commit e7c375b181600caf135cfd03eadbc45eb530f2cb · tjh.dev/kernel

tjh.dev / kernel

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Merge tag 'vfs-6.18-rc7.fixes' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs

Pull vfs fixes from Christian Brauner:

- Fix unitialized variable in statmount_string()

- Fix hostfs mounting when passing host root during boot

- Fix dynamic lookup to fail on cell lookup failure

- Fix missing file type when reading bfs inodes from disk

- Enforce checking of sb_min_blocksize() calls and update all callers
accordingly

- Restore write access before closing files opened by open_exec() in
binfmt_misc

- Always freeze efivarfs during suspend/hibernate cycles

- Fix statmount()'s and listmount()'s grab_requested_mnt_ns() helper to
actually allow mount namespace file descriptor in addition to mount
namespace ids

- Fix tmpfs remount when noswap is specified

- Switch Landlock to iput_not_last() to remove false-positives from
might_sleep() annotations in iput()

- Remove dead node_to_mnt_ns() code

- Ensure that per-queue kobjects are successfully created

* tag 'vfs-6.18-rc7.fixes' of gitolite.kernel.org:pub/scm/linux/kernel/git/vfs/vfs:
landlock: fix splats from iput() after it started calling might_sleep()
fs: add iput_not_last()
shmem: fix tmpfs reconfiguration (remount) when noswap is set
fs/namespace: correctly handle errors returned by grab_requested_mnt_ns
power: always freeze efivarfs
binfmt_misc: restore write access before closing files opened by open_exec()
block: add __must_check attribute to sb_min_blocksize()
virtio-fs: fix incorrect check for fsvq->kobj
xfs: check the return value of sb_min_blocksize() in xfs_fs_fill_super
isofs: check the return value of sb_min_blocksize() in isofs_fill_super
exfat: check return value of sb_min_blocksize in exfat_read_boot_sector
vfat: fix missing sb_min_blocksize() return value checks
mnt: Remove dead code which might prevent from building
bfs: Reconstruct file type when loading from disk
afs: Fix dynamic lookup to fail on cell lookup failure
hostfs: Fix only passing host root in boot stage with new mount
fs: Fix uninitialized 'offp' in statmount_string()

Linus Torvalds 2 months ago e7c375b1 418592a0

+206 -91

26 changed files

expand all

unified split

block

bdev.c

afs

cell.c

dynroot.c

internal.h

mntpt.c

proc.c

super.c

vl_alias.c

bfs

inode.c

binfmt_misc.c

efivarfs

super.c

exfat

super.c

fat

inode.c

fuse

virtio_fs.c

hostfs

hostfs_kern.c

inode.c

isofs

inode.c

namespace.c

super.c

xfs

xfs_super.c

include

linux

fs.h

uapi

linux

mount.h

kernel

power

hibernate.c

suspend.c

shmem.c

security

landlock

fs.c

+1 -1

block/bdev.c

··· 231 231 232 232 EXPORT_SYMBOL(sb_set_blocksize); 233 233 234 - int sb_min_blocksize(struct super_block *sb, int size) 234 + int __must_check sb_min_blocksize(struct super_block *sb, int size) 235 235 { 236 236 int minsize = bdev_logical_block_size(sb->s_bdev); 237 237 if (size < minsize)

