anierin/msm-5.15
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
94de3b405c8dee0ffc8de5c06b32fbf00fc4e8f9
msm-5.15/fs/overlayfs/inode.c
Greg Kroah-Hartman 20ec745823 Merge 5.15.86 into android13-5.15-lts 
Changes in 5.15.86
	drm/amd/display: Manually adjust strobe for DCN303
	usb: musb: remove extra check in musb_gadget_vbus_draw
	arm64: dts: qcom: ipq6018-cp01-c1: use BLSPI1 pins
	arm64: dts: qcom: sm8250-sony-xperia-edo: fix touchscreen bias-disable
	arm64: dts: qcom: msm8996: Add MSM8996 Pro support
	arm64: dts: qcom: msm8996: fix supported-hw in cpufreq OPP tables
	arm64: dts: qcom: msm8996: fix GPU OPP table
	ARM: dts: qcom: apq8064: fix coresight compatible
	arm64: dts: qcom: sdm630: fix UART1 pin bias
	arm64: dts: qcom: sdm845-cheza: fix AP suspend pin bias
	arm64: dts: qcom: msm8916: Drop MSS fallback compatible
	objtool, kcsan: Add volatile read/write instrumentation to whitelist
	ARM: dts: stm32: Drop stm32mp15xc.dtsi from Avenger96
	ARM: dts: stm32: Fix AV96 WLAN regulator gpio property
	drivers: soc: ti: knav_qmss_queue: Mark knav_acc_firmwares as static
	arm64: dts: qcom: pm660: Use unique ADC5_VCOIN address in node name
	arm64: dts: qcom: sm8250: correct LPASS pin pull down
	soc: qcom: llcc: make irq truly optional
	arm64: dts: qcom: Correct QMP PHY child node name
	arm64: dts: qcom: sm8150: fix UFS PHY registers
	arm64: dts: qcom: sm8250: fix UFS PHY registers
	arm64: dts: qcom: sm8350: fix UFS PHY registers
	arm64: dts: qcom: sm8250: drop bogus DP PHY clock
	soc: qcom: apr: make code more reuseable
	soc: qcom: apr: Add check for idr_alloc and of_property_read_string_index
	arm64: dts: qcom: sm6125: fix SDHCI CQE reg names
	arm: dts: spear600: Fix clcd interrupt
	soc: ti: knav_qmss_queue: Use pm_runtime_resume_and_get instead of pm_runtime_get_sync
	soc: ti: knav_qmss_queue: Fix PM disable depth imbalance in knav_queue_probe
	soc: ti: smartreflex: Fix PM disable depth imbalance in omap_sr_probe
	arm64: Treat ESR_ELx as a 64-bit register
	arm64: mm: kfence: only handle translation faults
	perf: arm_dsu: Fix hotplug callback leak in dsu_pmu_init()
	perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init()
	perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()
	arm64: dts: ti: k3-am65-main: Drop dma-coherent in crypto node
	arm64: dts: ti: k3-j721e-main: Drop dma-coherent in crypto node
	ARM: dts: nuvoton: Remove bogus unit addresses from fixed-partition nodes
	arm64: dts: mt6779: Fix devicetree build warnings
	arm64: dts: mt2712e: Fix unit_address_vs_reg warning for oscillators
	arm64: dts: mt2712e: Fix unit address for pinctrl node
	arm64: dts: mt2712-evb: Fix vproc fixed regulators unit names
	arm64: dts: mt2712-evb: Fix usb vbus regulators unit names
	arm64: dts: mediatek: pumpkin-common: Fix devicetree warnings
	arm64: dts: mediatek: mt6797: Fix 26M oscillator unit name
	ARM: dts: dove: Fix assigned-addresses for every PCIe Root Port
	ARM: dts: armada-370: Fix assigned-addresses for every PCIe Root Port
	ARM: dts: armada-xp: Fix assigned-addresses for every PCIe Root Port
	ARM: dts: armada-375: Fix assigned-addresses for every PCIe Root Port
	ARM: dts: armada-38x: Fix assigned-addresses for every PCIe Root Port
	ARM: dts: armada-39x: Fix assigned-addresses for every PCIe Root Port
	ARM: dts: turris-omnia: Add ethernet aliases
	ARM: dts: turris-omnia: Add switch port 6 node
	arm64: dts: armada-3720-turris-mox: Add missing interrupt for RTC
	seccomp: Move copy_seccomp() to no failure path.
	pstore/ram: Fix error return code in ramoops_probe()
	ARM: mmp: fix timer_read delay
	pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP
	tpm/tpm_ftpm_tee: Fix error handling in ftpm_mod_init()
	tpm/tpm_crb: Fix error message in __crb_relinquish_locality()
	ovl: store lower path in ovl_inode
	ovl: use ovl_copy_{real,upper}attr() wrappers
	ovl: remove privs in ovl_copyfile()
	ovl: remove privs in ovl_fallocate()
	sched/fair: Cleanup task_util and capacity type
	sched/uclamp: Fix relationship between uclamp and migration margin
	sched/uclamp: Make task_fits_capacity() use util_fits_cpu()
	sched/uclamp: Make select_idle_capacity() use util_fits_cpu()
	sched/fair: Removed useless update of p->recent_used_cpu
	sched/core: Introduce sched_asym_cpucap_active()
	sched/uclamp: Make asym_fits_capacity() use util_fits_cpu()
	cpuidle: dt: Return the correct numbers of parsed idle states
	alpha: fix TIF_NOTIFY_SIGNAL handling
	alpha: fix syscall entry in !AUDUT_SYSCALL case
	x86/sgx: Reduce delay and interference of enclave release
	PM: hibernate: Fix mistake in kerneldoc comment
	fs: don't audit the capability check in simple_xattr_list()
	cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut()
	selftests/ftrace: event_triggers: wait longer for test_event_enable
	perf: Fix possible memleak in pmu_dev_alloc()
	lib/debugobjects: fix stat count and optimize debug_objects_mem_init
	platform/x86: huawei-wmi: fix return value calculation
	timerqueue: Use rb_entry_safe() in timerqueue_getnext()
	proc: fixup uptime selftest
	lib/fonts: fix undefined behavior in bit shift for get_default_font
	ocfs2: fix memory leak in ocfs2_stack_glue_init()
	MIPS: vpe-mt: fix possible memory leak while module exiting
	MIPS: vpe-cmp: fix possible memory leak while module exiting
	selftests/efivarfs: Add checking of the test return value
	PNP: fix name memory leak in pnp_alloc_dev()
	perf/x86/intel/uncore: Fix reference count leak in sad_cfg_iio_topology()
	perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox()
	perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()
	perf/x86/intel/uncore: Fix reference count leak in __uncore_imc_init_box()
	platform/chrome: cros_usbpd_notify: Fix error handling in cros_usbpd_notify_init()
	thermal: core: fix some possible name leaks in error paths
