BI/Vjd6PL6mNhJz WmYRq8R/uFeh7Q+rGkaB8vl7fmLhnpBz0UwBpQ0DrV3lU8HnCjWiwEWkk4gXflI5 1p07OfqnjzZ8bqa1P5MEApRcngWNME6IbzL2Yt07FEvLdfJ9xauly/QhIiSlZ2bw 5HjLhfutTJYHGRGQwKw632Vqi1bldUkDOttP71fO4ocGqH7Jx2W8Fz/APGjmIvmG OEDMSfjQjAQfWGM4KhTIv4zRbndtVJsiMG3xzZl496hSrDJqpBI/cnEJ7bZftfT3 dCIVN8thTP8W6c4Thh3DQllBLln1jwy7zszao3jycEJEuJSO9MA= =qwRh -----END PGP SIGNATURE----- Merge tag 'soc-fixes-6.16-3' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull SoC fixes from Arnd Bergmann: "These are two fixes that came in late, one addresses a regression on a rockchips based board, the other is for ensuring a consistent dt binding for a device added in 6.16 before the incorrect one makes it into a release" * tag 'soc-fixes-6.16-3' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: arm64: dts: rockchip: Drop netdev led-triggers on NanoPi R5S arm64: dts: allwinner: a523: Rename emac0 to gmac0 |
||
|
Wolfram Sang
|
31f08841dd |
i2c-host-fixes for v6.16-rc8
qup: avoid potential hang when waiting for bus idle tegra: improve ACPI reset error handling virtio: use interruptible wait to prevent hang during transfer -----BEGIN PGP SIGNATURE----- iIwEABYKADQWIQScDfrjQa34uOld1VLaeAVmJtMtbgUCaIOznxYcYW5kaS5zaHl0 aUBrZXJuZWwub3JnAAoJENp4BWYm0y1uD4ABALfEdKZJzebUmYe8LIchwE7j3n9p upZJy0+eQtIgSAQdAP930znDO05ezlUcnxAxA+UDfMFamrKIrpu/I4My9fIBBA== =d9vN -----END PGP SIGNATURE----- Merge tag 'i2c-host-fixes-6.16-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/andi.shyti/linux into i2c/for-current i2c-host-fixes for v6.16-rc8 qup: avoid potential hang when waiting for bus idle tegra: improve ACPI reset error handling virtio: use interruptible wait to prevent hang during transfer |
||
|
Viacheslav Dubeyko
|
736a0516a1 |
hfs: fix general protection fault in hfs_find_init()
The hfs_find_init() method can trigger the crash if tree pointer is NULL: [ 45.746290][ T9787] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] SMP KAI [ 45.747287][ T9787] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047] [ 45.748716][ T9787] CPU: 2 UID: 0 PID: 9787 Comm: repro Not tainted 6.16.0-rc3 #10 PREEMPT(full) [ 45.750250][ T9787] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 45.751983][ T9787] RIP: 0010:hfs_find_init+0x86/0x230 [ 45.752834][ T9787] Code: c1 ea 03 80 3c 02 00 0f 85 9a 01 00 00 4c 8d 6b 40 48 c7 45 18 00 00 00 00 48 b8 00 00 00 00 00 fc [ 45.755574][ T9787] RSP: 0018:ffffc90015157668 EFLAGS: 00010202 [ 45.756432][ T9787] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff819a4d09 [ 45.757457][ T9787] RDX: 0000000000000008 RSI: ffffffff819acd3a RDI: ffffc900151576e8 [ 45.758282][ T9787] RBP: ffffc900151576d0 R08: 0000000000000005 R09: 0000000000000000 [ 45.758943][ T9787] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000004 [ 45.759619][ T9787] R13: 0000000000000040 R14: ffff88802c50814a R15: 0000000000000000 [ 45.760293][ T9787] FS: 00007ffb72734540(0000) GS:ffff8880cec64000(0000) knlGS:0000000000000000 [ 45.761050][ T9787] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.761606][ T9787] CR2: 00007f9bd8225000 CR3: 000000010979a000 CR4: 00000000000006f0 [ 45.762286][ T9787] Call Trace: [ 45.762570][ T9787] <TASK> [ 45.762824][ T9787] hfs_ext_read_extent+0x190/0x9d0 [ 45.763269][ T9787] ? submit_bio_noacct_nocheck+0x2dd/0xce0 [ 45.763766][ T9787] ? __pfx_hfs_ext_read_extent+0x10/0x10 [ 45.764250][ T9787] hfs_get_block+0x55f/0x830 [ 45.764646][ T9787] block_read_full_folio+0x36d/0x850 [ 45.765105][ T9787] ? __pfx_hfs_get_block+0x10/0x10 [ 45.765541][ T9787] ? const_folio_flags+0x5b/0x100 [ 45.765972][ T9787] ? __pfx_hfs_read_folio+0x10/0x10 [ 45.766415][ T9787] filemap_read_folio+0xbe/0x290 [ 45.766840][ T9787] ? __pfx_filemap_read_folio+0x10/0x10 [ 45.767325][ T9787] ? __filemap_get_folio+0x32b/0xbf0 [ 45.767780][ T9787] do_read_cache_folio+0x263/0x5c0 [ 45.768223][ T9787] ? __pfx_hfs_read_folio+0x10/0x10 [ 45.768666][ T9787] read_cache_page+0x5b/0x160 [ 45.769070][ T9787] hfs_btree_open+0x491/0x1740 [ 45.769481][ T9787] hfs_mdb_get+0x15e2/0x1fb0 [ 45.769877][ T9787] ? __pfx_hfs_mdb_get+0x10/0x10 [ 45.770316][ T9787] ? find_held_lock+0x2b/0x80 [ 45.770731][ T9787] ? lockdep_init_map_type+0x5c/0x280 [ 45.771200][ T9787] ? lockdep_init_map_type+0x5c/0x280 [ 45.771674][ T9787] hfs_fill_super+0x38e/0x720 [ 45.772092][ T9787] ? __pfx_hfs_fill_super+0x10/0x10 [ 45.772549][ T9787] ? snprintf+0xbe/0x100 [ 45.772931][ T9787] ? __pfx_snprintf+0x10/0x10 [ 45.773350][ T9787] ? do_raw_spin_lock+0x129/0x2b0 [ 45.773796][ T9787] ? find_held_lock+0x2b/0x80 [ 45.774215][ T9787] ? set_blocksize+0x40a/0x510 [ 45.774636][ T9787] ? sb_set_blocksize+0x176/0x1d0 [ 45.775087][ T9787] ? setup_bdev_super+0x369/0x730 [ 45.775533][ T9787] get_tree_bdev_flags+0x384/0x620 [ 45.775985][ T9787] ? __pfx_hfs_fill_super+0x10/0x10 [ 45.776453][ T9787] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 45.776950][ T9787] ? bpf_lsm_capable+0x9/0x10 [ 45.777365][ T9787] ? security_capable+0x80/0x260 [ 45.777803][ T9787] vfs_get_tree+0x8e/0x340 [ 45.778203][ T9787] path_mount+0x13de/0x2010 [ 45.778604][ T9787] ? kmem_cache_free+0x2b0/0x4c0 [ 45.779052][ T9787] ? __pfx_path_mount+0x10/0x10 [ 45.779480][ T9787] ? getname_flags.part.0+0x1c5/0x550 [ 45.779954][ T9787] ? putname+0x154/0x1a0 [ 45.780335][ T9787] __x64_sys_mount+0x27b/0x300 [ 45.780758][ T9787] ? __pfx___x64_sys_mount+0x10/0x10 [ 45.781232][ T9787] do_syscall_64+0xc9/0x480 [ 45.781631][ T9787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 45.782149][ T9787] RIP: 0033:0x7ffb7265b6ca [ 45.782539][ T9787] Code: 48 8b 0d c9 17 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 [ 45.784212][ T9787] RSP: 002b:00007ffc0c10cfb8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 45.784935][ T9787] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ffb7265b6ca [ 45.785626][ T9787] RDX: 0000200000000240 RSI: 0000200000000280 RDI: 00007ffc0c10d100 [ 45.786316][ T9787] RBP: 00007ffc0c10d190 R08: 00007ffc0c10d000 R09: 0000000000000000 [ 45.787011][ T9787] R10: 0000000000000048 R11: 0000000000000206 R12: 0000560246733250 [ 45.787697][ T9787] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 45.788393][ T9787] </TASK> [ 45.788665][ T9787] Modules linked in: [ 45.789058][ T9787] ---[ end trace 0000000000000000 ]--- [ 45.789554][ T9787] RIP: 0010:hfs_find_init+0x86/0x230 [ 45.790028][ T9787] Code: c1 ea 03 80 3c 02 00 0f 85 9a 01 00 00 4c 8d 6b 40 48 c7 45 18 00 00 00 00 48 b8 00 00 00 00 00 fc [ 45.792364][ T9787] RSP: 0018:ffffc90015157668 EFLAGS: 00010202 [ 45.793155][ T9787] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffffff819a4d09 [ 45.794123][ T9787] RDX: 0000000000000008 RSI: ffffffff819acd3a RDI: ffffc900151576e8 [ 45.795105][ T9787] RBP: ffffc900151576d0 R08: 0000000000000005 R09: 0000000000000000 [ 45.796135][ T9787] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000004 [ 45.797114][ T9787] R13: 0000000000000040 R14: ffff88802c50814a R15: 0000000000000000 [ 45.798024][ T9787] FS: 00007ffb72734540(0000) GS:ffff8880cec64000(0000) knlGS:0000000000000000 [ 45.799019][ T9787] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 45.799822][ T9787] CR2: 00007f9bd8225000 CR3: 000000010979a000 CR4: 00000000000006f0 [ 45.800747][ T9787] Kernel panic - not syncing: Fatal exception The hfs_fill_super() calls hfs_mdb_get() method that tries to construct Extents Tree and Catalog Tree: HFS_SB(sb)->ext_tree = hfs_btree_open(sb, HFS_EXT_CNID, hfs_ext_keycmp); if (!HFS_SB(sb)->ext_tree) { pr_err("unable to open extent tree\n"); goto out; } HFS_SB(sb)->cat_tree = hfs_btree_open(sb, HFS_CAT_CNID, hfs_cat_keycmp); if (!HFS_SB(sb)->cat_tree) { pr_err("unable to open catalog tree\n"); goto out; } However, hfs_btree_open() calls read_mapping_page() that calls