mirror of
https://github.com/rd-stuffs/msm-4.14.git
synced 2025-02-20 11:45:48 +08:00
90bb7a2b24
* refs/heads/tmp-816f245:
Revert "clk: qcom: rcg2: Don't crash if our parent can't be found; return an error"
Reverting crypto patches
Reverting incremental fs changes
Linux 4.14.180
cgroup, netclassid: remove double cond_resched
mac80211: add ieee80211_is_any_nullfunc()
ALSA: hda: Match both PCI ID and SSID for driver blacklist
tracing: Reverse the order of trace_types_lock and event_mutex
sctp: Fix SHUTDOWN CTSN Ack in the peer restart case
net: systemport: suppress warnings on failed Rx SKB allocations
net: bcmgenet: suppress warnings on failed Rx SKB allocations
lib/mpi: Fix building for powerpc with clang
net: dsa: b53: Rework ARL bin logic
scripts/config: allow colons in option strings for sed
s390/ftrace: fix potential crashes when switching tracers
cifs: protect updating server->dstaddr with a spinlock
net: stmmac: Fix sub-second increment
net: stmmac: fix enabling socfpga's ptp_ref_clock
wimax/i2400m: Fix potential urb refcnt leak
ASoC: codecs: hdac_hdmi: Fix incorrect use of list_for_each_entry
ASoC: rsnd: Fix HDMI channel mapping for multi-SSI mode
ASoC: sgtl5000: Fix VAG power-on handling
selftests/ipc: Fix test failure seen after initial test run
ASoC: topology: Check return value of pcm_new_ver
powerpc/pci/of: Parse unassigned resources
vhost: vsock: kick send_pkt worker once device is started
ANDROID: arm64: fix a mismerge in proc.S
Linux 4.14.179
selinux: properly handle multiple messages in selinux_netlink_send()
dmaengine: dmatest: Fix iteration non-stop logic
nfs: Fix potential posix_acl refcnt leak in nfs3_set_acl
ALSA: opti9xx: shut up gcc-10 range warning
iommu/amd: Fix legacy interrupt remapping for x2APIC-enabled system
scsi: target/iblock: fix WRITE SAME zeroing
iommu/qcom: Fix local_base status check
vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn()
vfio: avoid possible overflow in vfio_iommu_type1_pin_pages
RDMA/mlx4: Initialize ib_spec on the stack
RDMA/mlx5: Set GRH fields in query QP on RoCE
dm verity fec: fix hash block number in verity_fec_decode
PM: hibernate: Freeze kernel threads in software_resume()
PM: ACPI: Output correct message on target power state
ALSA: pcm: oss: Place the plugin buffer overflow checks correctly
ALSA: hda/hdmi: fix without unlocked before return
ALSA: hda/realtek - Two front mics on a Lenovo ThinkCenter
mmc: sdhci-pci: Fix eMMC driver strength for BYT-based controllers
mmc: sdhci-xenon: fix annoying 1.8V regulator warning
btrfs: fix partial loss of prealloc extent past i_size after fsync
btrfs: fix block group leak when removing fails
drm/qxl: qxl_release use after free
drm/qxl: qxl_release leak in qxl_hw_surface_alloc()
drm/qxl: qxl_release leak in qxl_draw_dirty_fb()
drm/edid: Fix off-by-one in DispID DTD pixel clock
ext4: fix special inode number checks in __ext4_iget()
ANDROID: Incremental fs: Fix issues with very large files
Linux 4.14.178
propagate_one(): mnt_set_mountpoint() needs mount_lock
ext4: check for non-zero journal inum in ext4_calculate_overhead
qed: Fix use after free in qed_chain_free
ext4: unsigned int compared against zero
ext4: fix block validity checks for journal inodes using indirect blocks
ext4: don't perform block validity checks on the journal inode
ext4: protect journal inode's blocks using block_validity
ext4: avoid declaring fs inconsistent due to invalid file handles
hwmon: (jc42) Fix name to have no illegal characters
ext4: convert BUG_ON's to WARN_ON's in mballoc.c
ext4: increase wait time needed before reuse of deleted inode numbers
ext4: use matching invalidatepage in ext4_writepage
arm64: Delete the space separator in __emit_inst
xen/xenbus: ensure xenbus_map_ring_valloc() returns proper grant status
objtool: Support Clang non-section symbols in ORC dump
objtool: Fix CONFIG_UBSAN_TRAP unreachable warnings
scsi: target: fix PR IN / READ FULL STATUS for FC
xfs: fix partially uninitialized structure in xfs_reflink_remap_extent
x86: hyperv: report value of misc_features
bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B
mm: shmem: disable interrupt when acquiring info->lock in userfaultfd_copy path
perf/core: fix parent pid/tid in task exit events
ARM: dts: bcm283x: Disable dsi0 node
net/cxgb4: Check the return from t4_query_params properly
i2c: altera: use proper variable to hold errno
nfsd: memory corruption in nfsd4_lock()
iio:ad7797: Use correct attribute_group
usb: gadget: udc: bdc: Remove unnecessary NULL checks in bdc_req_complete
usb: dwc3: gadget: Do link recovery for SS and SSP
binder: take read mode of mmap_sem in binder_alloc_free_page()
include/uapi/linux/swab.h: fix userspace breakage, use __BITS_PER_LONG for swap
mtd: cfi: fix deadloop in cfi_cmdset_0002.c do_write_buffer
remoteproc: Fix wrong rvring index computation
xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT
xfs: validate sb_logsunit is a multiple of the fs blocksize
serial: sh-sci: Make sure status register SCxSR is read in correct sequence
usb: f_fs: Clear OS Extended descriptor counts to zero in ffs_data_reset()
UAS: fix deadlock in error handling and PM flushing work
UAS: no use logging any details in case of ENODEV
cdc-acm: introduce a cool down
cdc-acm: close race betrween suspend() and acm_softint
staging: vt6656: Power save stop wake_up_count wrap around.
staging: vt6656: Fix pairwise key entry save.
staging: vt6656: Fix drivers TBTT timing counter.
staging: vt6656: Fix calling conditions of vnt_set_bss_mode
staging: vt6656: Don't set RCR_MULTICAST or RCR_BROADCAST by default.
vt: don't hardcode the mem allocation upper bound
staging: comedi: Fix comedi_device refcnt leak in comedi_open
staging: comedi: dt2815: fix writing hi byte of analog output
powerpc/setup_64: Set cache-line-size based on cache-block-size
ARM: imx: provide v7_cpu_resume() only on ARM_CPU_SUSPEND=y
iwlwifi: pcie: actually release queue memory in TVQM
ASoC: dapm: fixup dapm kcontrol widget
audit: check the length of userspace generated audit records
usb-storage: Add unusual_devs entry for JMicron JMS566
tty: rocket, avoid OOB access
tty: hvc: fix buffer overflow during hvc_alloc().
KVM: VMX: Enable machine check support for 32bit targets
KVM: Check validity of resolved slot when searching memslots
tpm: ibmvtpm: retry on H_CLOSED in tpm_ibmvtpm_send()
tpm/tpm_tis: Free IRQ if probing fails
ALSA: usb-audio: Filter out unsupported sample rates on Focusrite devices
ALSA: usb-audio: Fix usb audio refcnt leak when getting spdif
ALSA: hda/realtek - Add new codec supported for ALC245
ALSA: usx2y: Fix potential NULL dereference
tools/vm: fix cross-compile build
mm/ksm: fix NULL pointer dereference when KSM zero page is enabled
mm/hugetlb: fix a addressing exception caused by huge_pte_offset
vmalloc: fix remap_vmalloc_range() bounds checks
overflow.h: Add arithmetic shift helper
USB: hub: Fix handling of connect changes during sleep
USB: core: Fix free-while-in-use bug in the USB S-Glibrary
USB: early: Handle AMD's spec-compliant identifiers, too
USB: Add USB_QUIRK_DELAY_CTRL_MSG and USB_QUIRK_DELAY_INIT for Corsair K70 RGB RAPIDFIRE
USB: sisusbvga: Change port variable from signed to unsigned
fs/namespace.c: fix mountpoint reference counter race
iio: xilinx-xadc: Fix sequencer configuration for aux channels in simultaneous mode
iio: xilinx-xadc: Fix clearing interrupt when enabling trigger
iio: xilinx-xadc: Fix ADC-B powerdown
iio: adc: stm32-adc: fix sleep in atomic context
ALSA: hda: Remove ASUS ROG Zenith from the blacklist
KEYS: Avoid false positive ENOMEM error on key read
vrf: Check skb for XFRM_TRANSFORMED flag
xfrm: Always set XFRM_TRANSFORMED in xfrm{4,6}_output_finish
net: dsa: b53: Fix ARL register definitions
team: fix hang in team_mode_get()
tcp: cache line align MAX_TCP_HEADER
net/x25: Fix x25_neigh refcnt leak when receiving frame
net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
net: bcmgenet: correct per TX/RX ring statistics
macvlan: fix null dereference in macvlan_device_event()
macsec: avoid to set wrong mtu
ipv6: fix restrict IPV6_ADDRFORM operation
cxgb4: fix large delays in PTP synchronization
mm, slub: restore the original intention of prefetch_freepointer()
PCI/ASPM: Allow re-enabling Clock PM
perf/core: Disable page faults when getting phys address
pwm: bcm2835: Dynamically allocate base
pwm: renesas-tpu: Fix late Runtime PM enablement
s390/cio: avoid duplicated 'ADD' uevents
ipc/util.c: sysvipc_find_ipc() should increase position index
selftests: kmod: fix handling test numbers above 9
kernel/gcov/fs.c: gcov_seq_next() should increase position index
ASoC: Intel: atom: Take the drv->lock mutex before calling sst_send_slot_map()
scsi: iscsi: Report unbind session event when the target has been removed
pwm: rcar: Fix late Runtime PM enablement
ceph: don't skip updating wanted caps when cap is stale
ceph: return ceph_mdsc_do_request() errors from __get_parent()
scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login
watchdog: reset last_hw_keepalive time at start
vti4: removed duplicate log message.
crypto: mxs-dcp - make symbols 'sha1_null_hash' and 'sha256_null_hash' static
drm/msm: Use the correct dma_sync calls harder
keys: Fix the use of the C++ keyword "private" in uapi/linux/keyctl.h
net: ipv4: avoid unused variable warning for sysctl
net: ipv4: emulate READ_ONCE() on ->hdrincl bit-field in raw_sendmsg()
ext4: fix extent_status fragmentation for plain files
FROMGIT: f2fs: fix missing check for f2fs_unlock_op
ANDROID: Fix kernel build regressions from virtio-gpu-next patches
ANDROID: Incremental fs: Add setattr call
ANDROID: cuttlefish_defconfig: enable LTO and CFI
ANDROID: x86: map CFI jump tables in pti_clone_entry_text
ANDROID: crypto: aesni: fix function types for aesni_(enc|dec)
ANDROID: x86: disable CFI for do_syscall_*
ANDROID: BACKPORT: x86, module: Ignore __typeid__ relocations
ANDROID: BACKPORT: x86, relocs: Ignore __typeid__ relocations
ANDROID: BACKPORT: x86/extable: Do not mark exception callback as CFI
FROMLIST: crypto, x86/sha: Eliminate casts on asm implementations
UPSTREAM: crypto: x86 - Rename functions to avoid conflict with crypto/sha256.h
BACKPORT: x86/vmlinux: Actually use _etext for the end of the text segment
ANDROID: x86: disable STACK_VALIDATION with LTO_CLANG
ANDROID: x86: add support for CONFIG_LTO_CLANG
ANDROID: x86/vdso: disable LTO only for VDSO
ANDROID: x86/cpu/vmware: use the full form of inl in VMWARE_PORT
UPSTREAM: x86/build/lto: Fix truncated .bss with -fdata-sections
ANDROID: kbuild: don't select LD_DEAD_CODE_DATA_ELIMINATION with LTO
ANDROID: kbuild: export LTO and CFI flags
ANDROID: cfi: remove unnecessary <asm/memory.h> include
ANDROID: drm/virtio: rebase to latest virgl/drm-misc-next (take 2)
UPSTREAM: sysrq: Use panic() to force a crash
ANDROID: Incremental fs: Use simple compression in log buffer
ANDROID: dm-bow: Fix not to skip trim at framented range
ANDROID: Remove VLA from uid_sys_stats.c
ANDROID: cuttlefish_defconfig: enable CONFIG_DEBUG_LIST
Linux 4.14.177
KEYS: Don't write out to userspace while holding key semaphore
KEYS: Use individual pages in big_key for crypto buffers
mtd: phram: fix a double free issue in error path
mtd: lpddr: Fix a double free in probe()
locktorture: Print ratio of acquisitions, not failures
tty: evh_bytechan: Fix out of bounds accesses
fbdev: potential information leak in do_fb_ioctl()
net: dsa: bcm_sf2: Fix overflow checks
iommu/amd: Fix the configuration of GCR3 table root pointer
libnvdimm: Out of bounds read in __nd_ioctl()
ext2: fix debug reference to ext2_xattr_cache
ext2: fix empty body warnings when -Wextra is used
iommu/vt-d: Fix mm reference leak
NFS: Fix memory leaks in nfs_pageio_stop_mirroring()
drm/amdkfd: kfree the wrong pointer
x86: ACPI: fix CPU hotplug deadlock
KVM: s390: vsie: Fix possible race when shadowing region 3 tables
compiler.h: fix error in BUILD_BUG_ON() reporting
percpu_counter: fix a data race at vm_committed_as
include/linux/swapops.h: correct guards for non_swap_entry()
ext4: do not commit super on read-only bdev
powerpc/maple: Fix declaration made after definition
s390/cpuinfo: fix wrong output when CPU0 is offline
NFS: direct.c: Fix memory leak of dreq when nfs_get_lock_context fails
NFSv4/pnfs: Return valid stateids in nfs_layout_find_inode_by_stateid()
rtc: 88pm860x: fix possible race condition
soc: imx: gpc: fix power up sequencing
clk: tegra: Fix Tegra PMC clock out parents
power: supply: bq27xxx_battery: Silence deferred-probe error
clk: at91: usb: continue if clk_hw_round_rate() return zero
of: unittest: kmemleak in of_unittest_platform_populate()
rbd: call rbd_dev_unprobe() after unwatching and flushing notifies
rbd: avoid a deadlock on header_rwsem when flushing notifies
of: fix missing kobject init for !SYSFS && OF_DYNAMIC config
soc: qcom: smem: Use le32_to_cpu for comparison
wil6210: abort properly in cfg suspend
wil6210: fix length check in __wmi_send
wil6210: add block size checks during FW load
wil6210: fix PCIe bus mastering in case of interface down
rpmsg: glink: smem: Ensure ordering during tx
rpmsg: glink: Fix missing mutex_init() in qcom_glink_alloc_channel()
rtc: pm8xxx: Fix issue in RTC write path
rpmsg: glink: use put_device() if device_register fail
wil6210: rate limit wil_rx_refill error
scsi: ufs: ufs-qcom: remove broken hci version quirk
scsi: ufs: make sure all interrupts are processed
wil6210: fix temperature debugfs
wil6210: increase firmware ready timeout
arch_topology: Fix section miss match warning due to free_raw_capacity()
arm64: traps: Don't print stack or raw PC/LR values in backtraces
arm64: perf: remove unsupported events for Cortex-A73
Revert "gpio: set up initial state from .get_direction()"
clk: Fix debugfs_create_*() usage
drm: NULL pointer dereference [null-pointer-deref] (CWE 476) problem
video: fbdev: sis: Remove unnecessary parentheses and commented code
lib/raid6: use vdupq_n_u8 to avoid endianness warnings
ALSA: hda: Don't release card at firmware loading error
irqchip/mbigen: Free msi_desc on device teardown
netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type
arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0
ext4: use non-movable memory for superblock readahead
scsi: sg: add sg_remove_request in sg_common_write
objtool: Fix switch table detection in .text.unlikely
mm/vmalloc.c: move 'area->pages' after if statement
x86/resctrl: Fix invalid attempt at removing the default resource group
x86/resctrl: Preserve CDP enable over CPU hotplug
x86/intel_rdt: Enable L2 CDP in MSR IA32_L2_QOS_CFG
x86/intel_rdt: Add two new resources for L2 Code and Data Prioritization (CDP)
x86/intel_rdt: Enumerate L2 Code and Data Prioritization (CDP) feature
x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE
scsi: target: fix hang when multiple threads try to destroy the same iscsi session
scsi: target: remove boilerplate code
kvm: x86: Host feature SSBD doesn't imply guest feature SPEC_CTRL_SSBD
dm flakey: check for null arg_name in parse_features()
ext4: do not zeroout extents beyond i_disksize
mac80211_hwsim: Use kstrndup() in place of kasprintf()
btrfs: check commit root generation in should_ignore_root
tracing: Fix the race between registering 'snapshot' event trigger and triggering 'snapshot' operation
ALSA: usb-audio: Don't override ignore_ctl_error value from the map
ASoC: Intel: mrfld: return error codes when an error occurs
ASoC: Intel: mrfld: fix incorrect check on p->sink
ext4: fix incorrect inodes per group in error message
ext4: fix incorrect group count in ext4_fill_super error message
pwm: pca9685: Fix PWM/GPIO inter-operation
jbd2: improve comments about freeing data buffers whose page mapping is NULL
scsi: ufs: Fix ufshcd_hold() caused scheduling while atomic
net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes
net: revert default NAPI poll timeout to 2 jiffies
net: qrtr: send msgs from local of same id as broadcast
net: ipv6: do not consider routes via gateways for anycast address check
net: ipv4: devinet: Fix crash when add/del multicast IP with autojoin
hsr: check protocol version in hsr_newlink()
amd-xgbe: Use __napi_schedule() in BH context
mfd: dln2: Fix sanity checking for endpoints
misc: echo: Remove unnecessary parentheses and simplify check for zero
powerpc/fsl_booke: Avoid creating duplicate tlb1 entry
ipmi: fix hung processes in __get_guid()
ftrace/kprobe: Show the maxactive number on kprobe_events
drm: Remove PageReserved manipulation from drm_pci_alloc
drm/dp_mst: Fix clearing payload state on topology disable
crypto: caam - update xts sector size for large input length
dm zoned: remove duplicate nr_rnd_zones increase in dmz_init_zone()
btrfs: use nofs allocations for running delayed items
Btrfs: fix crash during unmount due to race with delayed inode workers
powerpc: Make setjmp/longjmp signature standard
powerpc: Add attributes for setjmp/longjmp
scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug
powerpc/kprobes: Ignore traps that happened in real mode
powerpc/xive: Use XIVE_BAD_IRQ instead of zero to catch non configured IPIs
powerpc/hash64/devmap: Use H_PAGE_THP_HUGE when setting up huge devmap PTE entries
powerpc/64/tm: Don't let userspace set regs->trap via sigreturn
powerpc/powernv/idle: Restore AMR/UAMOR/AMOR after idle
libata: Return correct status in sata_pmp_eh_recover_pm() when ATA_DFLAG_DETACH is set
hfsplus: fix crash and filesystem corruption when deleting files
cpufreq: powernv: Fix use-after-free
kmod: make request_module() return an error when autoloading is disabled
Input: i8042 - add Acer Aspire 5738z to nomux list
s390/diag: fix display of diagnose call statistics
perf tools: Support Python 3.8+ in Makefile
ocfs2: no need try to truncate file beyond i_size
fs/filesystems.c: downgrade user-reachable WARN_ONCE() to pr_warn_once()
ext4: fix a data race at inode->i_blocks
NFS: Fix a page leak in nfs_destroy_unlinked_subrequests()
rtc: omap: Use define directive for PIN_CONFIG_ACTIVE_HIGH
arm64: armv8_deprecated: Fix undef_hook mask for thumb setend
scsi: zfcp: fix missing erp_lock in port recovery trigger for point-to-point
dm verity fec: fix memory leak in verity_fec_dtr
mm: Use fixed constant in page_frag_alloc instead of size + 1
tools: gpio: Fix out-of-tree build regression
x86/speculation: Remove redundant arch_smt_update() invocation
powerpc/pseries: Drop pointless static qualifier in vpa_debugfs_init()
net: rtnl_configure_link: fix dev flags changes arg to __dev_notify_flags
ALSA: hda: Initialize power_state field properly
crypto: mxs-dcp - fix scatterlist linearization for hash
btrfs: drop block from cache on error in relocation
CIFS: Fix bug which the return value by asynchronous read is error
KVM: VMX: fix crash cleanup when KVM wasn't used
KVM: VMX: Always VMCLEAR in-use VMCSes during crash with kexec support
KVM: x86: Allocate new rmap and large page tracking when moving memslot
KVM: s390: vsie: Fix delivery of addressing exceptions
KVM: s390: vsie: Fix region 1 ASCE sanity shadow address checks
KVM: nVMX: Properly handle userspace interrupt window request
x86/entry/32: Add missing ASM_CLAC to general_protection entry
signal: Extend exec_id to 64bits
ath9k: Handle txpower changes even when TPC is disabled
MIPS: OCTEON: irq: Fix potential NULL pointer dereference
irqchip/versatile-fpga: Apply clear-mask earlier
KEYS: reaching the keys quotas correctly
PCI: endpoint: Fix for concurrent memory allocation in OB address region
PCI/ASPM: Clear the correct bits when enabling L1 substates
nvme-fc: Revert "add module to ops template to allow module references"
thermal: devfreq_cooling: inline all stubs for CONFIG_DEVFREQ_THERMAL=n
acpi/x86: ignore unspecified bit positions in the ACPI global lock field
media: ti-vpe: cal: fix disable_irqs to only the intended target
ALSA: hda/realtek - Set principled PC Beep configuration for ALC256
ALSA: doc: Document PC Beep Hidden Register on Realtek ALC256
ALSA: pcm: oss: Fix regression by buffer overflow fix
ALSA: ice1724: Fix invalid access for enumerated ctl items
ALSA: hda: Fix potential access overflow in beep helper
ALSA: hda: Add driver blacklist
ALSA: usb-audio: Add mixer workaround for TRX40 and co
usb: gadget: composite: Inform controller driver of self-powered
usb: gadget: f_fs: Fix use after free issue as part of queue failure
ASoC: topology: use name_prefix for new kcontrol
ASoC: dpcm: allow start or stop during pause for backend
ASoC: dapm: connect virtual mux with default value
ASoC: fix regwmask
slub: improve bit diffusion for freelist ptr obfuscation
misc: rtsx: set correct pcr_ops for rts522A
uapi: rename ext2_swab() to swab() and share globally in swab.h
btrfs: track reloc roots based on their commit root bytenr
btrfs: remove a BUG_ON() from merge_reloc_roots()
block, bfq: fix use-after-free in bfq_idle_slice_timer_body
locking/lockdep: Avoid recursion in lockdep_count_{for,back}ward_deps()
irqchip/gic-v4: Provide irq_retrigger to avoid circular locking dependency
usb: dwc3: core: add support for disabling SS instances in park mode
block: Fix use-after-free issue accessing struct io_cq
genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy()
efi/x86: Ignore the memory attributes table on i386
x86/boot: Use unsigned comparison for addresses
gfs2: Don't demote a glock until its revokes are written
libata: Remove extra scsi_host_put() in ata_scsi_add_hosts()
PCI/switchtec: Fix init_completion race condition with poll_wait()
selftests/x86/ptrace_syscall_32: Fix no-vDSO segfault
sched: Avoid scale real weight down to zero
irqchip/versatile-fpga: Handle chained IRQs properly
block: keep bdi->io_pages in sync with max_sectors_kb for stacked devices
x86: Don't let pgprot_modify() change the page encryption bit
null_blk: fix spurious IO errors after failed past-wp access
null_blk: Handle null_add_dev() failures properly
null_blk: Fix the null_add_dev() error path
i2c: st: fix missing struct parameter description
qlcnic: Fix bad kzalloc null test
cxgb4/ptp: pass the sign of offset delta in FW CMD
hinic: fix wrong para of wait_for_completion_timeout
hinic: fix a bug of waitting for IO stopped
net: vxge: fix wrong __VA_ARGS__ usage
bus: sunxi-rsb: Return correct data when mixing 16-bit and 8-bit reads
ANDROID: fix wakeup reason findings
UPSTREAM: gpu/trace: add a gpu total memory usage tracepoint
CHROMIUM: drm/virtio: rebase zero-copy patches to virgl/drm-misc-next
CHROMIUM: virtio-gpu: add VIRTIO_GPU_F_RESOURCE_UUID feature
CHROMIUM: drm/virtgpu: add legacy VIRTIO_GPU_* values for non-upstream variants
CHROMIUM: drm/virtgpu: fix various warnings
CHROMIUM: drm/virtgpu: implement metadata allocation ioctl
CHROMIUM: drm/virtgpu: introduce request IDRs
CHROMIUM: drm/virtgpu: implement DRM_VIRTGPU_RESOURCE_CREATE_V2
CHROMIUM: drm/virtgpu: add stub ioctl implementation
CHROMIUM: drm/virtgpu: check for revelant capabilites
CHROMIUM: drm/virtgpu: add memory type to virtio_gpu_object_params
CHROMIUM: drm/virtgpu: make memory and resource creation opaque
CHROMIUM: virtio-gpu api: VIRTIO_GPU_F_MEMORY
CHROMIUM: virtwl: store plane info per virtio_gpu_object
CHROMIUM: drm/virtgpu: expose new ioctls to userspace
BACKPORT: drm/virtio: move virtio_gpu_object_{attach, detach} calls.
ANDROID: drm: ttm: Add ttm_tt_create2 driver hook
UPSTREAM: virtio-gpu api: comment feature flags
UPSTREAM: drm/virtio: module_param_named() requires linux/moduleparam.h
BACKPORT: drm/virtio: fix resource id creation race
BACKPORT: drm/virtio: make resource id workaround runtime switchable.