	irqchip: gic-pm: Use pm_runtime_resume_and_get() in gic_probe()
	irqchip/wpcm450: Fix memory leak in wpcm450_aic_of_init()
	EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper()
	SUNRPC: Return true/false (not 1/0) from bool functions
	NFSD: Finish converting the NFSv2 GETACL result encoder
	nfsd: don't call nfsd_file_put from client states seqfile display
	genirq/irqdesc: Don't try to remove non-existing sysfs files
	cpufreq: amd_freq_sensitivity: Add missing pci_dev_put()
	libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value
	lib/notifier-error-inject: fix error when writing -errno to debugfs file
	debugfs: fix error when writing negative value to atomic_t debugfs file
	rapidio: fix possible name leaks when rio_add_device() fails
	rapidio: rio: fix possible name leak in rio_register_mport()
	clocksource/drivers/sh_cmt: Access registers according to spec
	mips: ralink: mt7621: define MT7621_SYSC_BASE with __iomem
	mips: ralink: mt7621: soc queries and tests as functions
	mips: ralink: mt7621: do not use kzalloc too early
	futex: Move to kernel/futex/
	futex: Resend potentially swallowed owner death notification
	cpu/hotplug: Make target_store() a nop when target == state
	cpu/hotplug: Do not bail-out in DYING/STARTING sections
	clocksource/drivers/timer-ti-dm: Fix missing clk_disable_unprepare in dmtimer_systimer_init_clock()
	ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage()
	uprobes/x86: Allow to probe a NOP instruction with 0x66 prefix
	x86/xen: Fix memory leak in xen_smp_intr_init{_pv}()
	x86/xen: Fix memory leak in xen_init_lock_cpu()
	xen/privcmd: Fix a possible warning in privcmd_ioctl_mmap_resource()
	PM: runtime: Do not call __rpm_callback() from rpm_idle()
	platform/chrome: cros_ec_typec: Cleanup switch handle return paths
	platform/chrome: cros_ec_typec: zero out stale pointers
	platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]()
	platform/x86: intel_scu_ipc: fix possible name leak in __intel_scu_ipc_register()
	MIPS: BCM63xx: Add check for NULL for clk in clk_enable
	MIPS: OCTEON: warn only once if deprecated link status is being used
	lockd: set other missing fields when unlocking files
	fs: sysv: Fix sysv_nblocks() returns wrong value
	rapidio: fix possible UAF when kfifo_alloc() fails
	eventfd: change int to __u64 in eventfd_signal() ifndef CONFIG_EVENTFD
	relay: fix type mismatch when allocating memory in relay_create_buf()
	hfs: Fix OOB Write in hfs_asc2mac
	rapidio: devices: fix missing put_device in mport_cdev_open
	platform/mellanox: mlxbf-pmc: Fix event typo
	wifi: ath9k: hif_usb: fix memory leak of urbs in ath9k_hif_usb_dealloc_tx_urbs()
	wifi: ath9k: hif_usb: Fix use-after-free in ath9k_hif_usb_reg_in_cb()
	wifi: rtl8xxxu: Fix reading the vendor of combo chips
	drm/bridge: adv7533: remove dynamic lane switching from adv7533 bridge
	libbpf: Fix use-after-free in btf_dump_name_dups
	libbpf: Fix null-pointer dereference in find_prog_by_sec_insn()
	ata: libata: move ata_{port,link,dev}_dbg to standard pr_XXX() macros
	ata: add/use ata_taskfile::{error|status} fields
	ata: libata: fix NCQ autosense logic
	ipmi: kcs: Poll OBF briefly to reduce OBE latency
	drm/amdgpu/powerplay/psm: Fix memory leak in power state init
	media: v4l2-ctrls: Fix off-by-one error in integer menu control check
	media: coda: jpeg: Add check for kmalloc
	media: adv748x: afe: Select input port when initializing AFE
	media: i2c: ad5820: Fix error path
	venus: pm_helpers: Fix error check in vcodec_domains_get()
	soreuseport: Fix socket selection for SO_INCOMING_CPU.
	media: exynos4-is: don't rely on the v4l2_async_subdev internals
	libbpf: Btf dedup identical struct test needs check for nested structs/arrays
	can: kvaser_usb: do not increase tx statistics when sending error message frames
	can: kvaser_usb: kvaser_usb_leaf: Get capabilities from device
	can: kvaser_usb: kvaser_usb_leaf: Rename {leaf,usbcan}_cmd_error_event to {leaf,usbcan}_cmd_can_error_event
	can: kvaser_usb: kvaser_usb_leaf: Handle CMD_ERROR_EVENT
	can: kvaser_usb_leaf: Set Warning state even without bus errors
	can: kvaser_usb: make use of units.h in assignment of frequency
	can: kvaser_usb_leaf: Fix improved state not being reported
	can: kvaser_usb_leaf: Fix wrong CAN state after stopping
	can: kvaser_usb_leaf: Fix bogus restart events
	can: kvaser_usb: Add struct kvaser_usb_busparams
	can: kvaser_usb: Compare requested bittiming parameters with actual parameters in do_set_{,data}_bittiming
	drm/rockchip: lvds: fix PM usage counter unbalance in poweron
	clk: renesas: r9a06g032: Repair grave increment error
	spi: Update reference to struct spi_controller
	drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure
	ima: Handle -ESTALE returned by ima_filter_rule_match()
	drm/msm/hdmi: drop unused GPIO support
	drm/msm/hdmi: use devres helper for runtime PM management
	bpf: Fix slot type check in check_stack_write_var_off
	media: vivid: fix compose size exceed boundary
	media: platform: exynos4-is: fix return value check in fimc_md_probe()
	bpf: propagate precision in ALU/ALU64 operations
	bpf: Check the other end of slot_type for STACK_SPILL
	bpf: propagate precision across all frames, not just the last one
	clk: qcom: gcc-sm8250: Use retention mode for USB GDSCs
	mtd: Fix device name leak when register device failed in add_mtd_device()
	Input: joystick - fix Kconfig warning for JOYSTICK_ADC
	wifi: rsi: Fix handling of 802.3 EAPOL frames sent via control port
	media: camss: Clean up received buffers on failed start of streaming
	net, proc: Provide PROC_FS=n fallback for proc_create_net_single_write()
	rxrpc: Fix ack.bufferSize to be 0 when generating an ack
	bfq: fix waker_bfqq inconsistency crash
	drm/radeon: Add the missed acpi_put_table() to fix memory leak
	drm/mediatek: Modify dpi power on/off sequence.
