From 013e4f4a285d8c7d952d8d7be9f10783a85b5d3c Mon Sep 17 00:00:00 2001 From: Al Viro Date: Fri, 4 Mar 2011 01:14:55 -0500 Subject: [PATCH 1/4] omfs: rename() needs to mark old_inode dirty after ctime update we *do* mark it dirty before, but it doesn't guarantee that we don't get preempted just before assignment to ->i_ctime, with inode getting written out before we get CPU back... Signed-off-by: Al Viro Signed-off-by: Bob Copeland --- fs/omfs/dir.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/omfs/dir.c b/fs/omfs/dir.c index 393f3f659da7..9990fc856959 100644 --- a/fs/omfs/dir.c +++ b/fs/omfs/dir.c @@ -423,6 +423,7 @@ static int omfs_rename(struct inode *old_dir, struct dentry *old_dentry, goto out; old_inode->i_ctime = CURRENT_TIME_SEC; + mark_inode_dirty(old_inode); out: return err; } From cdb26496dba00d5c4375261be6518b3e94260444 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Fri, 4 Mar 2011 01:18:19 -0500 Subject: [PATCH 2/4] omfs: stop playing silly buggers with omfs_unlink() in ->rename() Since omfs directories are hashes of inodes and name is part of inode, we have to remove inode from old directory before we can put it into new one / under new name. So instead of bump i_nlink call omfs_unlink, which does omfs_delete_entry() decrement i_nlink and mark parent dirty in case of success decrement i_nlink if omfs_unlink failed and hadn't done it itself let's just call omfs_delete_entry() and dirty the parent ourselves... Signed-off-by: Al Viro Signed-off-by: Bob Copeland --- fs/omfs/dir.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/fs/omfs/dir.c b/fs/omfs/dir.c index 9990fc856959..a4c2d31b785e 100644 --- a/fs/omfs/dir.c +++ b/fs/omfs/dir.c @@ -412,12 +412,11 @@ static int omfs_rename(struct inode *old_dir, struct dentry *old_dentry, /* since omfs locates files by name, we need to unlink _before_ * adding the new link or we won't find the old one */ inode_inc_link_count(old_inode); - err = omfs_unlink(old_dir, old_dentry); - if (err) { - inode_dec_link_count(old_inode); + err = omfs_delete_entry(old_dentry); + if (err) goto out; - } + mark_inode_dirty(old_dir); err = omfs_add_link(new_dentry, old_inode); if (err) goto out; From d932805b3dc8c6d80d8948f7d7d0d8336d53b2ed Mon Sep 17 00:00:00 2001 From: Al Viro Date: Fri, 4 Mar 2011 01:31:03 -0500 Subject: [PATCH 3/4] omfs: merge unlink() and rmdir(), close leak in rename() In case of directory-overwriting rename(), omfs forgot to mark the victim doomed, so omfs_evict_inode() didn't free it. We could fix that by calling omfs_rmdir() for directory victims instead of doing omfs_unlink(), but it's easier to merge omfs_unlink() and omfs_rmdir() instead. Note that we have no hardlinks here. It also makes the checks in omfs_rename() go away - they fold into what omfs_remove() does when it runs into a directory. Signed-off-by: Al Viro Signed-off-by: Bob Copeland --- fs/omfs/dir.c | 53 +++++++++++++-------------------------------------- 1 file changed, 13 insertions(+), 40 deletions(-) diff --git a/fs/omfs/dir.c b/fs/omfs/dir.c index a4c2d31b785e..fd91f629ceb8 100644 --- a/fs/omfs/dir.c +++ b/fs/omfs/dir.c @@ -235,33 +235,22 @@ static int omfs_dir_is_empty(struct inode *inode) return *ptr != ~0; } -static int omfs_unlink(struct inode *dir, struct dentry *dentry) +static int omfs_remove(struct inode *dir, struct dentry *dentry) { - int ret; struct inode *inode = dentry->d_inode; + int ret; + + if (S_ISDIR(inode->i_mode) && !omfs_dir_is_empty(inode)) + return -ENOTEMPTY; ret = omfs_delete_entry(dentry); if (ret) - goto end_unlink; - - inode_dec_link_count(inode); + return ret; + + clear_nlink(inode); + mark_inode_dirty(inode); mark_inode_dirty(dir); - -end_unlink: - return ret; -} - -static int omfs_rmdir(struct inode *dir, struct dentry *dentry) -{ - int err = -ENOTEMPTY; - struct inode *inode = dentry->d_inode; - - if (omfs_dir_is_empty(inode)) { - err = omfs_unlink(dir, dentry); - if (!err) - inode_dec_link_count(inode); - } - return err; + return 0; } static int omfs_add_node(struct inode *dir, struct dentry *dentry, int mode) @@ -385,33 +374,17 @@ static int omfs_rename(struct inode *old_dir, struct dentry *old_dentry, { struct inode *new_inode = new_dentry->d_inode; struct inode *old_inode = old_dentry->d_inode; - struct buffer_head *bh; - int is_dir; int err; - is_dir = S_ISDIR(old_inode->i_mode); - if (new_inode) { /* overwriting existing file/dir */ - err = -ENOTEMPTY; - if (is_dir && !omfs_dir_is_empty(new_inode)) - goto out; - - err = -ENOENT; - bh = omfs_find_entry(new_dir, new_dentry->d_name.name, - new_dentry->d_name.len); - if (IS_ERR(bh)) - goto out; - brelse(bh); - - err = omfs_unlink(new_dir, new_dentry); + err = omfs_remove(new_dir, new_dentry); if (err) goto out; } /* since omfs locates files by name, we need to unlink _before_ * adding the new link or we won't find the old one */ - inode_inc_link_count(old_inode); err = omfs_delete_entry(old_dentry); if (err) goto out; @@ -488,8 +461,8 @@ const struct inode_operations omfs_dir_inops = { .mkdir = omfs_mkdir, .rename = omfs_rename, .create = omfs_create, - .unlink = omfs_unlink, - .rmdir = omfs_rmdir, + .unlink = omfs_remove, + .rmdir = omfs_remove, }; const struct file_operations omfs_dir_operations = { From 31be83aeaee22fa165862ad449c7131ceaf1cf91 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Fri, 4 Mar 2011 01:43:36 -0500 Subject: [PATCH 4/4] omfs: make readdir stop when filldir says so filldir returning an error does *not* mean "skip this entry, try the next one"... Signed-off-by: Al Viro Signed-off-by: Bob Copeland --- fs/omfs/dir.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/fs/omfs/dir.c b/fs/omfs/dir.c index fd91f629ceb8..de4ff29f1e05 100644 --- a/fs/omfs/dir.c +++ b/fs/omfs/dir.c @@ -361,9 +361,10 @@ static int omfs_fill_chain(struct file *filp, void *dirent, filldir_t filldir, res = filldir(dirent, oi->i_name, strnlen(oi->i_name, OMFS_NAMELEN), filp->f_pos, self, d_type); - if (res == 0) - filp->f_pos++; brelse(bh); + if (res < 0) + break; + filp->f_pos++; } out: return res;