+66 -12

fs/afs/cell.c

··· 229 229 * @name: The name of the cell. 230 230 * @namesz: The strlen of the cell name. 231 231 * @vllist: A colon/comma separated list of numeric IP addresses or NULL. 232 - * @excl: T if an error should be given if the cell name already exists. 232 + * @reason: The reason we're doing the lookup 233 233 * @trace: The reason to be logged if the lookup is successful. 234 234 * 235 235 * Look up a cell record by name and query the DNS for VL server addresses if ··· 239 239 */ 240 240 struct afs_cell *afs_lookup_cell(struct afs_net *net, 241 241 const char *name, unsigned int namesz, 242 - const char *vllist, bool excl, 242 + const char *vllist, 243 + enum afs_lookup_cell_for reason, 243 244 enum afs_cell_trace trace) 244 245 { 245 246 struct afs_cell *cell, *candidate, *cursor; ··· 248 247 enum afs_cell_state state; 249 248 int ret, n; 250 249 251 - _enter("%s,%s", name, vllist); 250 + _enter("%s,%s,%u", name, vllist, reason); 252 251 253 - if (!excl) { 252 + if (reason != AFS_LOOKUP_CELL_PRELOAD) { 254 253 cell = afs_find_cell(net, name, namesz, trace); 255 - if (!IS_ERR(cell)) 254 + if (!IS_ERR(cell)) { 255 + if (reason == AFS_LOOKUP_CELL_DYNROOT) 256 + goto no_wait; 257 + if (cell->state == AFS_CELL_SETTING_UP || 258 + cell->state == AFS_CELL_UNLOOKED) 259 + goto lookup_cell; 256 260 goto wait_for_cell; 261 + } 257 262 } 258 263 259 264 /* Assume we're probably going to create a cell and preallocate and ··· 305 298 rb_insert_color(&cell->net_node, &net->cells); 306 299 up_write(&net->cells_lock); 307 300 308 - afs_queue_cell(cell, afs_cell_trace_queue_new); 301 + lookup_cell: 302 + if (reason != AFS_LOOKUP_CELL_PRELOAD && 303 + reason != AFS_LOOKUP_CELL_ROOTCELL) { 304 + set_bit(AFS_CELL_FL_DO_LOOKUP, &cell->flags); 305 + afs_queue_cell(cell, afs_cell_trace_queue_new); 306 + } 309 307 310 308 wait_for_cell: 311 - _debug("wait_for_cell"); 312 309 state = smp_load_acquire(&cell->state); /* vs error */ 313 - if (state != AFS_CELL_ACTIVE && 314 - state != AFS_CELL_DEAD) { 310 + switch (state) { 311 + case AFS_CELL_ACTIVE: 312 + case AFS_CELL_DEAD: 313 + break; 314 + case AFS_CELL_UNLOOKED: 315 + default: 316 + if (reason == AFS_LOOKUP_CELL_PRELOAD || 317 + reason == AFS_LOOKUP_CELL_ROOTCELL) 318 + break; 319 + _debug("wait_for_cell"); 315 320 afs_see_cell(cell, afs_cell_trace_wait); 316 321 wait_var_event(&cell->state, 317 322 ({ 318 323 state = smp_load_acquire(&cell->state); /* vs error */ 319 324 state == AFS_CELL_ACTIVE || state == AFS_CELL_DEAD; 320 325 })); 326 + _debug("waited_for_cell %d %d", cell->state, cell->error); 321 327 } 322 328 329 + no_wait: 323 330 /* Check the state obtained from the wait check. */ 331 + state = smp_load_acquire(&cell->state); /* vs error */ 324 332 if (state == AFS_CELL_DEAD) { 325 333 ret = cell->error; 326 334 goto error; 335 + } 336 + if (state == AFS_CELL_ACTIVE) { 337 + switch (cell->dns_status) { 338 + case DNS_LOOKUP_NOT_DONE: 339 + if (cell->dns_source == DNS_RECORD_FROM_CONFIG) { 340 + ret = 0; 341 + break; 342 + } 343 + fallthrough; 344 + default: 345 + ret = -EIO; 346 + goto error; 347 + case DNS_LOOKUP_GOOD: 348 + case DNS_LOOKUP_GOOD_WITH_BAD: 349 + ret = 0; 350 + break; 351 + case DNS_LOOKUP_GOT_NOT_FOUND: 352 + ret = -ENOENT; 353 + goto error; 354 + case DNS_LOOKUP_BAD: 355 + ret = -EREMOTEIO; 356 + goto error; 357 + case DNS_LOOKUP_GOT_LOCAL_FAILURE: 358 + case DNS_LOOKUP_GOT_TEMP_FAILURE: 359 + case DNS_LOOKUP_GOT_NS_FAILURE: 360 + ret = -EDESTADDRREQ; 361 + goto error; 362 + } 327 363 } 328 364 329 365 _leave(" = %p [cell]", cell); ··· 375 325 cell_already_exists: 376 326 _debug("cell exists"); 377 327 cell = cursor; 378 - if (excl) { 328 + if (reason == AFS_LOOKUP_CELL_PRELOAD) { 379 329 ret = -EEXIST; 380 330 } else { 381 331 afs_use_cell(cursor, trace); ··· 434 384 return -EINVAL; 435 385 436 386 /* allocate a cell record for the root/workstation cell */ 437 - new_root = afs_lookup_cell(net, rootcell, len, vllist, false, 387 + new_root = afs_lookup_cell(net, rootcell, len, vllist, 388 + AFS_LOOKUP_CELL_ROOTCELL, 438 389 afs_cell_trace_use_lookup_ws); 439 390 if (IS_ERR(new_root)) { 440 391 _leave(" = %ld", PTR_ERR(new_root)); ··· 828 777 switch (cell->state) { 829 778 case AFS_CELL_SETTING_UP: 830 779 goto set_up_cell; 780 + case AFS_CELL_UNLOOKED: 831 781 case AFS_CELL_ACTIVE: 832 782 goto cell_is_active; 833 783 case AFS_CELL_REMOVING: ··· 849 797 goto remove_cell; 850 798 } 851 799 852 - afs_set_cell_state(cell, AFS_CELL_ACTIVE); 800 + afs_set_cell_state(cell, AFS_CELL_UNLOOKED); 853 801 854 802 cell_is_active: 855 803 if (afs_has_cell_expired(cell, &next_manage)) ··· 859 807 ret = afs_update_cell(cell); 860 808 if (ret < 0) 861 809 cell->error = ret; 810 + if (cell->state == AFS_CELL_UNLOOKED) 811 + afs_set_cell_state(cell, AFS_CELL_ACTIVE); 862 812 } 863 813 864 814 if (next_manage < TIME64_MAX && cell->net->live) {

