linux/fs/bad_inode.c, branch v2.6.39-rc2 Linux Kernel (branches are rebased on master from time to time) https://sre.ring0.de/linux/atom?h=v2.6.39-rc2 2011-01-07T06:50:29Z fs: provide rcu-walk aware permission i_ops 2011-01-07T06:50:29Z Nick Piggin npiggin@kernel.dk 2011-01-07T06:49:58Z urn:sha1:b74c79e99389cd79b31fcc08f82c24e492e63c7e Signed-off-by: Nick Piggin <npiggin@kernel.dk> bkl: Remove locked .ioctl file operation 2010-08-13T22:24:24Z Arnd Bergmann arnd@arndb.de 2010-07-03T22:15:10Z urn:sha1:b19dd42faf413b4705d4adb38521e82d73fa4249 The last user is gone, so we can safely remove this Signed-off-by: Arnd Bergmann <arnd@arndb.de> Cc: John Kacur <jkacur@redhat.com> Cc: Al Viro <viro@ZenIV.linux.org.uk> Cc: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Frederic Weisbecker <fweisbec@gmail.com> drop unused dentry argument to ->fsync 2010-05-28T02:05:02Z Christoph Hellwig hch@lst.de 2010-05-26T15:53:25Z urn:sha1:7ea8085910ef3dd4f3cad6845aaa2b580d39b115 Signed-off-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> kill ->dir_notify() 2008-12-31T23:07:43Z Al Viro viro@zeniv.linux.org.uk 2008-12-26T05:57:40Z urn:sha1:6badd79bd002788aaec27b50a74ab69ef65ab8ee Remove the hopelessly misguided ->dir_notify(). The only instance (cifs) has been broken by design from the very beginning; the objects it creates are never destroyed, keep references to struct file they can outlive, nothing that could possibly evict them exists on close(2) path *and* no locking whatsoever is done to prevent races with close(), should the previous, er, deficiencies someday be dealt with. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> [PATCH] sanitize ->permission() prototype 2008-07-27T00:53:14Z Al Viro viro@zeniv.linux.org.uk 2008-07-16T01:03:57Z urn:sha1:e6305c43eda10ebfd2ad9e35d6e172ccc7bb3695 * kill nameidata * argument; map the 3 bits in ->flags anybody cares about to new MAY_... ones and pass with the mask. * kill redundant gfs2_iop_permission() * sanitize ecryptfs_permission() * fix remaining places where ->permission() instances might barf on new MAY_... found in mask. The obvious next target in that direction is permission(9) folded fix for nfs_permission() breakage from Miklos Szeredi <mszeredi@suse.cz> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> iget: introduce a function to register iget failure 2008-02-07T16:42:26Z David Howells dhowells@redhat.com 2008-02-07T08:15:27Z urn:sha1:b46980feed937868d3333514028bfbe9a651e4ca Introduce a function to register failure in an inode construction path. This includes marking the inode under construction as bad, unlocking it and releasing it. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Christoph Hellwig <hch@lst.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> sendfile: remove bad_sendfile() from bad_file_ops 2007-07-10T06:04:15Z Jens Axboe jens.axboe@oracle.com 2007-06-04T08:25:05Z urn:sha1:d6f517568f9f5c26e7404a336c7289d5b4b293ec do_sendfile() prefers splice over sendfile, so it should not trigger (directly, at least). Signed-off-by: Jens Axboe <jens.axboe@oracle.com> header cleaning: don't include smp_lock.h when not used 2007-05-08T18:15:07Z Randy Dunlap randy.dunlap@oracle.com 2007-05-08T07:28:08Z urn:sha1:e63340ae6b6205fef26b40a75673d1c9c0c8bb90 Remove includes of <linux/smp_lock.h> where it is not used/needed. Suggested by Al Viro. Builds cleanly on x86_64, i386, alpha, ia64, powerpc, sparc, sparc64, and arm (all 59 defconfigs). Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> [PATCH] mark struct inode_operations const 1 2007-02-12T17:48:46Z Arjan van de Ven arjan@linux.intel.com 2007-02-12T08:55:38Z urn:sha1:754661f143e70d66eae6c48532ca245aa05dec0e Many struct inode_operations in the kernel can be "const". Marking them const moves these to the .rodata section, which avoids false sharing with potential dirty data. In addition it'll catch accidental writes at compile time to these shared resources. Signed-off-by: Arjan van de Ven <arjan@linux.intel.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> [PATCH] fix memory corruption from misinterpreted bad_inode_ops return values 2007-01-06T07:55:23Z Eric Sandeen sandeen@redhat.com 2007-01-06T00:36:36Z urn:sha1:be6aab0e9fa6d3c6d75aa1e38ac972d8b4ee82b8 CVE-2006-5753 is for a case where an inode can be marked bad, switching the ops to bad_inode_ops, which are all connected as: static int return_EIO(void) { return -EIO; } #define EIO_ERROR ((void *) (return_EIO)) static struct inode_operations bad_inode_ops = { .create = bad_inode_create ...etc... The problem here is that the void cast causes return types to not be promoted, and for ops such as listxattr which expect more than 32 bits of return value, the 32-bit -EIO is interpreted as a large positive 64-bit number, i.e. 0x00000000fffffffa instead of 0xfffffffa. This goes particularly badly when the return value is taken as a number of bytes to copy into, say, a user's buffer for example... I originally had coded up the fix by creating a return_EIO_<TYPE> macro for each return type, like this: static int return_EIO_int(void) { return -EIO; } #define EIO_ERROR_INT ((void *) (return_EIO_int)) static struct inode_operations bad_inode_ops = { .create = EIO_ERROR_INT, ...etc... but Al felt that it was probably better to create an EIO-returner for each actual op signature. Since so few ops share a signature, I just went ahead & created an EIO function for each individual file & inode op that returns a value. Signed-off-by: Eric Sandeen <sandeen@redhat.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>