Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs

Pull assorted fixes from Al Viro:
 "There'll be more - I'm trying to dig out from under the pile of mail
  (a couple of weeks of something flu-like ;-/) and there's several more
  things waiting for review; this is just the obvious stuff."

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs:
  zoran: racy refcount handling in vm_ops ->open()/->close()
  befs_readdir(): do not increment ->f_pos if filldir tells us to stop
  hpfs: deadlock and race in directory lseek()
  qnx6: qnx6_readdir() has a braino in pos calculation
  fix buffer leak after "scsi: saner replacements for ->proc_info()"
  vfs: Fix invalid ida_remove() call
Linus Torvalds 12 years ago
parent
f8cb27916a 4ad1f70ebc
commit
6cf3c73620
7 changed files with 21 additions and 16 deletions
Split View Show Diff Stats
  1. 1 1
      drivers/media/pci/zoran/zoran.h
  2. 8 7
      drivers/media/pci/zoran/zoran_driver.c
  3. 1 0
      drivers/scsi/scsi_proc.c
  4. 2 2
      fs/befs/linuxvfs.c
  5. 6 4
      fs/hpfs/dir.c
  6. 2 1
      fs/pnode.c
  7. 1 1
      fs/qnx6/dir.c

+ 1 - 1
drivers/media/pci/zoran/zoran.h
View File 

@@ -176,7 +176,7 @@ struct zoran_fh;
 
 
 struct zoran_mapping {
 
 	struct zoran_fh *fh;
 
-	int count;
 
+	atomic_t count;
 
 };
 
 
 struct zoran_buffer {

+ 8 - 7
drivers/media/pci/zoran/zoran_driver.c
View File 

@@ -2803,8 +2803,7 @@ static void
 
 zoran_vm_open (struct vm_area_struct *vma)
 
 {
 
 	struct zoran_mapping *map = vma->vm_private_data;
 
-
 
-	map->count++;
 
+	atomic_inc(&map->count);
 
 }
 
 
 static void
 
@@ -2815,7 +2814,7 @@ zoran_vm_close (struct vm_area_struct *vma)
 
 	struct zoran *zr = fh->zr;
 
 	int i;
 
 
-	if (--map->count > 0)
 
+	if (!atomic_dec_and_mutex_lock(&map->count, &zr->resource_lock))
 
 		return;
 
 
 	dprintk(3, KERN_INFO "%s: %s - munmap(%s)\n", ZR_DEVNAME(zr),
 
@@ -2828,14 +2827,16 @@ zoran_vm_close (struct vm_area_struct *vma)
 
 	kfree(map);
 
 
 	/* Any buffers still mapped? */
 
-	for (i = 0; i < fh->buffers.num_buffers; i++)
 
-		if (fh->buffers.buffer[i].map)
 
+	for (i = 0; i < fh->buffers.num_buffers; i++) {
 
+		if (fh->buffers.buffer[i].map) {
 
+			mutex_unlock(&zr->resource_lock);
 
 			return;
 
+		}
 
+	}
 
 
 	dprintk(3, KERN_INFO "%s: %s - free %s buffers\n", ZR_DEVNAME(zr),
 
 		__func__, mode_name(fh->map_mode));
 
 
-	mutex_lock(&zr->resource_lock);
 
 
 	if (fh->map_mode == ZORAN_MAP_MODE_RAW) {
 
 		if (fh->buffers.active != ZORAN_FREE) {
 
@@ -2939,7 +2940,7 @@ zoran_mmap (struct file           *file,
 
 		goto mmap_unlock_and_return;
 
 	}
 
 	map->fh = fh;
 
-	map->count = 1;
 
+	atomic_set(&map->count, 1);
 
 
 	vma->vm_ops = &zoran_vm_ops;
 
 	vma->vm_flags |= VM_DONTEXPAND;