+2 -1

fs/afs/dynroot.c

··· 108 108 dotted = true; 109 109 } 110 110 111 - cell = afs_lookup_cell(net, name, len, NULL, false, 111 + cell = afs_lookup_cell(net, name, len, NULL, 112 + AFS_LOOKUP_CELL_DYNROOT, 112 113 afs_cell_trace_use_lookup_dynroot); 113 114 if (IS_ERR(cell)) { 114 115 ret = PTR_ERR(cell);

+11 -1

fs/afs/internal.h

··· 343 343 344 344 enum afs_cell_state { 345 345 AFS_CELL_SETTING_UP, 346 + AFS_CELL_UNLOOKED, 346 347 AFS_CELL_ACTIVE, 347 348 AFS_CELL_REMOVING, 348 349 AFS_CELL_DEAD, ··· 1050 1049 extern int afs_cell_init(struct afs_net *, const char *); 1051 1050 extern struct afs_cell *afs_find_cell(struct afs_net *, const char *, unsigned, 1052 1051 enum afs_cell_trace); 1052 + enum afs_lookup_cell_for { 1053 + AFS_LOOKUP_CELL_DYNROOT, 1054 + AFS_LOOKUP_CELL_MOUNTPOINT, 1055 + AFS_LOOKUP_CELL_DIRECT_MOUNT, 1056 + AFS_LOOKUP_CELL_PRELOAD, 1057 + AFS_LOOKUP_CELL_ROOTCELL, 1058 + AFS_LOOKUP_CELL_ALIAS_CHECK, 1059 + }; 1053 1060 struct afs_cell *afs_lookup_cell(struct afs_net *net, 1054 1061 const char *name, unsigned int namesz, 1055 - const char *vllist, bool excl, 1062 + const char *vllist, 1063 + enum afs_lookup_cell_for reason, 1056 1064 enum afs_cell_trace trace); 1057 1065 extern struct afs_cell *afs_use_cell(struct afs_cell *, enum afs_cell_trace); 1058 1066 void afs_unuse_cell(struct afs_cell *cell, enum afs_cell_trace reason);

+2 -1

fs/afs/mntpt.c

··· 107 107 if (size > AFS_MAXCELLNAME) 108 108 return -ENAMETOOLONG; 109 109 110 - cell = afs_lookup_cell(ctx->net, p, size, NULL, false, 110 + cell = afs_lookup_cell(ctx->net, p, size, NULL, 111 + AFS_LOOKUP_CELL_MOUNTPOINT, 111 112 afs_cell_trace_use_lookup_mntpt); 112 113 if (IS_ERR(cell)) { 113 114 pr_err("kAFS: unable to lookup cell '%pd'\n", mntpt);

+2 -1

fs/afs/proc.c

··· 122 122 if (strcmp(buf, "add") == 0) { 123 123 struct afs_cell *cell; 124 124 125 - cell = afs_lookup_cell(net, name, strlen(name), args, true, 125 + cell = afs_lookup_cell(net, name, strlen(name), args, 126 + AFS_LOOKUP_CELL_PRELOAD, 126 127 afs_cell_trace_use_lookup_add); 127 128 if (IS_ERR(cell)) { 128 129 ret = PTR_ERR(cell);