	ASoC: pxa: fix null-pointer dereference in filter()
	libbpf: Fix uninitialized warning in btf_dump_dump_type_data
	nvmet: only allocate a single slab for bvecs
	regulator: core: fix unbalanced of node refcount in regulator_dev_lookup()
	amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
	nvme: return err on nvme_init_non_mdts_limits fail
	regulator: qcom-rpmh: Fix PMR735a S3 regulator spec
	drm/fourcc: Add packed 10bit YUV 4:2:0 format
	drm/fourcc: Fix vsub/hsub for Q410 and Q401
	integrity: Fix memory leakage in keyring allocation error path
	ima: Fix misuse of dereference of pointer in template_desc_init_fields()
	block: clear ->slave_dir when dropping the main slave_dir reference
	wifi: ath10k: Fix return value in ath10k_pci_init()
	drm/msm/a6xx: Fix speed-bin detection vs probe-defer
	mtd: lpddr2_nvm: Fix possible null-ptr-deref
	Input: elants_i2c - properly handle the reset GPIO when power is off
	media: vidtv: Fix use-after-free in vidtv_bridge_dvb_init()
	media: solo6x10: fix possible memory leak in solo_sysfs_init()
	media: platform: exynos4-is: Fix error handling in fimc_md_init()
	media: videobuf-dma-contig: use dma_mmap_coherent
	inet: add READ_ONCE(sk->sk_bound_dev_if) in inet_csk_bind_conflict()
	mtd: spi-nor: hide jedec_id sysfs attribute if not present
	mtd: spi-nor: Fix the number of bytes for the dummy cycles
	bpf: Move skb->len == 0 checks into __bpf_redirect
	HID: hid-sensor-custom: set fixed size for custom attributes
	pinctrl: k210: call of_node_put()
	ALSA: pcm: fix undefined behavior in bit shift for SNDRV_PCM_RATE_KNOT
	ALSA: seq: fix undefined behavior in bit shift for SNDRV_SEQ_FILTER_USE_EVENT
	regulator: core: use kfree_const() to free space conditionally
	clk: rockchip: Fix memory leak in rockchip_clk_register_pll()
	drm/amdgpu: fix pci device refcount leak
	bonding: fix link recovery in mode 2 when updelay is nonzero
	mtd: maps: pxa2xx-flash: fix memory leak in probe
	drbd: remove call to memset before free device/resource/connection
	drbd: destroy workqueue when drbd device was freed
	ASoC: qcom: Add checks for devm_kcalloc
	media: vimc: Fix wrong function called when vimc_init() fails
	media: imon: fix a race condition in send_packet()
	clk: imx8mn: rename vpu_pll to m7_alt_pll
	clk: imx: replace osc_hdmi with dummy
	clk: imx8mn: fix imx8mn_sai2_sels clocks list
	clk: imx8mn: fix imx8mn_enet_phy_sels clocks list
	pinctrl: pinconf-generic: add missing of_node_put()
	media: dvb-core: Fix ignored return value in dvb_register_frontend()
	media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
	media: s5p-mfc: Add variant data for MFC v7 hardware for Exynos 3250 SoC
	drm/tegra: Add missing clk_disable_unprepare() in tegra_dc_probe()
	ASoC: dt-bindings: wcd9335: fix reset line polarity in example
	ASoC: mediatek: mtk-btcvsd: Add checks for write and read of mtk_btcvsd_snd
	NFSv4.2: Clear FATTR4_WORD2_SECURITY_LABEL when done decoding
	NFSv4.2: Fix a memory stomp in decode_attr_security_label
	NFSv4.2: Fix initialisation of struct nfs4_label
	NFSv4: Fix a credential leak in _nfs4_discover_trunking()
	NFSv4: Fix a deadlock between nfs4_open_recover_helper() and delegreturn
	NFS: Fix an Oops in nfs_d_automount()
	ALSA: asihpi: fix missing pci_disable_device()
	wifi: iwlwifi: mvm: fix double free on tx path.
	ASoC: mediatek: mt8173: Fix debugfs registration for components
	ASoC: mediatek: mt8173: Enable IRQ when pdata is ready
	drm/amd/pm/smu11: BACO is supported when it's in BACO state
	drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios()
	drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios()
	drm/amdkfd: Fix memory leakage
	ASoC: pcm512x: Fix PM disable depth imbalance in pcm512x_probe
	netfilter: conntrack: set icmpv6 redirects as RELATED
	Input: wistron_btns - disable on UML
	bpf, sockmap: Fix repeated calls to sock_put() when msg has more_data
	bpf, sockmap: Fix missing BPF_F_INGRESS flag when using apply_bytes
	bpf, sockmap: Fix data loss caused by using apply_bytes on ingress redirect
	bonding: uninitialized variable in bond_miimon_inspect()
	spi: spidev: mask SPI_CS_HIGH in SPI_IOC_RD_MODE
	wifi: mac80211: fix memory leak in ieee80211_if_add()
	wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails
	mt76: stop the radar detector after leaving dfs channel
	wifi: mt76: mt7921: fix reporting of TX AGGR histogram
	wifi: mt76: fix coverity overrun-call in mt76_get_txpower()
	regulator: core: fix module refcount leak in set_supply()
	clk: qcom: lpass-sc7180: Fix pm_runtime usage
	clk: qcom: clk-krait: fix wrong div2 functions
	hsr: Add a rcu-read lock to hsr_forward_skb().
	hsr: Avoid double remove of a node.
	hsr: Disable netpoll.
	hsr: Synchronize sending frames to have always incremented outgoing seq nr.
	hsr: Synchronize sequence number updates.
	configfs: fix possible memory leak in configfs_create_dir()
	regulator: core: fix resource leak in regulator_register()
	hwmon: (jc42) Convert register access and caching to regmap/regcache
	hwmon: (jc42) Restore the min/max/critical temperatures on resume
	bpf, sockmap: fix race in sock_map_free()
	ALSA: pcm: Set missing stop_operating flag at undoing trigger start
	media: saa7164: fix missing pci_disable_device()
	ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt
	xprtrdma: Fix regbuf data not freed in rpcrdma_req_create()
	SUNRPC: Fix missing release socket in rpc_sockname()
	NFSv4.x: Fail client initialisation if state manager thread can't run
	riscv, bpf: Emit fixed-length instructions for BPF_PSEUDO_FUNC
	mmc: alcor: fix return value check of mmc_add_host()
	mmc: moxart: fix return value check of mmc_add_host()
	mmc: mxcmmc: fix return value check of mmc_add_host()
	mmc: pxamci: fix return value check of mmc_add_host()
	mmc: rtsx_pci: fix return value check of mmc_add_host()
	mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host()
	mmc: toshsd: fix return value check of mmc_add_host()
	mmc: vub300: fix return value check of mmc_add_host()
	mmc: wmt-sdmmc: fix return value check of mmc_add_host()
	mmc: atmel-mci: fix return value check of mmc_add_host()
	mmc: omap_hsmmc: fix return value check of mmc_add_host()
	mmc: meson-gx: fix return value check of mmc_add_host()
	mmc: via-sdmmc: fix return value check of mmc_add_host()
	mmc: wbsd: fix return value check of mmc_add_host()
	mmc: mmci: fix return value check of mmc_add_host()
	mmc: renesas_sdhi: alway populate SCC pointer
	memstick: ms_block: Add error handling support for add_disk()
	memstick/ms_block: Add check for alloc_ordered_workqueue
	mmc: core: Normalize the error handling branch in sd_read_ext_regs()
	regulator: qcom-labibb: Fix missing of_node_put() in qcom_labibb_regulator_probe()
	media: c8sectpfe: Add of_node_put() when breaking out of loop
	media: coda: Add check for dcoda_iram_alloc
	media: coda: Add check for kmalloc
	clk: samsung: Fix memory leak in _samsung_clk_register_pll()
	spi: spi-gpio: Don't set MOSI as an input if not 3WIRE mode
	wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h
	wifi: rtl8xxxu: Fix the channel width reporting
	wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware()
	blktrace: Fix output non-blktrace event when blk_classic option enabled
	bpf: Do not zero-extend kfunc return values
	clk: socfpga: Fix memory leak in socfpga_gate_init()
	net: vmw_vsock: vmci: Check memcpy_from_msg()
	net: defxx: Fix missing err handling in dfx_init()
	net: stmmac: selftests: fix potential memleak in stmmac_test_arpoffload()
	net: stmmac: fix possible memory leak in stmmac_dvr_probe()
	drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init()