BACKPORT: drm/virtio: do NOT reuse resource ids
BACKPORT: drm/virtio: Drop deprecated load/unload initialization
f2fs: fix quota_sync failure due to f2fs_lock_op
f2fs: support read iostat
f2fs: Fix the accounting of dcc->undiscard_blks
f2fs: fix to handle error path of f2fs_ra_meta_pages()
f2fs: report the discard cmd errors properly
f2fs: fix long latency due to discard during umount
f2fs: add tracepoint for f2fs iostat
f2fs: introduce sysfs/data_io_flag to attach REQ_META/FUA
UPSTREAM: kheaders: include only headers into kheaders_data.tar.xz
UPSTREAM: kheaders: remove meaningless -R option of 'ls'
ANDROID: Incremental fs: Fix create_file performance
ANDROID: Incremental fs: Fix compound page usercopy crash
ANDROID: Incremental fs: Clean up incfs_test build process
ANDROID: Incremental fs: make remount log buffer change atomic
ANDROID: Incremental fs: Optimize get_filled_block
ANDROID: Incremental fs: Fix mislabeled __user ptrs
ANDROID: Incremental fs: Use 64-bit int for file_size when writing hash blocks
Revert "ANDROID: Incremental fs: Fix initialization, use of bitfields"
Linux 4.14.176
drm/msm: Use the correct dma_sync calls in msm_gem
rpmsg: glink: smem: Support rx peak for size less than 4 bytes
drm_dp_mst_topology: fix broken drm_dp_sideband_parse_remote_dpcd_read()
usb: dwc3: don't set gadget->is_otg flag
rpmsg: glink: Remove chunk size word align warning
arm64: Fix size of __early_cpu_boot_status
drm/msm: stop abusing dma_map/unmap for cache
clk: qcom: rcg: Return failure for RCG update
acpi/nfit: Fix bus command validation
fbcon: fix null-ptr-deref in fbcon_switch
RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
ceph: canonicalize server path in place
ceph: remove the extra slashes in the server path
IB/hfi1: Fix memory leaks in sysfs registration and unregistration
IB/hfi1: Call kobject_put() when kobject_init_and_add() fails
ASoC: jz4740-i2s: Fix divider written at incorrect offset in register
hwrng: imx-rngc - fix an error path
tools/accounting/getdelays.c: fix netlink attribute length
random: always use batched entropy for get_random_u{32,64}
mlxsw: spectrum_flower: Do not stop at FLOW_ACTION_VLAN_MANGLE
slcan: Don't transmit uninitialized stack data in padding
net: stmmac: dwmac1000: fix out-of-bounds mac address reg setting
net: phy: micrel: kszphy_resume(): add delay after genphy_resume() before accessing PHY registers
net: dsa: bcm_sf2: Ensure correct sub-node is parsed
ipv6: don't auto-add link-local address to lag ports
mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
padata: always acquire cpu_hotplug_lock before pinst->lock
coresight: do not use the BIT() macro in the UAPI header
misc: pci_endpoint_test: Fix to support > 10 pci-endpoint-test devices
blk-mq: Allow blocking queue tag iter callbacks
blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter
drm/etnaviv: replace MMU flush marker with flush sequence
tools/power turbostat: Fix gcc build warnings
initramfs: restore default compression behavior
drm/bochs: downgrade pci_request_region failure from error to warning
sctp: fix possibly using a bad saddr with a given dst
sctp: fix refcount bug in sctp_wfree
net, ip_tunnel: fix interface lookup with no key
ipv4: fix a RCU-list lock in fib_triestat_seq_show
ANDROID: power: wakeup_reason: wake reason enhancements
ubifs: wire up FS_IOC_GET_ENCRYPTION_NONCE
f2fs: wire up FS_IOC_GET_ENCRYPTION_NONCE
ext4: wire up FS_IOC_GET_ENCRYPTION_NONCE
fscrypt: add FS_IOC_GET_ENCRYPTION_NONCE ioctl
FROMLIST: power_supply: Add additional health properties to the header
UPSTREAM: power: supply: core: Update sysfs-class-power ABI document
BACKPORT: FROMGIT: kbuild: mkcompile_h: Include $LD version in /proc/version
ANDROID: fscrypt: fall back to filesystem-layer crypto when needed
ANDROID: block: require drivers to declare supported crypto key type(s)
ANDROID: block: make blk_crypto_start_using_mode() properly check for support
f2fs: keep inline_data when compression conversion
f2fs: fix to disable compression on directory
f2fs: add missing CONFIG_F2FS_FS_COMPRESSION
f2fs: switch discard_policy.timeout to bool type
f2fs: fix to verify tpage before releasing in f2fs_free_dic()
f2fs: show compression in statx
f2fs: clean up dic->tpages assignment
f2fs: compress: support zstd compress algorithm
f2fs: compress: add .{init,destroy}_decompress_ctx callback
f2fs: compress: fix to call missing destroy_compress_ctx()
f2fs: change default compression algorithm
f2fs: clean up {cic,dic}.ref handling
f2fs: fix to use f2fs_readpage_limit() in f2fs_read_multi_pages()
f2fs: xattr.h: Make stub helpers inline
f2fs: fix to avoid double unlock
f2fs: fix potential .flags overflow on 32bit architecture
f2fs: fix NULL pointer dereference in f2fs_verity_work()
f2fs: fix to clear PG_error if fsverity failed
f2fs: don't call fscrypt_get_encryption_info() explicitly in f2fs_tmpfile()
f2fs: don't trigger data flush in foreground operation
f2fs: fix NULL pointer dereference in f2fs_write_begin()
f2fs: clean up f2fs_may_encrypt()
f2fs: fix to avoid potential deadlock
f2fs: don't change inode status under page lock
f2fs: fix potential deadlock on compressed quota file
f2fs: delete DIO read lock
f2fs: don't mark compressed inode dirty during f2fs_iget()
f2fs: fix to account compressed blocks in f2fs_compressed_blocks()
f2fs: xattr.h: Replace zero-length array with flexible-array member
f2fs: fix to update f2fs_super_block fields under sb_lock
f2fs: Add a new CP flag to help fsck fix resize SPO issues
f2fs: Fix mount failure due to SPO after a successful online resize FS
f2fs: use kmem_cache pool during inline xattr lookups
f2fs: skip migration only when BG_GC is called
f2fs: fix to show tracepoint correctly
f2fs: avoid __GFP_NOFAIL in f2fs_bio_alloc
f2fs: introduce F2FS_IOC_GET_COMPRESS_BLOCKS
f2fs: fix to avoid triggering IO in write path
f2fs: add prefix for f2fs slab cache name
f2fs: introduce DEFAULT_IO_TIMEOUT
f2fs: skip GC when section is full
f2fs: add migration count iff migration happens
f2fs: clean up bggc mount option
f2fs: clean up lfs/adaptive mount option
f2fs: fix to show norecovery mount option
f2fs: clean up parameter of macro XATTR_SIZE()
f2fs: clean up codes with {f2fs_,}data_blkaddr()
f2fs: show mounted time
f2fs: Use scnprintf() for avoiding potential buffer overflow
f2fs: allow to clear F2FS_COMPR_FL flag
f2fs: fix to check dirty pages during compressed inode conversion
f2fs: fix to account compressed inode correctly
f2fs: fix wrong check on F2FS_IOC_FSSETXATTR
f2fs: fix to avoid use-after-free in f2fs_write_multi_pages()
f2fs: fix to avoid using uninitialized variable
f2fs: fix inconsistent comments
f2fs: remove i_sem lock coverage in f2fs_setxattr()
f2fs: cover last_disk_size update with spinlock
f2fs: fix to check i_compr_blocks correctly
FROMLIST: kmod: make request_module() return an error when autoloading is disabled
UPSTREAM: loop: Only freeze block queue when needed.
UPSTREAM: loop: Only change blocksize when needed.
ANDROID: Incremental fs: Fix remount
ANDROID: Incremental fs: Protect get_fill_block, and add a field
ANDROID: Incremental fs: Fix crash polling 0 size read_log
ANDROID: Incremental fs: get_filled_blocks: better index_out
ANDROID: Fix wq fp check for CFI builds
ANDROID: Incremental fs: Fix four resource bugs
ANDROID: kbuild: ensure __cfi_check is correctly aligned
ANDROID: kbuild: fix module linker script flags for LTO
Linux 4.14.175
arm64: dts: ls1046ardb: set RGMII interfaces to RGMII_ID mode
arm64: dts: ls1043a-rdb: correct RGMII delay mode to rgmii-id
ARM: bcm2835-rpi-zero-w: Add missing pinctrl name
ARM: dts: oxnas: Fix clear-mask property
perf map: Fix off by one in strncpy() size argument
arm64: alternative: fix build with clang integrated assembler
net: ks8851-ml: Fix IO operations, again
gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 CHT + AXP288 model
bpf: Explicitly memset some bpf info structures declared on the stack
bpf: Explicitly memset the bpf_attr structure
platform/x86: pmc_atom: Add Lex 2I385SW to critclk_systems DMI table
vt: vt_ioctl: fix use-after-free in vt_in_use()
vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
vt: vt_ioctl: remove unnecessary console allocation checks
vt: switch vt_dont_switch to bool
vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines
vt: selection, introduce vc_is_sel
mac80211: fix authentication with iwlwifi/mvm
mac80211: Check port authorization in the ieee80211_tx_dequeue() case
media: xirlink_cit: add missing descriptor sanity checks
media: stv06xx: add missing descriptor sanity checks
media: dib0700: fix rc endpoint lookup
media: ov519: add missing endpoint sanity checks
libfs: fix infoleak in simple_attr_read()
staging: wlan-ng: fix use-after-free Read in hfa384x_usbin_callback
staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb
staging: rtl8188eu: Add ASUS USB-N10 Nano B1 to device table
media: usbtv: fix control-message timeouts
media: flexcop-usb: fix endpoint sanity check
usb: musb: fix crash with highmen PIO and usbmon
USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback
USB: cdc-acm: restore capability check order
USB: serial: option: add Wistron Neweb D19Q1
USB: serial: option: add BroadMobi BM806U
USB: serial: option: add support for ASKEY WWHC050
afs: Fix some tracing details
Input: raydium_i2c_ts - fix error codes in raydium_i2c_boot_trigger()
Input: raydium_i2c_ts - use true and false for boolean values
vti6: Fix memory leak of skb if input policy check fails
netfilter: nft_fwd_netdev: validate family and chain type
xfrm: policy: Fix doulbe free in xfrm_policy_timer
xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
xfrm: fix uctx len check in verify_sec_ctx_len
RDMA/mlx5: Block delay drop to unprivileged users
vti[6]: fix packet tx through bpf_redirect() in XinY cases
xfrm: handle NETDEV_UNREGISTER for xfrm device
genirq: Fix reference leaks on irq affinity notifiers
RDMA/core: Ensure security pkey modify is not lost
gpiolib: acpi: Add quirk to ignore EC wakeups on HP x2 10 BYT + AXP288 model
gpiolib: acpi: Rework honor_wakeup option into an ignore_wake option
gpiolib: acpi: Correct comment for HP x2 10 honor_wakeup quirk
mac80211: mark station unauthorized before key removal
scsi: sd: Fix optimal I/O size for devices that change reported values
scripts/dtc: Remove redundant YYLOC global declaration
tools: Let O= makes handle a relative path with -C option
perf probe: Do not depend on dwfl_module_addrsym()
ARM: dts: omap5: Add bus_dma_limit for L3 bus
ARM: dts: dra7: Add bus_dma_limit for L3 bus
Input: avoid BIT() macro usage in the serio.h UAPI header
Input: synaptics - enable RMI on HP Envy 13-ad105ng
i2c: hix5hd2: add missed clk_disable_unprepare in remove
ftrace/x86: Anotate text_mutex split between ftrace_arch_code_modify_post_process() and ftrace_arch_code_modify_prepare()
arm64: compat: map SPSR_ELx<->PSR for signals
arm64: ptrace: map SPSR_ELx<->PSR for compat tasks
sxgbe: Fix off by one in samsung driver strncpy size arg
dpaa_eth: Remove unnecessary boolean expression in dpaa_get_headroom
mac80211: Do not send mesh HWMP PREQ if HWMP is disabled
scsi: ipr: Fix softlockup when rescanning devices in petitboot
fsl/fman: detect FMan erratum A050385
arm64: dts: ls1043a: FMan erratum A050385
dt-bindings: net: FMan erratum A050385
cgroup1: don't call release_agent when it is ""
drivers/of/of_mdio.c:fix of_mdiobus_register()
cpupower: avoid multiple definition with gcc -fno-common
cgroup-v1: cgroup_pidlist_next should update position index
net: ipv4: don't let PMTU updates increase route MTU
hsr: set .netnsok flag
hsr: add restart routine into hsr_get_node_list()
hsr: use rcu_read_lock() in hsr_get_node_{list/status}()
vxlan: check return value of gro_cells_init()
net: dsa: mt7530: Change the LINK bit to reflect the link status
bnxt_en: fix memory leaks in bnxt_dcbnl_ieee_getets()
slcan: not call free_netdev before rtnl_unlock in slcan_open
NFC: fdp: Fix a signedness bug in fdp_nci_send_patch()
net: stmmac: dwmac-rk: fix error path in rk_gmac_probe
net_sched: keep alloc_hash updated after hash allocation
net_sched: cls_route: remove the right filter from hashtable
net: qmi_wwan: add support for ASKEY WWHC050
net/packet: tpacket_rcv: avoid a producer race condition
net: mvneta: Fix the case where the last poll did not process all rx
net: dsa: Fix duplicate frames flooded by learning
macsec: restrict to ethernet devices
hsr: fix general protection fault in hsr_addr_is_self()
Revert "drm/dp_mst: Skip validating ports during destruction, just ref"
staging: greybus: loopback_test: fix potential path truncations
staging: greybus: loopback_test: fix potential path truncation
drm/bridge: dw-hdmi: fix AVI frame colorimetry
arm64: smp: fix crash_smp_send_stop() behaviour
arm64: smp: fix smp_send_stop() behaviour
ALSA: hda/realtek: Fix pop noise on ALC225
Revert "ipv6: Fix handling of LLA with VRF and sockets bound to VRF"
Revert "vrf: mark skb for multicast or link-local as enslaved to VRF"
futex: Unbreak futex hashing
futex: Fix inode life-time issue
kbuild: Disable -Wpointer-to-enum-cast
iio: adc: at91-sama5d2_adc: fix differential channels in triggered mode
iio: adc: at91-sama5d2_adc: fix channel configuration for differential channels
USB: cdc-acm: fix rounding error in TIOCSSERIAL
USB: cdc-acm: fix close_delay and closing_wait units in TIOCSSERIAL
x86/mm: split vmalloc_sync_all()
page-flags: fix a crash at SetPageError(THP_SWAP)
mm, slub: prevent kmalloc_node crashes and memory leaks
mm: slub: be more careful about the double cmpxchg of freelist
memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event
xhci: Do not open code __print_symbolic() in xhci trace events
rtc: max8907: add missing select REGMAP_IRQ
intel_th: pci: Add Elkhart Lake CPU support
intel_th: Fix user-visible error codes
staging/speakup: fix get_word non-space look-ahead
staging: rtl8188eu: Add device id for MERCUSYS MW150US v2
mmc: sdhci-of-at91: fix cd-gpios for SAMA5D2
iio: magnetometer: ak8974: Fix negative raw values in sysfs
iio: trigger: stm32-timer: disable master mode when stopping
ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks
ALSA: pcm: oss: Avoid plugin buffer overflow
ALSA: seq: oss: Fix running status after receiving sysex
ALSA: seq: virmidi: Fix running status after receiving sysex
ALSA: line6: Fix endless MIDI read loop
usb: xhci: apply XHCI_SUSPEND_DELAY to AMD XHCI controller 1022:145c
USB: serial: pl2303: add device-id for HP LD381
usb: host: xhci-plat: add a shutdown
USB: serial: option: add ME910G1 ECM composition 0x110b
usb: quirks: add NO_LPM quirk for RTL8153 based ethernet adapters
USB: Disable LPM on WD19's Realtek Hub
parse-maintainers: Mark as executable
block, bfq: fix overwrite of bfq_group pointer in bfq_find_set_group()
xenbus: req->err should be updated before req->state
xenbus: req->body should be updated before req->state
dm bio record: save/restore bi_end_io and bi_integrity
altera-stapl: altera_get_note: prevent write beyond end of 'key'
drivers/perf: arm_pmu_acpi: Fix incorrect checking of gicc pointer
drm/exynos: dsi: fix workaround for the legacy clock name
drm/exynos: dsi: propagate error value and silence meaningless warning
spi/zynqmp: remove entry that causes a cs glitch
spi: pxa2xx: Add CS control clock quirk
ARM: dts: dra7: Add "dma-ranges" property to PCIe RC DT nodes
powerpc: Include .BTF section
spi: qup: call spi_qup_pm_resume_runtime before suspending
UPSTREAM: ubifs: wire up FS_IOC_GET_ENCRYPTION_NONCE
UPSTREAM: f2fs: wire up FS_IOC_GET_ENCRYPTION_NONCE
UPSTREAM: ext4: wire up FS_IOC_GET_ENCRYPTION_NONCE
UPSTREAM: fscrypt: add FS_IOC_GET_ENCRYPTION_NONCE ioctl
UPSTREAM: usb: raw_gadget: fix compilation warnings in uapi headers
BACKPORT: usb: gadget: add raw-gadget interface
UPSTREAM: usb: gadget: move choice ... endchoice to legacy/Kconfig
ANDROID: clang: update to 10.0.5
FROMLIST: arm64: define __alloc_zeroed_user_highpage
ANDROID: Incremental fs: Add INCFS_IOC_GET_FILLED_BLOCKS
ANDROID: Incremental fs: Fix two typos
f2fs: fix to avoid potential deadlock
f2fs: add missing function name in kernel message
f2fs: recycle unused compress_data.chksum feild
f2fs: fix to avoid NULL pointer dereference
f2fs: fix leaking uninitialized memory in compressed clusters
f2fs: fix the panic in do_checkpoint()
f2fs: fix to wait all node page writeback
mm/swapfile.c: move inode_lock out of claim_swapfile
UPSTREAM: ipv6: ndisc: add support for 'PREF64' dns64 prefix identifier
UPSTREAM: ipv6: ndisc: add support for 'PREF64' dns64 prefix identifier
ANDROID: dm-bow: Fix free_show value is incorrect
UPSTREAM: coresight: Potential uninitialized variable in probe()
ANDROID: kbuild: do not merge .section..* into .section in modules
ANDROID: scsi: ufs: add ->map_sg_crypto() variant op
UPSTREAM: bpf: Explicitly memset some bpf info structures declared on the stack
UPSTREAM: bpf: Explicitly memset the bpf_attr structure
Linux 4.14.174
ipv4: ensure rcu_read_lock() in cipso_v4_error()
mm: slub: add missing TID bump in kmem_cache_alloc_bulk()
ARM: 8958/1: rename missed uaccess .fixup section
ARM: 8957/1: VDSO: Match ARMv8 timer in cntvct_functional()
jbd2: fix data races at struct journal_head
net: rmnet: fix NULL pointer dereference in rmnet_newlink()
hinic: fix a bug of setting hw_ioctxt
slip: not call free_netdev before rtnl_unlock in slip_open
signal: avoid double atomic counter increments for user accounting
mac80211: rx: avoid RCU list traversal under mutex
net: ks8851-ml: Fix IRQ handling and locking
net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch
scsi: libfc: free response frame from GPN_ID
cfg80211: check reg_rule for NULL in handle_channel_custom()
HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override
HID: apple: Add support for recent firmware on Magic Keyboards
ACPI: watchdog: Allow disabling WDAT at boot
perf/amd/uncore: Replace manual sampling check with CAP_NO_INTERRUPT flag
batman-adv: Don't schedule OGM for disabled interface
batman-adv: Avoid free/alloc race when handling OGM buffer
batman-adv: Avoid free/alloc race when handling OGM2 buffer
batman-adv: Fix duplicated OGMs on NETDEV_UP
batman-adv: Fix debugfs path for renamed softif
batman-adv: Fix debugfs path for renamed hardif
batman-adv: prevent TT request storms by not sending inconsistent TT TLVLs
batman-adv: Fix TT sync flags for intermediate TT responses
batman-adv: Avoid race in TT TVLV allocator helper
batman-adv: update data pointers after skb_cow()
batman-adv: Fix internal interface indices types
batman-adv: Fix lock for ogm cnt access in batadv_iv_ogm_calc_tq
batman-adv: Fix check of retrieved orig_gw in batadv_v_gw_is_eligible
batman-adv: Always initialize fragment header priority
batman-adv: Avoid spurious warnings from bat_v neigh_cmp implementation
efi: Add a sanity check to efivar_store_raw()
net/smc: check for valid ib_client_data
ipv6: restrict IPV6_ADDRFORM operation
i2c: acpi: put device when verifying client fails
iommu/vt-d: Ignore devices with out-of-spec domain number
iommu/vt-d: Fix the wrong printing in RHSA parsing
netfilter: nft_payload: add missing attribute validation for payload csum flags
netfilter: cthelper: add missing attribute validation for cthelper
nl80211: add missing attribute validation for channel switch
nl80211: add missing attribute validation for beacon report scanning
nl80211: add missing attribute validation for critical protocol indication
pinctrl: core: Remove extra kref_get which blocks hogs being freed
pinctrl: meson-gxl: fix GPIOX sdio pins
iommu/vt-d: Fix a bug in intel_iommu_iova_to_phys() for huge page
iommu/vt-d: dmar: replace WARN_TAINT with pr_warn + add_taint
iommu/dma: Fix MSI reservation allocation
x86/mce: Fix logic and comments around MSR_PPIN_CTL
efi: Fix a race and a buffer overflow while reading efivars via sysfs
ARC: define __ALIGN_STR and __ALIGN symbols for ARC
KVM: x86: clear stale x86_emulate_ctxt->intercept value
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
cifs_atomic_open(): fix double-put on late allocation failure
ktest: Add timeout for ssh sync testing
drm/amd/display: remove duplicated assignment to grph_obj_type
workqueue: don't use wq_select_unbound_cpu() for bound works
iommu/vt-d: quirk_ioat_snb_local_iommu: replace WARN_TAINT with pr_warn + add_taint
virtio-blk: fix hw_queue stopped on arbitrary error
iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices
cgroup: Iterate tasks that did not finish do_exit()
cgroup: cgroup_procs_next should increase position index
ipvlan: don't deref eth hdr before checking it's set
ipvlan: egress mcast packets are not exceptional
ipvlan: do not add hardware address of master to its unicast filter list
inet_diag: return classid for all socket types
macvlan: add cond_resched() during multicast processing
net: fec: validate the new settings in fec_enet_set_coalesce()
slip: make slhc_compress() more robust against malicious packets
bonding/alb: make sure arp header is pulled before accessing it
net: phy: fix MDIO bus PM PHY resuming
nfc: add missing attribute validation for vendor subcommand
nfc: add missing attribute validation for SE API
team: add missing attribute validation for array index
team: add missing attribute validation for port ifindex
net: fq: add missing attribute validation for orphan mask
macsec: add missing attribute validation for port
can: add missing attribute validation for termination
nl802154: add missing attribute validation for dev_type
nl802154: add missing attribute validation
fib: add missing attribute validation for tun_id
net: memcg: fix lockdep splat in inet_csk_accept()
net: memcg: late association of sock to memcg
cgroup: memcg: net: do not associate sock with unrelated cgroup
bnxt_en: reinitialize IRQs when MTU is modified
sfc: detach from cb_page in efx_copy_channel()
r8152: check disconnect status after long sleep
net/packet: tpacket_rcv: do not increment ring index on drop
net: nfc: fix bounds checking bugs on "pipe"
net: macsec: update SCI upon MAC address change.
netlink: Use netlink header as base to calculate bad attribute offset
ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast()
ipvlan: add cond_resched_rcu() while processing muticast backlog
ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface
gre: fix uninit-value in __iptunnel_pull_header
cgroup, netclassid: periodically release file_lock on classid updating
net: phy: Avoid multiple suspends
phy: Revert toggling reset changes.
ANDROID: Incremental fs: Add INCFS_IOC_PERMIT_FILL
ANDROID: Incremental fs: Remove signature checks from kernel
ANDROID: Incremental fs: Pad hash blocks
ANDROID: Incremental fs: Make fill block an ioctl
ANDROID: Incremental fs: Remove all access_ok checks
UPSTREAM: cgroup: Iterate tasks that did not finish do_exit()
UPSTREAM: arm64: memory: Add missing brackets to untagged_addr() macro
UPSTREAM: mm: Avoid creating virtual address aliases in brk()/mmap()/mremap()
ANDROID: Add TPM support and the vTPM proxy to Cuttlefish.
