Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v6.19.11 2025-12-01T17:02:34+00:00 2025-12-01T17:02:34+00:00 Linus Torvalds torvalds@linux-foundation.org 2025-12-01T17:02:34+00:00 urn:sha1:9368f0f9419cde028a6e58331065900ff089bc36 Pull vfs inode updates from Christian Brauner: "Features: - Hide inode->i_state behind accessors. Open-coded accesses prevent asserting they are done correctly. One obvious aspect is locking, but significantly more can be checked. For example it can be detected when the code is clearing flags which are already missing, or is setting flags when it is illegal (e.g., I_FREEING when ->i_count > 0) - Provide accessors for ->i_state, converts all filesystems using coccinelle and manual conversions (btrfs, ceph, smb, f2fs, gfs2, overlayfs, nilfs2, xfs), and makes plain ->i_state access fail to compile - Rework I_NEW handling to operate without fences, simplifying the code after the accessor infrastructure is in place Cleanups: - Move wait_on_inode() from writeback.h to fs.h - Spell out fenced ->i_state accesses with explicit smp_wmb/smp_rmb for clarity - Cosmetic fixes to LRU handling - Push list presence check into inode_io_list_del() - Touch up predicts in __d_lookup_rcu() - ocfs2: retire ocfs2_drop_inode() and I_WILL_FREE usage - Assert on ->i_count in iput_final() - Assert ->i_lock held in __iget() Fixes: - Add missing fences to I_NEW handling" * tag 'vfs-6.19-rc1.inode' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: (22 commits) dcache: touch up predicts in __d_lookup_rcu() fs: push list presence check into inode_io_list_del() fs: cosmetic fixes to lru handling fs: rework I_NEW handling to operate without fences fs: make plain ->i_state access fail to compile xfs: use the new ->i_state accessors nilfs2: use the new ->i_state accessors overlayfs: use the new ->i_state accessors gfs2: use the new ->i_state accessors f2fs: use the new ->i_state accessors smb: use the new ->i_state accessors ceph: use the new ->i_state accessors btrfs: use the new ->i_state accessors Manual conversion to use ->i_state accessors of all places not covered by coccinelle Coccinelle-based conversion to use ->i_state accessors fs: provide accessors for ->i_state fs: spell out fenced ->i_state accesses with explicit smp_wmb/smp_rmb fs: move wait_on_inode() from writeback.h to fs.h fs: add missing fences to I_NEW handling ocfs2: retire ocfs2_drop_inode() and I_WILL_FREE usage ... 2025-11-26T13:50:10+00:00 Christoph Hellwig hch@lst.de 2025-11-20T06:47:27+00:00 urn:sha1:eff094a58d00acf1c84f729c3715fc4cf7fddcee Orangefs has no i_version handling and __orangefs_setattr already explicitly marks the inode dirty. So instead of the using the flags return value from generic_update_time, just call the lower level inode_update_timestamps helper directly. Signed-off-by: Christoph Hellwig <hch@lst.de> Link: https://patch.msgid.link/20251120064859.2911749-7-hch@lst.de Reviewed-by: Jeff Layton <jlayton@kernel.org> Reviewed-by: Jan Kara <jack@suse.cz> Signed-off-by: Christian Brauner <brauner@kernel.org> 2025-10-20T18:22:26+00:00 Mateusz Guzik mjguzik@gmail.com 2025-10-09T07:59:18+00:00 urn:sha1:b4dbfd8653b34b0ab6c024ceda32af488c9b5602 All places were patched by coccinelle with the default expecting that ->i_lock is held, afterwards entries got fixed up by hand to use unlocked variants as needed. The script: @@ expression inode, flags; @@ - inode->i_state & flags + inode_state_read(inode) & flags @@ expression inode, flags; @@ - inode->i_state &= ~flags + inode_state_clear(inode, flags) @@ expression inode, flag1, flag2; @@ - inode->i_state &= ~flag1 & ~flag2 + inode_state_clear(inode, flag1 | flag2) @@ expression inode, flags; @@ - inode->i_state |= flags + inode_state_set(inode, flags) @@ expression inode, flags; @@ - inode->i_state = flags + inode_state_assign(inode, flags) @@ expression inode, flags; @@ - flags = inode->i_state + flags = inode_state_read(inode) @@ expression inode, flags; @@ - READ_ONCE(inode->i_state) & flags + inode_state_read(inode) & flags Signed-off-by: Mateusz Guzik <mjguzik@gmail.com> Signed-off-by: Christian Brauner <brauner@kernel.org> 2025-10-03T20:59:56+00:00 Linus Torvalds torvalds@linux-foundation.org 2025-10-03T20:59:56+00:00 urn:sha1:f2327dc8513d0928a64b75656a6efe12b5c7c00a Pull orangefs updates from Mike Marshall: "Two cleanups and a bug fix: - Remove unused type in macro fill_default_sys_attrs (Zhen Ni) - Replace kzalloc + copy_from_user with memdup_user_nul (Thorsten Blum) - Fix xattr related buffer overflow... A message was forwarded to me from Disclosure <disclosure@aisle.com> indicating a problem with a loop condition in our xattr code. When I fixed the problem it exposed a related memory leak problem, and I fixed that too" * tag 'for-linus-6.18-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux: fs/orangefs: Replace kzalloc + copy_from_user with memdup_user_nul orangefs: fix xattr related buffer overflow... orangefs: Remove unused type in macro fill_default_sys_attrs 2025-09-30T14:23:24+00:00 Thorsten Blum thorsten.blum@linux.dev 2025-09-18T15:08:10+00:00 urn:sha1:11f6bce77e27e82015a0d044e6c1eec8b139831a Replace kzalloc() followed by copy_from_user() with memdup_user_nul() to simplify and improve orangefs_debug_write(). Allocate only 'count' bytes instead of the maximum size ORANGEFS_MAX_DEBUG_STRING_LEN, and set 'buf' to NULL to ensure kfree(buf) still works. No functional changes intended. Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev> Signed-off-by: Mike Marshall <hubcap@omnibond.com> 2025-09-30T14:23:20+00:00 Mike Marshall hubcap@omnibond.com 2025-09-15T21:40:46+00:00 urn:sha1:025e880759c279ec64d0f754fe65bf45961da864 Willy Tarreau <w@1wt.eu> forwarded me a message from Disclosure <disclosure@aisle.com> with the following warning: > The helper `xattr_key()` uses the pointer variable in the loop condition > rather than dereferencing it. As `key` is incremented, it remains non-NULL > (until it runs into unmapped memory), so the loop does not terminate on > valid C strings and will walk memory indefinitely, consuming CPU or hanging > the thread. I easily reproduced this with setfattr and getfattr, causing a kernel oops, hung user processes and corrupted orangefs files. Disclosure sent along a diff (not a patch) with a suggested fix, which I based this patch on. After xattr_key started working right, xfstest generic/069 exposed an xattr related memory leak that lead to OOM. xattr_key returns a hashed key. When adding xattrs to the orangefs xattr cache, orangefs used hash_add, a kernel hashing macro. hash_add also hashes the key using hash_log which resulted in additions to the xattr cache going to the wrong hash bucket. generic/069 tortures a single file and orangefs does a getattr for the xattr "security.capability" every time. Orangefs negative caches on xattrs which includes a kmalloc. Since adds to the xattr cache were going to the wrong bucket, every getattr for "security.capability" resulted in another kmalloc, none of which were ever freed. I changed the two uses of hash_add to hlist_add_head instead and the memory leak ceased and generic/069 quit throwing furniture. Signed-off-by: Mike Marshall <hubcap@omnibond.com> Reported-by: Stanislav Fort of Aisle Research <stanislav.fort@aisle.com> 2025-09-30T14:23:03+00:00 Zhen Ni zhen.ni@easystack.cn 2025-09-01T02:58:18+00:00 urn:sha1:3dffadfa99f7ba2e9bee69d1e0bb42fd2d2d6022 Remove the