	of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry() and find_dup_cset_prop()
	ethernet: s2io: don't call dev_kfree_skb() under spin_lock_irqsave()
	net: farsync: Fix kmemleak when rmmods farsync
	net/tunnel: wait until all sk_user_data reader finish before releasing the sock
	net: apple: mace: don't call dev_kfree_skb() under spin_lock_irqsave()
	net: apple: bmac: don't call dev_kfree_skb() under spin_lock_irqsave()
	net: emaclite: don't call dev_kfree_skb() under spin_lock_irqsave()
	net: ethernet: dnet: don't call dev_kfree_skb() under spin_lock_irqsave()
	hamradio: don't call dev_kfree_skb() under spin_lock_irqsave()
	net: amd: lance: don't call dev_kfree_skb() under spin_lock_irqsave()
	af_unix: call proto_unregister() in the error path in af_unix_init()
	net: amd-xgbe: Fix logic around active and passive cables
	net: amd-xgbe: Check only the minimum speed for active/passive cables
	can: tcan4x5x: Remove invalid write in clear_interrupts
	can: m_can: Call the RAM init directly from m_can_chip_config
	can: tcan4x5x: Fix use of register error status mask
	net: lan9303: Fix read error execution path
	ntb_netdev: Use dev_kfree_skb_any() in interrupt context
	sctp: sysctl: make extra pointers netns aware
	Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS
	Bluetooth: btintel: Fix missing free skb in btintel_setup_combined()
	Bluetooth: btusb: don't call kfree_skb() under spin_lock_irqsave()
	Bluetooth: hci_qca: don't call kfree_skb() under spin_lock_irqsave()
	Bluetooth: hci_ll: don't call kfree_skb() under spin_lock_irqsave()
	Bluetooth: hci_h5: don't call kfree_skb() under spin_lock_irqsave()
	Bluetooth: hci_bcsp: don't call kfree_skb() under spin_lock_irqsave()
	Bluetooth: hci_core: don't call kfree_skb() under spin_lock_irqsave()
	Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave()
	stmmac: fix potential division by 0
	i40e: Fix the inability to attach XDP program on downed interface
	net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path
	apparmor: fix a memleak in multi_transaction_new()
	apparmor: fix lockdep warning when removing a namespace
	apparmor: Fix abi check to include v8 abi
	crypto: hisilicon/qm - fix missing destroy qp_idr
	crypto: sun8i-ss - use dma_addr instead u32
	crypto: nitrox - avoid double free on error path in nitrox_sriov_init()
	scsi: core: Fix a race between scsi_done() and scsi_timeout()
	apparmor: Use pointer to struct aa_label for lbs_cred
	PCI: dwc: Fix n_fts[] array overrun
	RDMA/core: Fix order of nldev_exit call
	PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled
	f2fs: Fix the race condition of resize flag between resizefs
	crypto: rockchip - do not do custom power management
	crypto: rockchip - do not store mode globally
	crypto: rockchip - add fallback for cipher
	crypto: rockchip - add fallback for ahash
	crypto: rockchip - better handle cipher key
	crypto: rockchip - remove non-aligned handling
	crypto: rockchip - rework by using crypto_engine
	apparmor: Fix memleak in alloc_ns()
	f2fs: fix to invalidate dcc->f2fs_issue_discard in error path
	f2fs: fix normal discard process
	f2fs: fix to destroy sbi->post_read_wq in error path of f2fs_fill_super()
	RDMA/irdma: Report the correct link speed
	scsi: qla2xxx: Fix set-but-not-used variable warnings
	RDMA/siw: Fix immediate work request flush to completion queue
	IB/mad: Don't call to function that might sleep while in atomic context
	PCI: vmd: Disable MSI remapping after suspend
	RDMA/restrack: Release MR restrack when delete
	RDMA/core: Make sure "ib_port" is valid when access sysfs node
	RDMA/nldev: Return "-EAGAIN" if the cm_id isn't from expected port
	RDMA/siw: Set defined status for work completion with undefined status
	scsi: scsi_debug: Fix a warning in resp_write_scat()
	crypto: ccree - Remove debugfs when platform_driver_register failed
	crypto: cryptd - Use request context instead of stack for sub-request
	crypto: hisilicon/qm - add missing pci_dev_put() in q_num_set()
	RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data()
	RDMA/hns: Fix ext_sge num error when post send
	PCI: Check for alloc failure in pci_request_irq()
	RDMA/hfi: Decrease PCI device reference count in error path
	crypto: ccree - Make cc_debugfs_global_fini() available for module init function
	RDMA/hns: fix memory leak in hns_roce_alloc_mr()
	RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed
	dt-bindings: imx6q-pcie: Fix clock names for imx6sx and imx8mq
	dt-bindings: visconti-pcie: Fix interrupts array max constraints
	scsi: hpsa: Fix possible memory leak in hpsa_init_one()
	crypto: tcrypt - Fix multibuffer skcipher speed test mem leak
	padata: Always leave BHs disabled when running ->parallel()
	padata: Fix list iterator in padata_do_serial()
	scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add()
	scsi: hpsa: Fix error handling in hpsa_add_sas_host()
	scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device()
	scsi: efct: Fix possible memleak in efct_device_init()
	scsi: scsi_debug: Fix a warning in resp_verify()
	scsi: scsi_debug: Fix a warning in resp_report_zones()
	scsi: fcoe: Fix possible name leak when device_register() fails
	scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper()
	scsi: ipr: Fix WARNING in ipr_init()
	scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails
	scsi: snic: Fix possible UAF in snic_tgt_create()
	RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps()
	f2fs: avoid victim selection from previous victim section
	RDMA/nldev: Fix failure to send large messages
	crypto: amlogic - Remove kcalloc without check
	crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe()
	riscv/mm: add arch hook arch_clear_hugepage_flags
	RDMA/hfi1: Fix error return code in parse_platform_config()
	RDMA/srp: Fix error return code in srp_parse_options()
	PCI: mt7621: Rename mt7621_pci_ to mt7621_pcie_
	PCI: mt7621: Add sentinel to quirks table
	orangefs: Fix sysfs not cleanup when dev init failed
	RDMA/hns: Fix AH attr queried by query_qp
	RDMA/hns: Fix PBL page MTR find
	RDMA/hns: Fix page size cap from firmware
	RDMA/hns: Fix error code of CMD
	crypto: img-hash - Fix variable dereferenced before check 'hdev->req'
	hwrng: amd - Fix PCI device refcount leak
	hwrng: geode - Fix PCI device refcount leak
	IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces
	RISC-V: Align the shadow stack
	drivers: dio: fix possible memory leak in dio_init()
	serial: tegra: Read DMA status before terminating
	serial: 8250_bcm7271: Fix error handling in brcmuart_init()
	class: fix possible memory leak in __class_register()
	vfio: platform: Do not pass return buffer to ACPI _RST method
	uio: uio_dmem_genirq: Fix missing unlock in irq configuration
	uio: uio_dmem_genirq: Fix deadlock between irq config and handling
	usb: fotg210-udc: Fix ages old endianness issues
	staging: vme_user: Fix possible UAF in tsi148_dma_list_add
	usb: typec: Check for ops->exit instead of ops->enter in altmode_exit
	usb: typec: tcpci: fix of node refcount leak in tcpci_register_port()
	usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails
	usb: typec: tipd: Fix spurious fwnode_handle_put in error path
	extcon: usbc-tusb320: Add support for mode setting and reset
	extcon: usbc-tusb320: Add support for TUSB320L
	usb: typec: Factor out non-PD fwnode properties
	extcon: usbc-tusb320: Factor out extcon into dedicated functions
	extcon: usbc-tusb320: Add USB TYPE-C support
	extcon: usbc-tusb320: Update state on probe even if no IRQ pending
	serial: amba-pl011: avoid SBSA UART accessing DMACR register
	serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle.