ANDROID: serdev: restrict claim of platform devices
UPSTREAM: fscrypt: don't evict dirty inodes after removing key
fscrypt: don't evict dirty inodes after removing key
Linux 4.14.173
ASoC: topology: Fix memleak in soc_tplg_manifest_load()
xhci: handle port status events for removed USB3 hcd
dm integrity: fix a deadlock due to offloading to an incorrect workqueue
powerpc: fix hardware PMU exception bug on PowerVM compatibility mode systems
dmaengine: coh901318: Fix a double lock bug in dma_tc_handle()
hwmon: (adt7462) Fix an error return in ADT7462_REG_VOLT()
ARM: imx: build v7_cpu_resume() unconditionally
IB/hfi1, qib: Ensure RCU is locked when accessing list
RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen()
RDMA/iwcm: Fix iwcm work deallocation
ASoC: dapm: Correct DAPM handling of active widgets during shutdown
ASoC: pcm512x: Fix unbalanced regulator enable call in probe error path
ASoC: pcm: Fix possible buffer overflow in dpcm state sysfs output
ASoC: intel: skl: Fix possible buffer overflow in debug outputs
ASoC: intel: skl: Fix pin debug prints
ASoC: topology: Fix memleak in soc_tplg_link_elems_load()
ARM: dts: ls1021a: Restore MDIO compatible to gianfar
dm cache: fix a crash due to incorrect work item cancelling
dmaengine: tegra-apb: Prevent race conditions of tasklet vs free list
dmaengine: tegra-apb: Fix use-after-free
x86/pkeys: Manually set X86_FEATURE_OSPKE to preserve existing changes
vt: selection, push sel_lock up
vt: selection, push console lock down
vt: selection, close sel_buffer race
serial: 8250_exar: add support for ACCES cards
tty:serial:mvebu-uart:fix a wrong return
arm: dts: dra76x: Fix mmc3 max-frequency
fat: fix uninit-memory access for partial initialized inode
mm, numa: fix bad pmd by atomically check for pmd_trans_huge when marking page tables prot_numa
vgacon: Fix a UAF in vgacon_invert_region
usb: core: port: do error out if usb_autopm_get_interface() fails
usb: core: hub: do error out if usb_autopm_get_interface() fails
usb: core: hub: fix unhandled return by employing a void function
usb: quirks: add NO_LPM quirk for Logitech Screen Share
usb: storage: Add quirk for Samsung Fit flash
cifs: don't leak -EAGAIN for stat() during reconnect
net: thunderx: workaround BGX TX Underflow issue
x86/xen: Distribute switch variables for initialization
nvme: Fix uninitialized-variable warning
x86/boot/compressed: Don't declare __force_order in kaslr_64.c
s390/cio: cio_ignore_proc_seq_next should increase position index
watchdog: da9062: do not ping the hw during stop()
net: ks8851-ml: Fix 16-bit IO operation
net: ks8851-ml: Fix 16-bit data access
net: ks8851-ml: Remove 8-bit bus accessors
drm/msm/dsi: save pll state before dsi host is powered off
drm: msm: Fix return type of dsi_mgr_connector_mode_valid for kCFI
drm/msm/mdp5: rate limit pp done timeout warnings
usb: gadget: serial: fix Tx stall after buffer overflow
usb: gadget: ffs: ffs_aio_cancel(): Save/restore IRQ flags
usb: gadget: composite: Support more than 500mA MaxPower
selftests: fix too long argument
serial: ar933x_uart: set UART_CS_{RX,TX}_READY_ORIDE
kprobes: Fix optimize_kprobe()/unoptimize_kprobe() cancellation logic
RDMA/core: Fix use of logical OR in get_new_pps
RDMA/core: Fix pkey and port assignment in get_new_pps
net: dsa: bcm_sf2: Forcibly configure IMP port for 1Gb/sec
EDAC/amd64: Set grain per DIMM
x86/mce: Handle varying MCA bank counts
vhost: Check docket sk_family instead of call getname
audit: always check the netlink payload length in audit_receive_msg()
Revert "char/random: silence a lockdep splat with printk()"
mm, thp: fix defrag setting if newline is not used
mm/huge_memory.c: use head to check huge zero page
perf hists browser: Restore ESC as "Zoom out" of DSO/thread/etc
kprobes: Set unoptimized flag after unoptimizing code
drivers: net: xgene: Fix the order of the arguments of 'alloc_etherdev_mqs()'
tuntap: correctly set SOCKWQ_ASYNC_NOSPACE
KVM: Check for a bad hva before dropping into the ghc slow path
KVM: SVM: Override default MMIO mask if memory encryption is enabled
mwifiex: drop most magic numbers from mwifiex_process_tdls_action_frame()
namei: only return -ECHILD from follow_dotdot_rcu()
net: ena: make ena rxfh support ETH_RSS_HASH_NO_CHANGE
net: atlantic: fix potential error handling
net: netlink: cap max groups which will be considered in netlink_bind()
include/linux/bitops.h: introduce BITS_PER_TYPE
ecryptfs: Fix up bad backport of fe2e082f5da5b4a0a92ae32978f81507ef37ec66
usb: charger: assign specific number for enum value
drm/i915/gvt: Separate display reset from ALL_ENGINES reset
i2c: jz4780: silence log flood on txabrt
i2c: altera: Fix potential integer overflow
MIPS: VPE: Fix a double free and a memory leak in 'release_vpe()'
HID: hiddev: Fix race in in hiddev_disconnect()
Revert "PM / devfreq: Modify the device name as devfreq(X) for sysfs"
tracing: Disable trace_printk() on post poned tests
HID: core: increase HID report buffer size to 8KiB
HID: core: fix off-by-one memset in hid_report_raw_event()
HID: ite: Only bind to keyboard USB interface on Acer SW5-012 keyboard dock
KVM: VMX: check descriptor table exits on instruction emulation
ACPI: watchdog: Fix gas->access_width usage
ACPICA: Introduce ACPI_ACCESS_BYTE_WIDTH() macro
audit: fix error handling in audit_data_to_entry()
ext4: potential crash on allocation error in ext4_alloc_flex_bg_array()
net: sched: correct flower port blocking
qede: Fix race between rdma destroy workqueue and link change event
ipv6: Fix route replacement with dev-only route
ipv6: Fix nlmsg_flags when splitting a multipath route
sctp: move the format error check out of __sctp_sf_do_9_1_abort
nfc: pn544: Fix occasional HW initialization failure
net: phy: restore mdio regs in the iproc mdio driver
net: fib_rules: Correctly set table field when table number exceeds 8 bits
sysrq: Remove duplicated sysrq message
sysrq: Restore original console_loglevel when sysrq disabled
cfg80211: add missing policy for NL80211_ATTR_STATUS_CODE
cifs: Fix mode output in debugging statements
net: ena: ena-com.c: prevent NULL pointer dereference
net: ena: ethtool: use correct value for crc32 hash
net: ena: fix incorrectly saving queue numbers when setting RSS indirection table
net: ena: rss: store hash function as values and not bits
net: ena: rss: fix failure to get indirection table
net: ena: fix incorrect default RSS key
net: ena: add missing ethtool TX timestamping indication
net: ena: fix uses of round_jiffies()
net: ena: fix potential crash when rxfh key is NULL
qmi_wwan: unconditionally reject 2 ep interfaces
qmi_wwan: re-add DW5821e pre-production variant
cfg80211: check wiphy driver existence for drvinfo report
mac80211: consider more elements in parsing CRC
dax: pass NOWAIT flag to iomap_apply
drm/msm: Set dma maximum segment size for mdss
ipmi:ssif: Handle a possible NULL pointer reference
ext4: fix potential race between s_group_info online resizing and access
ext4: fix potential race between s_flex_groups online resizing and access
ext4: fix potential race between online resizing and write operations
netfilter: nf_conntrack: resolve clash for matching conntracks
iwlwifi: pcie: fix rb_allocator workqueue allocation
FROMLIST: f2fs: fix wrong check on F2FS_IOC_FSSETXATTR
UPSTREAM: binder: prevent UAF for binderfs devices II
UPSTREAM: binder: prevent UAF for binderfs devices
FROMLIST: lib: test_stackinit.c: XFAIL switch variable init tests
ANDROID: cuttlefish: disable KPROBES
ANDROID: scsi: ufs: allow ufs variants to override sg entry size
FROMLIST: ufs: fix a bug on printing PRDT
BACKPORT: loop: Add LOOP_SET_BLOCK_SIZE in compat ioctl
ANDROID: fix build issue in security/selinux/avc.c
ANDROID: cuttlefish_defconfig: Disable CONFIG_RT_GROUP_SCHED
ANDROID: Enable HID_NINTENDO as y
FROMLIST: HID: nintendo: add nintendo switch controller driver
Linux 4.14.172
s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
xen: Enable interrupts when calling _cond_resched()
ata: ahci: Add shutdown to freeze hardware resources of ahci
netfilter: xt_hashlimit: limit the max size of hashtable
ALSA: seq: Fix concurrent access to queue current tick/time
ALSA: seq: Avoid concurrent access to queue flags
ALSA: rawmidi: Avoid bit fields for state flags
genirq/proc: Reject invalid affinity masks (again)
iommu/vt-d: Fix compile warning from intel-svm.h
ecryptfs: replace BUG_ON with error handling code
staging: greybus: use after free in gb_audio_manager_remove_all()
staging: rtl8723bs: fix copy of overlapping memory
usb: gadget: composite: Fix bMaxPower for SuperSpeedPlus
scsi: Revert "target: iscsi: Wait for all commands to finish before freeing a session"
scsi: Revert "RDMA/isert: Fix a recently introduced regression related to logout"
Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents
btrfs: do not check delayed items are empty for single transaction cleanup
btrfs: fix bytes_may_use underflow in prealloc error condtition
KVM: apic: avoid calculating pending eoi from an uninitialized val
KVM: nVMX: handle nested posted interrupts when apicv is disabled for L1
KVM: nVMX: Check IO instruction VM-exit conditions
KVM: nVMX: Refactor IO bitmap checks into helper function
ext4: fix race between writepages and enabling EXT4_EXTENTS_FL
ext4: rename s_journal_flag_rwsem to s_writepages_rwsem
ext4: fix mount failure with quota configured as module
ext4: add cond_resched() to __ext4_find_entry()
ext4: fix a data race in EXT4_I(inode)->i_disksize
KVM: nVMX: Don't emulate instructions in guest mode
lib/stackdepot.c: fix global out-of-bounds in stack_slabs
serial: 8250: Check UPF_IRQ_SHARED in advance
vt: vt_ioctl: fix race in VT_RESIZEX
VT_RESIZEX: get rid of field-by-field copyin
xhci: apply XHCI_PME_STUCK_QUIRK to Intel Comet Lake platforms
KVM: x86: don't notify userspace IOAPIC on edge-triggered interrupt EOI
drm/amdgpu/soc15: fix xclk for raven
mm/vmscan.c: don't round up scan size for online memory cgroup
Revert "ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()"
MAINTAINERS: Update drm/i915 bug filing URL
serdev: ttyport: restore client ops on deregistration
tty: serial: imx: setup the correct sg entry for tx dma
tty/serial: atmel: manage shutdown in case of RS485 or ISO7816 mode
x86/mce/amd: Fix kobject lifetime
x86/mce/amd: Publish the bank pointer only after setup has succeeded
staging: rtl8723bs: Fix potential overuse of kernel memory
staging: rtl8723bs: Fix potential security hole
staging: rtl8188eu: Fix potential overuse of kernel memory
staging: rtl8188eu: Fix potential security hole
USB: hub: Fix the broken detection of USB3 device in SMSC hub
USB: hub: Don't record a connect-change event during reset-resume
USB: Fix novation SourceControl XL after suspend
usb: uas: fix a plug & unplug racing
usb: host: xhci: update event ring dequeue pointer on purpose
xhci: fix runtime pm enabling for quirky Intel hosts
xhci: Force Maximum Packet size for Full-speed bulk devices to valid range.
staging: vt6656: fix sign of rx_dbm to bb_pre_ed_rssi.
staging: android: ashmem: Disallow ashmem memory from being remapped
vt: selection, handle pending signals in paste_selection
floppy: check FDC index for errors before assigning it
USB: misc: iowarrior: add support for the 100 device
USB: misc: iowarrior: add support for the 28 and 28L devices
USB: misc: iowarrior: add support for 2 OEMed devices
thunderbolt: Prevent crash if non-active NVMem file is read
net/smc: fix leak of kernel memory to user space
net/sched: flower: add missing validation of TCA_FLOWER_FLAGS
net/sched: matchall: add missing validation of TCA_MATCHALL_FLAGS
net: dsa: tag_qca: Make sure there is headroom for tag
enic: prevent waking up stopped tx queues over watchdog reset
selinux: ensure we cleanup the internal AVC counters on error in avc_update()
mlxsw: spectrum_dpipe: Add missing error path
virtio_balloon: prevent pfn array overflow
help_next should increase position index
brd: check and limit max_part par
microblaze: Prevent the overflow of the start
iwlwifi: mvm: Fix thermal zone registration
irqchip/gic-v3-its: Reference to its_invall_cmd descriptor when building INVALL
bcache: explicity type cast in bset_bkey_last()
reiserfs: prevent NULL pointer dereference in reiserfs_insert_item()
lib/scatterlist.c: adjust indentation in __sg_alloc_table
ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans()
radeon: insert 10ms sleep in dce5_crtc_load_lut
trigger_next should increase position index
ftrace: fpid_next() should increase position index
drm/nouveau/disp/nv50-: prevent oops when no channel method map provided
irqchip/gic-v3: Only provision redistributors that are enabled in ACPI
ceph: check availability of mds cluster on mount after wait timeout
cifs: fix NULL dereference in match_prepath
iwlegacy: ensure loop counter addr does not wrap and cause an infinite loop
hostap: Adjust indentation in prism2_hostapd_add_sta
ARM: 8951/1: Fix Kexec compilation issue.
jbd2: make sure ESHUTDOWN to be recorded in the journal superblock
jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record
powerpc/sriov: Remove VF eeh_dev state when disabling SR-IOV
ALSA: hda - Add docking station support for Lenovo Thinkpad T420s
driver core: platform: fix u32 greater or equal to zero comparison
s390/ftrace: generate traced function stack frame
x86/decoder: Add TEST opcode to Group3-2
ALSA: hda/hdmi - add retry logic to parse_intel_hdmi()
irqchip/mbigen: Set driver .suppress_bind_attrs to avoid remove problems
remoteproc: Initialize rproc_class before use
btrfs: device stats, log when stats are zeroed
btrfs: safely advance counter when looking up bio csums
btrfs: fix possible NULL-pointer dereference in integrity checks
pwm: Remove set but not set variable 'pwm'
ide: serverworks: potential overflow in svwks_set_pio_mode()
cmd64x: potential buffer overflow in cmd64x_program_timings()
pwm: omap-dmtimer: Remove PWM chip in .remove before making it unfunctional
x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd
f2fs: fix memleak of kobject
watchdog/softlockup: Enforce that timestamp is valid on boot
arm64: fix alternatives with LLVM's integrated assembler
scsi: iscsi: Don't destroy session if there are outstanding connections
f2fs: free sysfs kobject
iommu/arm-smmu-v3: Use WRITE_ONCE() when changing validity of an STE
usb: musb: omap2430: Get rid of musb .set_vbus for omap2430 glue
drm/vmwgfx: prevent memory leak in vmw_cmdbuf_res_add
drm/nouveau: Fix copy-paste error in nouveau_fence_wait_uevent_handler
drm/nouveau/gr/gk20a,gm200-: add terminators to method lists read from fw
drm/nouveau/secboot/gm20b: initialize pointer in gm20b_secboot_new()
vme: bridges: reduce stack usage
driver core: Print device when resources present in really_probe()
driver core: platform: Prevent resouce overflow from causing infinite loops
tty: synclink_gt: Adjust indentation in several functions
tty: synclinkmp: Adjust indentation in several functions
ASoC: atmel: fix build error with CONFIG_SND_ATMEL_SOC_DMA=m
wan: ixp4xx_hss: fix compile-testing on 64-bit
Input: edt-ft5x06 - work around first register access error
rcu: Use WRITE_ONCE() for assignments to ->pprev for hlist_nulls
efi/x86: Don't panic or BUG() on non-critical error conditions
soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
IB/hfi1: Add software counter for ctxt0 seq drop
udf: Fix free space reporting for metadata and virtual partitions
usbip: Fix unsafe unaligned pointer usage
drm: remove the newline for CRC source name.
tools lib api fs: Fix gcc9 stringop-truncation compilation error
ALSA: sh: Fix compile warning wrt const
ALSA: sh: Fix unused variable warnings
clk: sunxi-ng: add mux and pll notifiers for A64 CPU clock
RDMA/rxe: Fix error type of mmap_offset
pinctrl: sh-pfc: sh7269: Fix CAN function GPIOs
PM / devfreq: rk3399_dmc: Add COMPILE_TEST and HAVE_ARM_SMCCC dependency
x86/vdso: Provide missing include file
dmaengine: Store module owner in dma_device struct
ARM: dts: r8a7779: Add device node for ARM global timer
drm/mediatek: handle events when enabling/disabling crtc
scsi: aic7xxx: Adjust indentation in ahc_find_syncrate
scsi: ufs: Complete pending requests in host reset and restore path
ACPICA: Disassembler: create buffer fields in ACPI_PARSE_LOAD_PASS1
orinoco: avoid assertion in case of NULL pointer
rtlwifi: rtl_pci: Fix -Wcast-function-type
iwlegacy: Fix -Wcast-function-type
ipw2x00: Fix -Wcast-function-type
b43legacy: Fix -Wcast-function-type
ALSA: usx2y: Adjust indentation in snd_usX2Y_hwdep_dsp_status
fore200e: Fix incorrect checks of NULL pointer dereference
reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
media: v4l2-device.h: Explicitly compare grp{id,mask} to zero in v4l2_device macros
ARM: dts: imx6: rdu2: Disable WP for USDHC2 and USDHC3
arm64: dts: qcom: msm8996: Disable USB2 PHY suspend by core
NFC: port100: Convert cpu_to_le16(le16_to_cpu(E1) + E2) to use le16_add_cpu().
PCI/IOV: Fix memory leak in pci_iov_add_virtfn()
net/wan/fsl_ucc_hdlc: reject muram offsets above 64K
regulator: rk808: Lower log level on optional GPIOs being not available
drm/amdgpu: remove 4 set but not used variable in amdgpu_atombios_get_connector_info_from_object_table
clk: qcom: rcg2: Don't crash if our parent can't be found; return an error
kconfig: fix broken dependency in randconfig-generated .config
KVM: s390: ENOTSUPP -> EOPNOTSUPP fixups
nbd: add a flush_workqueue in nbd_start_device
ext4, jbd2: ensure panic when aborting with zero errno
tracing: Fix very unlikely race of registering two stat tracers
tracing: Fix tracing_stat return values in error handling paths
x86/sysfb: Fix check for bad VRAM size
jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal
kselftest: Minimise dependency of get_size on C library interfaces
clocksource/drivers/bcm2835_timer: Fix memory leak of timer
usb: dwc2: Fix IN FIFO allocation
usb: gadget: udc: fix possible sleep-in-atomic-context bugs in gr_probe()
uio: fix a sleep-in-atomic-context bug in uio_dmem_genirq_irqcontrol()
sparc: Add .exit.data section.
MIPS: Loongson: Fix potential NULL dereference in loongson3_platform_init()
efi/x86: Map the entire EFI vendor string before copying it
pinctrl: baytrail: Do not clear IRQ flags on direct-irq enabled pins
media: sti: bdisp: fix a possible sleep-in-atomic-context bug in bdisp_device_run()
char/random: silence a lockdep splat with printk()
gpio: gpio-grgpio: fix possible sleep-in-atomic-context bugs in grgpio_irq_map/unmap()
powerpc/powernv/iov: Ensure the pdn for VFs always contains a valid PE number
media: i2c: mt9v032: fix enum mbus codes and frame sizes
pxa168fb: Fix the function used to release some memory in an error handling path
pinctrl: sh-pfc: sh7264: Fix CAN function GPIOs
gianfar: Fix TX timestamping with a stacked DSA driver
ALSA: ctl: allow TLV read operation for callback type of element in locked case
ext4: fix ext4_dax_read/write inode locking sequence for IOCB_NOWAIT
leds: pca963x: Fix open-drain initialization
brcmfmac: Fix use after free in brcmf_sdio_readframes()
cpu/hotplug, stop_machine: Fix stop_machine vs hotplug order
drm/gma500: Fixup fbdev stolen size usage evaluation
KVM: nVMX: Use correct root level for nested EPT shadow page tables
Revert "KVM: VMX: Add non-canonical check on writes to RTIT address MSRs"
Revert "KVM: nVMX: Use correct root level for nested EPT shadow page tables"
scsi: qla2xxx: fix a potential NULL pointer dereference
jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer
jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()
hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions.
perf/x86/intel: Fix inaccurate period in context switch for auto-reload
s390/time: Fix clk type in get_tod_clock
RDMA/core: Fix protection fault in get_pkey_idx_qp_list
IB/hfi1: Close window for pq and request coliding
serial: imx: Only handle irqs that are actually enabled
serial: imx: ensure that RX irqs are off if RX is off
padata: Remove broken queue flushing
perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event map
KVM: nVMX: Use correct root level for nested EPT shadow page tables
arm64: ssbs: Fix context-switch when SSBS is present on all CPUs
btrfs: log message when rw remount is attempted with unclean tree-log
btrfs: print message when tree-log replay starts
Btrfs: fix race between using extent maps and merging them
ext4: improve explanation of a mount failure caused by a misconfigured kernel
ext4: fix checksum errors with indexed dirs
ext4: fix support for inode sizes > 1024 bytes
ext4: don't assume that mmp_nodename/bdevname have NUL
ARM: 8723/2: always assume the "unified" syntax for assembly code
arm64: nofpsimd: Handle TIF_FOREIGN_FPSTATE flag cleanly
arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly
ALSA: usb-audio: Apply sample rate quirk for Audioengine D1
Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list
Input: synaptics - enable SMBus on ThinkPad L470
Input: synaptics - switch T470s to RMI4 by default
ecryptfs: fix a memory leak bug in ecryptfs_init_messaging()
ecryptfs: fix a memory leak bug in parse_tag_1_packet()
ASoC: sun8i-codec: Fix setting DAI data format
ALSA: hda: Use scnprintf() for printing texts for sysfs/procfs
iommu/qcom: Fix bogus detach logic
KVM: x86: emulate RDPID
UPSTREAM: sched/psi: Fix OOB write when writing 0 bytes to PSI files
UPSTREAM: psi: Fix a division error in psi poll()
UPSTREAM: sched/psi: Fix sampling error and rare div0 crashes with cgroups and high uptime
UPSTREAM: sched/psi: Correct overly pessimistic size calculation
FROMLIST: f2fs: Handle casefolding with Encryption
FROMLIST: fscrypt: Have filesystems handle their d_ops
FROMLIST: ext4: Use generic casefolding support
FROMLIST: f2fs: Use generic casefolding support
FROMLIST: Add standard casefolding support
FROMLIST: unicode: Add utf8_casefold_hash
ANDROID: cuttlefish_defconfig: Add CONFIG_UNICODE
ANDROID: sdcardfs: fix -ENOENT lookup race issue
ANDROID: gki_defconfig: Enable CONFIG_RD_LZ4
ANDROID: dm: Add wrapped key support in dm-default-key
ANDROID: dm: add support for passing through derive_raw_secret
ANDROID: block: Prevent crypto fallback for wrapped keys
ANDROID: Disable wq fp check in CFI builds
ANDROID: increase limit on sched-tune boost groups
ANDROID: ufs, block: fix crypto power management and move into block layer
ANDROID: Incremental fs: Support xattrs
ANDROID: test_stackinit: work around LLVM PR44916
ANDROID: clang: update to 10.0.4
fs-verity: use u64_to_user_ptr()
fs-verity: use mempool for hash requests
fs-verity: implement readahead of Merkle tree pages
ext4: readpages() should submit IO as read-ahead
fs-verity: implement readahead for FS_IOC_ENABLE_VERITY
fscrypt: improve format of no-key names
ubifs: allow both hash and disk name to be provided in no-key names
ubifs: don't trigger assertion on invalid no-key filename
fscrypt: clarify what is meant by a per-file key
fscrypt: derive dirhash key for casefolded directories
fscrypt: don't allow v1 policies with casefolding
fscrypt: add "fscrypt_" prefix to fname_encrypt()
fscrypt: don't print name of busy file when removing key
fscrypt: document gfp_flags for bounce page allocation
fscrypt: optimize fscrypt_zeroout_range()
fscrypt: remove redundant bi_status check
fscrypt: Allow modular crypto algorithms
fscrypt: include <linux/ioctl.h> in UAPI header
fscrypt: don't check for ENOKEY from fscrypt_get_encryption_info()
fscrypt: remove fscrypt_is_direct_key_policy()
fscrypt: move fscrypt_valid_enc_modes() to policy.c
fscrypt: check for appropriate use of DIRECT_KEY flag earlier
fscrypt: split up fscrypt_supported_policy() by policy version
fscrypt: introduce fscrypt_needs_contents_encryption()
fscrypt: move fscrypt_d_revalidate() to fname.c
fscrypt: constify inode parameter to filename encryption functions
fscrypt: constify struct fscrypt_hkdf parameter to fscrypt_hkdf_expand()
fscrypt: verify that the crypto_skcipher has the correct ivsize
fscrypt: use crypto_skcipher_driver_name()
fscrypt: support passing a keyring key to FS_IOC_ADD_ENCRYPTION_KEY
keys: Export lookup_user_key to external users
f2fs: fix build error on PAGE_KERNEL_RO
Conflicts:
arch/arm64/kernel/smp.c
arch/arm64/kernel/traps.c
block/blk-crypto-fallback.c
block/keyslot-manager.c
drivers/base/power/wakeup.c
drivers/clk/clk.c
drivers/clk/qcom/clk-rcg2.c
drivers/gpu/Makefile
drivers/gpu/drm/msm/msm_drv.c
drivers/gpu/drm/msm/msm_gem.c
drivers/hwtracing/coresight/coresight-funnel.c
drivers/irqchip/irq-gic-v3.c
drivers/md/dm.c
drivers/net/ethernet/qualcomm/rmnet/rmnet_config.c
drivers/net/ethernet/stmicro/stmmac/stmmac_hwtstamp.c
drivers/net/macsec.c
drivers/net/phy/micrel.c
drivers/net/wireless/ath/wil6210/cfg80211.c
drivers/net/wireless/ath/wil6210/fw_inc.c
drivers/net/wireless/ath/wil6210/pcie_bus.c
drivers/net/wireless/ath/wil6210/pm.c
drivers/net/wireless/ath/wil6210/wil6210.h
drivers/of/base.c
drivers/power/supply/power_supply_sysfs.c
drivers/rpmsg/qcom_glink_smem.c
drivers/scsi/sd.c
drivers/scsi/ufs/ufshcd-crypto.c
drivers/scsi/ufs/ufshcd.c
drivers/scsi/ufs/ufshcd.h
drivers/scsi/ufs/ufshci.h
drivers/usb/dwc3/core.c
drivers/usb/dwc3/gadget.c
drivers/usb/gadget/Kconfig
drivers/usb/gadget/composite.c
drivers/usb/gadget/function/f_fs.c
drivers/usb/gadget/legacy/Makefile
drivers/usb/host/xhci-mem.c
fs/ext4/readpage.c
fs/sdcardfs/lookup.c
include/linux/key.h
include/linux/keyslot-manager.h
include/linux/power_supply.h
include/uapi/linux/coresight-stm.h
net/qrtr/qrtr.c
Change-Id: Iaa9fcbe987e721f02596e167249a519781ed3888
Signed-off-by: Srinivasarao P <spathi@codeaurora.org>
3612 lines
88 KiB
C
3612 lines
88 KiB
C
/*
|
|
* linux/fs/namespace.c
|
|
*
|
|
* (C) Copyright Al Viro 2000, 2001
|
|
* Released under GPL v2.
|
|
*
|
|
* Based on code from fs/super.c, copyright Linus Torvalds and others.
|
|
* Heavily rewritten.
|
|
*/
|
|
|
|
#include <linux/syscalls.h>
|
|
#include <linux/export.h>
|
|
#include <linux/capability.h>
|
|
#include <linux/mnt_namespace.h>
|
|
#include <linux/user_namespace.h>
|
|
#include <linux/namei.h>
|
|
#include <linux/security.h>
|
|
#include <linux/cred.h>
|
|
#include <linux/idr.h>
|
|
#include <linux/init.h> /* init_rootfs */
|
|
#include <linux/fs_struct.h> /* get_fs_root et.al. */
|
|
#include <linux/fsnotify.h> /* fsnotify_vfsmount_delete */
|
|
#include <linux/uaccess.h>
|
|
#include <linux/file.h>
|
|
#include <linux/proc_ns.h>
|
|
#include <linux/magic.h>
|
|
#include <linux/bootmem.h>
|
|
#include <linux/task_work.h>
|
|
#include <linux/sched/task.h>
|
|
|
|
#include "pnode.h"
|
|
#include "internal.h"
|
|
|
|
/* Maximum number of mounts in a mount namespace */
|
|
unsigned int sysctl_mount_max __read_mostly = 100000;
|
|
|
|
static unsigned int m_hash_mask __read_mostly;
|
|
static unsigned int m_hash_shift __read_mostly;
|
|
static unsigned int mp_hash_mask __read_mostly;
|
|
static unsigned int mp_hash_shift __read_mostly;
|
|
|
|
static __initdata unsigned long mhash_entries;
|
|
static int __init set_mhash_entries(char *str)
|
|
{
|
|
if (!str)
|
|
return 0;
|
|
mhash_entries = simple_strtoul(str, &str, 0);
|
|
return 1;
|
|
}
|
|
__setup("mhash_entries=", set_mhash_entries);
|
|
|
|
static __initdata unsigned long mphash_entries;
|
|
static int __init set_mphash_entries(char *str)
|
|
{
|
|
if (!str)
|
|
return 0;
|
|
mphash_entries = simple_strtoul(str, &str, 0);
|
|
return 1;
|
|
}
|
|
__setup("mphash_entries=", set_mphash_entries);
|
|
|
|
static u64 event;
|
|
static DEFINE_IDA(mnt_id_ida);
|
|
static DEFINE_IDA(mnt_group_ida);
|
|
static DEFINE_SPINLOCK(mnt_id_lock);
|
|
static int mnt_id_start = 0;
|
|
static int mnt_group_start = 1;
|
|
|
|
static struct hlist_head *mount_hashtable __read_mostly;
|
|
static struct hlist_head *mountpoint_hashtable __read_mostly;
|
|
static struct kmem_cache *mnt_cache __read_mostly;
|
|
static DECLARE_RWSEM(namespace_sem);
|
|
|
|
/* /sys/fs */
|
|
struct kobject *fs_kobj;
|
|
EXPORT_SYMBOL_GPL(fs_kobj);
|
|
|
|
/*
|
|
* vfsmount lock may be taken for read to prevent changes to the
|
|
* vfsmount hash, ie. during mountpoint lookups or walking back
|
|
* up the tree.