unused type parameter from the macro definition and all its callers, making the interface consistent with its actual usage. Fixes: 69a23de2f3de ("orangefs: clean up fill_default_sys_attrs") Signed-off-by: Zhen Ni <zhen.ni@easystack.cn> Signed-off-by: Mike Marshall <hubcap@omnibond.com> 2025-09-15T14:09:42+00:00 Mateusz Guzik mjguzik@gmail.com 2025-09-15T12:57:29+00:00 urn:sha1:f99b3917789d83ea89b24b722d784956f8289f45 generic_delete_inode() is rather misleading for what the routine is doing. inode_just_drop() should be much clearer. The new naming is inconsistent with generic_drop_inode(), so rename that one as well with inode_ as the suffix. No functional changes. Signed-off-by: Mateusz Guzik <mjguzik@gmail.com> Reviewed-by: Jan Kara <jack@suse.cz> Signed-off-by: Christian Brauner <brauner@kernel.org> 2025-07-31T17:22:48+00:00 Linus Torvalds torvalds@linux-foundation.org 2025-07-31T17:22:48+00:00 urn:sha1:ac46ff0f77f1298892a4a1eeac375ed3db495704 Pull orangefs updates from Mike Marshall: "Fixes for string handling in debugfs and sysfs: - change scnprintf to sysfs_emit in sysfs code. - change sprintf to scnprintf in debugfs code. - refactor debugfs mask-to-string code for readability and slightly improved functionality" * tag 'for-linus-6.17-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux: fs/orangefs: Allow 2 more characters in do_c_string() fs: orangefs: replace scnprintf() with sysfs_emit() fs/orangefs: use snprintf() instead of sprintf() 2025-07-28T22:24:14+00:00 Linus Torvalds torvalds@linux-foundation.org 2025-07-28T22:24:14+00:00 urn:sha1:57fcb7d930d8f00f383e995aeebdcd2b416a187a Pull fileattr updates from Christian Brauner: "This introduces the new file_getattr() and file_setattr() system calls after lengthy discussions. Both system calls serve as successors and extensible companions to the FS_IOC_FSGETXATTR and FS_IOC_FSSETXATTR system calls which have started to show their age in addition to being named in a way that makes it easy to conflate them with extended attribute related operations. These syscalls allow userspace to set filesystem inode attributes on special files. One of the usage examples is the XFS quota projects. XFS has project quotas which could be attached to a directory. All new inodes in these directories inherit project ID set on parent directory. The project is created from userspace by opening and calling FS_IOC_FSSETXATTR on each inode. This is not possible for special files such as FIFO, SOCK, BLK etc. Therefore, some inodes are left with empty project ID. Those inodes then are not shown in the quota accounting but still exist in the directory. This is not critical but in the case when special files are created in the directory with already existing project quota, these new inodes inherit extended attributes. This creates a mix of special files with and without attributes. Moreover, special files with attributes don't have a possibility to become clear or change the attributes. This, in turn, prevents userspace from re-creating quota project on these existing files. In addition, these new system calls allow the implementation of additional attributes that we couldn't or didn't want to fit into the legacy ioctls anymore" * tag 'vfs-6.17-rc1.fileattr' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: fs: tighten a sanity check in file_attr_to_fileattr() tree-wide: s/struct fileattr/struct file_kattr/g fs: introduce file_getattr and file_setattr syscalls fs: prepare for extending file_get/setattr() fs: make vfs_fileattr_[get|set] return -EOPNOTSUPP selinux: implement inode_file_[g|s]etattr hooks lsm: introduce new hooks for setting/getting inode fsxattr fs: split fileattr related helpers into separate file