+1 -1

fs/afs/super.c

··· 290 290 /* lookup the cell record */ 291 291 if (cellname) { 292 292 cell = afs_lookup_cell(ctx->net, cellname, cellnamesz, 293 - NULL, false, 293 + NULL, AFS_LOOKUP_CELL_DIRECT_MOUNT, 294 294 afs_cell_trace_use_lookup_mount); 295 295 if (IS_ERR(cell)) { 296 296 pr_err("kAFS: unable to lookup cell '%*.*s'\n",

+2 -1

fs/afs/vl_alias.c

··· 269 269 if (!name_len || name_len > AFS_MAXCELLNAME) 270 270 master = ERR_PTR(-EOPNOTSUPP); 271 271 else 272 - master = afs_lookup_cell(cell->net, cell_name, name_len, NULL, false, 272 + master = afs_lookup_cell(cell->net, cell_name, name_len, NULL, 273 + AFS_LOOKUP_CELL_ALIAS_CHECK, 273 274 afs_cell_trace_use_lookup_canonical); 274 275 kfree(cell_name); 275 276 if (IS_ERR(master))

+18 -1

fs/bfs/inode.c

··· 61 61 off = (ino - BFS_ROOT_INO) % BFS_INODES_PER_BLOCK; 62 62 di = (struct bfs_inode *)bh->b_data + off; 63 63 64 - inode->i_mode = 0x0000FFFF & le32_to_cpu(di->i_mode); 64 + /* 65 + * https://martin.hinner.info/fs/bfs/bfs-structure.html explains that 66 + * BFS in SCO UnixWare environment used only lower 9 bits of di->i_mode 67 + * value. This means that, although bfs_write_inode() saves whole 68 + * inode->i_mode bits (which include S_IFMT bits and S_IS{UID,GID,VTX} 69 + * bits), middle 7 bits of di->i_mode value can be garbage when these 70 + * bits were not saved by bfs_write_inode(). 71 + * Since we can't tell whether middle 7 bits are garbage, use only 72 + * lower 12 bits (i.e. tolerate S_IS{UID,GID,VTX} bits possibly being 73 + * garbage) and reconstruct S_IFMT bits for Linux environment from 74 + * di->i_vtype value. 75 + */ 76 + inode->i_mode = 0x00000FFF & le32_to_cpu(di->i_mode); 65 77 if (le32_to_cpu(di->i_vtype) == BFS_VDIR) { 66 78 inode->i_mode |= S_IFDIR; 67 79 inode->i_op = &bfs_dir_inops; ··· 83 71 inode->i_op = &bfs_file_inops; 84 72 inode->i_fop = &bfs_file_operations; 85 73 inode->i_mapping->a_ops = &bfs_aops; 74 + } else { 75 + brelse(bh); 76 + printf("Unknown vtype=%u %s:%08lx\n", 77 + le32_to_cpu(di->i_vtype), inode->i_sb->s_id, ino); 78 + goto error; 86 79 } 87 80 88 81 BFS_I(inode)->i_sblock = le32_to_cpu(di->i_sblock);

+3 -1

fs/binfmt_misc.c

··· 837 837 inode_unlock(d_inode(root)); 838 838 839 839 if (err) { 840 - if (f) 840 + if (f) { 841 + exe_file_allow_write_access(f); 841 842 filp_close(f, NULL); 843 + } 842 844 kfree(e); 843 845 return err; 844 846 }

fs/efivarfs/super.c

··· 533 533 .init_fs_context = efivarfs_init_fs_context, 534 534 .kill_sb = efivarfs_kill_sb, 535 535 .parameters = efivarfs_parameters, 536 + .fs_flags = FS_POWER_FREEZE, 536 537 }; 537 538 538 539 static __init int efivarfs_init(void)

+4 -1

fs/exfat/super.c

··· 433 433 struct exfat_sb_info *sbi = EXFAT_SB(sb); 434 434 435 435 /* set block size to read super block */ 436 - sb_min_blocksize(sb, 512); 436 + if (!sb_min_blocksize(sb, 512)) { 437 + exfat_err(sb, "unable to set blocksize"); 438 + return -EINVAL; 439 + } 437 440 438 441 /* read boot sector */ 439 442 sbi->boot_bh = sb_bread(sb, 0);

+5 -1

fs/fat/inode.c

··· 1595 1595 1596 1596 setup(sb); /* flavour-specific stuff that needs options */ 1597 1597 1598 + error = -EINVAL; 1599 + if (!sb_min_blocksize(sb, 512)) { 1600 + fat_msg(sb, KERN_ERR, "unable to set blocksize"); 1601 + goto out_fail; 1602 + } 1598 1603 error = -EIO; 1599 - sb_min_blocksize(sb, 512); 1600 1604 bh = sb_bread(sb, 0); 1601 1605 if (bh == NULL) { 1602 1606 fat_msg(sb, KERN_ERR, "unable to read boot sector");