	serial: stm32: move dma_request_chan() before clk_prepare_enable()
	serial: pch: Fix PCI device refcount leak in pch_request_dma()
	tty: serial: clean up stop-tx part in altera_uart_tx_chars()
	tty: serial: altera_uart_{r,t}x_chars() need only uart_port
	serial: altera_uart: fix locking in polling mode
	serial: sunsab: Fix error handling in sunsab_init()
	test_firmware: fix memory leak in test_firmware_init()
	misc: ocxl: fix possible name leak in ocxl_file_register_afu()
	ocxl: fix pci device refcount leak when calling get_function_0()
	misc: tifm: fix possible memory leak in tifm_7xx1_switch_media()
	misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os
	firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe()
	cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter()
	cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter()
	iio: temperature: ltc2983: make bulk write buffer DMA-safe
	iio: adis: handle devices that cannot unmask the drdy pin
	iio: adis: stylistic changes
	iio:imu:adis: Move exports into IIO_ADISLIB namespace
	iio: adis: add '__adis_enable_irq()' implementation
	counter: stm32-lptimer-cnt: fix the check on arr and cmp registers update
	coresight: trbe: remove cpuhp instance node before remove cpuhp state
	usb: roles: fix of node refcount leak in usb_role_switch_is_parent()
	usb: gadget: f_hid: fix f_hidg lifetime vs cdev
	usb: gadget: f_hid: fix refcount leak on error path
	drivers: mcb: fix resource leak in mcb_probe()
	mcb: mcb-parse: fix error handing in chameleon_parse_gdd()
	chardev: fix error handling in cdev_device_add()
	i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe
	staging: rtl8192u: Fix use after free in ieee80211_rx()
	staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor()
	vme: Fix error not catched in fake_init()
	gpiolib: Get rid of redundant 'else'
	gpiolib: cdev: fix NULL-pointer dereferences
	gpiolib: make struct comments into real kernel docs
	gpiolib: protect the GPIO device against being dropped while in use by user-space
	i2c: mux: reg: check return value after calling platform_get_resource()
	i2c: ismt: Fix an out-of-bounds bug in ismt_access()
	usb: storage: Add check for kcalloc
	tracing/hist: Fix issue of losting command info in error_log
	ksmbd: Fix resource leak in ksmbd_session_rpc_open()
	samples: vfio-mdev: Fix missing pci_disable_device() in mdpy_fb_probe()
	thermal/drivers/imx8mm_thermal: Validate temperature range
	thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2
	thermal/drivers/qcom/lmh: Fix irq handler return value
	fbdev: ssd1307fb: Drop optional dependency
	fbdev: pm2fb: fix missing pci_disable_device()
	fbdev: via: Fix error in via_core_init()
	fbdev: vermilion: decrease reference count in error path
	fbdev: ep93xx-fb: Add missing clk_disable_unprepare in ep93xxfb_probe()
	fbdev: geode: don't build on UML
	fbdev: uvesafb: don't build on UML
	fbdev: uvesafb: Fixes an error handling path in uvesafb_probe()
	HSI: omap_ssi_core: fix unbalanced pm_runtime_disable()
	HSI: omap_ssi_core: fix possible memory leak in ssi_probe()
	power: supply: fix residue sysfs file in error handle route of __power_supply_register()
	perf trace: Return error if a system call doesn't exist
	perf trace: Use macro RAW_SYSCALL_ARGS_NUM to replace number
	perf trace: Handle failure when trace point folder is missed
	perf symbol: correction while adjusting symbol
	power: supply: z2_battery: Fix possible memleak in z2_batt_probe()
	HSI: omap_ssi_core: Fix error handling in ssi_init()
	power: supply: ab8500: Fix error handling in ab8500_charger_init()
	power: supply: fix null pointer dereferencing in power_supply_get_battery_info
	perf stat: Refactor __run_perf_stat() common code
	perf stat: Do not delay the workload with --delay
	RDMA/siw: Fix pointer cast warning
	fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst()
	overflow: Implement size_t saturating arithmetic helpers
	fs/ntfs3: Harden against integer overflows
	iommu/sun50i: Fix reset release
	iommu/sun50i: Consider all fault sources for reset
	iommu/sun50i: Fix R/W permission check
	iommu/sun50i: Fix flush size
	iommu/rockchip: fix permission bits in page table entries v2
	phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices
	include/uapi/linux/swab: Fix potentially missing __always_inline
	pwm: tegra: Improve required rate calculation
	fs/ntfs3: Fix slab-out-of-bounds read in ntfs_trim_fs
	dmaengine: idxd: Fix crc_val field for completion record
	rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0
	rtc: cmos: Fix event handler registration ordering issue
	rtc: cmos: Fix wake alarm breakage
	rtc: cmos: fix build on non-ACPI platforms
	rtc: cmos: Call cmos_wake_setup() from cmos_do_probe()
	rtc: cmos: Call rtc_wake_setup() from cmos_do_probe()
	rtc: cmos: Eliminate forward declarations of some functions
	rtc: cmos: Rename ACPI-related functions
	rtc: cmos: Disable ACPI RTC event on removal
	rtc: snvs: Allow a time difference on clock register read
	rtc: pcf85063: Fix reading alarm
	iommu/amd: Fix pci device refcount leak in ppr_notifier()
	iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe()
	macintosh: fix possible memory leak in macio_add_one_device()
	macintosh/macio-adb: check the return value of ioremap()
	powerpc/52xx: Fix a resource leak in an error handling path
	cxl: Fix refcount leak in cxl_calc_capp_routing
	powerpc/xmon: Fix -Wswitch-unreachable warning in bpt_cmds
	powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data()
	powerpc/perf: callchain validate kernel stack pointer bounds
	powerpc/83xx/mpc832x_rdb: call platform_device_put() in error case in of_fsl_spi_probe()
	powerpc/hv-gpci: Fix hv_gpci event list
	selftests/powerpc: Fix resource leaks
	iommu/sun50i: Remove IOMMU_DOMAIN_IDENTITY
	pwm: sifive: Call pwm_sifive_update_clock() while mutex is held
	pwm: mtk-disp: Fix the parameters calculated by the enabled flag of disp_pwm
	pwm: mediatek: always use bus clock for PWM on MT7622
	remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev()
	remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio()
	remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove
	remoteproc: qcom_q6v5_pas: detach power domains on remove
	remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in adsp_alloc_memory_region()
	remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in q6v5_wcss_qcs404_power_on()
	powerpc/eeh: Drop redundant spinlock initialization
	powerpc/pseries/eeh: use correct API for error log size
	mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ
	mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe()
	mfd: pm8008: Remove driver data structure pm8008_data
	mfd: pm8008: Fix return value check in pm8008_probe()
	netfilter: flowtable: really fix NAT IPv6 offload
	rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe()
	rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe()
	rtc: pcf85063: fix pcf85063_clkout_control
	nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure
	net: macsec: fix net device access prior to holding a lock
	mISDN: hfcsusb: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave()
	mISDN: hfcpci: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave()
	mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave()
	block, bfq: fix possible uaf for 'bfqq->bic'
	selftests/bpf: Add test for unstable CT lookup API
	net: enetc: avoid buffer leaks on xdp_do_redirect() failure
	nfc: pn533: Clear nfc_target before being used
	unix: Fix race in SOCK_SEQPACKET's unix_dgram_sendmsg()
	r6040: Fix kmemleak in probe and remove
	igc: Enhance Qbv scheduling by using first flag bit
	igc: Use strict cycles for Qbv scheduling
	igc: Add checking for basetime less than zero
	igc: allow BaseTime 0 enrollment for Qbv
	igc: recalculate Qbv end_time by considering cycle time
	igc: Lift TAPRIO schedule restriction
	igc: Set Qbv start_time and end_time to end_time if not being configured in GCL
	rtc: mxc_v2: Add missing clk_disable_unprepare()
	selftests: devlink: fix the fd redirect in dummy_reporter_test
	openvswitch: Fix flow lookup to use unmasked key
	soc: mediatek: pm-domains: Fix the power glitch issue
	arm64: dts: mt8183: Fix Mali GPU clock
	skbuff: Account for tail adjustment during pull operations
	mailbox: mpfs: read the system controller's status
	mailbox: arm_mhuv2: Fix return value check in mhuv2_probe()
	mailbox: zynq-ipi: fix error handling while device_register() fails
	net_sched: reject TCF_EM_SIMPLE case for complex ematch module
	rxrpc: Fix missing unlock in rxrpc_do_sendmsg()
	myri10ge: Fix an error handling path in myri10ge_probe()
	net: stream: purge sk_error_queue in sk_stream_kill_queues()
	HID: amd_sfh: Add missing check for dma_alloc_coherent
	rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state()
	arm64: make is_ttbrX_addr() noinstr-safe
	video: hyperv_fb: Avoid taking busy spinlock on panic path
	x86/hyperv: Remove unregister syscore call from Hyper-V cleanup
	binfmt_misc: fix shift-out-of-bounds in check_special_flags
	fs: jfs: fix shift-out-of-bounds in dbAllocAG
	udf: Avoid double brelse() in udf_rename()
	jfs: Fix fortify moan in symlink
	fs: jfs: fix shift-out-of-bounds in dbDiscardAG
	ACPICA: Fix error code path in acpi_ds_call_control_method()
	nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset()
	nilfs2: fix shift-out-of-bounds due to too large exponent of block size
	acct: fix potential integer overflow in encode_comp_t()
	hfs: fix OOB Read in __hfs_brec_find
	drm/etnaviv: add missing quirks for GC300
	media: imx-jpeg: Disable useless interrupt to avoid kernel panic
	brcmfmac: return error when getting invalid max_flowrings from dongle
	wifi: ath9k: verify the expected usb_endpoints are present
	wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out
	ASoC: codecs: rt298: Add quirk for KBL-R RVP platform
	ipmi: fix memleak when unload ipmi driver
	drm/amd/display: prevent memory leak
	Revert "drm/amd/display: Limit max DSC target bpp for specific monitors"
	qed (gcc13): use u16 for fid to be big enough
	bpf: make sure skb->len != 0 when redirecting to a tunneling device
	net: ethernet: ti: Fix return type of netcp_ndo_start_xmit()
	hamradio: baycom_epp: Fix return type of baycom_send_packet()
	wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request()
	igb: Do not free q_vector unless new one was allocated
	drm/amdgpu: Fix type of second parameter in trans_msg() callback
	drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback
	s390/ctcm: Fix return type of ctc{mp,}m_tx()
	s390/netiucv: Fix return type of netiucv_tx()
	s390/lcs: Fix return type of lcs_start_xmit()
	drm/msm: Use drm_mode_copy()
	drm/rockchip: Use drm_mode_copy()
	drm/sti: Use drm_mode_copy()
	drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid()
	drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()
	md/raid1: stop mdx_raid1 thread when raid1 array run failed
	drm/amd/display: fix array index out of bound error in bios parser
	net: add atomic_long_t to net_device_stats fields
	ipv6/sit: use DEV_STATS_INC() to avoid data-races
	mrp: introduce active flags to prevent UAF when applicant uninit
	ppp: associate skb with a device at tx
	bpf: Prevent decl_tag from being referenced in func_proto arg
	ethtool: avoiding integer overflow in ethtool_phys_id()
	media: dvb-frontends: fix leak of memory fw
	media: dvbdev: adopts refcnt to avoid UAF
	media: dvb-usb: fix memory leak in dvb_usb_adapter_init()
	blk-mq: fix possible memleak when register 'hctx' failed
	drm/amd/display: Use the largest vready_offset in pipe group
	libbpf: Avoid enum forward-declarations in public API in C++ mode
	regulator: core: fix use_count leakage when handling boot-on
	wifi: mt76: do not run mt76u_status_worker if the device is not running
	mmc: f-sdh30: Add quirks for broken timeout clock capability
	mmc: renesas_sdhi: better reset from HS400 mode
	media: si470x: Fix use-after-free in si470x_int_in_callback()
	clk: st: Fix memory leak in st_of_quadfs_setup()
	crypto: hisilicon/hpre - fix resource leak in remove process
	scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs
	scsi: ufs: Reduce the START STOP UNIT timeout
	scsi: elx: libefc: Fix second parameter type in state callbacks
	hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()
	drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid()
	drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()
	orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string()
	orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()
	tools/include: Add _RET_IP_ and math definitions to kernel.h
	KVM: selftests: Fix build regression by using accessor function
	hwmon: (jc42) Fix missing unlock on error in jc42_write()
	ALSA/ASoC: hda: move/rename snd_hdac_ext_stop_streams to hdac_stream.c
	ALSA: hda: add snd_hdac_stop_streams() helper
	ASoC: Intel: Skylake: Fix driver hang during shutdown
	ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in mt8173_rt5650_rt5514_dev_probe()
	ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link()
	ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in rockchip_pdm_runtime_resume()
	ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe()
	ASoC: wm8994: Fix potential deadlock
	ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in rk_spdif_runtime_resume()
	ASoC: rt5670: Remove unbalanced pm_runtime_put()
	drm/i915/display: Don't disable DDI/Transcoder when setting phy test pattern
	LoadPin: Ignore the "contents" argument of the LSM hooks
	pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion
	perf debug: Set debug_peo_args and redirect_to_stderr variable to correct values in perf_quiet_option()
	afs: Fix lost servers_outstanding count
	pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES
	ima: Simplify ima_lsm_copy_rule
	ALSA: usb-audio: add the quirk for KT0206 device
	ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB
	ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list
	usb: cdnsp: fix lack of ZLP for ep0
	usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq
	arm64: dts: qcom: sm8250: fix USB-DP PHY registers
	usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode
	usb: dwc3: core: defer probe on ulpi_read_id timeout
	xhci: Prevent infinite loop in transaction errors recovery for streams
	HID: wacom: Ensure bootloader PID is usable in hidraw mode
	HID: mcp2221: don't connect hidraw
	loop: Fix the max_loop commandline argument treatment when it is set to 0
	9p: set req refcount to zero to avoid uninitialized usage
	security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6
	reiserfs: Add missing calls to reiserfs_security_free()
	iio: fix memory leak in iio_device_register_eventset()
	iio: adc: ad_sigma_delta: do not use internal iio_dev lock
	iio: adc128s052: add proper .data members in adc128_of_match table
	regulator: core: fix deadlock on regulator enable
	floppy: Fix memory leak in do_floppy_init()
	gcov: add support for checksum field
	fbdev: fbcon: release buffer when fbcon_do_set_font() failed
	ovl: fix use inode directly in rcu-walk mode
	btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range
	scsi: qla2xxx: Fix crash when I/O abort times out
	net: stmmac: fix errno when create_singlethread_workqueue() fails
	media: dvbdev: fix build warning due to comments
	media: dvbdev: fix refcnt bug
	extcon: usbc-tusb320: Call the Type-C IRQ handler only if a port is registered
	mfd: qcom_rpm: Use devm_of_platform_populate() to simplify code
	pwm: tegra: Fix 32 bit build
	Linux 5.15.86

Change-Id: I4ec30b690e8dbd554044495e26360a86cc042069
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
2023-01-30 14:44:15 +00:00

1200 lines
32 KiB
C
Raw Blame History

// SPDX-License-Identifier: GPL-2.0-only
/*
*
* Copyright (C) 2011 Novell Inc.
*/
#include <linux/fs.h>
#include <linux/slab.h>
#include <linux/cred.h>
#include <linux/xattr.h>
#include <linux/posix_acl.h>
#include <linux/ratelimit.h>
#include <linux/fiemap.h>
#include <linux/fileattr.h>
#include <linux/security.h>
#include <linux/namei.h>
#include "overlayfs.h"
int ovl_setattr(struct user_namespace *mnt_userns, struct dentry *dentry,
struct iattr *attr)
{
int err;
bool full_copy_up = false;
struct dentry *upperdentry;
const struct cred *old_cred;
err = setattr_prepare(&init_user_ns, dentry, attr);
if (err)
return err;
err = ovl_want_write(dentry);
if (err)
goto out;
if (attr->ia_valid & ATTR_SIZE) {
/* Truncate should trigger data copy up as well */
full_copy_up = true;
}
if (!full_copy_up)
err = ovl_copy_up(dentry);
else
err = ovl_copy_up_with_data(dentry);
if (!err) {
struct inode *winode = NULL;
upperdentry = ovl_dentry_upper(dentry);
if (attr->ia_valid & ATTR_SIZE) {
winode = d_inode(upperdentry);
err = get_write_access(winode);
if (err)
goto out_drop_write;
}
if (attr->ia_valid & (ATTR_KILL_SUID|ATTR_KILL_SGID))
attr->ia_valid &= ~ATTR_MODE;
/*
* We might have to translate ovl file into real file object
* once use cases emerge. For now, simply don't let underlying
* filesystem rely on attr->ia_file
*/
attr->ia_valid &= ~ATTR_FILE;
/*
* If open(O_TRUNC) is done, VFS calls ->setattr with ATTR_OPEN
* set. Overlayfs does not pass O_TRUNC flag to underlying
* filesystem during open -> do not pass ATTR_OPEN. This
* disables optimization in fuse which assumes open(O_TRUNC)
* already set file size to 0. But we never passed O_TRUNC to
* fuse. So by clearing ATTR_OPEN, fuse will be forced to send
* setattr request to server.
*/
attr->ia_valid &= ~ATTR_OPEN;
inode_lock(upperdentry->d_inode);
old_cred = ovl_override_creds(dentry->d_sb);
err = notify_change(&init_user_ns, upperdentry, attr, NULL);
ovl_revert_creds(dentry->d_sb, old_cred);
if (!err)
ovl_copyattr(dentry->d_inode);
inode_unlock(upperdentry->d_inode);
if (winode)
put_write_access(winode);
}
out_drop_write:
ovl_drop_write(dentry);
out:
return err;
}
static void ovl_map_dev_ino(struct dentry *dentry, struct kstat *stat, int fsid)
{
bool samefs = ovl_same_fs(dentry->d_sb);
unsigned int xinobits = ovl_xino_bits(dentry->d_sb);
unsigned int xinoshift = 64 - xinobits;
if (samefs) {
/*
* When all layers are on the same fs, all real inode
* number are unique, so we use the overlay st_dev,
* which is friendly to du -x.
*/
stat->dev = dentry->d_sb->s_dev;
return;
} else if (xinobits) {
/*
* All inode numbers of underlying fs should not be using the
* high xinobits, so we use high xinobits to partition the
* overlay st_ino address space. The high bits holds the fsid
* (upper fsid is 0). The lowest xinobit is reserved for mapping
* the non-persistent inode numbers range in case of overflow.
* This way all overlay inode numbers are unique and use the
* overlay st_dev.
*/
if (likely(!(stat->ino >> xinoshift))) {
stat->ino |= ((u64)fsid) << (xinoshift + 1);
stat->dev = dentry->d_sb->s_dev;
return;
} else if (ovl_xino_warn(dentry->d_sb)) {
pr_warn_ratelimited("inode number too big (%pd2, ino=%llu, xinobits=%d)\n",
dentry, stat->ino, xinobits);
}
}
/* The inode could not be mapped to a unified st_ino address space */
if (S_ISDIR(dentry->d_inode->i_mode)) {
/*
* Always use the overlay st_dev for directories, so 'find
* -xdev' will scan the entire overlay mount and won't cross the
* overlay mount boundaries.
*
* If not all layers are on the same fs the pair {real st_ino;
* overlay st_dev} is not unique, so use the non persistent
* overlay st_ino for directories.
*/
stat->dev = dentry->d_sb->s_dev;
stat->ino = dentry->d_inode->i_ino;
} else {
/*
* For non-samefs setup, if we cannot map all layers st_ino
* to a unified address space, we need to make sure that st_dev
* is unique per underlying fs, so we use the unique anonymous
* bdev assigned to the underlying fs.