|
|
*
|
|
* It should be taken for write in all cases where the vfsmount
|
|
* tree or hash is modified or when a vfsmount structure is modified.
|
|
*/
|
|
__cacheline_aligned_in_smp DEFINE_SEQLOCK(mount_lock);
|
|
|
|
static inline struct hlist_head *m_hash(struct vfsmount *mnt, struct dentry *dentry)
|
|
{
|
|
unsigned long tmp = ((unsigned long)mnt / L1_CACHE_BYTES);
|
|
tmp += ((unsigned long)dentry / L1_CACHE_BYTES);
|
|
tmp = tmp + (tmp >> m_hash_shift);
|
|
return &mount_hashtable[tmp & m_hash_mask];
|
|
}
|
|
|
|
static inline struct hlist_head *mp_hash(struct dentry *dentry)
|
|
{
|
|
unsigned long tmp = ((unsigned long)dentry / L1_CACHE_BYTES);
|
|
tmp = tmp + (tmp >> mp_hash_shift);
|
|
return &mountpoint_hashtable[tmp & mp_hash_mask];
|
|
}
|
|
|
|
static int mnt_alloc_id(struct mount *mnt)
|
|
{
|
|
int res;
|
|
|
|
retry:
|
|
ida_pre_get(&mnt_id_ida, GFP_KERNEL);
|
|
spin_lock(&mnt_id_lock);
|
|
res = ida_get_new_above(&mnt_id_ida, mnt_id_start, &mnt->mnt_id);
|
|
if (!res)
|
|
mnt_id_start = mnt->mnt_id + 1;
|
|
spin_unlock(&mnt_id_lock);
|
|
if (res == -EAGAIN)
|
|
goto retry;
|
|
|
|
return res;
|
|
}
|
|
|
|
static void mnt_free_id(struct mount *mnt)
|
|
{
|
|
int id = mnt->mnt_id;
|
|
spin_lock(&mnt_id_lock);
|
|
ida_remove(&mnt_id_ida, id);
|
|
if (mnt_id_start > id)
|
|
mnt_id_start = id;
|
|
spin_unlock(&mnt_id_lock);
|
|
}
|
|
|
|
/*
|
|
* Allocate a new peer group ID
|
|
*
|
|
* mnt_group_ida is protected by namespace_sem
|
|
*/
|
|
static int mnt_alloc_group_id(struct mount *mnt)
|
|
{
|
|
int res;
|
|
|
|
if (!ida_pre_get(&mnt_group_ida, GFP_KERNEL))
|
|
return -ENOMEM;
|
|
|
|
res = ida_get_new_above(&mnt_group_ida,
|
|
mnt_group_start,
|
|
&mnt->mnt_group_id);
|
|
if (!res)
|
|
mnt_group_start = mnt->mnt_group_id + 1;
|
|
|
|
return res;
|
|
}
|
|
|
|
/*
|
|
* Release a peer group ID
|
|
*/
|
|
void mnt_release_group_id(struct mount *mnt)
|
|
{
|
|
int id = mnt->mnt_group_id;
|
|
ida_remove(&mnt_group_ida, id);
|
|
if (mnt_group_start > id)
|
|
mnt_group_start = id;
|
|
mnt->mnt_group_id = 0;
|
|
}
|
|
|
|
/*
|
|
* vfsmount lock must be held for read
|
|
*/
|
|
static inline void mnt_add_count(struct mount *mnt, int n)
|
|
{
|
|
#ifdef CONFIG_SMP
|
|
this_cpu_add(mnt->mnt_pcp->mnt_count, n);
|
|
#else
|
|
preempt_disable();
|
|
mnt->mnt_count += n;
|
|
preempt_enable();
|
|
#endif
|
|
}
|
|
|
|
/*
|
|
* vfsmount lock must be held for write
|
|
*/
|
|
unsigned int mnt_get_count(struct mount *mnt)
|
|
{
|
|
#ifdef CONFIG_SMP
|
|
unsigned int count = 0;
|
|
int cpu;
|
|
|
|
for_each_possible_cpu(cpu) {
|
|
count += per_cpu_ptr(mnt->mnt_pcp, cpu)->mnt_count;
|
|
}
|
|
|
|
return count;
|
|
#else
|
|
return mnt->mnt_count;
|
|
#endif
|
|
}
|
|
|
|
static void drop_mountpoint(struct fs_pin *p)
|
|
{
|
|
struct mount *m = container_of(p, struct mount, mnt_umount);
|
|
dput(m->mnt_ex_mountpoint);
|
|
pin_remove(p);
|
|
mntput(&m->mnt);
|
|
}
|
|
|
|
static struct mount *alloc_vfsmnt(const char *name)
|
|
{
|
|
struct mount *mnt = kmem_cache_zalloc(mnt_cache, GFP_KERNEL);
|
|
if (mnt) {
|
|
int err;
|
|
|
|
err = mnt_alloc_id(mnt);
|
|
if (err)
|
|
goto out_free_cache;
|
|
|
|
if (name) {
|
|
mnt->mnt_devname = kstrdup_const(name, GFP_KERNEL);
|
|
if (!mnt->mnt_devname)
|
|
goto out_free_id;
|
|
}
|
|
|
|
#ifdef CONFIG_SMP
|
|
mnt->mnt_pcp = alloc_percpu(struct mnt_pcp);
|
|
if (!mnt->mnt_pcp)
|
|
goto out_free_devname;
|
|
|
|
this_cpu_add(mnt->mnt_pcp->mnt_count, 1);
|
|
#else
|
|
mnt->mnt_count = 1;
|
|
mnt->mnt_writers = 0;
|
|
#endif
|
|
mnt->mnt.data = NULL;
|
|
|
|
INIT_HLIST_NODE(&mnt->mnt_hash);
|
|
INIT_LIST_HEAD(&mnt->mnt_child);
|
|
INIT_LIST_HEAD(&mnt->mnt_mounts);
|
|
INIT_LIST_HEAD(&mnt->mnt_list);
|
|
INIT_LIST_HEAD(&mnt->mnt_expire);
|
|
INIT_LIST_HEAD(&mnt->mnt_share);
|
|
INIT_LIST_HEAD(&mnt->mnt_slave_list);
|
|
INIT_LIST_HEAD(&mnt->mnt_slave);
|
|
INIT_HLIST_NODE(&mnt->mnt_mp_list);
|
|
INIT_LIST_HEAD(&mnt->mnt_umounting);
|
|
init_fs_pin(&mnt->mnt_umount, drop_mountpoint);
|
|
}
|
|
return mnt;
|
|
|
|
#ifdef CONFIG_SMP
|
|
out_free_devname:
|
|
kfree_const(mnt->mnt_devname);
|
|
#endif
|
|
out_free_id:
|
|
mnt_free_id(mnt);
|
|
out_free_cache:
|
|
kmem_cache_free(mnt_cache, mnt);
|
|
return NULL;
|
|
}
|
|
|
|
/*
|
|
* Most r/o checks on a fs are for operations that take
|
|
* discrete amounts of time, like a write() or unlink().
|
|
* We must keep track of when those operations start
|
|
* (for permission checks) and when they end, so that
|
|
* we can determine when writes are able to occur to
|
|
* a filesystem.
|
|
*/
|
|
/*
|
|
* __mnt_is_readonly: check whether a mount is read-only
|
|
* @mnt: the mount to check for its write status
|
|
*
|
|
* This shouldn't be used directly ouside of the VFS.
|
|
* It does not guarantee that the filesystem will stay
|
|
* r/w, just that it is right *now*. This can not and
|
|
* should not be used in place of IS_RDONLY(inode).
|
|
* mnt_want/drop_write() will _keep_ the filesystem
|
|
* r/w.
|
|
*/
|
|
int __mnt_is_readonly(struct vfsmount *mnt)
|
|
{
|
|
if (mnt->mnt_flags & MNT_READONLY)
|
|
return 1;
|
|
if (sb_rdonly(mnt->mnt_sb))
|
|
return 1;
|
|
return 0;
|
|
}
|
|
EXPORT_SYMBOL_GPL(__mnt_is_readonly);
|
|
|
|
static inline void mnt_inc_writers(struct mount *mnt)
|
|
{
|
|
#ifdef CONFIG_SMP
|
|
this_cpu_inc(mnt->mnt_pcp->mnt_writers);
|
|
#else
|
|
mnt->mnt_writers++;
|
|
#endif
|
|
}
|
|
|
|
static inline void mnt_dec_writers(struct mount *mnt)
|
|
{
|
|
#ifdef CONFIG_SMP
|
|
this_cpu_dec(mnt->mnt_pcp->mnt_writers);
|
|
#else
|
|
mnt->mnt_writers--;
|
|
#endif
|
|
}
|
|
|
|
static unsigned int mnt_get_writers(struct mount *mnt)
|
|
{
|
|
#ifdef CONFIG_SMP
|
|
unsigned int count = 0;
|
|
int cpu;
|
|
|
|
for_each_possible_cpu(cpu) {
|
|
count += per_cpu_ptr(mnt->mnt_pcp, cpu)->mnt_writers;
|
|
}
|
|
|
|
return count;
|
|
#else
|
|
return mnt->mnt_writers;
|
|
#endif
|
|
}
|
|
|
|
static int mnt_is_readonly(struct vfsmount *mnt)
|
|
{
|
|
if (mnt->mnt_sb->s_readonly_remount)
|
|
return 1;
|
|
/* Order wrt setting s_flags/s_readonly_remount in do_remount() */
|
|
smp_rmb();
|
|
return __mnt_is_readonly(mnt);
|
|
}
|
|
|
|
/*
|
|
* Most r/o & frozen checks on a fs are for operations that take discrete
|
|
* amounts of time, like a write() or unlink(). We must keep track of when
|
|
* those operations start (for permission checks) and when they end, so that we
|
|
* can determine when writes are able to occur to a filesystem.
|
|
*/
|
|
/**
|
|
* __mnt_want_write - get write access to a mount without freeze protection
|
|
* @m: the mount on which to take a write
|
|
*
|
|
* This tells the low-level filesystem that a write is about to be performed to
|
|
* it, and makes sure that writes are allowed (mnt it read-write) before
|
|
* returning success. This operation does not protect against filesystem being
|
|
* frozen. When the write operation is finished, __mnt_drop_write() must be
|
|
* called. This is effectively a refcount.
|
|
*/
|
|
int __mnt_want_write(struct vfsmount *m)
|
|
{
|
|
struct mount *mnt = real_mount(m);
|
|
int ret = 0;
|
|
|
|
preempt_disable();
|
|
mnt_inc_writers(mnt);
|
|
/*
|
|
* The store to mnt_inc_writers must be visible before we pass
|
|
* MNT_WRITE_HOLD loop below, so that the slowpath can see our
|
|
* incremented count after it has set MNT_WRITE_HOLD.
|
|
*/
|
|
smp_mb();
|
|
while (ACCESS_ONCE(mnt->mnt.mnt_flags) & MNT_WRITE_HOLD)
|
|
cpu_relax();
|
|
/*
|
|
* After the slowpath clears MNT_WRITE_HOLD, mnt_is_readonly will
|
|
* be set to match its requirements. So we must not load that until
|
|
* MNT_WRITE_HOLD is cleared.
|
|
*/
|
|
smp_rmb();
|
|
if (mnt_is_readonly(m)) {
|
|
mnt_dec_writers(mnt);
|
|
ret = -EROFS;
|
|
}
|
|
preempt_enable();
|
|
|
|
return ret;
|
|
}
|
|
|
|
/**
|
|
* mnt_want_write - get write access to a mount
|
|
* @m: the mount on which to take a write
|
|
*
|
|
* This tells the low-level filesystem that a write is about to be performed to
|
|
* it, and makes sure that writes are allowed (mount is read-write, filesystem
|
|
* is not frozen) before returning success. When the write operation is
|
|
* finished, mnt_drop_write() must be called. This is effectively a refcount.
|
|
*/
|
|
int mnt_want_write(struct vfsmount *m)
|
|
{
|
|
int ret;
|
|
|
|
sb_start_write(m->mnt_sb);
|
|
ret = __mnt_want_write(m);
|
|
if (ret)
|
|
sb_end_write(m->mnt_sb);
|
|
return ret;
|
|
}
|
|
EXPORT_SYMBOL_GPL(mnt_want_write);
|
|
|
|
/**
|
|
* mnt_clone_write - get write access to a mount
|
|
* @mnt: the mount on which to take a write
|
|
*
|
|
* This is effectively like mnt_want_write, except
|
|
* it must only be used to take an extra write reference
|
|
* on a mountpoint that we already know has a write reference
|
|
* on it. This allows some optimisation.
|
|
*
|
|
* After finished, mnt_drop_write must be called as usual to
|
|
* drop the reference.
|
|
*/
|
|
int mnt_clone_write(struct vfsmount *mnt)
|
|
{
|
|
/* superblock may be r/o */
|
|
if (__mnt_is_readonly(mnt))
|
|
return -EROFS;
|
|
preempt_disable();
|
|
mnt_inc_writers(real_mount(mnt));
|
|
preempt_enable();
|
|
return 0;
|
|
}
|
|
EXPORT_SYMBOL_GPL(mnt_clone_write);
|
|
|
|
/**
|
|
* __mnt_want_write_file - get write access to a file's mount
|
|
* @file: the file who's mount on which to take a write
|
|
*
|
|
* This is like __mnt_want_write, but it takes a file and can
|
|
* do some optimisations if the file is open for write already
|
|
*/
|
|
int __mnt_want_write_file(struct file *file)
|
|
{
|
|
if (!(file->f_mode & FMODE_WRITER))
|
|
return __mnt_want_write(file->f_path.mnt);
|
|
else
|
|
return mnt_clone_write(file->f_path.mnt);
|
|
}
|
|
|
|
/**
|
|
* mnt_want_write_file_path - get write access to a file's mount
|
|
* @file: the file who's mount on which to take a write
|
|
*
|
|
* This is like mnt_want_write, but it takes a file and can
|
|
* do some optimisations if the file is open for write already
|
|
*
|
|
* Called by the vfs for cases when we have an open file at hand, but will do an
|
|
* inode operation on it (important distinction for files opened on overlayfs,
|
|
* since the file operations will come from the real underlying file, while
|
|
* inode operations come from the overlay).
|
|
*/
|
|
int mnt_want_write_file_path(struct file *file)
|
|
{
|
|
int ret;
|
|
|
|
sb_start_write(file->f_path.mnt->mnt_sb);
|
|
ret = __mnt_want_write_file(file);
|
|
if (ret)
|
|
sb_end_write(file->f_path.mnt->mnt_sb);
|
|
return ret;
|
|
}
|
|
|
|
static inline int may_write_real(struct file *file)
|
|
{
|
|
struct dentry *dentry = file->f_path.dentry;
|
|
struct dentry *upperdentry;
|
|
|
|
/* Writable file? */
|
|
if (file->f_mode & FMODE_WRITER)
|
|
return 0;
|
|
|
|
/* Not overlayfs? */
|
|
if (likely(!(dentry->d_flags & DCACHE_OP_REAL)))
|
|
return 0;
|
|
|
|
/* File refers to upper, writable layer? */
|
|
upperdentry = d_real(dentry, NULL, 0, D_REAL_UPPER);
|
|
if (upperdentry &&
|
|
(file_inode(file) == d_inode(upperdentry) ||
|
|
file_inode(file) == d_inode(dentry)))
|
|
return 0;
|
|
|
|
/* Lower layer: can't write to real file, sorry... */
|
|
return -EPERM;
|
|
}
|
|
|
|
/**
|
|
* mnt_want_write_file - get write access to a file's mount
|
|
* @file: the file who's mount on which to take a write
|
|
*
|
|
* This is like mnt_want_write, but it takes a file and can
|
|
* do some optimisations if the file is open for write already
|
|
*
|
|
* Mostly called by filesystems from their ioctl operation before performing
|
|
* modification. On overlayfs this needs to check if the file is on a read-only
|
|
* lower layer and deny access in that case.
|
|
*/
|
|
int mnt_want_write_file(struct file *file)
|
|
{
|
|
int ret;
|
|
|
|
ret = may_write_real(file);
|
|
if (!ret) {
|
|
sb_start_write(file_inode(file)->i_sb);
|
|
ret = __mnt_want_write_file(file);
|
|
if (ret)
|
|
sb_end_write(file_inode(file)->i_sb);
|
|
}
|
|
return ret;
|
|
}
|
|
EXPORT_SYMBOL_GPL(mnt_want_write_file);
|
|
|
|
/**
|
|
* __mnt_drop_write - give up write access to a mount
|
|
* @mnt: the mount on which to give up write access
|
|
*
|
|
* Tells the low-level filesystem that we are done
|
|
* performing writes to it. Must be matched with
|
|
* __mnt_want_write() call above.
|
|
*/
|
|
void __mnt_drop_write(struct vfsmount *mnt)
|
|
{
|
|
preempt_disable();
|
|
mnt_dec_writers(real_mount(mnt));
|
|
preempt_enable();
|
|
}
|
|
|
|
/**
|
|
* mnt_drop_write - give up write access to a mount
|
|
* @mnt: the mount on which to give up write access
|
|
*
|
|
* Tells the low-level filesystem that we are done performing writes to it and
|
|
* also allows filesystem to be frozen again. Must be matched with
|
|
* mnt_want_write() call above.
|
|
*/
|
|
void mnt_drop_write(struct vfsmount *mnt)
|
|
{
|
|
__mnt_drop_write(mnt);
|
|
sb_end_write(mnt->mnt_sb);
|
|
}
|
|
EXPORT_SYMBOL_GPL(mnt_drop_write);
|
|
|
|
void __mnt_drop_write_file(struct file *file)
|
|
{
|
|
__mnt_drop_write(file->f_path.mnt);
|
|
}
|
|
|
|
void mnt_drop_write_file_path(struct file *file)
|
|
{
|
|
mnt_drop_write(file->f_path.mnt);
|
|
}
|
|
|
|
void mnt_drop_write_file(struct file *file)
|
|
{
|
|
__mnt_drop_write(file->f_path.mnt);
|
|
sb_end_write(file_inode(file)->i_sb);
|
|
}
|
|
EXPORT_SYMBOL(mnt_drop_write_file);
|
|
|
|
static int mnt_make_readonly(struct mount *mnt)
|
|
{
|
|
int ret = 0;
|
|
|
|
lock_mount_hash();
|
|
mnt->mnt.mnt_flags |= MNT_WRITE_HOLD;
|
|
/*
|
|
* After storing MNT_WRITE_HOLD, we'll read the counters. This store
|
|
* should be visible before we do.
|
|
*/
|
|
smp_mb();
|
|
|
|
/*
|
|
* With writers on hold, if this value is zero, then there are
|
|
* definitely no active writers (although held writers may subsequently
|
|
* increment the count, they'll have to wait, and decrement it after
|
|
* seeing MNT_READONLY).
|
|
*
|
|
* It is OK to have counter incremented on one CPU and decremented on
|
|
* another: the sum will add up correctly. The danger would be when we
|
|
* sum up each counter, if we read a counter before it is incremented,
|
|
* but then read another CPU's count which it has been subsequently
|
|
* decremented from -- we would see more decrements than we should.
|
|
* MNT_WRITE_HOLD protects against this scenario, because
|
|
* mnt_want_write first increments count, then smp_mb, then spins on
|
|
* MNT_WRITE_HOLD, so it can't be decremented by another CPU while
|
|
* we're counting up here.
|
|
*/
|
|
if (mnt_get_writers(mnt) > 0)
|
|
ret = -EBUSY;
|
|
else
|
|
mnt->mnt.mnt_flags |= MNT_READONLY;
|
|
/*
|
|
* MNT_READONLY must become visible before ~MNT_WRITE_HOLD, so writers
|
|
* that become unheld will see MNT_READONLY.
|
|
*/
|
|
smp_wmb();
|
|
mnt->mnt.mnt_flags &= ~MNT_WRITE_HOLD;
|
|
unlock_mount_hash();
|
|
return ret;
|
|
}
|
|
|
|
static void __mnt_unmake_readonly(struct mount *mnt)
|
|
{
|
|
lock_mount_hash();
|
|
mnt->mnt.mnt_flags &= ~MNT_READONLY;
|
|
unlock_mount_hash();
|
|
}
|
|
|
|
int sb_prepare_remount_readonly(struct super_block *sb)
|
|
{
|
|
struct mount *mnt;
|
|
int err = 0;
|
|
|
|
/* Racy optimization. Recheck the counter under MNT_WRITE_HOLD */
|
|
if (atomic_long_read(&sb->s_remove_count))
|
|
return -EBUSY;
|
|
|
|
lock_mount_hash();
|
|
list_for_each_entry(mnt, &sb->s_mounts, mnt_instance) {
|
|
if (!(mnt->mnt.mnt_flags & MNT_READONLY)) {
|
|
mnt->mnt.mnt_flags |= MNT_WRITE_HOLD;
|
|
smp_mb();
|
|
if (mnt_get_writers(mnt) > 0) {
|
|
err = -EBUSY;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
if (!err && atomic_long_read(&sb->s_remove_count))
|
|
err = -EBUSY;
|
|
|
|
if (!err) {
|
|
sb->s_readonly_remount = 1;
|
|
smp_wmb();
|
|
}
|
|
list_for_each_entry(mnt, &sb->s_mounts, mnt_instance) {
|
|
if (mnt->mnt.mnt_flags & MNT_WRITE_HOLD)
|
|
mnt->mnt.mnt_flags &= ~MNT_WRITE_HOLD;
|
|
}
|
|
unlock_mount_hash();
|
|
|
|
return err;
|
|
}
|
|
|
|
static void free_vfsmnt(struct mount *mnt)
|
|
{
|
|
kfree(mnt->mnt.data);
|
|
kfree_const(mnt->mnt_devname);
|
|
#ifdef CONFIG_SMP
|
|
free_percpu(mnt->mnt_pcp);
|
|
#endif
|
|
kmem_cache_free(mnt_cache, mnt);
|
|
}
|
|
|
|
static void delayed_free_vfsmnt(struct rcu_head *head)
|
|
{
|
|
free_vfsmnt(container_of(head, struct mount, mnt_rcu));
|
|
}
|
|
|
|
/* call under rcu_read_lock */
|
|
int __legitimize_mnt(struct vfsmount *bastard, unsigned seq)
|
|
{
|
|
struct mount *mnt;
|
|
if (read_seqretry(&mount_lock, seq))
|
|
return 1;
|
|
if (bastard == NULL)
|
|
return 0;
|
|
mnt = real_mount(bastard);
|
|
mnt_add_count(mnt, 1);
|
|
smp_mb(); // see mntput_no_expire()
|
|
if (likely(!read_seqretry(&mount_lock, seq)))
|
|
return 0;
|
|
if (bastard->mnt_flags & MNT_SYNC_UMOUNT) {
|
|
mnt_add_count(mnt, -1);
|
|
return 1;
|
|
}
|
|
lock_mount_hash();
|
|
if (unlikely(bastard->mnt_flags & MNT_DOOMED)) {
|
|
mnt_add_count(mnt, -1);
|
|
unlock_mount_hash();
|
|
return 1;
|
|
}
|
|
unlock_mount_hash();
|
|
/* caller will mntput() */
|
|
return -1;
|
|
}
|
|
|
|
/* call under rcu_read_lock */
|
|
bool legitimize_mnt(struct vfsmount *bastard, unsigned seq)
|
|
{
|
|
int res = __legitimize_mnt(bastard, seq);
|
|
if (likely(!res))
|
|
return true;
|
|
if (unlikely(res < 0)) {
|
|
rcu_read_unlock();
|
|
mntput(bastard);
|
|
rcu_read_lock();
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/*
|
|
* find the first mount at @dentry on vfsmount @mnt.
|
|
* call under rcu_read_lock()
|
|
*/
|
|
struct mount *__lookup_mnt(struct vfsmount *mnt, struct dentry *dentry)
|
|
{
|
|
struct hlist_head *head = m_hash(mnt, dentry);
|
|
struct mount *p;
|
|
|
|
hlist_for_each_entry_rcu(p, head, mnt_hash)
|
|
if (&p->mnt_parent->mnt == mnt && p->mnt_mountpoint == dentry)
|
|
return p;
|
|
return NULL;
|
|
}
|
|
|
|
/*
|
|
* lookup_mnt - Return the first child mount mounted at path
|
|
*
|
|
* "First" means first mounted chronologically. If you create the
|
|
* following mounts:
|
|
*
|
|
* mount /dev/sda1 /mnt
|
|
* mount /dev/sda2 /mnt
|
|
* mount /dev/sda3 /mnt
|
|
*
|
|
* Then lookup_mnt() on the base /mnt dentry in the root mount will
|
|
* return successively the root dentry and vfsmount of /dev/sda1, then
|
|
* /dev/sda2, then /dev/sda3, then NULL.
|
|
*
|
|
* lookup_mnt takes a reference to the found vfsmount.
|
|
*/
|
|
struct vfsmount *lookup_mnt(const struct path *path)
|
|
{
|
|
struct mount *child_mnt;
|
|
struct vfsmount *m;
|
|
unsigned seq;
|
|
|
|
rcu_read_lock();
|
|
do {
|
|
seq = read_seqbegin(&mount_lock);
|
|
child_mnt = __lookup_mnt(path->mnt, path->dentry);
|
|
m = child_mnt ? &child_mnt->mnt : NULL;
|
|
} while (!legitimize_mnt(m, seq));
|
|
rcu_read_unlock();
|
|
return m;
|
|
}
|
|
|
|
/*
|
|
* __is_local_mountpoint - Test to see if dentry is a mountpoint in the
|
|
* current mount namespace.
|
|
*
|
|
* The common case is dentries are not mountpoints at all and that
|
|
* test is handled inline. For the slow case when we are actually
|
|
* dealing with a mountpoint of some kind, walk through all of the
|
|
* mounts in the current mount namespace and test to see if the dentry
|
|
* is a mountpoint.
|
|
*
|
|
* The mount_hashtable is not usable in the context because we
|
|
* need to identify all mounts that may be in the current mount
|
|
* namespace not just a mount that happens to have some specified
|
|
* parent mount.