hfs_get_block(). And this method calls hfs_ext_read_extent(): static int hfs_ext_read_extent(struct inode *inode, u16 block) { struct hfs_find_data fd; int res; if (block >= HFS_I(inode)->cached_start && block < HFS_I(inode)->cached_start + HFS_I(inode)->cached_blocks) return 0; res = hfs_find_init(HFS_SB(inode->i_sb)->ext_tree, &fd); if (!res) { res = __hfs_ext_cache_extent(&fd, inode, block); hfs_find_exit(&fd); } return res; } The problem here that hfs_find_init() is trying to use HFS_SB(inode->i_sb)->ext_tree that is not initialized yet. It will be initailized when hfs_btree_open() finishes the execution. The patch adds checking of tree pointer in hfs_find_init() and it reworks the logic of hfs_btree_open() by reading the b-tree's header directly from the volume. The read_mapping_page() is exchanged on filemap_grab_folio() that grab the folio from mapping. Then, sb_bread() extracts the b-tree's header content and copy it into the folio. Reported-by: Wenzhi Wang <wenzhi.wang@uwaterloo.ca> Signed-off-by: Viacheslav Dubeyko <slava@dubeyko.com> cc: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> cc: Yangtao Li <frank.li@vivo.com> cc: linux-fsdevel@vger.kernel.org Link: https://lore.kernel.org/r/20250710213657.108285-1-slava@dubeyko.com Signed-off-by: Viacheslav Dubeyko <slava@dubeyko.com> |
||
|
Viacheslav Dubeyko
|
a431930c9b |
hfs: fix slab-out-of-bounds in hfs_bnode_read()
This patch introduces is_bnode_offset_valid() method that checks the requested offset value. Also, it introduces check_and_correct_requested_length() method that checks and correct the requested length (if it is necessary). These methods are used in hfs_bnode_read(), hfs_bnode_write(), hfs_bnode_clear(), hfs_bnode_copy(), and hfs_bnode_move() with the goal to prevent the access out of allocated memory and triggering the crash. Signed-off-by: Viacheslav Dubeyko <slava@dubeyko.com> Link: https://lore.kernel.org/r/20250703214912.244138-1-slava@dubeyko.com Signed-off-by: Viacheslav Dubeyko <slava@dubeyko.com> |
||
|
Viacheslav Dubeyko
|
c80aa2aaaa |
hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()
The hfsplus_bnode_read() method can trigger the issue: [ 174.852007][ T9784] ================================================================== [ 174.852709][ T9784] BUG: KASAN: slab-out-of-bounds in hfsplus_bnode_read+0x2f4/0x360 [ 174.853412][ T9784] Read of size 8 at addr ffff88810b5fc6c0 by task repro/9784 [ 174.854059][ T9784] [ 174.854272][ T9784] CPU: 1 UID: 0 PID: 9784 Comm: repro Not tainted 6.16.0-rc3 #7 PREEMPT(full) [ 174.854281][ T9784] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 174.854286][ T9784] Call Trace: [ 174.854289][ T9784] <TASK> [ 174.854292][ T9784] dump_stack_lvl+0x10e/0x1f0 [ 174.854305][ T9784] print_report+0xd0/0x660 [ 174.854315][ T9784] ? __virt_addr_valid+0x81/0x610 [ 174.854323][ T9784] ? __phys_addr+0xe8/0x180 [ 174.854330][ T9784] ? hfsplus_bnode_read+0x2f4/0x360 [ 174.854337][ T9784] kasan_report+0xc6/0x100 [ 174.854346][ T9784] ? hfsplus_bnode_read+0x2f4/0x360 [ 174.854354][ T9784] hfsplus_bnode_read+0x2f4/0x360 [ 174.854362][ T9784] hfsplus_bnode_dump+0x2ec/0x380 [ 174.854370][ T9784] ? __pfx_hfsplus_bnode_dump+0x10/0x10 [ 174.854377][ T9784] ? hfsplus_bnode_write_u16+0x83/0xb0 [ 174.854385][ T9784] ? srcu_gp_start+0xd0/0x310 [ 174.854393][ T9784] ? __mark_inode_dirty+0x29e/0xe40 [ 174.854402][ T9784] hfsplus_brec_remove+0x3d2/0x4e0 [ 174.854411][ T9784] __hfsplus_delete_attr+0x290/0x3a0 [ 174.854419][ T9784] ? __pfx_hfs_find_1st_rec_by_cnid+0x10/0x10 [ 174.854427][ T9784] ? __pfx___hfsplus_delete_attr+0x10/0x10 [ 174.854436][ T9784] ? __asan_memset+0x23/0x50 [ 174.854450][ T9784] hfsplus_delete_all_attrs+0x262/0x320 [ 174.854459][ T9784] ? __pfx_hfsplus_delete_all_attrs+0x10/0x10 [ 174.854469][ T9784] ? rcu_is_watching+0x12/0xc0 [ 174.854476][ T9784] ? __mark_inode_dirty+0x29e/0xe40 [ 174.854483][ T9784] hfsplus_delete_cat+0x845/0xde0 [ 174.854493][ T9784] ? __pfx_hfsplus_delete_cat+0x10/0x10 [ 174.854507][ T9784] hfsplus_unlink+0x1ca/0x7c0 [ 174.854516][ T9784] ? __pfx_hfsplus_unlink+0x10/0x10 [ 174.854525][ T9784] ? down_write+0x148/0x200 [ 174.854532][ T9784] ? __pfx_down_write+0x10/0x10 [ 174.854540][ T9784] vfs_unlink+0x2fe/0x9b0 [ 174.854549][ T9784] do_unlinkat+0x490/0x670 [ 174.854557][ T9784] ? __pfx_do_unlinkat+0x10/0x10 [ 174.854565][ T9784] ? __might_fault+0xbc/0x130 [ 174.854576][ T9784] ? getname_flags.part.0+0x1c5/0x550 [ 174.854584][ T9784] __x64_sys_unlink+0xc5/0x110 [ 174.854592][ T9784] do_syscall_64+0xc9/0x480 [ 174.854600][ T9784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.854608][ T9784] RIP: 0033:0x7f6fdf4c3167 [ 174.854614][ T9784] Code: f0 ff ff 73 01 c3 48 8b 0d 26 0d 0e 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 08 [ 174.854622][ T9784] RSP: 002b:00007ffcb948bca8 EFLAGS: 00000206 ORIG_RAX: 0000000000000057 [ 174.854630][ T9784] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6fdf4c3167 [ 174.854636][ T9784] RDX: 00007ffcb948bcc0 RSI: 00007ffcb948bcc0 RDI: 00007ffcb948bd50 [ 174.854641][ T9784] RBP: 00007ffcb948cd90 R08: 0000000000000001 R09: 00007ffcb948bb40 [ 174.854645][ T9784] R10: 00007f6fdf564fc0 R11: 0000000000000206 R12: 0000561e1bc9c2d0 [ 174.854650][ T9784] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 174.854658][ T9784] </TASK> [ 174.854661][ T9784] [ 174.879281][ T9784] Allocated by task 9784: [ 174.879664][ T9784] kasan_save_stack+0x20/0x40 [ 174.880082][ T9784] kasan_save_track+0x14/0x30 [ 174.880500][ T9784] __kasan_kmalloc+0xaa/0xb0 [ 174.880908][ T9784] __kmalloc_noprof+0x205/0x550 [ 174.881337][ T9784] __hfs_bnode_create+0x107/0x890 [ 174.881779][ T9784] hfsplus_bnode_find+0x2d0/0xd10 [ 174.882222][ T9784] hfsplus_brec_find+0x2b0/0x520 [ 174.882659][ T9784] hfsplus_delete_all_attrs+0x23b/0x320 [ 174.883144][ T9784] hfsplus_delete_cat+0x845/0xde0 [ 174.883595][ T9784] hfsplus_rmdir+0x106/0x1b0 [ 174.884004][ T9784] vfs_rmdir+0x206/0x690 [ 174.884379][ T9784] do_rmdir+0x2b7/0x390 [ 174.884751][ T9784] __x64_sys_rmdir+0xc5/0x110 [ 174.885167][ T9784] do_syscall_64+0xc9/0x480 [ 174.885568][ T9784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.886083][ T9784] [ 174.886293][ T9784] The buggy address belongs to the object at ffff88810b5fc600 [ 174.886293][ T9784] which belongs to the cache kmalloc-192 of size 192 [ 174.887507][ T9784] The buggy address is located 40 bytes to the right of [ 174.887507][ T9784] allocated 152-byte region [ffff88810b5fc600, ffff88810b5fc698) [ 174.888766][ T9784] [ 174.888976][ T9784] The buggy address belongs to the physical page: [ 174.889533][ T9784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10b5fc [ 174.890295][ T9784] flags: 0x57ff00000000000(node=1|zone=2|lastcpupid=0x7ff) [ 174.890927][ T9784] page_type: f5(slab) [ 174.891284][ T9784] raw: 057ff00000000000 ffff88801b4423c0 ffffea000426dc80 dead000000000002 [ 174.892032][ T9784] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 174.892774][ T9784] page dumped because: kasan: bad access detected [ 174.893327][ T9784] page_owner tracks the page as allocated [ 174.893825][ T9784] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52c00(GFP_NOIO|__GFP_NOWARN|__GFP_NO1 [ 174.895373][ T9784] post_alloc_hook+0x1c0/0x230 [ 174.895801][ T9784] get_page_from_freelist+0xdeb/0x3b30 [ 174.896284][ T9784] __alloc_frozen_pages_noprof+0x25c/0x2460 [ 174.896810][ T9784] alloc_pages_mpol+0x1fb/0x550 [ 174.897242][ T9784] new_slab+0x23b/0x340 [ 174.897614][ T9784] ___slab_alloc+0xd81/0x1960 [ 174.898028][ T9784] __slab_alloc.isra.0+0x56/0xb0 [ 174.898468][ T9784] __kmalloc_noprof+0x2b0/0x550 [ 174.898896][ T9784] usb_alloc_urb+0x73/0xa0 [ 174.899289][ T9784] usb_control_msg+0x1cb/0x4a0 [ 174.899718][ T9784] usb_get_string+0xab/0x1a0 [ 174.900133][ T9784] usb_string_sub+0x107/0x3c0 [ 174.900549][ T9784] usb_string+0x307/0x670 [ 174.900933][ T9784] usb_cache_string+0x80/0x150 [ 174.901355][ T9784] usb_new_device+0x1d0/0x19d0 [ 174.901786][ T9784] register_root_hub+0x299/0x730 [ 174.902231][ T9784] page last free pid 10 tgid 10 stack trace: [ 174.902757][ T9784] __free_frozen_pages+0x80c/0x1250 [ 174.903217][ T9784] vfree.part.0+0x12b/0xab0 [ 174.903645][ T9784] delayed_vfree_work+0x93/0xd0 [ 174.904073][ T9784] process_one_work+0x9b5/0x1b80 [ 174.904519][ T9784] worker_thread+0x630/0xe60 [ 174.904927][ T9784] kthread+0x3a8/0x770 [ 174.905291][ T9784] ret_from_fork+0x517/0x6e0 [ 174.905709][ T9784] ret_from_fork_asm+0x1a/0x30 [ 174.906128][ T9784] [ 174.906338][ T9784] Memory state around the buggy address: [ 174.906828][ T9784] ffff88810b5fc580: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 174.907528][ T9784] ffff88810b5fc600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 174.908222][ T9784] >ffff88810b5fc680: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 174.908917][ T9784] ^ [ 174.909481][ T9784] ffff88810b5fc700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 174.910432][ T9784] ffff88810b5fc780: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 174.911401][ T9784] ================================================================== The reason of the issue that code doesn't check the correctness of the requested offset and length. As a result, incorrect value of offset or/and length could result in access out of allocated memory. This patch introduces is_bnode_offset_valid() method that checks the requested offset value. Also, it introduces check_and_correct_requested_length() method that checks and correct the requested length (if it is necessary). These methods are used in hfsplus_bnode_read(), hfsplus_bnode_write(), hfsplus_bnode_clear(), hfsplus_bnode_copy(), and hfsplus_bnode_move() with the goal to prevent the access out of allocated memory and triggering the crash. Reported-by: Kun Hu <huk23@m.fudan.edu.cn> Reported-by: Jiaji Qin <jjtan24@m.fudan.edu.cn> Reported-by: Shuoran Bai <baishuoran@hrbeu.edu.cn> Signed-off-by: Viacheslav Dubeyko <slava@dubeyko.com> Link: https://lore.kernel.org/r/20250703214804.244077-1-slava@dubeyko.com Signed-off-by: Viacheslav Dubeyko <slava@dubeyko.com> |
||
|
Viacheslav Dubeyko
|
94458781ae |
hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()
The hfsplus_readdir() method is capable to crash by calling hfsplus_uni2asc(): [ 667.121659][ T9805] ================================================================== [ 667.122651][ T9805] BUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0x902/0xa10 [ 667.123627][ T9805] Read of size 2 at addr ffff88802592f40c by task repro/9805 [ 667.124578][ T9805] [ 667.124876][ T9805] CPU: 3 UID: 0 PID: 9805 Comm: repro Not tainted 6.16.0-rc3 #1 PREEMPT(full) [ 667.124886][ T9805] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 667.124890][ T9805] Call Trace: [ 667.124893][ T9805] <TASK> [ 667.124896][ T9805] dump_stack_lvl+0x10e/0x1f0 [ 667.124911][ T9805] print_report+0xd0/0x660 [ 667.124920][ T9805] ? __virt_addr_valid+0x81/0x610 [ 667.124928][ T9805] ? __phys_addr+0xe8/0x180 [ 667.124934][ T9805] ? hfsplus_uni2asc+0x902/0xa10 [ 667.124942][ T9805] kasan_report+0xc6/0x100 [ 667.124950][ T9805] ? hfsplus_uni2asc+0x902/0xa10 [ 667.124959][ T9805] hfsplus_uni2asc+0x902/0xa10 [ 667.124966][ T9805] ? hfsplus_bnode_read+0x14b/0x360 [ 667.124974][ T9805] hfsplus_readdir+0x845/0xfc0 [ 667.124984][ T9805] ? __pfx_hfsplus_readdir+0x10/0x10 [ 667.124994][ T9805] ? stack_trace_save+0x8e/0xc0 [ 667.125008][ T9805] ? iterate_dir+0x18b/0xb20 [ 667.125015][ T9805] ? trace_lock_acquire+0x85/0xd0 [ 667.125022][ T9805] ? lock_acquire+0x30/0x80 [ 667.125029][ T9805] ? iterate_dir+0x18b/0xb20 [ 667.125037][ T9805] ? down_read_killable+0x1ed/0x4c0 [ 667.125044][ T9805] ? putname+0x154/0x1a0 [ 667.125051][ T9805] ? __pfx_down_read_killable+0x10/0x10 [ 667.125058][ T9805] ? apparmor_file_permission+0x239/0x3e0 [ 667.125069][ T9805] iterate_dir+0x296/0xb20 [ 667.125076][ T9805] __x64_sys_getdents64+0x13c/0x2c0 [ 667.125084][ T9805] ? __pfx___x64_sys_getdents64+0x10/0x10 [ 667.125091][ T9805] ? __x64_sys_openat+0x141/0x200 [ 667.125126][ T9805] ? __pfx_filldir64+0x10/0x10 [ 667.125134][ T9805] ? do_user_addr_fault+0x7fe/0x12f0 [ 667.125143][ T9805] do_syscall_64+0xc9/0x480 [ 667.125151][ T9805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 667.125158][ T9805] RIP: 0033:0x7fa8753b2fc9 [ 667.125164][ T9805] Code: 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 48 [ 667.125172][ T9805] RSP: 002b:00007ffe96f8e0f8 EFLAGS: 00000217 ORIG_RAX: 00000000000000d9 [ 667.125181][ T9805] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa8753b2fc9 [ 667.125185][ T9805] RDX: 0000000000000400 RSI: 00002000000063c0 RDI: 0000000000000004 [ 667.125190][ T9805] RBP: 00007ffe96f8e110 R08: 00007ffe96f8e110 R09: 00007ffe96f8e110 [ 667.125195][ T9805] R10: 0000000000000000 R11: 0000000000000217 R12: 0000556b1e3b4260 [ 667.125199][ T9805] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 667.125207][ T9805] </TASK> [ 667.125210][ T9805] [ 667.145632][ T9805] Allocated by task 9805: [ 667.145991][ T9805] kasan_save_stack+0x20/0x40 [ 667.146352][ T9805] kasan_save_track+0x14/0x30 [ 667.146717][ T9805] __kasan_kmalloc+0xaa/0xb0 [ 667.147065][ T9805] __kmalloc_noprof+0x205/0x550 [ 667.147448][ T9805] hfsplus_find_init+0x95/0x1f0 [ 667.147813][ T9805] hfsplus_readdir+0x220/0xfc0 [ 667.148174][ T9805] iterate_dir+0x296/0xb20 [ 667.148549][ T9805] __x64_sys_getdents64+0x13c/0x2c0 [ 667.148937][ T9805] do_syscall_64+0xc9/0x480 [ 667.149291][ T9805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 667.149809][ T9805] [ 667.150030][ T9805] The buggy address belongs to the object at ffff88802592f000 [ 667.150030][ T9805] which belongs to the cache kmalloc-2k of size 2048 [ 667.151282][ T9805] The buggy address is located 0 bytes to the right of [ 667.151282][ T9805] allocated 1036-byte region [ffff88802592f000, ffff88802592f40c) [ 667.152580][ T9805] [ 667.152798][ T9805] The buggy address belongs to the physical page: [ 667.153373][ T9805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x25928 [ 667.154157][ T9805] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 667.154916][ T9805] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 667.155631][ T9805] page_type: f5(slab) [ 667.155997][ T9805] raw: 00fff00000000040 ffff88801b442f00 0000000000000000 dead000000000001 [ 667.156770][ T9805] raw: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000 [ 667.157536][ T9805] head: 00fff00000000040 ffff88801b442f00 0000000000000000 dead000000000001 [ 667.158317][ T9805] head: 0000000000000000 0000000080080008 00000000f5000000 0000000000000000 [ 667.159088][ T9805] head: 00fff00000000003 ffffea0000964a01 00000000ffffffff 00000000ffffffff [ 667.159865][ T9805] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 667.160643][ T9805] page dumped because: kasan: bad access detected [ 667.161216][ T9805] page_owner tracks the page as allocated [ 667.161732][ T9805] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN9 [ 667.163566][ T9805] post_alloc_hook+0x1c0/0x230 [ 667.164003][ T9805] get_page_from_freelist+0xdeb/0x3b30 [ 667.164503][ T9805] __alloc_frozen_pages_noprof+0x25c/0x2460 [ 667.165040][ T9805] alloc_pages_mpol+0x1fb/0x550 [ 667.165489][ T9805] new_slab+0x23b/0x340 [ 667.165872][ T9805] ___slab_alloc+0xd81/0x1960 [ 667.166313][ T9805] __slab_alloc.isra.0+0x56/0xb0 [ 667.166767][ T9805] __kmalloc_cache_noprof+0x255/0x3e0 [ 667.167255][ T9805] psi_cgroup_alloc+0x52/0x2d0 [ 667.167693][ T9805] cgroup_mkdir+0x694/0x1210 [ 667.168118][ T9805] kernfs_iop_mkdir+0x111/0x190 [ 667.168568][ T9805] vfs_mkdir+0x59b/0x8d0 [ 667.168956][ T9805] do_mkdirat+0x2ed/0x3d0 [ 667.169353][ T9805] __x64_sys_mkdir+0xef/0x140 [ 667.169784][ T9805] do_syscall_64+0xc9/0x480 [ 667.170195][ T9805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 667.170730][ T9805] page last free pid 1257 tgid 1257 stack trace: [ 667.171304][ T9805] __free_frozen_pages+0x80c/0x1250 [ 667.171770][ T9805] vfree.part.0+0x12b/0xab0 [ 667.172182][ T9805] delayed_vfree_work+0x93/0xd0 [ 667.172612][ T9805] process_one_work+0x9b5/0x1b80 [ 667.173067][ T9805] worker_thread+0x630/0xe60 [ 667.173486][ T9805] kthread+0x3a8/0x770 [ 667.173857][ T9805] ret_from_fork+0x517/0x6e0 [ 667.174278][ T9805] ret_from_fork_asm+0x1a/0x30 [ 667.174703][ T9805] [ 667.174917][ T9805] Memory state around the buggy address: [ 667.175411][ T9805] ffff88802592f300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 667.176114][ T9805] ffff88802592f380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 667.176830][ T9805] >ffff88802592f400: 00 04 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 667.177547][ T9805] ^ [ 667.177933][ T9805] ffff88802592f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 667.178640][ T9805] ffff88802592f500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 667.179350][ T9805] ================================================================== The hfsplus_uni2asc() method operates by struct hfsplus_unistr: struct hfsplus_unistr { __be16 length; hfsplus_unichr unicode[HFSPLUS_MAX_STRLEN]; } __packed; where HFSPLUS_MAX_STRLEN is 255 bytes. The issue happens if length of the structure instance has value bigger than 255 (for example, 65283). In such case, pointer on unicode buffer is going beyond of the allocated memory. The patch fixes the issue by checking the length value of hfsplus_unistr instance and using 255 value in the case if length value is bigger than HFSPLUS_MAX_STRLEN. Potential reason of such situation could be a corruption of Catalog File b-tree's node. Reported-by: Wenzhi Wang <wenzhi.wang@uwaterloo.ca> Signed-off-by: Liu Shixin <liushixin2@huawei.com> Signed-off-by: Viacheslav Dubeyko <slava@dubeyko.com> cc: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> cc: Yangtao Li <frank.li@vivo.com> cc: linux-fsdevel@vger.kernel.org Reviewed-by: Yangtao Li <frank.li@vivo.com> Link: https://lore.kernel.org/r/20250710230830.110500-1-slava@dubeyko.com Signed-off-by: Viacheslav Dubeyko <slava@dubeyko.com> |
||
|
Tetsuo Handa
|
c7c6363ca1 |
hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()
When the volume header contains erroneous values that do not reflect the actual state of the filesystem, hfsplus_fill_super() assumes that the attributes file is not yet created, which later results in hitting BUG_ON() when hfsplus_create_attributes_file() is called. Replace this BUG_ON() with -EIO error with a message to suggest running fsck tool. Reported-by: syzbot <syzbot+1107451c16b9eb9d29e6@syzkaller.appspotmail.com> Closes: https://syzkaller.appspot.com/bug?extid=1107451c16b9eb9d29e6 Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Reviewed-by: Viacheslav Dubeyko <slava@dubeyko.com> Link: https://lore.kernel.org/r/7b587d24-c8a1-4413-9b9a-00a33fbd849f@I-love.SAKURA.ne.jp Signed-off-by: Viacheslav Dubeyko <slava@dubeyko.com> |
||
|
Johannes Thumshirn
|
4c6a567cb8 |
hfsplus: don't set REQ_SYNC for hfsplus_submit_bio()
hfsplus_submit_bio() called by hfsplus_sync_fs() uses bdev_virt_rw() which in turn uses submit_bio_wait() to submit the BIO. But submit_bio_wait() already sets the REQ_SYNC flag on the BIO so there is no need for setting the flag in hfsplus_sync_fs() when calling hfsplus_submit_bio(). Signed-off-by: Johannes Thumshirn <johannes.thumshirn@wdc.com> Reviewed-by: Yangtao Li <frank.li@vivo.com> Reviewed-by: Viacheslav Dubeyko <slava@dubeyko.com> Signed-off-by: Viacheslav Dubeyko <slava@dubeyko.com> Link: https://lore.kernel.org/r/20250710063553.4805-1-johannes.thumshirn@wdc.com Link: https://lore.kernel.org/r/20250710063553.4805-1-johannes.thumshirn@wdc.com Signed-off-by: Viacheslav Dubeyko <slava@dubeyko.com> |