+1 -1

fs/fuse/virtio_fs.c

··· 373 373 374 374 sprintf(buff, "%d", i); 375 375 fsvq->kobj = kobject_create_and_add(buff, fs->mqs_kobj); 376 - if (!fs->mqs_kobj) { 376 + if (!fsvq->kobj) { 377 377 ret = -ENOMEM; 378 378 goto out_del; 379 379 }

+18 -11

fs/hostfs/hostfs_kern.c

··· 979 979 { 980 980 struct hostfs_fs_info *fsi = fc->s_fs_info; 981 981 struct fs_parse_result result; 982 - char *host_root; 982 + char *host_root, *tmp_root; 983 983 int opt; 984 984 985 985 opt = fs_parse(fc, hostfs_param_specs, param, &result); ··· 990 990 case Opt_hostfs: 991 991 host_root = param->string; 992 992 if (!*host_root) 993 - host_root = ""; 994 - fsi->host_root_path = 995 - kasprintf(GFP_KERNEL, "%s/%s", root_ino, host_root); 996 - if (fsi->host_root_path == NULL) 993 + break; 994 + tmp_root = kasprintf(GFP_KERNEL, "%s%s", 995 + fsi->host_root_path, host_root); 996 + if (!tmp_root) 997 997 return -ENOMEM; 998 + kfree(fsi->host_root_path); 999 + fsi->host_root_path = tmp_root; 998 1000 break; 999 1001 } 1000 1002 ··· 1006 1004 static int hostfs_parse_monolithic(struct fs_context *fc, void *data) 1007 1005 { 1008 1006 struct hostfs_fs_info *fsi = fc->s_fs_info; 1009 - char *host_root = (char *)data; 1007 + char *tmp_root, *host_root = (char *)data; 1010 1008 1011 1009 /* NULL is printed as '(null)' by printf(): avoid that. */ 1012 1010 if (host_root == NULL) 1013 - host_root = ""; 1011 + return 0; 1014 1012 1015 - fsi->host_root_path = 1016 - kasprintf(GFP_KERNEL, "%s/%s", root_ino, host_root); 1017 - if (fsi->host_root_path == NULL) 1013 + tmp_root = kasprintf(GFP_KERNEL, "%s%s", fsi->host_root_path, host_root); 1014 + if (!tmp_root) 1018 1015 return -ENOMEM; 1019 - 1016 + kfree(fsi->host_root_path); 1017 + fsi->host_root_path = tmp_root; 1020 1018 return 0; 1021 1019 } 1022 1020 ··· 1051 1049 if (!fsi) 1052 1050 return -ENOMEM; 1053 1051 1052 + fsi->host_root_path = kasprintf(GFP_KERNEL, "%s/", root_ino); 1053 + if (!fsi->host_root_path) { 1054 + kfree(fsi); 1055 + return -ENOMEM; 1056 + } 1054 1057 fc->s_fs_info = fsi; 1055 1058 fc->ops = &hostfs_context_ops; 1056 1059 return 0;

+12

fs/inode.c

··· 1967 1967 } 1968 1968 EXPORT_SYMBOL(iput); 1969 1969 1970 + /** 1971 + * iput_not_last - put an inode assuming this is not the last reference 1972 + * @inode: inode to put 1973 + */ 1974 + void iput_not_last(struct inode *inode) 1975 + { 1976 + VFS_BUG_ON_INODE(atomic_read(&inode->i_count) < 2, inode); 1977 + 1978 + WARN_ON(atomic_sub_return(1, &inode->i_count) == 0); 1979 + } 1980 + EXPORT_SYMBOL(iput_not_last); 1981 + 1970 1982 #ifdef CONFIG_BLOCK 1971 1983 /** 1972 1984 * bmap - find a block number in a file

fs/isofs/inode.c

··· 610 610 goto out_freesbi; 611 611 } 612 612 opt->blocksize = sb_min_blocksize(s, opt->blocksize); 613 + if (!opt->blocksize) { 614 + printk(KERN_ERR 615 + "ISOFS: unable to set blocksize\n"); 616 + goto out_freesbi; 617 + } 613 618 614 619 sbi->s_high_sierra = 0; /* default is iso9660 */ 615 620 sbi->s_session = opt->session;