|
|
*/
|
|
bool __is_local_mountpoint(struct dentry *dentry)
|
|
{
|
|
struct mnt_namespace *ns = current->nsproxy->mnt_ns;
|
|
struct mount *mnt;
|
|
bool is_covered = false;
|
|
|
|
if (!d_mountpoint(dentry))
|
|
goto out;
|
|
|
|
down_read(&namespace_sem);
|
|
list_for_each_entry(mnt, &ns->list, mnt_list) {
|
|
is_covered = (mnt->mnt_mountpoint == dentry);
|
|
if (is_covered)
|
|
break;
|
|
}
|
|
up_read(&namespace_sem);
|
|
out:
|
|
return is_covered;
|
|
}
|
|
|
|
static struct mountpoint *lookup_mountpoint(struct dentry *dentry)
|
|
{
|
|
struct hlist_head *chain = mp_hash(dentry);
|
|
struct mountpoint *mp;
|
|
|
|
hlist_for_each_entry(mp, chain, m_hash) {
|
|
if (mp->m_dentry == dentry) {
|
|
/* might be worth a WARN_ON() */
|
|
if (d_unlinked(dentry))
|
|
return ERR_PTR(-ENOENT);
|
|
mp->m_count++;
|
|
return mp;
|
|
}
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
static struct mountpoint *get_mountpoint(struct dentry *dentry)
|
|
{
|
|
struct mountpoint *mp, *new = NULL;
|
|
int ret;
|
|
|
|
if (d_mountpoint(dentry)) {
|
|
mountpoint:
|
|
read_seqlock_excl(&mount_lock);
|
|
mp = lookup_mountpoint(dentry);
|
|
read_sequnlock_excl(&mount_lock);
|
|
if (mp)
|
|
goto done;
|
|
}
|
|
|
|
if (!new)
|
|
new = kmalloc(sizeof(struct mountpoint), GFP_KERNEL);
|
|
if (!new)
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
|
|
/* Exactly one processes may set d_mounted */
|
|
ret = d_set_mounted(dentry);
|
|
|
|
/* Someone else set d_mounted? */
|
|
if (ret == -EBUSY)
|
|
goto mountpoint;
|
|
|
|
/* The dentry is not available as a mountpoint? */
|
|
mp = ERR_PTR(ret);
|
|
if (ret)
|
|
goto done;
|
|
|
|
/* Add the new mountpoint to the hash table */
|
|
read_seqlock_excl(&mount_lock);
|
|
new->m_dentry = dentry;
|
|
new->m_count = 1;
|
|
hlist_add_head(&new->m_hash, mp_hash(dentry));
|
|
INIT_HLIST_HEAD(&new->m_list);
|
|
read_sequnlock_excl(&mount_lock);
|
|
|
|
mp = new;
|
|
new = NULL;
|
|
done:
|
|
kfree(new);
|
|
return mp;
|
|
}
|
|
|
|
static void put_mountpoint(struct mountpoint *mp)
|
|
{
|
|
if (!--mp->m_count) {
|
|
struct dentry *dentry = mp->m_dentry;
|
|
BUG_ON(!hlist_empty(&mp->m_list));
|
|
spin_lock(&dentry->d_lock);
|
|
dentry->d_flags &= ~DCACHE_MOUNTED;
|
|
spin_unlock(&dentry->d_lock);
|
|
hlist_del(&mp->m_hash);
|
|
kfree(mp);
|
|
}
|
|
}
|
|
|
|
static inline int check_mnt(struct mount *mnt)
|
|
{
|
|
return mnt->mnt_ns == current->nsproxy->mnt_ns;
|
|
}
|
|
|
|
/*
|
|
* vfsmount lock must be held for write
|
|
*/
|
|
static void touch_mnt_namespace(struct mnt_namespace *ns)
|
|
{
|
|
if (ns) {
|
|
ns->event = ++event;
|
|
wake_up_interruptible(&ns->poll);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* vfsmount lock must be held for write
|
|
*/
|
|
static void __touch_mnt_namespace(struct mnt_namespace *ns)
|
|
{
|
|
if (ns && ns->event != event) {
|
|
ns->event = event;
|
|
wake_up_interruptible(&ns->poll);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* vfsmount lock must be held for write
|
|
*/
|
|
static void unhash_mnt(struct mount *mnt)
|
|
{
|
|
mnt->mnt_parent = mnt;
|
|
mnt->mnt_mountpoint = mnt->mnt.mnt_root;
|
|
list_del_init(&mnt->mnt_child);
|
|
hlist_del_init_rcu(&mnt->mnt_hash);
|
|
hlist_del_init(&mnt->mnt_mp_list);
|
|
put_mountpoint(mnt->mnt_mp);
|
|
mnt->mnt_mp = NULL;
|
|
}
|
|
|
|
/*
|
|
* vfsmount lock must be held for write
|
|
*/
|
|
static void detach_mnt(struct mount *mnt, struct path *old_path)
|
|
{
|
|
old_path->dentry = mnt->mnt_mountpoint;
|
|
old_path->mnt = &mnt->mnt_parent->mnt;
|
|
unhash_mnt(mnt);
|
|
}
|
|
|
|
/*
|
|
* vfsmount lock must be held for write
|
|
*/
|
|
static void umount_mnt(struct mount *mnt)
|
|
{
|
|
/* old mountpoint will be dropped when we can do that */
|
|
mnt->mnt_ex_mountpoint = mnt->mnt_mountpoint;
|
|
unhash_mnt(mnt);
|
|
}
|
|
|
|
/*
|
|
* vfsmount lock must be held for write
|
|
*/
|
|
void mnt_set_mountpoint(struct mount *mnt,
|
|
struct mountpoint *mp,
|
|
struct mount *child_mnt)
|
|
{
|
|
mp->m_count++;
|
|
mnt_add_count(mnt, 1); /* essentially, that's mntget */
|
|
child_mnt->mnt_mountpoint = dget(mp->m_dentry);
|
|
child_mnt->mnt_parent = mnt;
|
|
child_mnt->mnt_mp = mp;
|
|
hlist_add_head(&child_mnt->mnt_mp_list, &mp->m_list);
|
|
}
|
|
|
|
static void __attach_mnt(struct mount *mnt, struct mount *parent)
|
|
{
|
|
hlist_add_head_rcu(&mnt->mnt_hash,
|
|
m_hash(&parent->mnt, mnt->mnt_mountpoint));
|
|
list_add_tail(&mnt->mnt_child, &parent->mnt_mounts);
|
|
}
|
|
|
|
/*
|
|
* vfsmount lock must be held for write
|
|
*/
|
|
static void attach_mnt(struct mount *mnt,
|
|
struct mount *parent,
|
|
struct mountpoint *mp)
|
|
{
|
|
mnt_set_mountpoint(parent, mp, mnt);
|
|
__attach_mnt(mnt, parent);
|
|
}
|
|
|
|
void mnt_change_mountpoint(struct mount *parent, struct mountpoint *mp, struct mount *mnt)
|
|
{
|
|
struct mountpoint *old_mp = mnt->mnt_mp;
|
|
struct dentry *old_mountpoint = mnt->mnt_mountpoint;
|
|
struct mount *old_parent = mnt->mnt_parent;
|
|
|
|
list_del_init(&mnt->mnt_child);
|
|
hlist_del_init(&mnt->mnt_mp_list);
|
|
hlist_del_init_rcu(&mnt->mnt_hash);
|
|
|
|
attach_mnt(mnt, parent, mp);
|
|
|
|
put_mountpoint(old_mp);
|
|
|
|
/*
|
|
* Safely avoid even the suggestion this code might sleep or
|
|
* lock the mount hash by taking advantage of the knowledge that
|
|
* mnt_change_mountpoint will not release the final reference
|
|
* to a mountpoint.
|
|
*
|
|
* During mounting, the mount passed in as the parent mount will
|
|
* continue to use the old mountpoint and during unmounting, the
|
|
* old mountpoint will continue to exist until namespace_unlock,
|
|
* which happens well after mnt_change_mountpoint.
|
|
*/
|
|
spin_lock(&old_mountpoint->d_lock);
|
|
old_mountpoint->d_lockref.count--;
|
|
spin_unlock(&old_mountpoint->d_lock);
|
|
|
|
mnt_add_count(old_parent, -1);
|
|
}
|
|
|
|
/*
|
|
* vfsmount lock must be held for write
|
|
*/
|
|
static void commit_tree(struct mount *mnt)
|
|
{
|
|
struct mount *parent = mnt->mnt_parent;
|
|
struct mount *m;
|
|
LIST_HEAD(head);
|
|
struct mnt_namespace *n = parent->mnt_ns;
|
|
|
|
BUG_ON(parent == mnt);
|
|
|
|
list_add_tail(&head, &mnt->mnt_list);
|
|
list_for_each_entry(m, &head, mnt_list)
|
|
m->mnt_ns = n;
|
|
|
|
list_splice(&head, n->list.prev);
|
|
|
|
n->mounts += n->pending_mounts;
|
|
n->pending_mounts = 0;
|
|
|
|
__attach_mnt(mnt, parent);
|
|
touch_mnt_namespace(n);
|
|
}
|
|
|
|
static struct mount *next_mnt(struct mount *p, struct mount *root)
|
|
{
|
|
struct list_head *next = p->mnt_mounts.next;
|
|
if (next == &p->mnt_mounts) {
|
|
while (1) {
|
|
if (p == root)
|
|
return NULL;
|
|
next = p->mnt_child.next;
|
|
if (next != &p->mnt_parent->mnt_mounts)
|
|
break;
|
|
p = p->mnt_parent;
|
|
}
|
|
}
|
|
return list_entry(next, struct mount, mnt_child);
|
|
}
|
|
|
|
static struct mount *skip_mnt_tree(struct mount *p)
|
|
{
|
|
struct list_head *prev = p->mnt_mounts.prev;
|
|
while (prev != &p->mnt_mounts) {
|
|
p = list_entry(prev, struct mount, mnt_child);
|
|
prev = p->mnt_mounts.prev;
|
|
}
|
|
return p;
|
|
}
|
|
|
|
struct vfsmount *
|
|
vfs_kern_mount(struct file_system_type *type, int flags, const char *name, void *data)
|
|
{
|
|
struct mount *mnt;
|
|
struct dentry *root;
|
|
|
|
if (!type)
|
|
return ERR_PTR(-ENODEV);
|
|
|
|
mnt = alloc_vfsmnt(name);
|
|
if (!mnt)
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
if (type->alloc_mnt_data) {
|
|
mnt->mnt.data = type->alloc_mnt_data();
|
|
if (!mnt->mnt.data) {
|
|
mnt_free_id(mnt);
|
|
free_vfsmnt(mnt);
|
|
return ERR_PTR(-ENOMEM);
|
|
}
|
|
}
|
|
if (flags & SB_KERNMOUNT)
|
|
mnt->mnt.mnt_flags = MNT_INTERNAL;
|
|
|
|
root = mount_fs(type, flags, name, &mnt->mnt, data);
|
|
if (IS_ERR(root)) {
|
|
mnt_free_id(mnt);
|
|
free_vfsmnt(mnt);
|
|
return ERR_CAST(root);
|
|
}
|
|
|
|
mnt->mnt.mnt_root = root;
|
|
mnt->mnt.mnt_sb = root->d_sb;
|
|
mnt->mnt_mountpoint = mnt->mnt.mnt_root;
|
|
mnt->mnt_parent = mnt;
|
|
lock_mount_hash();
|
|
list_add_tail(&mnt->mnt_instance, &root->d_sb->s_mounts);
|
|
unlock_mount_hash();
|
|
return &mnt->mnt;
|
|
}
|
|
EXPORT_SYMBOL_GPL(vfs_kern_mount);
|
|
|
|
struct vfsmount *
|
|
vfs_submount(const struct dentry *mountpoint, struct file_system_type *type,
|
|
const char *name, void *data)
|
|
{
|
|
/* Until it is worked out how to pass the user namespace
|
|
* through from the parent mount to the submount don't support
|
|
* unprivileged mounts with submounts.
|
|
*/
|
|
if (mountpoint->d_sb->s_user_ns != &init_user_ns)
|
|
return ERR_PTR(-EPERM);
|
|
|
|
return vfs_kern_mount(type, SB_SUBMOUNT, name, data);
|
|
}
|
|
EXPORT_SYMBOL_GPL(vfs_submount);
|
|
|
|
static struct mount *clone_mnt(struct mount *old, struct dentry *root,
|
|
int flag)
|
|
{
|
|
struct super_block *sb = old->mnt.mnt_sb;
|
|
struct mount *mnt;
|
|
int err;
|
|
|
|
mnt = alloc_vfsmnt(old->mnt_devname);
|
|
if (!mnt)
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
if (sb->s_op->clone_mnt_data) {
|
|
mnt->mnt.data = sb->s_op->clone_mnt_data(old->mnt.data);
|
|
if (!mnt->mnt.data) {
|
|
err = -ENOMEM;
|
|
goto out_free;
|
|
}
|
|
}
|
|
|
|
if (flag & (CL_SLAVE | CL_PRIVATE | CL_SHARED_TO_SLAVE))
|
|
mnt->mnt_group_id = 0; /* not a peer of original */
|
|
else
|
|
mnt->mnt_group_id = old->mnt_group_id;
|
|
|
|
if ((flag & CL_MAKE_SHARED) && !mnt->mnt_group_id) {
|
|
err = mnt_alloc_group_id(mnt);
|
|
if (err)
|
|
goto out_free;
|
|
}
|
|
|
|
mnt->mnt.mnt_flags = old->mnt.mnt_flags;
|
|
mnt->mnt.mnt_flags &= ~(MNT_WRITE_HOLD|MNT_MARKED|MNT_INTERNAL);
|
|
/* Don't allow unprivileged users to change mount flags */
|
|
if (flag & CL_UNPRIVILEGED) {
|
|
mnt->mnt.mnt_flags |= MNT_LOCK_ATIME;
|
|
|
|
if (mnt->mnt.mnt_flags & MNT_READONLY)
|
|
mnt->mnt.mnt_flags |= MNT_LOCK_READONLY;
|
|
|
|
if (mnt->mnt.mnt_flags & MNT_NODEV)
|
|
mnt->mnt.mnt_flags |= MNT_LOCK_NODEV;
|
|
|
|
if (mnt->mnt.mnt_flags & MNT_NOSUID)
|
|
mnt->mnt.mnt_flags |= MNT_LOCK_NOSUID;
|
|
|
|
if (mnt->mnt.mnt_flags & MNT_NOEXEC)
|
|
mnt->mnt.mnt_flags |= MNT_LOCK_NOEXEC;
|
|
}
|
|
|
|
/* Don't allow unprivileged users to reveal what is under a mount */
|
|
if ((flag & CL_UNPRIVILEGED) &&
|
|
(!(flag & CL_EXPIRE) || list_empty(&old->mnt_expire)))
|
|
mnt->mnt.mnt_flags |= MNT_LOCKED;
|
|
|
|
atomic_inc(&sb->s_active);
|
|
mnt->mnt.mnt_sb = sb;
|
|
mnt->mnt.mnt_root = dget(root);
|
|
mnt->mnt_mountpoint = mnt->mnt.mnt_root;
|
|
mnt->mnt_parent = mnt;
|
|
lock_mount_hash();
|
|
list_add_tail(&mnt->mnt_instance, &sb->s_mounts);
|
|
unlock_mount_hash();
|
|
|
|
if ((flag & CL_SLAVE) ||
|
|
((flag & CL_SHARED_TO_SLAVE) && IS_MNT_SHARED(old))) {
|
|
list_add(&mnt->mnt_slave, &old->mnt_slave_list);
|
|
mnt->mnt_master = old;
|
|
CLEAR_MNT_SHARED(mnt);
|
|
} else if (!(flag & CL_PRIVATE)) {
|
|
if ((flag & CL_MAKE_SHARED) || IS_MNT_SHARED(old))
|
|
list_add(&mnt->mnt_share, &old->mnt_share);
|
|
if (IS_MNT_SLAVE(old))
|
|
list_add(&mnt->mnt_slave, &old->mnt_slave);
|
|
mnt->mnt_master = old->mnt_master;
|
|
} else {
|
|
CLEAR_MNT_SHARED(mnt);
|
|
}
|
|
if (flag & CL_MAKE_SHARED)
|
|
set_mnt_shared(mnt);
|
|
|
|
/* stick the duplicate mount on the same expiry list
|
|
* as the original if that was on one */
|
|
if (flag & CL_EXPIRE) {
|
|
if (!list_empty(&old->mnt_expire))
|
|
list_add(&mnt->mnt_expire, &old->mnt_expire);
|
|
}
|
|
|
|
return mnt;
|
|
|
|
out_free:
|
|
mnt_free_id(mnt);
|
|
free_vfsmnt(mnt);
|
|
return ERR_PTR(err);
|
|
}
|
|
|
|
static void cleanup_mnt(struct mount *mnt)
|
|
{
|
|
/*
|
|
* This probably indicates that somebody messed
|
|
* up a mnt_want/drop_write() pair. If this
|
|
* happens, the filesystem was probably unable
|
|
* to make r/w->r/o transitions.
|
|
*/
|
|
/*
|
|
* The locking used to deal with mnt_count decrement provides barriers,
|
|
* so mnt_get_writers() below is safe.
|
|
*/
|
|
WARN_ON(mnt_get_writers(mnt));
|
|
if (unlikely(mnt->mnt_pins.first))
|
|
mnt_pin_kill(mnt);
|
|
fsnotify_vfsmount_delete(&mnt->mnt);
|
|
dput(mnt->mnt.mnt_root);
|
|
deactivate_super(mnt->mnt.mnt_sb);
|
|
mnt_free_id(mnt);
|
|
call_rcu(&mnt->mnt_rcu, delayed_free_vfsmnt);
|
|
}
|
|
|
|
static void __cleanup_mnt(struct rcu_head *head)
|
|
{
|
|
cleanup_mnt(container_of(head, struct mount, mnt_rcu));
|
|
}
|
|
|
|
static LLIST_HEAD(delayed_mntput_list);
|
|
static void delayed_mntput(struct work_struct *unused)
|
|
{
|
|
struct llist_node *node = llist_del_all(&delayed_mntput_list);
|
|
struct mount *m, *t;
|
|
|
|
llist_for_each_entry_safe(m, t, node, mnt_llist)
|
|
cleanup_mnt(m);
|
|
}
|
|
static DECLARE_DELAYED_WORK(delayed_mntput_work, delayed_mntput);
|
|
|
|
void flush_delayed_mntput_wait(void)
|
|
{
|
|
delayed_mntput(NULL);
|
|
flush_delayed_work(&delayed_mntput_work);
|
|
}
|
|
|
|
static void mntput_no_expire(struct mount *mnt)
|
|
{
|
|
rcu_read_lock();
|
|
if (likely(READ_ONCE(mnt->mnt_ns))) {
|
|
/*
|
|
* Since we don't do lock_mount_hash() here,
|
|
* ->mnt_ns can change under us. However, if it's
|
|
* non-NULL, then there's a reference that won't
|
|
* be dropped until after an RCU delay done after
|
|
* turning ->mnt_ns NULL. So if we observe it
|
|
* non-NULL under rcu_read_lock(), the reference
|
|
* we are dropping is not the final one.
|
|
*/
|
|
mnt_add_count(mnt, -1);
|
|
rcu_read_unlock();
|
|
return;
|
|
}
|
|
lock_mount_hash();
|
|
/*
|
|
* make sure that if __legitimize_mnt() has not seen us grab
|
|
* mount_lock, we'll see their refcount increment here.
|
|
*/
|
|
smp_mb();
|
|
mnt_add_count(mnt, -1);
|
|
if (mnt_get_count(mnt)) {
|
|
rcu_read_unlock();
|
|
unlock_mount_hash();
|
|
return;
|
|
}
|
|
if (unlikely(mnt->mnt.mnt_flags & MNT_DOOMED)) {
|
|
rcu_read_unlock();
|
|
unlock_mount_hash();
|
|
return;
|
|
}
|
|
mnt->mnt.mnt_flags |= MNT_DOOMED;
|
|
rcu_read_unlock();
|
|
|
|
list_del(&mnt->mnt_instance);
|
|
|
|
if (unlikely(!list_empty(&mnt->mnt_mounts))) {
|
|
struct mount *p, *tmp;
|
|
list_for_each_entry_safe(p, tmp, &mnt->mnt_mounts, mnt_child) {
|
|
umount_mnt(p);
|
|
}
|
|
}
|
|
unlock_mount_hash();
|
|
|
|
if (likely(!(mnt->mnt.mnt_flags & MNT_INTERNAL))) {
|
|
struct task_struct *task = current;
|
|
if (likely(!(task->flags & PF_KTHREAD))) {
|
|
init_task_work(&mnt->mnt_rcu, __cleanup_mnt);
|
|
if (!task_work_add(task, &mnt->mnt_rcu, true))
|
|
return;
|
|
}
|
|
if (llist_add(&mnt->mnt_llist, &delayed_mntput_list))
|
|
schedule_delayed_work(&delayed_mntput_work, 1);
|
|
return;
|
|
}
|
|
cleanup_mnt(mnt);
|
|
}
|
|
|
|
void mntput(struct vfsmount *mnt)
|
|
{
|
|
if (mnt) {
|
|
struct mount *m = real_mount(mnt);
|
|
/* avoid cacheline pingpong, hope gcc doesn't get "smart" */
|
|
if (unlikely(m->mnt_expiry_mark))
|
|
m->mnt_expiry_mark = 0;
|
|
mntput_no_expire(m);
|
|
}
|
|
}
|
|
EXPORT_SYMBOL(mntput);
|
|
|
|
struct vfsmount *mntget(struct vfsmount *mnt)
|
|
{
|
|
if (mnt)
|
|
mnt_add_count(real_mount(mnt), 1);
|
|
return mnt;
|
|
}
|
|
EXPORT_SYMBOL(mntget);
|
|
|
|
/* path_is_mountpoint() - Check if path is a mount in the current
|
|
* namespace.
|
|
*
|
|
* d_mountpoint() can only be used reliably to establish if a dentry is
|
|
* not mounted in any namespace and that common case is handled inline.
|
|
* d_mountpoint() isn't aware of the possibility there may be multiple
|
|
* mounts using a given dentry in a different namespace. This function
|
|
* checks if the passed in path is a mountpoint rather than the dentry
|
|
* alone.
|
|
*/
|
|
bool path_is_mountpoint(const struct path *path)
|
|
{
|
|
unsigned seq;
|
|
bool res;
|
|
|
|
if (!d_mountpoint(path->dentry))
|
|
return false;
|
|
|
|
rcu_read_lock();
|
|
do {
|
|
seq = read_seqbegin(&mount_lock);
|
|
res = __path_is_mountpoint(path);
|
|
} while (read_seqretry(&mount_lock, seq));
|
|
rcu_read_unlock();
|
|
|
|
return res;
|
|
}
|
|
EXPORT_SYMBOL(path_is_mountpoint);
|
|
|
|
struct vfsmount *mnt_clone_internal(const struct path *path)
|
|
{
|
|
struct mount *p;
|
|
p = clone_mnt(real_mount(path->mnt), path->dentry, CL_PRIVATE);
|
|
if (IS_ERR(p))
|
|
return ERR_CAST(p);
|
|
p->mnt.mnt_flags |= MNT_INTERNAL;
|
|
return &p->mnt;
|
|
}
|
|
|
|
#ifdef CONFIG_PROC_FS
|
|
/* iterator; we want it to have access to namespace_sem, thus here... */
|
|
static void *m_start(struct seq_file *m, loff_t *pos)
|
|
{
|
|
struct proc_mounts *p = m->private;
|
|
|
|
down_read(&namespace_sem);
|
|
if (p->cached_event == p->ns->event) {
|
|
void *v = p->cached_mount;
|
|
if (*pos == p->cached_index)
|
|
return v;
|
|
if (*pos == p->cached_index + 1) {
|
|
v = seq_list_next(v, &p->ns->list, &p->cached_index);
|
|
return p->cached_mount = v;
|
|
}
|
|
}
|
|
|
|
p->cached_event = p->ns->event;
|
|
p->cached_mount = seq_list_start(&p->ns->list, *pos);
|
|
p->cached_index = *pos;
|
|
return p->cached_mount;
|
|
}
|
|
|
|
static void *m_next(struct seq_file *m, void *v, loff_t *pos)
|
|
{
|
|
struct proc_mounts *p = m->private;
|
|
|
|
p->cached_mount = seq_list_next(v, &p->ns->list, pos);
|
|
p->cached_index = *pos;
|
|
return p->cached_mount;
|
|
}
|
|
|
|
static void m_stop(struct seq_file *m, void *v)
|
|
{
|
|
up_read(&namespace_sem);
|
|
}
|
|
|
|
static int m_show(struct seq_file *m, void *v)
|
|
{
|
|
struct proc_mounts *p = m->private;
|
|
struct mount *r = list_entry(v, struct mount, mnt_list);
|
|
return p->show(m, &r->mnt);
|
|
}
|
|
|
|
const struct seq_operations mounts_op = {
|
|
.start = m_start,
|
|
.next = m_next,
|
|
.stop = m_stop,
|
|
.show = m_show,
|
|
};
|
|
#endif /* CONFIG_PROC_FS */
|
|
|
|
/**
|
|
* may_umount_tree - check if a mount tree is busy
|
|
* @mnt: root of mount tree
|
|
*
|
|
* This is called to check if a tree of mounts has any
|
|
* open files, pwds, chroots or sub mounts that are
|
|
* busy.
|
|
*/
|
|
int may_umount_tree(struct vfsmount *m)
|
|
{
|
|
struct mount *mnt = real_mount(m);
|
|
int actual_refs = 0;
|
|
int minimum_refs = 0;
|
|
struct mount *p;
|
|
BUG_ON(!m);
|
|
|
|
/* write lock needed for mnt_get_count */
|
|
lock_mount_hash();
|
|
for (p = mnt; p; p = next_mnt(p, mnt)) {
|
|
actual_refs += mnt_get_count(p);
|
|
minimum_refs += 2;
|
|
}
|
|
unlock_mount_hash();
|
|
|
|
if (actual_refs > minimum_refs)
|
|
return 0;
|
|
|
|
return 1;
|
|
}
|
|
|
|
EXPORT_SYMBOL(may_umount_tree);
|
|
|
|
/**
|
|
* may_umount - check if a mount point is busy
|
|
* @mnt: root of mount
|
|
*
|
|
* This is called to check if a mount point has any
|
|
* open files, pwds, chroots or sub mounts. If the
|
|
* mount has sub mounts this will return busy
|
|
* regardless of whether the sub mounts are busy.
|
|
*
|
|
* Doesn't take quota and stuff into account. IOW, in some cases it will
|
|
* give false negatives. The main reason why it's here is that we need
|
|
* a non-destructive way to look for easily umountable filesystems.
|
|
*/
|
|
int may_umount(struct vfsmount *mnt)
|
|
{
|
|
int ret = 1;
|
|
down_read(&namespace_sem);
|
|
lock_mount_hash();
|
|
if (propagate_mount_busy(real_mount(mnt), 2))
|
|
ret = 0;
|
|
unlock_mount_hash();
|
|
up_read(&namespace_sem);
|
|
return ret;
|
|
}
|
|
|
|
EXPORT_SYMBOL(may_umount);
|
|
|
|
static HLIST_HEAD(unmounted); /* protected by namespace_sem */
|
|
|
|
static void namespace_unlock(void)
|
|
{
|
|
struct hlist_head head;
|
|
|
|
hlist_move_list(&unmounted, &head);
|
|
|
|
up_write(&namespace_sem);
|
|
|
|
if (likely(hlist_empty(&head)))
|
|
return;
|
|
|
|
synchronize_rcu();
|
|
|
|
group_pin_kill(&head);
|
|
}
|
|
|
|
static inline void namespace_lock(void)
|
|
{
|
|
down_write(&namespace_sem);
|
|
}
|
|
|
|
enum umount_tree_flags {
|
|
UMOUNT_SYNC = 1,
|
|
UMOUNT_PROPAGATE = 2,
|
|
UMOUNT_CONNECTED = 4,
|
|
};
|
|
|
|
static bool disconnect_mount(struct mount *mnt, enum umount_tree_flags how)
|
|
{
|
|
/* Leaving mounts connected is only valid for lazy umounts */
|
|
if (how & UMOUNT_SYNC)
|
|
return true;
|
|
|
|
/* A mount without a parent has nothing to be connected to */
|
|
if (!mnt_has_parent(mnt))
|
|
return true;
|
|
|
|
/* Because the reference counting rules change when mounts are
|
|
* unmounted and connected, umounted mounts may not be
|
|
* connected to mounted mounts.