||
|
Linus Torvalds
|
5f33ebd201 |
drm fixes (part 2) for 6.16-rc8/final
i915: - Fix DP 2.7 Gbps DP_LINK_BW value on g4x - Fix return value on intel_atomic_commit_fence_wait xe: - Fix build without debugfs -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEEKbZHaGwW9KfbeusDHTzWXnEhr4FAmiD6UwACgkQDHTzWXnE hr5DPRAAqXbmjZVfKlPkFYf7flCT29D8TFO7dVbrnol0P8B0JbMzhcTLY9wKOZOl dyp5NuTOWOcwV7sgG4yxbkclwUnkFdhPVW7oAqt1b2VwX7Y6f97xQQwxI2CWqsBa DK8Z+ej17nQrHUknRfhNxpxe3kfnn6O+4A7i7Iqdc0RUrYbe82wrOP6KFgYpX1Ck QmgU1GhiUmvSRN/XZTIlcyB3LNrow6O0XTMy6j7wwKmnmecGGW/C/nSzhdqfMszI Qj7GaszS5OyuCk5Grylg0iYGPw+mbGa2qs9hxiwIe6zgR++EP4cVxQtBGoLjmINa yZOT/8gXdMmFH3QfGMOes+WJVfFxY77y4lyTzB7L0meeZNdTaLYxbsBjnQp2HSF8 x3fFfu0e6Jgz2GfpsPW5jm1w3bAYAG24UNCNts/JhOs/9U2Fl9UY2oHJnGx/cCfd 3xFjJBv6mFD0AmKapmdDKSlS6uBpq0ElfKrPuwwhlrmX01c2jpe5sYT+JxSkeG1R efLgWSyyuFZ4IwpT2BkEVgYVwEAi1Kyix+/Yyobc2YJjSpzOhaNmRgdWecBJuWMn CMjb7jciXAxJt+wP+y5301Fk0q73uaQWSypDaX5lZhnD7yjvTFtkUQzPFOd2bQ/E cHIXzhKolLByaVKZV2r7IAeI+xujJAMT8XLaHe4U/9Vv/CTr7lQ= =rf5N -----END PGP SIGNATURE----- Merge tag 'drm-fixes-2025-07-26' of https://gitlab.freedesktop.org/drm/kernel Pull drm fixes (part 2) from Dave Airlie: "Just the follow up fixes for i915 and xe, all pretty minor. i915: - Fix DP 2.7 Gbps DP_LINK_BW value on g4x - Fix return value on intel_atomic_commit_fence_wait xe: - Fix build without debugfs" * tag 'drm-fixes-2025-07-26' of https://gitlab.freedesktop.org/drm/kernel: drm/xe: Fix build without debugfs drm/i915/display: Fix dma_fence_wait_timeout() return value handling drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x |
||
|
Linus Torvalds
|
327579671a |
block-6.16-20250725
-----BEGIN PGP SIGNATURE----- iQJEBAABCAAuFiEEwPw5LcreJtl1+l5K99NY+ylx4KYFAmiDdRYQHGF4Ym9lQGtl cm5lbC5kawAKCRD301j7KXHgpnkWD/9h7VFAPOxDCWvmp8awU3OoKVbJI5lo0656 Irch2xNlhtCAB6fUYSRPOq5xIZjNQmI5Fvzp7Gyto1fQYmtxsU75Kbgh7gzTOxsI j0I2KAwD2RrifozONOJa3aCYS8T18nEdcK32zMvVUegBAPhd9wI474fJJSAKa5t2 qhXcYMRyiy4Wc1Sz187kD5H7RBljdkgnmO0VcWbplwTW0vPID70tSacDKUW1Jmuf kSqDh52jzPaYyt7f2gr/TaiHf1TsUuGKdIS58gdN+CBXEMMo4IKOxrU0qFMytOr9 N1B2VzG9aEUZjZFqArOnO2BpUnfhHwI1JlqONOvdholpqTCVvdxpDlMIc918cQ+v 5mYTWOtYCE+ziLRJlp+ttNOipVLMOPemr/Rnb4w9I84Xsdt1dxAAv8MOuB4lGomT vSwoK6SLUS5u6PSSTAv8f9I1fgijghbzsXs6TpDwHMYujNQn/MyHJLIYQ4yWhDrJ 25bjLRYJePR83I1AdjbL/fJqCi6gUtzzRrDfN3xSziMo875mP0XxjPOaQeGLpMXM Br1GFrXHtvUZ/2ipvGzbVDL/qs3a5S/rQJ2HNhgQvd/FcSs1ZMirCEbWmTyDtNdj MkYu4VGFXwhVxVBXGqnShRRbf6KnLM/MC1GkQVpqfKjhMSBsBaJ68kCXbROVbkGj 3BSu0SlV0w== =Q1wN -----END PGP SIGNATURE----- Merge tag 'block-6.16-20250725' of git://git.kernel.dk/linux Pull block fix from Jens Axboe: "Just a single fix for regression in this release, where a module reference could be leaked" * tag 'block-6.16-20250725' of git://git.kernel.dk/linux: block: fix module reference leak in mq-deadline I/O scheduler |
||
|
Linus Torvalds
|
4bb0122091 |
vfs-6.16-rc8.fixes
-----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQRAhzRXHqcMeLMyaSiRxhvAZXjcogUCaIM+0AAKCRCRxhvAZXjc oopdAP9SviubsueENDGRNvyvjCajdaUcZ481UeWCsvshc1ykmgEAo+Cwu3QxRzF7 BVjSIJSV9r4ae/fNw/MASbJVwyfCJQc= =hGG6 -----END PGP SIGNATURE----- Merge tag 'vfs-6.16-rc8.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs fixes from Christian Brauner: "Two last-minute fixes for this cycle: - Set afs vllist to NULL if addr parsing fails - Add a missing check for reaching the end of the string in afs" * tag 'vfs-6.16-rc8.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: afs: Set vllist to NULL if addr parsing fails afs: Fix check for NULL terminator |