+18 -28

fs/namespace.c

··· 132 132 */ 133 133 __cacheline_aligned_in_smp DEFINE_SEQLOCK(mount_lock); 134 134 135 - static inline struct mnt_namespace *node_to_mnt_ns(const struct rb_node *node) 136 - { 137 - struct ns_common *ns; 138 - 139 - if (!node) 140 - return NULL; 141 - ns = rb_entry(node, struct ns_common, ns_tree_node); 142 - return container_of(ns, struct mnt_namespace, ns); 143 - } 144 - 145 135 static void mnt_ns_release(struct mnt_namespace *ns) 146 136 { 147 137 /* keep alive for {list,stat}mount() */ ··· 141 151 kfree(ns); 142 152 } 143 153 } 144 - DEFINE_FREE(mnt_ns_release, struct mnt_namespace *, if (_T) mnt_ns_release(_T)) 154 + DEFINE_FREE(mnt_ns_release, struct mnt_namespace *, 155 + if (!IS_ERR(_T)) mnt_ns_release(_T)) 145 156 146 157 static void mnt_ns_release_rcu(struct rcu_head *rcu) 147 158 { ··· 5445 5454 ret = statmount_sb_source(s, seq); 5446 5455 break; 5447 5456 case STATMOUNT_MNT_UIDMAP: 5448 - sm->mnt_uidmap = start; 5457 + offp = &sm->mnt_uidmap; 5449 5458 ret = statmount_mnt_uidmap(s, seq); 5450 5459 break; 5451 5460 case STATMOUNT_MNT_GIDMAP: 5452 - sm->mnt_gidmap = start; 5461 + offp = &sm->mnt_gidmap; 5453 5462 ret = statmount_mnt_gidmap(s, seq); 5454 5463 break; 5455 5464 default: ··· 5727 5736 ret = copy_struct_from_user(kreq, sizeof(*kreq), req, usize); 5728 5737 if (ret) 5729 5738 return ret; 5730 - if (kreq->spare != 0) 5739 + if (kreq->mnt_ns_fd != 0 && kreq->mnt_ns_id) 5731 5740 return -EINVAL; 5732 5741 /* The first valid unique mount id is MNT_UNIQUE_ID_OFFSET + 1. */ 5733 5742 if (kreq->mnt_id <= MNT_UNIQUE_ID_OFFSET) ··· 5744 5753 { 5745 5754 struct mnt_namespace *mnt_ns; 5746 5755 5747 - if (kreq->mnt_ns_id && kreq->spare) 5748 - return ERR_PTR(-EINVAL); 5749 - 5750 - if (kreq->mnt_ns_id) 5751 - return lookup_mnt_ns(kreq->mnt_ns_id); 5752 - 5753 - if (kreq->spare) { 5756 + if (kreq->mnt_ns_id) { 5757 + mnt_ns = lookup_mnt_ns(kreq->mnt_ns_id); 5758 + } else if (kreq->mnt_ns_fd) { 5754 5759 struct ns_common *ns; 5755 5760 5756 - CLASS(fd, f)(kreq->spare); 5761 + CLASS(fd, f)(kreq->mnt_ns_fd); 5757 5762 if (fd_empty(f)) 5758 5763 return ERR_PTR(-EBADF); 5759 5764 ··· 5764 5777 } else { 5765 5778 mnt_ns = current->nsproxy->mnt_ns; 5766 5779 } 5780 + if (!mnt_ns) 5781 + return ERR_PTR(-ENOENT); 5767 5782 5768 5783 refcount_inc(&mnt_ns->passive); 5769 5784 return mnt_ns; ··· 5790 5801 return ret; 5791 5802 5792 5803 ns = grab_requested_mnt_ns(&kreq); 5793 - if (!ns) 5794 - return -ENOENT; 5804 + if (IS_ERR(ns)) 5805 + return PTR_ERR(ns); 5795 5806 5796 5807 if (kreq.mnt_ns_id && (ns != current->nsproxy->mnt_ns) && 5797 5808 !ns_capable_noaudit(ns->user_ns, CAP_SYS_ADMIN)) ··· 5901 5912 static inline int prepare_klistmount(struct klistmount *kls, struct mnt_id_req *kreq, 5902 5913 size_t nr_mnt_ids) 5903 5914 { 5904 - 5905 5915 u64 last_mnt_id = kreq->param; 5916 + struct mnt_namespace *ns; 5906 5917 5907 5918 /* The first valid unique mount id is MNT_UNIQUE_ID_OFFSET + 1. */ 5908 5919 if (last_mnt_id != 0 && last_mnt_id <= MNT_UNIQUE_ID_OFFSET) ··· 5916 5927 if (!kls->kmnt_ids) 5917 5928 return -ENOMEM; 5918 5929 5919 - kls->ns = grab_requested_mnt_ns(kreq); 5920 - if (!kls->ns) 5921 - return -ENOENT; 5930 + ns = grab_requested_mnt_ns(kreq); 5931 + if (IS_ERR(ns)) 5932 + return PTR_ERR(ns); 5933 + kls->ns = ns; 5922 5934 5923 5935 kls->mnt_parent_id = kreq->mnt_id; 5924 5936 return 0;

