Skip to content
Snippets Groups Projects
  1. Apr 05, 2011
  2. Mar 28, 2011
  3. Mar 17, 2011
    • Josef Bacik's avatar
      Btrfs: handle errors in btrfs_orphan_cleanup · 66b4ffd1
      Josef Bacik authored
      
      If we cannot truncate an inode for some reason we will never delete the orphan
      item associated with that inode, which means that we will loop forever in
      btrfs_orphan_cleanup.  Instead of doing this just return error so we fail to
      mount.  It sucks, but hey it's better than hanging.  Thanks,
      
      Signed-off-by: default avatarJosef Bacik <josef@redhat.com>
      66b4ffd1
  4. Feb 16, 2011
  5. Feb 14, 2011
    • Dan Rosenberg's avatar
      btrfs: prevent heap corruption in btrfs_ioctl_space_info() · 51788b1b
      Dan Rosenberg authored
      
      Commit bf5fc093 refactored
      btrfs_ioctl_space_info() and introduced several security issues.
      
      space_args.space_slots is an unsigned 64-bit type controlled by a
      possibly unprivileged caller.  The comparison as a signed int type
      allows providing values that are treated as negative and cause the
      subsequent allocation size calculation to wrap, or be truncated to 0.
      By providing a size that's truncated to 0, kmalloc() will return
      ZERO_SIZE_PTR.  It's also possible to provide a value smaller than the
      slot count.  The subsequent loop ignores the allocation size when
      copying data in, resulting in a heap overflow or write to ZERO_SIZE_PTR.
      
      The fix changes the slot count type and comparison typecast to u64,
      which prevents truncation or signedness errors, and also ensures that we
      don't copy more data than we've allocated in the subsequent loop.  Note
      that zero-size allocations are no longer possible since there is already
      an explicit check for space_args.space_slots being 0 and truncation of
      this value is no longer an issue.
      
      Signed-off-by: default avatarDan Rosenberg <drosenberg@vsecurity.com>
      Signed-off-by: default avatarJosef Bacik <josef@redhat.com>
      Reviewed-by: default avatarJosef Bacik <josef@redhat.com>
      Signed-off-by: default avatarChris Mason <chris.mason@oracle.com>
      51788b1b
  6. Feb 01, 2011
  7. Jan 28, 2011
  8. Jan 26, 2011
    • Li Zefan's avatar
      Btrfs: Fix file clone when source offset is not 0 · 4d728ec7
      Li Zefan authored
      
      Suppose:
      - the source extent is: [0, 100]
      - the src offset is 10
      - the clone length is 90
      - the dest offset is 0
      
      This statement:
      
      	new_key.offset = key.offset + destoff - off
      
      will produce such an extent for the dest file:
      
      	[ino, BTRFS_EXTENT_DATA_KEY, -10]
      
      , which is obviously wrong.
      
      Signed-off-by: default avatarLi Zefan <lizf@cn.fujitsu.com>
      4d728ec7
  9. Dec 23, 2010
    • Li Zefan's avatar
      Btrfs: Add BTRFS_IOC_SUBVOL_GETFLAGS/SETFLAGS ioctls · 0caa102d
      Li Zefan authored
      
      This allows us to set a snapshot or a subvolume readonly or writable
      on the fly.
      
      Usage:
      
      Set BTRFS_SUBVOL_RDONLY of btrfs_ioctl_vol_arg_v2->flags, and then
      call ioctl(BTRFS_IOCTL_SUBVOL_SETFLAGS);
      
      Changelog for v3:
      
      - Change to pass __u64 as ioctl parameter.
      
      Changelog for v2:
      
      - Add _GETFLAGS ioctl.
      - Check if the passed fd is the root of a subvolume.
      - Change the name from _SNAP_SETFLAGS to _SUBVOL_SETFLAGS.
      
      Signed-off-by: default avatarLi Zefan <lizf@cn.fujitsu.com>
      0caa102d
    • Li Zefan's avatar
      Btrfs: Add readonly snapshots support · b83cc969
      Li Zefan authored
      
      Usage:
      
      Set BTRFS_SUBVOL_RDONLY of btrfs_ioctl_vol_arg_v2->flags, and call
      ioctl(BTRFS_I0CTL_SNAP_CREATE_V2).
      
      Implementation:
      
      - Set readonly bit of btrfs_root_item->flags.
      - Add readonly checks in btrfs_permission (inode_permission),
      btrfs_setattr, btrfs_set/remove_xattr and some ioctls.
      
      Changelog for v3:
      
      - Eliminate btrfs_root->readonly, but check btrfs_root->root_item.flags.
      - Rename BTRFS_ROOT_SNAP_RDONLY to BTRFS_ROOT_SUBVOL_RDONLY.
      
      Signed-off-by: default avatarLi Zefan <lizf@cn.fujitsu.com>
      b83cc969
    • Li Zefan's avatar
      Btrfs: Refactor btrfs_ioctl_snap_create() · fa0d2b9b
      Li Zefan authored
      
      Split it into two functions for two different ioctls, since they
      share no common code.
      
      Signed-off-by: default avatarLi Zefan <lizf@cn.fujitsu.com>
      fa0d2b9b
  10. Dec 22, 2010
  11. Dec 10, 2010
  12. Nov 22, 2010
  13. Oct 30, 2010
  14. Oct 29, 2010
    • Sage Weil's avatar
      Btrfs: add START_SYNC, WAIT_SYNC ioctls · 46204592
      Sage Weil authored
      
      START_SYNC will start a sync/commit, but not wait for it to
      complete.  Any modification started after the ioctl returns is
      guaranteed not to be included in the commit.  If a non-NULL
      pointer is passed, the transaction id will be returned to
      userspace.
      