|
|
*/
|
|
if (!(mnt->mnt_parent->mnt.mnt_flags & MNT_UMOUNT))
|
|
return true;
|
|
|
|
/* Has it been requested that the mount remain connected? */
|
|
if (how & UMOUNT_CONNECTED)
|
|
return false;
|
|
|
|
/* Is the mount locked such that it needs to remain connected? */
|
|
if (IS_MNT_LOCKED(mnt))
|
|
return false;
|
|
|
|
/* By default disconnect the mount */
|
|
return true;
|
|
}
|
|
|
|
/*
|
|
* mount_lock must be held
|
|
* namespace_sem must be held for write
|
|
*/
|
|
static void umount_tree(struct mount *mnt, enum umount_tree_flags how)
|
|
{
|
|
LIST_HEAD(tmp_list);
|
|
struct mount *p;
|
|
|
|
if (how & UMOUNT_PROPAGATE)
|
|
propagate_mount_unlock(mnt);
|
|
|
|
/* Gather the mounts to umount */
|
|
for (p = mnt; p; p = next_mnt(p, mnt)) {
|
|
p->mnt.mnt_flags |= MNT_UMOUNT;
|
|
list_move(&p->mnt_list, &tmp_list);
|
|
}
|
|
|
|
/* Hide the mounts from mnt_mounts */
|
|
list_for_each_entry(p, &tmp_list, mnt_list) {
|
|
list_del_init(&p->mnt_child);
|
|
}
|
|
|
|
/* Add propogated mounts to the tmp_list */
|
|
if (how & UMOUNT_PROPAGATE)
|
|
propagate_umount(&tmp_list);
|
|
|
|
while (!list_empty(&tmp_list)) {
|
|
struct mnt_namespace *ns;
|
|
bool disconnect;
|
|
p = list_first_entry(&tmp_list, struct mount, mnt_list);
|
|
list_del_init(&p->mnt_expire);
|
|
list_del_init(&p->mnt_list);
|
|
ns = p->mnt_ns;
|
|
if (ns) {
|
|
ns->mounts--;
|
|
__touch_mnt_namespace(ns);
|
|
}
|
|
p->mnt_ns = NULL;
|
|
if (how & UMOUNT_SYNC)
|
|
p->mnt.mnt_flags |= MNT_SYNC_UMOUNT;
|
|
|
|
disconnect = disconnect_mount(p, how);
|
|
|
|
pin_insert_group(&p->mnt_umount, &p->mnt_parent->mnt,
|
|
disconnect ? &unmounted : NULL);
|
|
if (mnt_has_parent(p)) {
|
|
mnt_add_count(p->mnt_parent, -1);
|
|
if (!disconnect) {
|
|
/* Don't forget about p */
|
|
list_add_tail(&p->mnt_child, &p->mnt_parent->mnt_mounts);
|
|
} else {
|
|
umount_mnt(p);
|
|
}
|
|
}
|
|
change_mnt_propagation(p, MS_PRIVATE);
|
|
}
|
|
}
|
|
|
|
static void shrink_submounts(struct mount *mnt);
|
|
|
|
static int do_umount(struct mount *mnt, int flags)
|
|
{
|
|
struct super_block *sb = mnt->mnt.mnt_sb;
|
|
int retval;
|
|
|
|
retval = security_sb_umount(&mnt->mnt, flags);
|
|
if (retval)
|
|
return retval;
|
|
|
|
/*
|
|
* Allow userspace to request a mountpoint be expired rather than
|
|
* unmounting unconditionally. Unmount only happens if:
|
|
* (1) the mark is already set (the mark is cleared by mntput())
|
|
* (2) the usage count == 1 [parent vfsmount] + 1 [sys_umount]
|
|
*/
|
|
if (flags & MNT_EXPIRE) {
|
|
if (&mnt->mnt == current->fs->root.mnt ||
|
|
flags & (MNT_FORCE | MNT_DETACH))
|
|
return -EINVAL;
|
|
|
|
/*
|
|
* probably don't strictly need the lock here if we examined
|
|
* all race cases, but it's a slowpath.
|
|
*/
|
|
lock_mount_hash();
|
|
if (mnt_get_count(mnt) != 2) {
|
|
unlock_mount_hash();
|
|
return -EBUSY;
|
|
}
|
|
unlock_mount_hash();
|
|
|
|
if (!xchg(&mnt->mnt_expiry_mark, 1))
|
|
return -EAGAIN;
|
|
}
|
|
|
|
/*
|
|
* If we may have to abort operations to get out of this
|
|
* mount, and they will themselves hold resources we must
|
|
* allow the fs to do things. In the Unix tradition of
|
|
* 'Gee thats tricky lets do it in userspace' the umount_begin
|
|
* might fail to complete on the first run through as other tasks
|
|
* must return, and the like. Thats for the mount program to worry
|
|
* about for the moment.
|
|
*/
|
|
|
|
if (flags & MNT_FORCE && sb->s_op->umount_begin) {
|
|
sb->s_op->umount_begin(sb);
|
|
}
|
|
|
|
/*
|
|
* No sense to grab the lock for this test, but test itself looks
|
|
* somewhat bogus. Suggestions for better replacement?
|
|
* Ho-hum... In principle, we might treat that as umount + switch
|
|
* to rootfs. GC would eventually take care of the old vfsmount.
|
|
* Actually it makes sense, especially if rootfs would contain a
|
|
* /reboot - static binary that would close all descriptors and
|
|
* call reboot(9). Then init(8) could umount root and exec /reboot.
|
|
*/
|
|
if (&mnt->mnt == current->fs->root.mnt && !(flags & MNT_DETACH)) {
|
|
/*
|
|
* Special case for "unmounting" root ...
|
|
* we just try to remount it readonly.
|
|
*/
|
|
if (!capable(CAP_SYS_ADMIN))
|
|
return -EPERM;
|
|
down_write(&sb->s_umount);
|
|
if (!sb_rdonly(sb))
|
|
retval = do_remount_sb(sb, SB_RDONLY, NULL, 0);
|
|
up_write(&sb->s_umount);
|
|
return retval;
|
|
}
|
|
|
|
namespace_lock();
|
|
lock_mount_hash();
|
|
|
|
/* Recheck MNT_LOCKED with the locks held */
|
|
retval = -EINVAL;
|
|
if (mnt->mnt.mnt_flags & MNT_LOCKED)
|
|
goto out;
|
|
|
|
event++;
|
|
if (flags & MNT_DETACH) {
|
|
if (!list_empty(&mnt->mnt_list))
|
|
umount_tree(mnt, UMOUNT_PROPAGATE);
|
|
retval = 0;
|
|
} else {
|
|
shrink_submounts(mnt);
|
|
retval = -EBUSY;
|
|
if (!propagate_mount_busy(mnt, 2)) {
|
|
if (!list_empty(&mnt->mnt_list))
|
|
umount_tree(mnt, UMOUNT_PROPAGATE|UMOUNT_SYNC);
|
|
retval = 0;
|
|
}
|
|
}
|
|
out:
|
|
unlock_mount_hash();
|
|
namespace_unlock();
|
|
if (retval == -EBUSY)
|
|
global_filetable_delayed_print(mnt);
|
|
return retval;
|
|
}
|
|
|
|
/*
|
|
* __detach_mounts - lazily unmount all mounts on the specified dentry
|
|
*
|
|
* During unlink, rmdir, and d_drop it is possible to loose the path
|
|
* to an existing mountpoint, and wind up leaking the mount.
|
|
* detach_mounts allows lazily unmounting those mounts instead of
|
|
* leaking them.
|
|
*
|
|
* The caller may hold dentry->d_inode->i_mutex.
|
|
*/
|
|
void __detach_mounts(struct dentry *dentry)
|
|
{
|
|
struct mountpoint *mp;
|
|
struct mount *mnt;
|
|
|
|
namespace_lock();
|
|
lock_mount_hash();
|
|
mp = lookup_mountpoint(dentry);
|
|
if (IS_ERR_OR_NULL(mp))
|
|
goto out_unlock;
|
|
|
|
event++;
|
|
while (!hlist_empty(&mp->m_list)) {
|
|
mnt = hlist_entry(mp->m_list.first, struct mount, mnt_mp_list);
|
|
if (mnt->mnt.mnt_flags & MNT_UMOUNT) {
|
|
hlist_add_head(&mnt->mnt_umount.s_list, &unmounted);
|
|
umount_mnt(mnt);
|
|
}
|
|
else umount_tree(mnt, UMOUNT_CONNECTED);
|
|
}
|
|
put_mountpoint(mp);
|
|
out_unlock:
|
|
unlock_mount_hash();
|
|
namespace_unlock();
|
|
}
|
|
|
|
/*
|
|
* Is the caller allowed to modify his namespace?
|
|
*/
|
|
static inline bool may_mount(void)
|
|
{
|
|
return ns_capable(current->nsproxy->mnt_ns->user_ns, CAP_SYS_ADMIN);
|
|
}
|
|
|
|
static inline bool may_mandlock(void)
|
|
{
|
|
#ifndef CONFIG_MANDATORY_FILE_LOCKING
|
|
return false;
|
|
#endif
|
|
return capable(CAP_SYS_ADMIN);
|
|
}
|
|
|
|
/*
|
|
* Now umount can handle mount points as well as block devices.
|
|
* This is important for filesystems which use unnamed block devices.
|
|
*
|
|
* We now support a flag for forced unmount like the other 'big iron'
|
|
* unixes. Our API is identical to OSF/1 to avoid making a mess of AMD
|
|
*/
|
|
|
|
SYSCALL_DEFINE2(umount, char __user *, name, int, flags)
|
|
{
|
|
struct path path;
|
|
struct mount *mnt;
|
|
int retval;
|
|
int lookup_flags = 0;
|
|
bool user_request = !(current->flags & PF_KTHREAD);
|
|
|
|
if (flags & ~(MNT_FORCE | MNT_DETACH | MNT_EXPIRE | UMOUNT_NOFOLLOW))
|
|
return -EINVAL;
|
|
|
|
if (!may_mount())
|
|
return -EPERM;
|
|
|
|
if (!(flags & UMOUNT_NOFOLLOW))
|
|
lookup_flags |= LOOKUP_FOLLOW;
|
|
|
|
retval = user_path_mountpoint_at(AT_FDCWD, name, lookup_flags, &path);
|
|
if (retval)
|
|
goto out;
|
|
mnt = real_mount(path.mnt);
|
|
retval = -EINVAL;
|
|
if (path.dentry != path.mnt->mnt_root)
|
|
goto dput_and_out;
|
|
if (!check_mnt(mnt))
|
|
goto dput_and_out;
|
|
if (mnt->mnt.mnt_flags & MNT_LOCKED) /* Check optimistically */
|
|
goto dput_and_out;
|
|
retval = -EPERM;
|
|
if (flags & MNT_FORCE && !capable(CAP_SYS_ADMIN))
|
|
goto dput_and_out;
|
|
|
|
/* flush delayed_fput to put mnt_count */
|
|
if (user_request)
|
|
flush_delayed_fput_wait();
|
|
|
|
retval = do_umount(mnt, flags);
|
|
dput_and_out:
|
|
/* we mustn't call path_put() as that would clear mnt_expiry_mark */
|
|
dput(path.dentry);
|
|
if (user_request && (!retval || (flags & MNT_FORCE))) {
|
|
/* filesystem needs to handle unclosed namespaces */
|
|
if (mnt->mnt.mnt_sb->s_op->umount_end)
|
|
mnt->mnt.mnt_sb->s_op->umount_end(mnt->mnt.mnt_sb,
|
|
flags);
|
|
}
|
|
mntput_no_expire(mnt);
|
|
|
|
if (!user_request)
|
|
goto out;
|
|
|
|
if (!retval) {
|
|
/*
|
|
* If the last delayed_fput() is called during do_umount()
|
|
* and makes mnt_count zero, we need to guarantee to register
|
|
* delayed_mntput by waiting for delayed_fput work again.
|
|
*/
|
|
flush_delayed_fput_wait();
|
|
|
|
/* flush delayed_mntput_work to put sb->s_active */
|
|
flush_delayed_mntput_wait();
|
|
}
|
|
out:
|
|
return retval;
|
|
}
|
|
|
|
#ifdef __ARCH_WANT_SYS_OLDUMOUNT
|
|
|
|
/*
|
|
* The 2.0 compatible umount. No flags.
|
|
*/
|
|
SYSCALL_DEFINE1(oldumount, char __user *, name)
|
|
{
|
|
return sys_umount(name, 0);
|
|
}
|
|
|
|
#endif
|
|
|
|
static bool is_mnt_ns_file(struct dentry *dentry)
|
|
{
|
|
/* Is this a proxy for a mount namespace? */
|
|
return dentry->d_op == &ns_dentry_operations &&
|
|
dentry->d_fsdata == &mntns_operations;
|
|
}
|
|
|
|
struct mnt_namespace *to_mnt_ns(struct ns_common *ns)
|
|
{
|
|
return container_of(ns, struct mnt_namespace, ns);
|
|
}
|
|
|
|
static bool mnt_ns_loop(struct dentry *dentry)
|
|
{
|
|
/* Could bind mounting the mount namespace inode cause a
|
|
* mount namespace loop?
|
|
*/
|
|
struct mnt_namespace *mnt_ns;
|
|
if (!is_mnt_ns_file(dentry))
|
|
return false;
|
|
|
|
mnt_ns = to_mnt_ns(get_proc_ns(dentry->d_inode));
|
|
return current->nsproxy->mnt_ns->seq >= mnt_ns->seq;
|
|
}
|
|
|
|
struct mount *copy_tree(struct mount *mnt, struct dentry *dentry,
|
|
int flag)
|
|
{
|
|
struct mount *res, *p, *q, *r, *parent;
|
|
|
|
if (!(flag & CL_COPY_UNBINDABLE) && IS_MNT_UNBINDABLE(mnt))
|
|
return ERR_PTR(-EINVAL);
|
|
|
|
if (!(flag & CL_COPY_MNT_NS_FILE) && is_mnt_ns_file(dentry))
|
|
return ERR_PTR(-EINVAL);
|
|
|
|
res = q = clone_mnt(mnt, dentry, flag);
|
|
if (IS_ERR(q))
|
|
return q;
|
|
|
|
q->mnt_mountpoint = mnt->mnt_mountpoint;
|
|
|
|
p = mnt;
|
|
list_for_each_entry(r, &mnt->mnt_mounts, mnt_child) {
|
|
struct mount *s;
|
|
if (!is_subdir(r->mnt_mountpoint, dentry))
|
|
continue;
|
|
|
|
for (s = r; s; s = next_mnt(s, r)) {
|
|
if (!(flag & CL_COPY_UNBINDABLE) &&
|
|
IS_MNT_UNBINDABLE(s)) {
|
|
if (s->mnt.mnt_flags & MNT_LOCKED) {
|
|
/* Both unbindable and locked. */
|
|
q = ERR_PTR(-EPERM);
|
|
goto out;
|
|
} else {
|
|
s = skip_mnt_tree(s);
|
|
continue;
|
|
}
|
|
}
|
|
if (!(flag & CL_COPY_MNT_NS_FILE) &&
|
|
is_mnt_ns_file(s->mnt.mnt_root)) {
|
|
s = skip_mnt_tree(s);
|
|
continue;
|
|
}
|
|
while (p != s->mnt_parent) {
|
|
p = p->mnt_parent;
|
|
q = q->mnt_parent;
|
|
}
|
|
p = s;
|
|
parent = q;
|
|
q = clone_mnt(p, p->mnt.mnt_root, flag);
|
|
if (IS_ERR(q))
|
|
goto out;
|
|
lock_mount_hash();
|
|
list_add_tail(&q->mnt_list, &res->mnt_list);
|
|
attach_mnt(q, parent, p->mnt_mp);
|
|
unlock_mount_hash();
|
|
}
|
|
}
|
|
return res;
|
|
out:
|
|
if (res) {
|
|
lock_mount_hash();
|
|
umount_tree(res, UMOUNT_SYNC);
|
|
unlock_mount_hash();
|
|
}
|
|
return q;
|
|
}
|
|
|
|
/* Caller should check returned pointer for errors */
|
|
|
|
struct vfsmount *collect_mounts(const struct path *path)
|
|
{
|
|
struct mount *tree;
|
|
namespace_lock();
|
|
if (!check_mnt(real_mount(path->mnt)))
|
|
tree = ERR_PTR(-EINVAL);
|
|
else
|
|
tree = copy_tree(real_mount(path->mnt), path->dentry,
|
|
CL_COPY_ALL | CL_PRIVATE);
|
|
namespace_unlock();
|
|
if (IS_ERR(tree))
|
|
return ERR_CAST(tree);
|
|
return &tree->mnt;
|
|
}
|
|
|
|
void drop_collected_mounts(struct vfsmount *mnt)
|
|
{
|
|
namespace_lock();
|
|
lock_mount_hash();
|
|
umount_tree(real_mount(mnt), 0);
|
|
unlock_mount_hash();
|
|
namespace_unlock();
|
|
}
|
|
|
|
/**
|
|
* clone_private_mount - create a private clone of a path
|
|
*
|
|
* This creates a new vfsmount, which will be the clone of @path. The new will
|
|
* not be attached anywhere in the namespace and will be private (i.e. changes
|
|
* to the originating mount won't be propagated into this).
|
|
*
|
|
* Release with mntput().
|
|
*/
|
|
struct vfsmount *clone_private_mount(const struct path *path)
|
|
{
|
|
struct mount *old_mnt = real_mount(path->mnt);
|
|
struct mount *new_mnt;
|
|
|
|
if (IS_MNT_UNBINDABLE(old_mnt))
|
|
return ERR_PTR(-EINVAL);
|
|
|
|
new_mnt = clone_mnt(old_mnt, path->dentry, CL_PRIVATE);
|
|
if (IS_ERR(new_mnt))
|
|
return ERR_CAST(new_mnt);
|
|
|
|
return &new_mnt->mnt;
|
|
}
|
|
EXPORT_SYMBOL_GPL(clone_private_mount);
|
|
|
|
int iterate_mounts(int (*f)(struct vfsmount *, void *), void *arg,
|
|
struct vfsmount *root)
|
|
{
|
|
struct mount *mnt;
|
|
int res = f(root, arg);
|
|
if (res)
|
|
return res;
|
|
list_for_each_entry(mnt, &real_mount(root)->mnt_list, mnt_list) {
|
|
res = f(&mnt->mnt, arg);
|
|
if (res)
|
|
return res;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
static void cleanup_group_ids(struct mount *mnt, struct mount *end)
|
|
{
|
|
struct mount *p;
|
|
|
|
for (p = mnt; p != end; p = next_mnt(p, mnt)) {
|
|
if (p->mnt_group_id && !IS_MNT_SHARED(p))
|
|
mnt_release_group_id(p);
|
|
}
|
|
}
|
|
|
|
static int invent_group_ids(struct mount *mnt, bool recurse)
|
|
{
|
|
struct mount *p;
|
|
|
|
for (p = mnt; p; p = recurse ? next_mnt(p, mnt) : NULL) {
|
|
if (!p->mnt_group_id && !IS_MNT_SHARED(p)) {
|
|
int err = mnt_alloc_group_id(p);
|
|
if (err) {
|
|
cleanup_group_ids(mnt, p);
|
|
return err;
|
|
}
|
|
}
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
int count_mounts(struct mnt_namespace *ns, struct mount *mnt)
|
|
{
|
|
unsigned int max = READ_ONCE(sysctl_mount_max);
|
|
unsigned int mounts = 0, old, pending, sum;
|
|
struct mount *p;
|
|
|
|
for (p = mnt; p; p = next_mnt(p, mnt))
|
|
mounts++;
|
|
|
|
old = ns->mounts;
|
|
pending = ns->pending_mounts;
|
|
sum = old + pending;
|
|
if ((old > sum) ||
|
|
(pending > sum) ||
|
|
(max < sum) ||
|
|
(mounts > (max - sum)))
|
|
return -ENOSPC;
|
|
|
|
ns->pending_mounts = pending + mounts;
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* @source_mnt : mount tree to be attached
|
|
* @nd : place the mount tree @source_mnt is attached
|
|
* @parent_nd : if non-null, detach the source_mnt from its parent and
|
|
* store the parent mount and mountpoint dentry.
|
|
* (done when source_mnt is moved)
|
|
*
|
|
* NOTE: in the table below explains the semantics when a source mount
|
|
* of a given type is attached to a destination mount of a given type.
|
|
* ---------------------------------------------------------------------------
|
|
* | BIND MOUNT OPERATION |
|
|
* |**************************************************************************
|
|
* | source-->| shared | private | slave | unbindable |
|
|
* | dest | | | | |
|
|
* | | | | | | |
|
|
* | v | | | | |
|
|
* |**************************************************************************
|
|
* | shared | shared (++) | shared (+) | shared(+++)| invalid |
|
|
* | | | | | |
|
|
* |non-shared| shared (+) | private | slave (*) | invalid |
|
|
* ***************************************************************************
|
|
* A bind operation clones the source mount and mounts the clone on the
|
|
* destination mount.
|
|
*
|
|
* (++) the cloned mount is propagated to all the mounts in the propagation
|
|
* tree of the destination mount and the cloned mount is added to
|
|
* the peer group of the source mount.
|
|
* (+) the cloned mount is created under the destination mount and is marked
|
|
* as shared. The cloned mount is added to the peer group of the source
|
|
* mount.
|
|
* (+++) the mount is propagated to all the mounts in the propagation tree
|
|
* of the destination mount and the cloned mount is made slave
|
|
* of the same master as that of the source mount. The cloned mount
|
|
* is marked as 'shared and slave'.
|
|
* (*) the cloned mount is made a slave of the same master as that of the
|
|
* source mount.
|
|
*
|
|
* ---------------------------------------------------------------------------
|
|
* | MOVE MOUNT OPERATION |
|
|
* |**************************************************************************
|
|
* | source-->| shared | private | slave | unbindable |
|
|
* | dest | | | | |
|
|
* | | | | | | |
|
|
* | v | | | | |
|
|
* |**************************************************************************
|
|
* | shared | shared (+) | shared (+) | shared(+++) | invalid |
|
|
* | | | | | |
|
|
* |non-shared| shared (+*) | private | slave (*) | unbindable |
|
|
* ***************************************************************************
|
|
*
|
|
* (+) the mount is moved to the destination. And is then propagated to
|
|
* all the mounts in the propagation tree of the destination mount.
|
|
* (+*) the mount is moved to the destination.
|
|
* (+++) the mount is moved to the destination and is then propagated to
|
|
* all the mounts belonging to the destination mount's propagation tree.
|
|
* the mount is marked as 'shared and slave'.
|
|
* (*) the mount continues to be a slave at the new location.
|
|
*
|
|
* if the source mount is a tree, the operations explained above is
|
|
* applied to each mount in the tree.
|
|
* Must be called without spinlocks held, since this function can sleep
|
|
* in allocations.
|
|
*/
|
|
static int attach_recursive_mnt(struct mount *source_mnt,
|
|
struct mount *dest_mnt,
|
|
struct mountpoint *dest_mp,
|
|
struct path *parent_path)
|
|
{
|
|
HLIST_HEAD(tree_list);
|
|
struct mnt_namespace *ns = dest_mnt->mnt_ns;
|
|
struct mountpoint *smp;
|
|
struct mount *child, *p;
|
|
struct hlist_node *n;
|
|
int err;
|
|
|
|
/* Preallocate a mountpoint in case the new mounts need
|
|
* to be tucked under other mounts.
|
|
*/
|
|
smp = get_mountpoint(source_mnt->mnt.mnt_root);
|
|
if (IS_ERR(smp))
|
|
return PTR_ERR(smp);
|
|
|
|
/* Is there space to add these mounts to the mount namespace? */
|
|
if (!parent_path) {
|
|
err = count_mounts(ns, source_mnt);
|
|
if (err)
|
|
goto out;
|
|
}
|
|
|
|
if (IS_MNT_SHARED(dest_mnt)) {
|
|
err = invent_group_ids(source_mnt, true);
|
|
if (err)
|
|
goto out;
|
|
err = propagate_mnt(dest_mnt, dest_mp, source_mnt, &tree_list);
|
|
lock_mount_hash();
|
|
if (err)
|
|
goto out_cleanup_ids;
|
|
for (p = source_mnt; p; p = next_mnt(p, source_mnt))
|
|
set_mnt_shared(p);
|
|
} else {
|
|
lock_mount_hash();
|
|
}
|
|
if (parent_path) {
|
|
detach_mnt(source_mnt, parent_path);
|
|
attach_mnt(source_mnt, dest_mnt, dest_mp);
|
|
touch_mnt_namespace(source_mnt->mnt_ns);
|
|
} else {
|
|
mnt_set_mountpoint(dest_mnt, dest_mp, source_mnt);
|
|
commit_tree(source_mnt);
|
|
}
|
|
|
|
hlist_for_each_entry_safe(child, n, &tree_list, mnt_hash) {
|
|
struct mount *q;
|
|
hlist_del_init(&child->mnt_hash);
|
|
q = __lookup_mnt(&child->mnt_parent->mnt,
|
|
child->mnt_mountpoint);
|
|
if (q)
|
|
mnt_change_mountpoint(child, smp, q);
|
|
commit_tree(child);
|
|
}
|
|
put_mountpoint(smp);
|
|
unlock_mount_hash();
|
|
|
|
return 0;
|
|
|
|
out_cleanup_ids:
|
|
while (!hlist_empty(&tree_list)) {
|
|
child = hlist_entry(tree_list.first, struct mount, mnt_hash);
|
|
child->mnt_parent->mnt_ns->pending_mounts = 0;
|
|
umount_tree(child, UMOUNT_SYNC);
|
|
}
|
|
unlock_mount_hash();
|
|
cleanup_group_ids(source_mnt, NULL);
|
|
out:
|
|
ns->pending_mounts = 0;
|
|
|
|
read_seqlock_excl(&mount_lock);
|
|
put_mountpoint(smp);
|
|
read_sequnlock_excl(&mount_lock);
|
|
|
|
return err;
|
|
}
|
|
|
|
static struct mountpoint *lock_mount(struct path *path)
|
|
{
|
|
struct vfsmount *mnt;
|
|
struct dentry *dentry = path->dentry;
|
|
retry:
|
|
inode_lock(dentry->d_inode);
|
|
if (unlikely(cant_mount(dentry))) {
|
|
inode_unlock(dentry->d_inode);
|
|
return ERR_PTR(-ENOENT);
|
|
}
|
|
namespace_lock();
|
|
mnt = lookup_mnt(path);
|
|
if (likely(!mnt)) {
|
|
struct mountpoint *mp = get_mountpoint(dentry);
|
|
if (IS_ERR(mp)) {
|
|
namespace_unlock();
|
|
inode_unlock(dentry->d_inode);
|
|
return mp;
|
|
}
|
|
return mp;
|
|
}
|
|
namespace_unlock();
|
|
inode_unlock(path->dentry->d_inode);
|
|
path_put(path);
|
|
path->mnt = mnt;
|
|
dentry = path->dentry = dget(mnt->mnt_root);
|
|
goto retry;
|
|
}
|
|
|
|
static void unlock_mount(struct mountpoint *where)
|
|
{
|
|
struct dentry *dentry = where->m_dentry;
|
|
|
|
read_seqlock_excl(&mount_lock);
|
|
put_mountpoint(where);
|
|
read_sequnlock_excl(&mount_lock);
|
|
|
|
namespace_unlock();
|
|
inode_unlock(dentry->d_inode);
|
|
}
|
|
|
|
static int graft_tree(struct mount *mnt, struct mount *p, struct mountpoint *mp)
|
|
{
|
|
if (mnt->mnt.mnt_sb->s_flags & SB_NOUSER)
|
|
return -EINVAL;
|
|
|
|
if (d_is_dir(mp->m_dentry) !=
|
|
d_is_dir(mnt->mnt.mnt_root))
|
|
return -ENOTDIR;
|
|
|
|
return attach_recursive_mnt(mnt, p, mp, NULL);
|
|
}
|
|
|
|
/*
|
|
* Sanity check the flags to change_mnt_propagation.