+10 -3

fs/super.c

··· 1183 1183 1184 1184 static const char *filesystems_freeze_ptr = "filesystems_freeze"; 1185 1185 1186 - static void filesystems_freeze_callback(struct super_block *sb, void *unused) 1186 + static void filesystems_freeze_callback(struct super_block *sb, void *freeze_all_ptr) 1187 1187 { 1188 1188 if (!sb->s_op->freeze_fs && !sb->s_op->freeze_super) 1189 + return; 1190 + 1191 + if (freeze_all_ptr && !(sb->s_type->fs_flags & FS_POWER_FREEZE)) 1189 1192 return; 1190 1193 1191 1194 if (!get_active_super(sb)) ··· 1204 1201 deactivate_super(sb); 1205 1202 } 1206 1203 1207 - void filesystems_freeze(void) 1204 + void filesystems_freeze(bool freeze_all) 1208 1205 { 1209 - __iterate_supers(filesystems_freeze_callback, NULL, 1206 + void *freeze_all_ptr = NULL; 1207 + 1208 + if (freeze_all) 1209 + freeze_all_ptr = &freeze_all; 1210 + __iterate_supers(filesystems_freeze_callback, freeze_all_ptr, 1210 1211 SUPER_ITER_UNLOCKED | SUPER_ITER_REVERSE); 1211 1212 } 1212 1213

+4 -1

fs/xfs/xfs_super.c

··· 1693 1693 if (error) 1694 1694 return error; 1695 1695 1696 - sb_min_blocksize(sb, BBSIZE); 1696 + if (!sb_min_blocksize(sb, BBSIZE)) { 1697 + xfs_err(mp, "unable to set blocksize"); 1698 + return -EINVAL; 1699 + } 1697 1700 sb->s_xattr = xfs_xattr_handlers; 1698 1701 sb->s_export_op = &xfs_export_operations; 1699 1702 #ifdef CONFIG_XFS_QUOTA

+5 -3

include/linux/fs.h

··· 2689 2689 #define FS_ALLOW_IDMAP 32 /* FS has been updated to handle vfs idmappings. */ 2690 2690 #define FS_MGTIME 64 /* FS uses multigrain timestamps */ 2691 2691 #define FS_LBS 128 /* FS supports LBS */ 2692 + #define FS_POWER_FREEZE 256 /* Always freeze on suspend/hibernate */ 2692 2693 #define FS_RENAME_DOES_D_MOVE 32768 /* FS will handle d_move() during rename() internally. */ 2693 2694 int (*init_fs_context)(struct fs_context *); 2694 2695 const struct fs_parameter_spec *parameters; ··· 2824 2823 2825 2824 extern void ihold(struct inode * inode); 2826 2825 extern void iput(struct inode *); 2826 + void iput_not_last(struct inode *); 2827 2827 int inode_update_timestamps(struct inode *inode, int flags); 2828 2828 int generic_update_time(struct inode *, int); 2829 2829 ··· 3425 3423 extern void inode_sb_list_add(struct inode *inode); 3426 3424 extern void inode_add_lru(struct inode *inode); 3427 3425 3428 - extern int sb_set_blocksize(struct super_block *, int); 3429 - extern int sb_min_blocksize(struct super_block *, int); 3426 + int sb_set_blocksize(struct super_block *sb, int size); 3427 + int __must_check sb_min_blocksize(struct super_block *sb, int size); 3430 3428 3431 3429 int generic_file_mmap(struct file *, struct vm_area_struct *); 3432 3430 int generic_file_mmap_prepare(struct vm_area_desc *desc); ··· 3608 3606 extern void iterate_supers(void (*f)(struct super_block *, void *), void *arg); 3609 3607 extern void iterate_supers_type(struct file_system_type *, 3610 3608 void (*)(struct super_block *, void *), void *); 3611 - void filesystems_freeze(void); 3609 + void filesystems_freeze(bool freeze_all); 3612 3610 void filesystems_thaw(void); 3613 3611 3614 3612 extern int dcache_dir_open(struct inode *, struct file *);