      WAIT_SYNC will wait for any in-progress commit to complete.  If a
      transaction id is specified, the ioctl will block and then
      return (success) when the specified transaction has committed.
      If it has already committed when we call the ioctl, it returns
      immediately.  If the specified transaction doesn't exist, it
      returns EINVAL.
      
      If no transaction id is specified, WAIT_SYNC will wait for the
      currently committing transaction to finish it's commit to disk.
      If there is no currently committing transaction, it returns
      success.
      
      These ioctls are useful for applications which want to impose an
      ordering on when fs modifications reach disk, but do not want to
      wait for the full (slow) commit process to do so.
      
      Picky callers can take the transid returned by START_SYNC and
      feed it to WAIT_SYNC, and be certain to wait only as long as
      necessary for the transaction _they_ started to reach disk.
      
      Sloppy callers can START_SYNC and WAIT_SYNC without a transid,
      and provided they didn't wait too long between the calls, they
      will get the same result.  However, if a second commit starts
      before they call WAIT_SYNC, they may end up waiting longer for
      it to commit as well.  Even so, a START_SYNC+WAIT_SYNC still
      guarantees that any operation completed before the START_SYNC
      reaches disk.
      
      Signed-off-by: default avatarSage Weil <sage@newdream.net>
      Signed-off-by: default avatarChris Mason <chris.mason@oracle.com>
      46204592
    • Sage Weil's avatar
      Btrfs: fix lockdep warning on clone ioctl · fccdae43
      Sage Weil authored
      
      I'm no lockdep expert, but this appears to make the lockdep warning go
      away for the i_mutex locking in the clone ioctl.
      
      Signed-off-by: default avatarSage Weil <sage@newdream.net>
      Signed-off-by: default avatarChris Mason <chris.mason@oracle.com>
      fccdae43
    • Sage Weil's avatar
      Btrfs: fix clone ioctl where range is adjacent to extent · 050006a7
      Sage Weil authored
      
      We had an edge case issue where the requested range was just
      following an existing extent. Instead of skipping to the next
      extent, we used the previous one which lead to having zero
      sized extents.
      
      Signed-off-by: default avatarYehuda Sadeh <yehuda@hq.newdream.net>
      Signed-off-by: default avatarChris Mason <chris.mason@oracle.com>
      050006a7
    • Sage Weil's avatar
      Btrfs: fix delalloc checks in clone ioctl · 9a019196
      Sage Weil authored
      
      The lookup_first_ordered_extent() was done on the wrong inode, and the
      ->delalloc_bytes test was wrong, as the following
      btrfs_wait_ordered_range() would only invoke a range write and wouldn't
      write the entire file data range. Also, a bad parameter was passed to
      btrfs_wait_ordered_range().
      
      Signed-off-by: default avatarYehuda Sadeh <yehuda@hq.newdream.net>
      Signed-off-by: default avatarChris Mason <chris.mason@oracle.com>
      9a019196
    • Andi Kleen's avatar
      Btrfs: cleanup warnings from gcc 4.6 (nonbugs) · 559af821
      Andi Kleen authored
      
      These are all the cases where a variable is set, but not read which are
      not bugs as far as I can see, but simply leftovers.
      
      Still needs more review.
      
      Found by gcc 4.6's new warnings
      
      Signed-off-by: default avatarAndi Kleen <ak@linux.intel.com>
      Cc: Chris Mason <chris.mason@oracle.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarChris Mason <chris.mason@oracle.com>
      559af821
    • Julia Lawall's avatar
      Btrfs: use memdup_user helpers · 2354d08f
      Julia Lawall authored
      Use memdup_user when user data is immediately copied into the
      allocated region.
      
      The semantic patch that makes this change is as follows:
      (http://coccinelle.lip6.fr/
      
      )
      
      // <smpl>
      @@
      expression from,to,size,flag;
      position p;
      identifier l1,l2;
      @@
      
      -  to = \(kmalloc@p\|kzalloc@p\)(size,flag);
      +  to = memdup_user(from,size);
         if (
      -      to==NULL
      +      IS_ERR(to)
                       || ...) {
         <+... when != goto l1;
      -  -ENOMEM
      +  PTR_ERR(to)
         ...+>
         }
      -  if (copy_from_user(to, from, size) != 0) {
      -    <+... when != goto l2;
      -    -EFAULT
      -    ...+>
      -  }
      // </smpl>
      
      Signed-off-by: default avatarJulia Lawall <julia@diku.dk>
      Cc: Chris Mason <chris.mason@oracle.com>
      Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
      Signed-off-by: default avatarChris Mason <chris.mason@oracle.com>
      2354d08f
  15. Oct 22, 2010
    • Josef Bacik's avatar
      Btrfs: fix the df ioctl to report raid types · bf5fc093
      Josef Bacik authored
      
      The new ENOSPC stuff broke the df ioctl since we no longer create seperate space
      info's for each RAID type.  So instead, loop through each space info's raid
      lists so we can get the right RAID information which will allow the df ioctl to
      tell us RAID types again.  Thanks,
      
      Signed-off-by: default avatarJosef Bacik <josef@redhat.com>
      bf5fc093
  16. Jul 19, 2010
  17. Jun 11, 2010
  18. May 25, 2010
Loading