|
|
*/
|
|
|
|
static int flags_to_propagation_type(int ms_flags)
|
|
{
|
|
int type = ms_flags & ~(MS_REC | MS_SILENT);
|
|
|
|
/* Fail if any non-propagation flags are set */
|
|
if (type & ~(MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
|
|
return 0;
|
|
/* Only one propagation flag should be set */
|
|
if (!is_power_of_2(type))
|
|
return 0;
|
|
return type;
|
|
}
|
|
|
|
/*
|
|
* recursively change the type of the mountpoint.
|
|
*/
|
|
static int do_change_type(struct path *path, int ms_flags)
|
|
{
|
|
struct mount *m;
|
|
struct mount *mnt = real_mount(path->mnt);
|
|
int recurse = ms_flags & MS_REC;
|
|
int type;
|
|
int err = 0;
|
|
|
|
if (path->dentry != path->mnt->mnt_root)
|
|
return -EINVAL;
|
|
|
|
type = flags_to_propagation_type(ms_flags);
|
|
if (!type)
|
|
return -EINVAL;
|
|
|
|
namespace_lock();
|
|
if (type == MS_SHARED) {
|
|
err = invent_group_ids(mnt, recurse);
|
|
if (err)
|
|
goto out_unlock;
|
|
}
|
|
|
|
lock_mount_hash();
|
|
for (m = mnt; m; m = (recurse ? next_mnt(m, mnt) : NULL))
|
|
change_mnt_propagation(m, type);
|
|
unlock_mount_hash();
|
|
|
|
out_unlock:
|
|
namespace_unlock();
|
|
return err;
|
|
}
|
|
|
|
static bool has_locked_children(struct mount *mnt, struct dentry *dentry)
|
|
{
|
|
struct mount *child;
|
|
list_for_each_entry(child, &mnt->mnt_mounts, mnt_child) {
|
|
if (!is_subdir(child->mnt_mountpoint, dentry))
|
|
continue;
|
|
|
|
if (child->mnt.mnt_flags & MNT_LOCKED)
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/*
|
|
* do loopback mount.
|
|
*/
|
|
static int do_loopback(struct path *path, const char *old_name,
|
|
int recurse)
|
|
{
|
|
struct path old_path;
|
|
struct mount *mnt = NULL, *old, *parent;
|
|
struct mountpoint *mp;
|
|
int err;
|
|
if (!old_name || !*old_name)
|
|
return -EINVAL;
|
|
err = kern_path(old_name, LOOKUP_FOLLOW|LOOKUP_AUTOMOUNT, &old_path);
|
|
if (err)
|
|
return err;
|
|
|
|
err = -EINVAL;
|
|
if (mnt_ns_loop(old_path.dentry))
|
|
goto out;
|
|
|
|
mp = lock_mount(path);
|
|
err = PTR_ERR(mp);
|
|
if (IS_ERR(mp))
|
|
goto out;
|
|
|
|
old = real_mount(old_path.mnt);
|
|
parent = real_mount(path->mnt);
|
|
|
|
err = -EINVAL;
|
|
if (IS_MNT_UNBINDABLE(old))
|
|
goto out2;
|
|
|
|
if (!check_mnt(parent))
|
|
goto out2;
|
|
|
|
if (!check_mnt(old) && old_path.dentry->d_op != &ns_dentry_operations)
|
|
goto out2;
|
|
|
|
if (!recurse && has_locked_children(old, old_path.dentry))
|
|
goto out2;
|
|
|
|
if (recurse)
|
|
mnt = copy_tree(old, old_path.dentry, CL_COPY_MNT_NS_FILE);
|
|
else
|
|
mnt = clone_mnt(old, old_path.dentry, 0);
|
|
|
|
if (IS_ERR(mnt)) {
|
|
err = PTR_ERR(mnt);
|
|
goto out2;
|
|
}
|
|
|
|
mnt->mnt.mnt_flags &= ~MNT_LOCKED;
|
|
|
|
err = graft_tree(mnt, parent, mp);
|
|
if (err) {
|
|
lock_mount_hash();
|
|
umount_tree(mnt, UMOUNT_SYNC);
|
|
unlock_mount_hash();
|
|
}
|
|
out2:
|
|
unlock_mount(mp);
|
|
out:
|
|
path_put(&old_path);
|
|
return err;
|
|
}
|
|
|
|
static int change_mount_flags(struct vfsmount *mnt, int ms_flags)
|
|
{
|
|
int error = 0;
|
|
int readonly_request = 0;
|
|
|
|
if (ms_flags & MS_RDONLY)
|
|
readonly_request = 1;
|
|
if (readonly_request == __mnt_is_readonly(mnt))
|
|
return 0;
|
|
|
|
if (readonly_request)
|
|
error = mnt_make_readonly(real_mount(mnt));
|
|
else
|
|
__mnt_unmake_readonly(real_mount(mnt));
|
|
return error;
|
|
}
|
|
|
|
/*
|
|
* change filesystem flags. dir should be a physical root of filesystem.
|
|
* If you've mounted a non-root directory somewhere and want to do remount
|
|
* on it - tough luck.
|
|
*/
|
|
static int do_remount(struct path *path, int ms_flags, int sb_flags,
|
|
int mnt_flags, void *data)
|
|
{
|
|
int err;
|
|
struct super_block *sb = path->mnt->mnt_sb;
|
|
struct mount *mnt = real_mount(path->mnt);
|
|
|
|
if (!check_mnt(mnt))
|
|
return -EINVAL;
|
|
|
|
if (path->dentry != path->mnt->mnt_root)
|
|
return -EINVAL;
|
|
|
|
/* Don't allow changing of locked mnt flags.
|
|
*
|
|
* No locks need to be held here while testing the various
|
|
* MNT_LOCK flags because those flags can never be cleared
|
|
* once they are set.
|
|
*/
|
|
if ((mnt->mnt.mnt_flags & MNT_LOCK_READONLY) &&
|
|
!(mnt_flags & MNT_READONLY)) {
|
|
return -EPERM;
|
|
}
|
|
if ((mnt->mnt.mnt_flags & MNT_LOCK_NODEV) &&
|
|
!(mnt_flags & MNT_NODEV)) {
|
|
return -EPERM;
|
|
}
|
|
if ((mnt->mnt.mnt_flags & MNT_LOCK_NOSUID) &&
|
|
!(mnt_flags & MNT_NOSUID)) {
|
|
return -EPERM;
|
|
}
|
|
if ((mnt->mnt.mnt_flags & MNT_LOCK_NOEXEC) &&
|
|
!(mnt_flags & MNT_NOEXEC)) {
|
|
return -EPERM;
|
|
}
|
|
if ((mnt->mnt.mnt_flags & MNT_LOCK_ATIME) &&
|
|
((mnt->mnt.mnt_flags & MNT_ATIME_MASK) != (mnt_flags & MNT_ATIME_MASK))) {
|
|
return -EPERM;
|
|
}
|
|
|
|
err = security_sb_remount(sb, data);
|
|
if (err)
|
|
return err;
|
|
|
|
down_write(&sb->s_umount);
|
|
if (ms_flags & MS_BIND)
|
|
err = change_mount_flags(path->mnt, ms_flags);
|
|
else if (!capable(CAP_SYS_ADMIN))
|
|
err = -EPERM;
|
|
else {
|
|
err = do_remount_sb2(path->mnt, sb, sb_flags, data, 0);
|
|
namespace_lock();
|
|
lock_mount_hash();
|
|
propagate_remount(mnt);
|
|
unlock_mount_hash();
|
|
namespace_unlock();
|
|
}
|
|
if (!err) {
|
|
lock_mount_hash();
|
|
mnt_flags |= mnt->mnt.mnt_flags & ~MNT_USER_SETTABLE_MASK;
|
|
mnt->mnt.mnt_flags = mnt_flags;
|
|
touch_mnt_namespace(mnt->mnt_ns);
|
|
unlock_mount_hash();
|
|
}
|
|
up_write(&sb->s_umount);
|
|
return err;
|
|
}
|
|
|
|
static inline int tree_contains_unbindable(struct mount *mnt)
|
|
{
|
|
struct mount *p;
|
|
for (p = mnt; p; p = next_mnt(p, mnt)) {
|
|
if (IS_MNT_UNBINDABLE(p))
|
|
return 1;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
static int do_move_mount(struct path *path, const char *old_name)
|
|
{
|
|
struct path old_path, parent_path;
|
|
struct mount *p;
|
|
struct mount *old;
|
|
struct mountpoint *mp;
|
|
int err;
|
|
if (!old_name || !*old_name)
|
|
return -EINVAL;
|
|
err = kern_path(old_name, LOOKUP_FOLLOW, &old_path);
|
|
if (err)
|
|
return err;
|
|
|
|
mp = lock_mount(path);
|
|
err = PTR_ERR(mp);
|
|
if (IS_ERR(mp))
|
|
goto out;
|
|
|
|
old = real_mount(old_path.mnt);
|
|
p = real_mount(path->mnt);
|
|
|
|
err = -EINVAL;
|
|
if (!check_mnt(p) || !check_mnt(old))
|
|
goto out1;
|
|
|
|
if (old->mnt.mnt_flags & MNT_LOCKED)
|
|
goto out1;
|
|
|
|
err = -EINVAL;
|
|
if (old_path.dentry != old_path.mnt->mnt_root)
|
|
goto out1;
|
|
|
|
if (!mnt_has_parent(old))
|
|
goto out1;
|
|
|
|
if (d_is_dir(path->dentry) !=
|
|
d_is_dir(old_path.dentry))
|
|
goto out1;
|
|
/*
|
|
* Don't move a mount residing in a shared parent.
|
|
*/
|
|
if (IS_MNT_SHARED(old->mnt_parent))
|
|
goto out1;
|
|
/*
|
|
* Don't move a mount tree containing unbindable mounts to a destination
|
|
* mount which is shared.
|
|
*/
|
|
if (IS_MNT_SHARED(p) && tree_contains_unbindable(old))
|
|
goto out1;
|
|
err = -ELOOP;
|
|
for (; mnt_has_parent(p); p = p->mnt_parent)
|
|
if (p == old)
|
|
goto out1;
|
|
|
|
err = attach_recursive_mnt(old, real_mount(path->mnt), mp, &parent_path);
|
|
if (err)
|
|
goto out1;
|
|
|
|
/* if the mount is moved, it should no longer be expire
|
|
* automatically */
|
|
list_del_init(&old->mnt_expire);
|
|
out1:
|
|
unlock_mount(mp);
|
|
out:
|
|
if (!err)
|
|
path_put(&parent_path);
|
|
path_put(&old_path);
|
|
return err;
|
|
}
|
|
|
|
static struct vfsmount *fs_set_subtype(struct vfsmount *mnt, const char *fstype)
|
|
{
|
|
int err;
|
|
const char *subtype = strchr(fstype, '.');
|
|
if (subtype) {
|
|
subtype++;
|
|
err = -EINVAL;
|
|
if (!subtype[0])
|
|
goto err;
|
|
} else
|
|
subtype = "";
|
|
|
|
mnt->mnt_sb->s_subtype = kstrdup(subtype, GFP_KERNEL);
|
|
err = -ENOMEM;
|
|
if (!mnt->mnt_sb->s_subtype)
|
|
goto err;
|
|
return mnt;
|
|
|
|
err:
|
|
mntput(mnt);
|
|
return ERR_PTR(err);
|
|
}
|
|
|
|
/*
|
|
* add a mount into a namespace's mount tree
|
|
*/
|
|
static int do_add_mount(struct mount *newmnt, struct path *path, int mnt_flags)
|
|
{
|
|
struct mountpoint *mp;
|
|
struct mount *parent;
|
|
int err;
|
|
|
|
mnt_flags &= ~MNT_INTERNAL_FLAGS;
|
|
|
|
mp = lock_mount(path);
|
|
if (IS_ERR(mp))
|
|
return PTR_ERR(mp);
|
|
|
|
parent = real_mount(path->mnt);
|
|
err = -EINVAL;
|
|
if (unlikely(!check_mnt(parent))) {
|
|
/* that's acceptable only for automounts done in private ns */
|
|
if (!(mnt_flags & MNT_SHRINKABLE))
|
|
goto unlock;
|
|
/* ... and for those we'd better have mountpoint still alive */
|
|
if (!parent->mnt_ns)
|
|
goto unlock;
|
|
}
|
|
|
|
/* Refuse the same filesystem on the same mount point */
|
|
err = -EBUSY;
|
|
if (path->mnt->mnt_sb == newmnt->mnt.mnt_sb &&
|
|
path->mnt->mnt_root == path->dentry)
|
|
goto unlock;
|
|
|
|
err = -EINVAL;
|
|
if (d_is_symlink(newmnt->mnt.mnt_root))
|
|
goto unlock;
|
|
|
|
newmnt->mnt.mnt_flags = mnt_flags;
|
|
err = graft_tree(newmnt, parent, mp);
|
|
|
|
unlock:
|
|
unlock_mount(mp);
|
|
return err;
|
|
}
|
|
|
|
static bool mount_too_revealing(struct vfsmount *mnt, int *new_mnt_flags);
|
|
|
|
/*
|
|
* create a new mount for userspace and request it to be added into the
|
|
* namespace's tree
|
|
*/
|
|
static int do_new_mount(struct path *path, const char *fstype, int sb_flags,
|
|
int mnt_flags, const char *name, void *data)
|
|
{
|
|
struct file_system_type *type;
|
|
struct vfsmount *mnt;
|
|
int err;
|
|
|
|
if (!fstype)
|
|
return -EINVAL;
|
|
|
|
type = get_fs_type(fstype);
|
|
if (!type)
|
|
return -ENODEV;
|
|
|
|
mnt = vfs_kern_mount(type, sb_flags, name, data);
|
|
if (!IS_ERR(mnt) && (type->fs_flags & FS_HAS_SUBTYPE) &&
|
|
!mnt->mnt_sb->s_subtype)
|
|
mnt = fs_set_subtype(mnt, fstype);
|
|
|
|
put_filesystem(type);
|
|
if (IS_ERR(mnt))
|
|
return PTR_ERR(mnt);
|
|
|
|
if (mount_too_revealing(mnt, &mnt_flags)) {
|
|
mntput(mnt);
|
|
return -EPERM;
|
|
}
|
|
|
|
err = do_add_mount(real_mount(mnt), path, mnt_flags);
|
|
if (err)
|
|
mntput(mnt);
|
|
return err;
|
|
}
|
|
|
|
int finish_automount(struct vfsmount *m, struct path *path)
|
|
{
|
|
struct mount *mnt = real_mount(m);
|
|
int err;
|
|
/* The new mount record should have at least 2 refs to prevent it being
|
|
* expired before we get a chance to add it
|
|
*/
|
|
BUG_ON(mnt_get_count(mnt) < 2);
|
|
|
|
if (m->mnt_sb == path->mnt->mnt_sb &&
|
|
m->mnt_root == path->dentry) {
|
|
err = -ELOOP;
|
|
goto fail;
|
|
}
|
|
|
|
err = do_add_mount(mnt, path, path->mnt->mnt_flags | MNT_SHRINKABLE);
|
|
if (!err)
|
|
return 0;
|
|
fail:
|
|
/* remove m from any expiration list it may be on */
|
|
if (!list_empty(&mnt->mnt_expire)) {
|
|
namespace_lock();
|
|
list_del_init(&mnt->mnt_expire);
|
|
namespace_unlock();
|
|
}
|
|
mntput(m);
|
|
mntput(m);
|
|
return err;
|
|
}
|
|
|
|
/**
|
|
* mnt_set_expiry - Put a mount on an expiration list
|
|
* @mnt: The mount to list.
|
|
* @expiry_list: The list to add the mount to.
|
|
*/
|
|
void mnt_set_expiry(struct vfsmount *mnt, struct list_head *expiry_list)
|
|
{
|
|
namespace_lock();
|
|
|
|
list_add_tail(&real_mount(mnt)->mnt_expire, expiry_list);
|
|
|
|
namespace_unlock();
|
|
}
|
|
EXPORT_SYMBOL(mnt_set_expiry);
|
|
|
|
/*
|
|
* process a list of expirable mountpoints with the intent of discarding any
|
|
* mountpoints that aren't in use and haven't been touched since last we came
|
|
* here
|
|
*/
|
|
void mark_mounts_for_expiry(struct list_head *mounts)
|
|
{
|
|
struct mount *mnt, *next;
|
|
LIST_HEAD(graveyard);
|
|
|
|
if (list_empty(mounts))
|
|
return;
|
|
|
|
namespace_lock();
|
|
lock_mount_hash();
|
|
|
|
/* extract from the expiration list every vfsmount that matches the
|
|
* following criteria:
|
|
* - only referenced by its parent vfsmount
|
|
* - still marked for expiry (marked on the last call here; marks are
|
|
* cleared by mntput())
|
|
*/
|
|
list_for_each_entry_safe(mnt, next, mounts, mnt_expire) {
|
|
if (!xchg(&mnt->mnt_expiry_mark, 1) ||
|
|
propagate_mount_busy(mnt, 1))
|
|
continue;
|
|
list_move(&mnt->mnt_expire, &graveyard);
|
|
}
|
|
while (!list_empty(&graveyard)) {
|
|
mnt = list_first_entry(&graveyard, struct mount, mnt_expire);
|
|
touch_mnt_namespace(mnt->mnt_ns);
|
|
umount_tree(mnt, UMOUNT_PROPAGATE|UMOUNT_SYNC);
|
|
}
|
|
unlock_mount_hash();
|
|
namespace_unlock();
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(mark_mounts_for_expiry);
|
|
|
|
/*
|
|
* Ripoff of 'select_parent()'
|
|
*
|
|
* search the list of submounts for a given mountpoint, and move any
|
|
* shrinkable submounts to the 'graveyard' list.
|
|
*/
|
|
static int select_submounts(struct mount *parent, struct list_head *graveyard)
|
|
{
|
|
struct mount *this_parent = parent;
|
|
struct list_head *next;
|
|
int found = 0;
|
|
|
|
repeat:
|
|
next = this_parent->mnt_mounts.next;
|
|
resume:
|
|
while (next != &this_parent->mnt_mounts) {
|
|
struct list_head *tmp = next;
|
|
struct mount *mnt = list_entry(tmp, struct mount, mnt_child);
|
|
|
|
next = tmp->next;
|
|
if (!(mnt->mnt.mnt_flags & MNT_SHRINKABLE))
|
|
continue;
|
|
/*
|
|
* Descend a level if the d_mounts list is non-empty.
|
|
*/
|
|
if (!list_empty(&mnt->mnt_mounts)) {
|
|
this_parent = mnt;
|
|
goto repeat;
|
|
}
|
|
|
|
if (!propagate_mount_busy(mnt, 1)) {
|
|
list_move_tail(&mnt->mnt_expire, graveyard);
|
|
found++;
|
|
}
|
|
}
|
|
/*
|
|
* All done at this level ... ascend and resume the search
|
|
*/
|
|
if (this_parent != parent) {
|
|
next = this_parent->mnt_child.next;
|
|
this_parent = this_parent->mnt_parent;
|
|
goto resume;
|
|
}
|
|
return found;
|
|
}
|
|
|
|
/*
|
|
* process a list of expirable mountpoints with the intent of discarding any
|
|
* submounts of a specific parent mountpoint
|
|
*
|
|
* mount_lock must be held for write
|
|
*/
|
|
static void shrink_submounts(struct mount *mnt)
|
|
{
|
|
LIST_HEAD(graveyard);
|
|
struct mount *m;
|
|
|
|
/* extract submounts of 'mountpoint' from the expiration list */
|
|
while (select_submounts(mnt, &graveyard)) {
|
|
while (!list_empty(&graveyard)) {
|
|
m = list_first_entry(&graveyard, struct mount,
|
|
mnt_expire);
|
|
touch_mnt_namespace(m->mnt_ns);
|
|
umount_tree(m, UMOUNT_PROPAGATE|UMOUNT_SYNC);
|
|
}
|
|
}
|
|
}
|
|
|
|
/*
|
|
* Some copy_from_user() implementations do not return the exact number of
|
|
* bytes remaining to copy on a fault. But copy_mount_options() requires that.
|
|
* Note that this function differs from copy_from_user() in that it will oops
|
|
* on bad values of `to', rather than returning a short copy.
|
|
*/
|
|
static long exact_copy_from_user(void *to, const void __user * from,
|
|
unsigned long n)
|
|
{
|
|
char *t = to;
|
|
const char __user *f = from;
|
|
char c;
|
|
|
|
if (!access_ok(VERIFY_READ, from, n))
|
|
return n;
|
|
|
|
while (n) {
|
|
if (__get_user(c, f)) {
|
|
memset(t, 0, n);
|
|
break;
|
|
}
|
|
*t++ = c;
|
|
f++;
|
|
n--;
|
|
}
|
|
return n;
|
|
}
|
|
|
|
void *copy_mount_options(const void __user * data)
|
|
{
|
|
int i;
|
|
unsigned long size;
|
|
char *copy;
|
|
|
|
if (!data)
|
|
return NULL;
|
|
|
|
copy = kmalloc(PAGE_SIZE, GFP_KERNEL);
|
|
if (!copy)
|
|
return ERR_PTR(-ENOMEM);
|
|
|
|
/* We only care that *some* data at the address the user
|
|
* gave us is valid. Just in case, we'll zero
|
|
* the remainder of the page.
|
|
*/
|
|
/* copy_from_user cannot cross TASK_SIZE ! */
|
|
size = TASK_SIZE - (unsigned long)untagged_addr(data);
|
|
if (size > PAGE_SIZE)
|
|
size = PAGE_SIZE;
|
|
|
|
i = size - exact_copy_from_user(copy, data, size);
|
|
if (!i) {
|
|
kfree(copy);
|
|
return ERR_PTR(-EFAULT);
|
|
}
|
|
if (i != PAGE_SIZE)
|
|
memset(copy + i, 0, PAGE_SIZE - i);
|
|
return copy;
|
|
}
|
|
|
|
char *copy_mount_string(const void __user *data)
|
|
{
|
|
return data ? strndup_user(data, PAGE_SIZE) : NULL;
|
|
}
|
|
|
|
/*
|
|
* Flags is a 32-bit value that allows up to 31 non-fs dependent flags to
|
|
* be given to the mount() call (ie: read-only, no-dev, no-suid etc).
|
|
*
|
|
* data is a (void *) that can point to any structure up to
|
|
* PAGE_SIZE-1 bytes, which can contain arbitrary fs-dependent
|
|
* information (or be NULL).
|
|
*
|
|
* Pre-0.97 versions of mount() didn't have a flags word.
|
|
* When the flags word was introduced its top half was required
|
|
* to have the magic value 0xC0ED, and this remained so until 2.4.0-test9.
|
|
* Therefore, if this magic number is present, it carries no information
|
|
* and must be discarded.
|
|
*/
|
|
long do_mount(const char *dev_name, const char __user *dir_name,
|
|
const char *type_page, unsigned long flags, void *data_page)
|
|
{
|
|
struct path path;
|
|
unsigned int mnt_flags = 0, sb_flags;
|
|
int retval = 0;
|
|
|
|
/* Discard magic */
|
|
if ((flags & MS_MGC_MSK) == MS_MGC_VAL)
|
|
flags &= ~MS_MGC_MSK;
|
|
|
|
/* Basic sanity checks */
|
|
if (data_page)
|
|
((char *)data_page)[PAGE_SIZE - 1] = 0;
|
|
|
|
if (flags & MS_NOUSER)
|
|
return -EINVAL;
|
|
|
|
/* ... and get the mountpoint */
|
|
retval = user_path(dir_name, &path);
|
|
if (retval)
|
|
return retval;
|
|
|
|
retval = security_sb_mount(dev_name, &path,
|
|
type_page, flags, data_page);
|
|
if (!retval && !may_mount())
|
|
retval = -EPERM;
|
|
if (!retval && (flags & SB_MANDLOCK) && !may_mandlock())
|
|
retval = -EPERM;
|
|
if (retval)
|
|
goto dput_out;
|
|
|
|
/* Default to relatime unless overriden */
|
|
if (!(flags & MS_NOATIME))
|
|
mnt_flags |= MNT_RELATIME;
|
|
|
|
/* Separate the per-mountpoint flags */
|
|
if (flags & MS_NOSUID)
|
|
mnt_flags |= MNT_NOSUID;
|
|
if (flags & MS_NODEV)
|
|
mnt_flags |= MNT_NODEV;
|
|
if (flags & MS_NOEXEC)
|
|
mnt_flags |= MNT_NOEXEC;
|
|
if (flags & MS_NOATIME)
|
|
mnt_flags |= MNT_NOATIME;
|
|
if (flags & MS_NODIRATIME)
|
|
mnt_flags |= MNT_NODIRATIME;
|
|
if (flags & MS_STRICTATIME)
|
|
mnt_flags &= ~(MNT_RELATIME | MNT_NOATIME);
|
|
if (flags & MS_RDONLY)
|
|
mnt_flags |= MNT_READONLY;
|
|
|
|
/* The default atime for remount is preservation */
|
|
if ((flags & MS_REMOUNT) &&
|
|
((flags & (MS_NOATIME | MS_NODIRATIME | MS_RELATIME |
|
|
MS_STRICTATIME)) == 0)) {
|
|
mnt_flags &= ~MNT_ATIME_MASK;
|
|
mnt_flags |= path.mnt->mnt_flags & MNT_ATIME_MASK;
|
|
}
|
|
|
|
sb_flags = flags & (SB_RDONLY |
|
|
SB_SYNCHRONOUS |
|
|
SB_MANDLOCK |
|
|
SB_DIRSYNC |
|
|
SB_SILENT |
|
|
SB_POSIXACL |
|
|
SB_LAZYTIME |
|
|
SB_I_VERSION);
|
|
|
|
if (flags & MS_REMOUNT)
|
|
retval = do_remount(&path, flags, sb_flags, mnt_flags,
|
|
data_page);
|
|
else if (flags & MS_BIND)
|
|
retval = do_loopback(&path, dev_name, flags & MS_REC);
|
|
else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
|
|
retval = do_change_type(&path, flags);
|
|
else if (flags & MS_MOVE)
|
|
retval = do_move_mount(&path, dev_name);
|
|
else
|
|
retval = do_new_mount(&path, type_page, sb_flags, mnt_flags,
|
|
dev_name, data_page);
|
|
dput_out:
|
|
path_put(&path);
|
|
return retval;
|
|
}
|
|
|
|
static struct ucounts *inc_mnt_namespaces(struct user_namespace *ns)
|
|
{
|
|
return inc_ucount(ns, current_euid(), UCOUNT_MNT_NAMESPACES);
|
|
}
|
|
|
|
static void dec_mnt_namespaces(struct ucounts *ucounts)
|
|
{
|
|
dec_ucount(ucounts, UCOUNT_MNT_NAMESPACES);
|
|
}
|
|
|
|
static void free_mnt_ns(struct mnt_namespace *ns)
|
|
{
|
|
ns_free_inum(&ns->ns);
|
|
dec_mnt_namespaces(ns->ucounts);
|
|
put_user_ns(ns->user_ns);
|
|
kfree(ns);
|
|
}
|
|
|
|
/*
|
|
* Assign a sequence number so we can detect when we attempt to bind
|
|
* mount a reference to an older mount namespace into the current
|
|
* mount namespace, preventing reference counting loops. A 64bit
|
|
* number incrementing at 10Ghz will take 12,427 years to wrap which
|
|
* is effectively never, so we can ignore the possibility.