+ 1 - 0
drivers/scsi/scsi_proc.c
View File 

@@ -84,6 +84,7 @@ static int proc_scsi_host_open(struct inode *inode, struct file *file)
 
 
 static const struct file_operations proc_scsi_fops = {
 
 	.open = proc_scsi_host_open,
 
+	.release = single_release,
 
 	.read = seq_read,
 
 	.llseek = seq_lseek,
 
 	.write = proc_scsi_host_write

+ 2 - 2
fs/befs/linuxvfs.c
View File 

@@ -265,8 +265,8 @@ befs_readdir(struct file *filp, void *dirent, filldir_t filldir)
 
 		result = filldir(dirent, keybuf, keysize, filp->f_pos,
 
 				 (ino_t) value, d_type);
 
 	}
 
-
 
-	filp->f_pos++;
 
+	if (!result)
 
+		filp->f_pos++;
 
 
 	befs_debug(sb, "<--- befs_readdir() filp->f_pos %Ld", filp->f_pos);

+ 6 - 4
fs/hpfs/dir.c
View File 

@@ -33,25 +33,27 @@ static loff_t hpfs_dir_lseek(struct file *filp, loff_t off, int whence)
 
 	if (whence == SEEK_DATA || whence == SEEK_HOLE)
 
 		return -EINVAL;
 
 
+	mutex_lock(&i->i_mutex);
 
 	hpfs_lock(s);
 
 
 	/*printk("dir lseek\n");*/
 
 	if (new_off == 0 || new_off == 1 || new_off == 11 || new_off == 12 || new_off == 13) goto ok;
 
-	mutex_lock(&i->i_mutex);
 
 	pos = ((loff_t) hpfs_de_as_down_as_possible(s, hpfs_inode->i_dno) << 4) + 1;
 
 	while (pos != new_off) {
 
 		if (map_pos_dirent(i, &pos, &qbh)) hpfs_brelse4(&qbh);
 
 		else goto fail;
 
 		if (pos == 12) goto fail;
 
 	}
 
-	mutex_unlock(&i->i_mutex);
 
+	hpfs_add_pos(i, &filp->f_pos);
 
 ok:
 
+	filp->f_pos = new_off;
 
 	hpfs_unlock(s);
 
-	return filp->f_pos = new_off;
 
-fail:
 
 	mutex_unlock(&i->i_mutex);
 
+	return new_off;
 
+fail:
 
 	/*printk("illegal lseek: %016llx\n", new_off);*/
 
 	hpfs_unlock(s);
 
+	mutex_unlock(&i->i_mutex);
 
 	return -ESPIPE;
 
 }

+ 2 - 1
fs/pnode.c
View File 

@@ -83,7 +83,8 @@ static int do_make_slave(struct mount *mnt)
 
 		if (peer_mnt == mnt)
 
 			peer_mnt = NULL;
 
 	}
 
-	if (IS_MNT_SHARED(mnt) && list_empty(&mnt->mnt_share))
 
+	if (mnt->mnt_group_id && IS_MNT_SHARED(mnt) &&
 
+	    list_empty(&mnt->mnt_share))
 
 		mnt_release_group_id(mnt);
 
 
 	list_del_init(&mnt->mnt_share);

+ 1 - 1
fs/qnx6/dir.c
View File 

@@ -120,7 +120,7 @@ static int qnx6_readdir(struct file *filp, void *dirent, filldir_t filldir)
 
 	struct inode *inode = file_inode(filp);
 
 	struct super_block *s = inode->i_sb;
 
 	struct qnx6_sb_info *sbi = QNX6_SB(s);
 
-	loff_t pos = filp->f_pos & (QNX6_DIR_ENTRY_SIZE - 1);
 
+	loff_t pos = filp->f_pos & ~(QNX6_DIR_ENTRY_SIZE - 1);
 
 	unsigned long npages = dir_pages(inode);
 
 	unsigned long n = pos >> PAGE_CACHE_SHIFT;
 
 	unsigned start = (pos & ~PAGE_CACHE_MASK) / QNX6_DIR_ENTRY_SIZE;