+1 -1

include/uapi/linux/mount.h

··· 197 197 */ 198 198 struct mnt_id_req { 199 199 __u32 size; 200 - __u32 spare; 200 + __u32 mnt_ns_fd; 201 201 __u64 mnt_id; 202 202 __u64 param; 203 203 __u64 mnt_ns_id;

+3 -6

kernel/power/hibernate.c

··· 821 821 goto Restore; 822 822 823 823 ksys_sync_helper(); 824 - if (filesystem_freeze_enabled) 825 - filesystems_freeze(); 824 + filesystems_freeze(filesystem_freeze_enabled); 826 825 827 826 error = freeze_processes(); 828 827 if (error) ··· 927 928 if (error) 928 929 goto restore; 929 930 930 - if (filesystem_freeze_enabled) 931 - filesystems_freeze(); 931 + filesystems_freeze(filesystem_freeze_enabled); 932 932 933 933 error = freeze_processes(); 934 934 if (error) ··· 1077 1079 if (error) 1078 1080 goto Restore; 1079 1081 1080 - if (filesystem_freeze_enabled) 1081 - filesystems_freeze(); 1082 + filesystems_freeze(filesystem_freeze_enabled); 1082 1083 1083 1084 pm_pr_dbg("Preparing processes for hibernation restore.\n"); 1084 1085 error = freeze_processes();

+1 -2

kernel/power/suspend.c

··· 375 375 if (error) 376 376 goto Restore; 377 377 378 - if (filesystem_freeze_enabled) 379 - filesystems_freeze(); 378 + filesystems_freeze(filesystem_freeze_enabled); 380 379 trace_suspend_resume(TPS("freeze_processes"), 0, true); 381 380 error = suspend_freeze_processes(); 382 381 trace_suspend_resume(TPS("freeze_processes"), 0, false);

+7 -8

mm/shmem.c

··· 131 131 #define SHMEM_SEEN_INODES 2 132 132 #define SHMEM_SEEN_HUGE 4 133 133 #define SHMEM_SEEN_INUMS 8 134 - #define SHMEM_SEEN_NOSWAP 16 135 - #define SHMEM_SEEN_QUOTA 32 134 + #define SHMEM_SEEN_QUOTA 16 136 135 }; 137 136 138 137 #ifdef CONFIG_TRANSPARENT_HUGEPAGE ··· 4679 4680 "Turning off swap in unprivileged tmpfs mounts unsupported"); 4680 4681 } 4681 4682 ctx->noswap = true; 4682 - ctx->seen |= SHMEM_SEEN_NOSWAP; 4683 4683 break; 4684 4684 case Opt_quota: 4685 4685 if (fc->user_ns != &init_user_ns) ··· 4828 4830 err = "Current inum too high to switch to 32-bit inums"; 4829 4831 goto out; 4830 4832 } 4831 - if ((ctx->seen & SHMEM_SEEN_NOSWAP) && ctx->noswap && !sbinfo->noswap) { 4833 + 4834 + /* 4835 + * "noswap" doesn't use fsparam_flag_no, i.e. there's no "swap" 4836 + * counterpart for (re-)enabling swap. 4837 + */ 4838 + if (ctx->noswap && !sbinfo->noswap) { 4832 4839 err = "Cannot disable swap on remount"; 4833 - goto out; 4834 - } 4835 - if (!(ctx->seen & SHMEM_SEEN_NOSWAP) && !ctx->noswap && sbinfo->noswap) { 4836 - err = "Cannot enable swap on remount if it was disabled on first mount"; 4837 4840 goto out; 4838 4841 } 4839 4842

+3 -4

security/landlock/fs.c

··· 1335 1335 * At this point, we own the ihold() reference that was 1336 1336 * originally set up by get_inode_object() and the 1337 1337 * __iget() reference that we just set in this loop 1338 - * walk. Therefore the following call to iput() will 1339 - * not sleep nor drop the inode because there is now at 1340 - * least two references to it. 1338 + * walk. Therefore there are at least two references 1339 + * on the inode. 1341 1340 */ 1342 - iput(inode); 1341 + iput_not_last(inode); 1343 1342 } else { 1344 1343 spin_unlock(&object->lock); 1345 1344 rcu_read_unlock();