|
|
*/
|
|
static atomic64_t mnt_ns_seq = ATOMIC64_INIT(1);
|
|
|
|
static struct mnt_namespace *alloc_mnt_ns(struct user_namespace *user_ns)
|
|
{
|
|
struct mnt_namespace *new_ns;
|
|
struct ucounts *ucounts;
|
|
int ret;
|
|
|
|
ucounts = inc_mnt_namespaces(user_ns);
|
|
if (!ucounts)
|
|
return ERR_PTR(-ENOSPC);
|
|
|
|
new_ns = kmalloc(sizeof(struct mnt_namespace), GFP_KERNEL);
|
|
if (!new_ns) {
|
|
dec_mnt_namespaces(ucounts);
|
|
return ERR_PTR(-ENOMEM);
|
|
}
|
|
ret = ns_alloc_inum(&new_ns->ns);
|
|
if (ret) {
|
|
kfree(new_ns);
|
|
dec_mnt_namespaces(ucounts);
|
|
return ERR_PTR(ret);
|
|
}
|
|
new_ns->ns.ops = &mntns_operations;
|
|
new_ns->seq = atomic64_add_return(1, &mnt_ns_seq);
|
|
atomic_set(&new_ns->count, 1);
|
|
new_ns->root = NULL;
|
|
INIT_LIST_HEAD(&new_ns->list);
|
|
init_waitqueue_head(&new_ns->poll);
|
|
new_ns->event = 0;
|
|
new_ns->user_ns = get_user_ns(user_ns);
|
|
new_ns->ucounts = ucounts;
|
|
new_ns->mounts = 0;
|
|
new_ns->pending_mounts = 0;
|
|
return new_ns;
|
|
}
|
|
|
|
__latent_entropy
|
|
struct mnt_namespace *copy_mnt_ns(unsigned long flags, struct mnt_namespace *ns,
|
|
struct user_namespace *user_ns, struct fs_struct *new_fs)
|
|
{
|
|
struct mnt_namespace *new_ns;
|
|
struct vfsmount *rootmnt = NULL, *pwdmnt = NULL;
|
|
struct mount *p, *q;
|
|
struct mount *old;
|
|
struct mount *new;
|
|
int copy_flags;
|
|
|
|
BUG_ON(!ns);
|
|
|
|
if (likely(!(flags & CLONE_NEWNS))) {
|
|
get_mnt_ns(ns);
|
|
return ns;
|
|
}
|
|
|
|
old = ns->root;
|
|
|
|
new_ns = alloc_mnt_ns(user_ns);
|
|
if (IS_ERR(new_ns))
|
|
return new_ns;
|
|
|
|
namespace_lock();
|
|
/* First pass: copy the tree topology */
|
|
copy_flags = CL_COPY_UNBINDABLE | CL_EXPIRE;
|
|
if (user_ns != ns->user_ns)
|
|
copy_flags |= CL_SHARED_TO_SLAVE | CL_UNPRIVILEGED;
|
|
new = copy_tree(old, old->mnt.mnt_root, copy_flags);
|
|
if (IS_ERR(new)) {
|
|
namespace_unlock();
|
|
free_mnt_ns(new_ns);
|
|
return ERR_CAST(new);
|
|
}
|
|
new_ns->root = new;
|
|
list_add_tail(&new_ns->list, &new->mnt_list);
|
|
|
|
/*
|
|
* Second pass: switch the tsk->fs->* elements and mark new vfsmounts
|
|
* as belonging to new namespace. We have already acquired a private
|
|
* fs_struct, so tsk->fs->lock is not needed.
|
|
*/
|
|
p = old;
|
|
q = new;
|
|
while (p) {
|
|
q->mnt_ns = new_ns;
|
|
new_ns->mounts++;
|
|
if (new_fs) {
|
|
if (&p->mnt == new_fs->root.mnt) {
|
|
new_fs->root.mnt = mntget(&q->mnt);
|
|
rootmnt = &p->mnt;
|
|
}
|
|
if (&p->mnt == new_fs->pwd.mnt) {
|
|
new_fs->pwd.mnt = mntget(&q->mnt);
|
|
pwdmnt = &p->mnt;
|
|
}
|
|
}
|
|
p = next_mnt(p, old);
|
|
q = next_mnt(q, new);
|
|
if (!q)
|
|
break;
|
|
while (p->mnt.mnt_root != q->mnt.mnt_root)
|
|
p = next_mnt(p, old);
|
|
}
|
|
namespace_unlock();
|
|
|
|
if (rootmnt)
|
|
mntput(rootmnt);
|
|
if (pwdmnt)
|
|
mntput(pwdmnt);
|
|
|
|
return new_ns;
|
|
}
|
|
|
|
/**
|
|
* create_mnt_ns - creates a private namespace and adds a root filesystem
|
|
* @mnt: pointer to the new root filesystem mountpoint
|
|
*/
|
|
static struct mnt_namespace *create_mnt_ns(struct vfsmount *m)
|
|
{
|
|
struct mnt_namespace *new_ns = alloc_mnt_ns(&init_user_ns);
|
|
if (!IS_ERR(new_ns)) {
|
|
struct mount *mnt = real_mount(m);
|
|
mnt->mnt_ns = new_ns;
|
|
new_ns->root = mnt;
|
|
new_ns->mounts++;
|
|
list_add(&mnt->mnt_list, &new_ns->list);
|
|
} else {
|
|
mntput(m);
|
|
}
|
|
return new_ns;
|
|
}
|
|
|
|
struct dentry *mount_subtree(struct vfsmount *mnt, const char *name)
|
|
{
|
|
struct mnt_namespace *ns;
|
|
struct super_block *s;
|
|
struct path path;
|
|
int err;
|
|
|
|
ns = create_mnt_ns(mnt);
|
|
if (IS_ERR(ns))
|
|
return ERR_CAST(ns);
|
|
|
|
err = vfs_path_lookup(mnt->mnt_root, mnt,
|
|
name, LOOKUP_FOLLOW|LOOKUP_AUTOMOUNT, &path);
|
|
|
|
put_mnt_ns(ns);
|
|
|
|
if (err)
|
|
return ERR_PTR(err);
|
|
|
|
/* trade a vfsmount reference for active sb one */
|
|
s = path.mnt->mnt_sb;
|
|
atomic_inc(&s->s_active);
|
|
mntput(path.mnt);
|
|
/* lock the sucker */
|
|
down_write(&s->s_umount);
|
|
/* ... and return the root of (sub)tree on it */
|
|
return path.dentry;
|
|
}
|
|
EXPORT_SYMBOL(mount_subtree);
|
|
|
|
SYSCALL_DEFINE5(mount, char __user *, dev_name, char __user *, dir_name,
|
|
char __user *, type, unsigned long, flags, void __user *, data)
|
|
{
|
|
int ret;
|
|
char *kernel_type;
|
|
char *kernel_dev;
|
|
void *options;
|
|
|
|
kernel_type = copy_mount_string(type);
|
|
ret = PTR_ERR(kernel_type);
|
|
if (IS_ERR(kernel_type))
|
|
goto out_type;
|
|
|
|
kernel_dev = copy_mount_string(dev_name);
|
|
ret = PTR_ERR(kernel_dev);
|
|
if (IS_ERR(kernel_dev))
|
|
goto out_dev;
|
|
|
|
options = copy_mount_options(data);
|
|
ret = PTR_ERR(options);
|
|
if (IS_ERR(options))
|
|
goto out_data;
|
|
|
|
ret = do_mount(kernel_dev, dir_name, kernel_type, flags, options);
|
|
|
|
kfree(options);
|
|
out_data:
|
|
kfree(kernel_dev);
|
|
out_dev:
|
|
kfree(kernel_type);
|
|
out_type:
|
|
return ret;
|
|
}
|
|
|
|
/*
|
|
* Return true if path is reachable from root
|
|
*
|
|
* namespace_sem or mount_lock is held
|
|
*/
|
|
bool is_path_reachable(struct mount *mnt, struct dentry *dentry,
|
|
const struct path *root)
|
|
{
|
|
while (&mnt->mnt != root->mnt && mnt_has_parent(mnt)) {
|
|
dentry = mnt->mnt_mountpoint;
|
|
mnt = mnt->mnt_parent;
|
|
}
|
|
return &mnt->mnt == root->mnt && is_subdir(dentry, root->dentry);
|
|
}
|
|
|
|
bool path_is_under(const struct path *path1, const struct path *path2)
|
|
{
|
|
bool res;
|
|
read_seqlock_excl(&mount_lock);
|
|
res = is_path_reachable(real_mount(path1->mnt), path1->dentry, path2);
|
|
read_sequnlock_excl(&mount_lock);
|
|
return res;
|
|
}
|
|
EXPORT_SYMBOL(path_is_under);
|
|
|
|
/*
|
|
* pivot_root Semantics:
|
|
* Moves the root file system of the current process to the directory put_old,
|
|
* makes new_root as the new root file system of the current process, and sets
|
|
* root/cwd of all processes which had them on the current root to new_root.
|
|
*
|
|
* Restrictions:
|
|
* The new_root and put_old must be directories, and must not be on the
|
|
* same file system as the current process root. The put_old must be
|
|
* underneath new_root, i.e. adding a non-zero number of /.. to the string
|
|
* pointed to by put_old must yield the same directory as new_root. No other
|
|
* file system may be mounted on put_old. After all, new_root is a mountpoint.
|
|
*
|
|
* Also, the current root cannot be on the 'rootfs' (initial ramfs) filesystem.
|
|
* See Documentation/filesystems/ramfs-rootfs-initramfs.txt for alternatives
|
|
* in this situation.
|
|
*
|
|
* Notes:
|
|
* - we don't move root/cwd if they are not at the root (reason: if something
|
|
* cared enough to change them, it's probably wrong to force them elsewhere)
|
|
* - it's okay to pick a root that isn't the root of a file system, e.g.
|
|
* /nfs/my_root where /nfs is the mount point. It must be a mountpoint,
|
|
* though, so you may need to say mount --bind /nfs/my_root /nfs/my_root
|
|
* first.
|
|
*/
|
|
SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
|
|
const char __user *, put_old)
|
|
{
|
|
struct path new, old, parent_path, root_parent, root;
|
|
struct mount *new_mnt, *root_mnt, *old_mnt;
|
|
struct mountpoint *old_mp, *root_mp;
|
|
int error;
|
|
|
|
if (!may_mount())
|
|
return -EPERM;
|
|
|
|
error = user_path_dir(new_root, &new);
|
|
if (error)
|
|
goto out0;
|
|
|
|
error = user_path_dir(put_old, &old);
|
|
if (error)
|
|
goto out1;
|
|
|
|
error = security_sb_pivotroot(&old, &new);
|
|
if (error)
|
|
goto out2;
|
|
|
|
get_fs_root(current->fs, &root);
|
|
old_mp = lock_mount(&old);
|
|
error = PTR_ERR(old_mp);
|
|
if (IS_ERR(old_mp))
|
|
goto out3;
|
|
|
|
error = -EINVAL;
|
|
new_mnt = real_mount(new.mnt);
|
|
root_mnt = real_mount(root.mnt);
|
|
old_mnt = real_mount(old.mnt);
|
|
if (IS_MNT_SHARED(old_mnt) ||
|
|
IS_MNT_SHARED(new_mnt->mnt_parent) ||
|
|
IS_MNT_SHARED(root_mnt->mnt_parent))
|
|
goto out4;
|
|
if (!check_mnt(root_mnt) || !check_mnt(new_mnt))
|
|
goto out4;
|
|
if (new_mnt->mnt.mnt_flags & MNT_LOCKED)
|
|
goto out4;
|
|
error = -ENOENT;
|
|
if (d_unlinked(new.dentry))
|
|
goto out4;
|
|
error = -EBUSY;
|
|
if (new_mnt == root_mnt || old_mnt == root_mnt)
|
|
goto out4; /* loop, on the same file system */
|
|
error = -EINVAL;
|
|
if (root.mnt->mnt_root != root.dentry)
|
|
goto out4; /* not a mountpoint */
|
|
if (!mnt_has_parent(root_mnt))
|
|
goto out4; /* not attached */
|
|
root_mp = root_mnt->mnt_mp;
|
|
if (new.mnt->mnt_root != new.dentry)
|
|
goto out4; /* not a mountpoint */
|
|
if (!mnt_has_parent(new_mnt))
|
|
goto out4; /* not attached */
|
|
/* make sure we can reach put_old from new_root */
|
|
if (!is_path_reachable(old_mnt, old.dentry, &new))
|
|
goto out4;
|
|
/* make certain new is below the root */
|
|
if (!is_path_reachable(new_mnt, new.dentry, &root))
|
|
goto out4;
|
|
lock_mount_hash();
|
|
root_mp->m_count++; /* pin it so it won't go away */
|
|
detach_mnt(new_mnt, &parent_path);
|
|
detach_mnt(root_mnt, &root_parent);
|
|
if (root_mnt->mnt.mnt_flags & MNT_LOCKED) {
|
|
new_mnt->mnt.mnt_flags |= MNT_LOCKED;
|
|
root_mnt->mnt.mnt_flags &= ~MNT_LOCKED;
|
|
}
|
|
/* mount old root on put_old */
|
|
attach_mnt(root_mnt, old_mnt, old_mp);
|
|
/* mount new_root on / */
|
|
attach_mnt(new_mnt, real_mount(root_parent.mnt), root_mp);
|
|
touch_mnt_namespace(current->nsproxy->mnt_ns);
|
|
/* A moved mount should not expire automatically */
|
|
list_del_init(&new_mnt->mnt_expire);
|
|
put_mountpoint(root_mp);
|
|
unlock_mount_hash();
|
|
chroot_fs_refs(&root, &new);
|
|
error = 0;
|
|
out4:
|
|
unlock_mount(old_mp);
|
|
if (!error) {
|
|
path_put(&root_parent);
|
|
path_put(&parent_path);
|
|
}
|
|
out3:
|
|
path_put(&root);
|
|
out2:
|
|
path_put(&old);
|
|
out1:
|
|
path_put(&new);
|
|
out0:
|
|
return error;
|
|
}
|
|
|
|
static void __init init_mount_tree(void)
|
|
{
|
|
struct vfsmount *mnt;
|
|
struct mnt_namespace *ns;
|
|
struct path root;
|
|
struct file_system_type *type;
|
|
|
|
type = get_fs_type("rootfs");
|
|
if (!type)
|
|
panic("Can't find rootfs type");
|
|
mnt = vfs_kern_mount(type, 0, "rootfs", NULL);
|
|
put_filesystem(type);
|
|
if (IS_ERR(mnt))
|
|
panic("Can't create rootfs");
|
|
|
|
ns = create_mnt_ns(mnt);
|
|
if (IS_ERR(ns))
|
|
panic("Can't allocate initial namespace");
|
|
|
|
init_task.nsproxy->mnt_ns = ns;
|
|
get_mnt_ns(ns);
|
|
|
|
root.mnt = mnt;
|
|
root.dentry = mnt->mnt_root;
|
|
mnt->mnt_flags |= MNT_LOCKED;
|
|
|
|
set_fs_pwd(current->fs, &root);
|
|
set_fs_root(current->fs, &root);
|
|
}
|
|
|
|
void __init mnt_init(void)
|
|
{
|
|
int err;
|
|
|
|
mnt_cache = kmem_cache_create("mnt_cache", sizeof(struct mount),
|
|
0, SLAB_HWCACHE_ALIGN | SLAB_PANIC, NULL);
|
|
|
|
mount_hashtable = alloc_large_system_hash("Mount-cache",
|
|
sizeof(struct hlist_head),
|
|
mhash_entries, 19,
|
|
HASH_ZERO,
|
|
&m_hash_shift, &m_hash_mask, 0, 0);
|
|
mountpoint_hashtable = alloc_large_system_hash("Mountpoint-cache",
|
|
sizeof(struct hlist_head),
|
|
mphash_entries, 19,
|
|
HASH_ZERO,
|
|
&mp_hash_shift, &mp_hash_mask, 0, 0);
|
|
|
|
if (!mount_hashtable || !mountpoint_hashtable)
|
|
panic("Failed to allocate mount hash table\n");
|
|
|
|
kernfs_init();
|
|
|
|
err = sysfs_init();
|
|
if (err)
|
|
printk(KERN_WARNING "%s: sysfs_init error: %d\n",
|
|
__func__, err);
|
|
fs_kobj = kobject_create_and_add("fs", NULL);
|
|
if (!fs_kobj)
|
|
printk(KERN_WARNING "%s: kobj create error\n", __func__);
|
|
init_rootfs();
|
|
init_mount_tree();
|
|
}
|
|
|
|
void put_mnt_ns(struct mnt_namespace *ns)
|
|
{
|
|
if (!atomic_dec_and_test(&ns->count))
|
|
return;
|
|
drop_collected_mounts(&ns->root->mnt);
|
|
free_mnt_ns(ns);
|
|
}
|
|
|
|
struct vfsmount *kern_mount_data(struct file_system_type *type, void *data)
|
|
{
|
|
struct vfsmount *mnt;
|
|
mnt = vfs_kern_mount(type, SB_KERNMOUNT, type->name, data);
|
|
if (!IS_ERR(mnt)) {
|
|
/*
|
|
* it is a longterm mount, don't release mnt until
|
|
* we unmount before file sys is unregistered
|
|
*/
|
|
real_mount(mnt)->mnt_ns = MNT_NS_INTERNAL;
|
|
}
|
|
return mnt;
|
|
}
|
|
EXPORT_SYMBOL_GPL(kern_mount_data);
|
|
|
|
void kern_unmount(struct vfsmount *mnt)
|
|
{
|
|
/* release long term mount so mount point can be released */
|
|
if (!IS_ERR_OR_NULL(mnt)) {
|
|
real_mount(mnt)->mnt_ns = NULL;
|
|
synchronize_rcu(); /* yecchhh... */
|
|
mntput(mnt);
|
|
}
|
|
}
|
|
EXPORT_SYMBOL(kern_unmount);
|
|
|
|
bool our_mnt(struct vfsmount *mnt)
|
|
{
|
|
return check_mnt(real_mount(mnt));
|
|
}
|
|
|
|
bool current_chrooted(void)
|
|
{
|
|
/* Does the current process have a non-standard root */
|
|
struct path ns_root;
|
|
struct path fs_root;
|
|
bool chrooted;
|
|
|
|
/* Find the namespace root */
|
|
ns_root.mnt = ¤t->nsproxy->mnt_ns->root->mnt;
|
|
ns_root.dentry = ns_root.mnt->mnt_root;
|
|
path_get(&ns_root);
|
|
while (d_mountpoint(ns_root.dentry) && follow_down_one(&ns_root))
|
|
;
|
|
|
|
get_fs_root(current->fs, &fs_root);
|
|
|
|
chrooted = !path_equal(&fs_root, &ns_root);
|
|
|
|
path_put(&fs_root);
|
|
path_put(&ns_root);
|
|
|
|
return chrooted;
|
|
}
|
|
|
|
static bool mnt_already_visible(struct mnt_namespace *ns, struct vfsmount *new,
|
|
int *new_mnt_flags)
|
|
{
|
|
int new_flags = *new_mnt_flags;
|
|
struct mount *mnt;
|
|
bool visible = false;
|
|
|
|
down_read(&namespace_sem);
|
|
list_for_each_entry(mnt, &ns->list, mnt_list) {
|
|
struct mount *child;
|
|
int mnt_flags;
|
|
|
|
if (mnt->mnt.mnt_sb->s_type != new->mnt_sb->s_type)
|
|
continue;
|
|
|
|
/* This mount is not fully visible if it's root directory
|
|
* is not the root directory of the filesystem.
|
|
*/
|
|
if (mnt->mnt.mnt_root != mnt->mnt.mnt_sb->s_root)
|
|
continue;
|
|
|
|
/* A local view of the mount flags */
|
|
mnt_flags = mnt->mnt.mnt_flags;
|
|
|
|
/* Don't miss readonly hidden in the superblock flags */
|
|
if (sb_rdonly(mnt->mnt.mnt_sb))
|
|
mnt_flags |= MNT_LOCK_READONLY;
|
|
|
|
/* Verify the mount flags are equal to or more permissive
|
|
* than the proposed new mount.
|
|
*/
|
|
if ((mnt_flags & MNT_LOCK_READONLY) &&
|
|
!(new_flags & MNT_READONLY))
|
|
continue;
|
|
if ((mnt_flags & MNT_LOCK_ATIME) &&
|
|
((mnt_flags & MNT_ATIME_MASK) != (new_flags & MNT_ATIME_MASK)))
|
|
continue;
|
|
|
|
/* This mount is not fully visible if there are any
|
|
* locked child mounts that cover anything except for
|
|
* empty directories.
|
|
*/
|
|
list_for_each_entry(child, &mnt->mnt_mounts, mnt_child) {
|
|
struct inode *inode = child->mnt_mountpoint->d_inode;
|
|
/* Only worry about locked mounts */
|
|
if (!(child->mnt.mnt_flags & MNT_LOCKED))
|
|
continue;
|
|
/* Is the directory permanetly empty? */
|
|
if (!is_empty_dir_inode(inode))
|
|
goto next;
|
|
}
|
|
/* Preserve the locked attributes */
|
|
*new_mnt_flags |= mnt_flags & (MNT_LOCK_READONLY | \
|
|
MNT_LOCK_ATIME);
|
|
visible = true;
|
|
goto found;
|
|
next: ;
|
|
}
|
|
found:
|
|
up_read(&namespace_sem);
|
|
return visible;
|
|
}
|
|
|
|
static bool mount_too_revealing(struct vfsmount *mnt, int *new_mnt_flags)
|
|
{
|
|
const unsigned long required_iflags = SB_I_NOEXEC | SB_I_NODEV;
|
|
struct mnt_namespace *ns = current->nsproxy->mnt_ns;
|
|
unsigned long s_iflags;
|
|
|
|
if (ns->user_ns == &init_user_ns)
|
|
return false;
|
|
|
|
/* Can this filesystem be too revealing? */
|
|
s_iflags = mnt->mnt_sb->s_iflags;
|
|
if (!(s_iflags & SB_I_USERNS_VISIBLE))
|
|
return false;
|
|
|
|
if ((s_iflags & required_iflags) != required_iflags) {
|
|
WARN_ONCE(1, "Expected s_iflags to contain 0x%lx\n",
|
|
required_iflags);
|
|
return true;
|
|
}
|
|
|
|
return !mnt_already_visible(ns, mnt, new_mnt_flags);
|
|
}
|
|
|
|
bool mnt_may_suid(struct vfsmount *mnt)
|
|
{
|
|
/*
|
|
* Foreign mounts (accessed via fchdir or through /proc
|
|
* symlinks) are always treated as if they are nosuid. This
|
|
* prevents namespaces from trusting potentially unsafe
|
|
* suid/sgid bits, file caps, or security labels that originate
|
|
* in other namespaces.
|
|
*/
|
|
return !(mnt->mnt_flags & MNT_NOSUID) && check_mnt(real_mount(mnt)) &&
|
|
current_in_userns(mnt->mnt_sb->s_user_ns);
|
|
}
|
|
|
|
static struct ns_common *mntns_get(struct task_struct *task)
|
|
{
|
|
struct ns_common *ns = NULL;
|
|
struct nsproxy *nsproxy;
|
|
|
|
task_lock(task);
|
|
nsproxy = task->nsproxy;
|
|
if (nsproxy) {
|
|
ns = &nsproxy->mnt_ns->ns;
|
|
get_mnt_ns(to_mnt_ns(ns));
|
|
}
|
|
task_unlock(task);
|
|
|
|
return ns;
|
|
}
|
|
|
|
static void mntns_put(struct ns_common *ns)
|
|
{
|
|
put_mnt_ns(to_mnt_ns(ns));
|
|
}
|
|
|
|
static int mntns_install(struct nsproxy *nsproxy, struct ns_common *ns)
|
|
{
|
|
struct fs_struct *fs = current->fs;
|
|
struct mnt_namespace *mnt_ns = to_mnt_ns(ns), *old_mnt_ns;
|
|
struct path root;
|
|
int err;
|
|
|
|
if (!ns_capable(mnt_ns->user_ns, CAP_SYS_ADMIN) ||
|
|
!ns_capable(current_user_ns(), CAP_SYS_CHROOT) ||
|
|
!ns_capable(current_user_ns(), CAP_SYS_ADMIN))
|
|
return -EPERM;
|
|
|
|
if (fs->users != 1)
|
|
return -EINVAL;
|
|
|
|
get_mnt_ns(mnt_ns);
|
|
old_mnt_ns = nsproxy->mnt_ns;
|
|
nsproxy->mnt_ns = mnt_ns;
|
|
|
|
/* Find the root */
|
|
err = vfs_path_lookup(mnt_ns->root->mnt.mnt_root, &mnt_ns->root->mnt,
|
|
"/", LOOKUP_DOWN, &root);
|
|
if (err) {
|
|
/* revert to old namespace */
|
|
nsproxy->mnt_ns = old_mnt_ns;
|
|
put_mnt_ns(mnt_ns);
|
|
return err;
|
|
}
|
|
|
|
put_mnt_ns(old_mnt_ns);
|
|
|
|
/* Update the pwd and root */
|
|
set_fs_pwd(fs, &root);
|
|
set_fs_root(fs, &root);
|
|
|
|
path_put(&root);
|
|
return 0;
|
|
}
|
|
|
|
static struct user_namespace *mntns_owner(struct ns_common *ns)
|
|
{
|
|
return to_mnt_ns(ns)->user_ns;
|
|
}
|
|
|
|
const struct proc_ns_operations mntns_operations = {
|
|
.name = "mnt",
|
|
.type = CLONE_NEWNS,
|
|
.get = mntns_get,
|
|
.put = mntns_put,
|
|
.install = mntns_install,
|
|
.owner = mntns_owner,
|
|
};
|