*/
stat->dev = OVL_FS(dentry->d_sb)->fs[fsid].pseudo_dev;
}
}
int ovl_getattr(struct user_namespace *mnt_userns, const struct path *path,
struct kstat *stat, u32 request_mask, unsigned int flags)
{
struct dentry *dentry = path->dentry;
enum ovl_path_type type;
struct path realpath;
const struct cred *old_cred;
struct inode *inode = d_inode(dentry);
bool is_dir = S_ISDIR(inode->i_mode);
int fsid = 0;
int err;
bool metacopy_blocks = false;
metacopy_blocks = ovl_is_metacopy_dentry(dentry);
type = ovl_path_real(dentry, &realpath);
old_cred = ovl_override_creds(dentry->d_sb);
err = vfs_getattr(&realpath, stat, request_mask, flags);
if (err)
goto out;
/* Report the effective immutable/append-only STATX flags */
generic_fill_statx_attr(inode, stat);
/*
* For non-dir or same fs, we use st_ino of the copy up origin.
* This guaranties constant st_dev/st_ino across copy up.
* With xino feature and non-samefs, we use st_ino of the copy up
* origin masked with high bits that represent the layer id.
*
* If lower filesystem supports NFS file handles, this also guaranties
* persistent st_ino across mount cycle.
*/
if (!is_dir || ovl_same_dev(dentry->d_sb)) {
if (!OVL_TYPE_UPPER(type)) {
fsid = ovl_layer_lower(dentry)->fsid;
} else if (OVL_TYPE_ORIGIN(type)) {
struct kstat lowerstat;
u32 lowermask = STATX_INO | STATX_BLOCKS |
(!is_dir ? STATX_NLINK : 0);
ovl_path_lower(dentry, &realpath);
err = vfs_getattr(&realpath, &lowerstat,
lowermask, flags);
if (err)
goto out;
/*
* Lower hardlinks may be broken on copy up to different
* upper files, so we cannot use the lower origin st_ino
* for those different files, even for the same fs case.
*
* Similarly, several redirected dirs can point to the
* same dir on a lower layer. With the "verify_lower"
* feature, we do not use the lower origin st_ino, if
* we haven't verified that this redirect is unique.
*
* With inodes index enabled, it is safe to use st_ino
* of an indexed origin. The index validates that the
* upper hardlink is not broken and that a redirected
* dir is the only redirect to that origin.
*/
if (ovl_test_flag(OVL_INDEX, d_inode(dentry)) ||
(!ovl_verify_lower(dentry->d_sb) &&
(is_dir || lowerstat.nlink == 1))) {
fsid = ovl_layer_lower(dentry)->fsid;
stat->ino = lowerstat.ino;
}
/*
* If we are querying a metacopy dentry and lower
* dentry is data dentry, then use the blocks we
* queried just now. We don't have to do additional
* vfs_getattr(). If lower itself is metacopy, then
* additional vfs_getattr() is unavoidable.
*/
if (metacopy_blocks &&
realpath.dentry == ovl_dentry_lowerdata(dentry)) {
stat->blocks = lowerstat.blocks;
metacopy_blocks = false;
}
}
if (metacopy_blocks) {
/*
* If lower is not same as lowerdata or if there was
* no origin on upper, we can end up here.
*/
struct kstat lowerdatastat;
u32 lowermask = STATX_BLOCKS;
ovl_path_lowerdata(dentry, &realpath);
err = vfs_getattr(&realpath, &lowerdatastat,
lowermask, flags);
if (err)
goto out;
stat->blocks = lowerdatastat.blocks;
}
}
ovl_map_dev_ino(dentry, stat, fsid);
/*
* It's probably not worth it to count subdirs to get the
* correct link count. nlink=1 seems to pacify 'find' and
* other utilities.
*/
if (is_dir && OVL_TYPE_MERGE(type))
stat->nlink = 1;
/*
* Return the overlay inode nlinks for indexed upper inodes.
* Overlay inode nlink counts the union of the upper hardlinks
* and non-covered lower hardlinks. It does not include the upper
* index hardlink.
*/
if (!is_dir && ovl_test_flag(OVL_INDEX, d_inode(dentry)))
stat->nlink = dentry->d_inode->i_nlink;
out:
ovl_revert_creds(dentry->d_sb, old_cred);
return err;
}
int ovl_permission(struct user_namespace *mnt_userns,
struct inode *inode, int mask)
{
struct inode *upperinode = ovl_inode_upper(inode);
struct inode *realinode = upperinode ?: ovl_inode_lower(inode);
const struct cred *old_cred;
int err;
/* Careful in RCU walk mode */
if (!realinode) {
WARN_ON(!(mask & MAY_NOT_BLOCK));
return -ECHILD;
}
/*
* Check overlay inode with the creds of task and underlying inode
* with creds of mounter
*/
err = generic_permission(&init_user_ns, inode, mask);
if (err)
return err;
old_cred = ovl_override_creds(inode->i_sb);
if (!upperinode &&
!special_file(realinode->i_mode) && mask & MAY_WRITE) {
mask &= ~(MAY_WRITE | MAY_APPEND);
/* Make sure mounter can read file for copy up later */
mask |= MAY_READ;
}
err = inode_permission(&init_user_ns, realinode, mask);
ovl_revert_creds(inode->i_sb, old_cred);
return err;
}
static const char *ovl_get_link(struct dentry *dentry,
struct inode *inode,
struct delayed_call *done)
{
const struct cred *old_cred;
const char *p;
if (!dentry)
return ERR_PTR(-ECHILD);
old_cred = ovl_override_creds(dentry->d_sb);
p = vfs_get_link(ovl_dentry_real(dentry), done);
ovl_revert_creds(dentry->d_sb, old_cred);
return p;
}
bool ovl_is_private_xattr(struct super_block *sb, const char *name)
{
struct ovl_fs *ofs = sb->s_fs_info;
if (ofs->config.userxattr)
return strncmp(name, OVL_XATTR_USER_PREFIX,
sizeof(OVL_XATTR_USER_PREFIX) - 1) == 0;
else
return strncmp(name, OVL_XATTR_TRUSTED_PREFIX,
sizeof(OVL_XATTR_TRUSTED_PREFIX) - 1) == 0;
}
int ovl_xattr_set(struct dentry *dentry, struct inode *inode, const char *name,
const void *value, size_t size, int flags)
{
int err;
struct dentry *upperdentry = ovl_i_dentry_upper(inode);
struct dentry *realdentry = upperdentry ?: ovl_dentry_lower(dentry);
const struct cred *old_cred;
err = ovl_want_write(dentry);
if (err)
goto out;
if (!value && !upperdentry) {
old_cred = ovl_override_creds(dentry->d_sb);
err = vfs_getxattr(&init_user_ns, realdentry, name, NULL, 0);
ovl_revert_creds(dentry->d_sb, old_cred);
if (err < 0)
goto out_drop_write;
}
if (!upperdentry) {
err = ovl_copy_up(dentry);
if (err)
goto out_drop_write;
realdentry = ovl_dentry_upper(dentry);
}
old_cred = ovl_override_creds(dentry->d_sb);
if (value)
err = vfs_setxattr(&init_user_ns, realdentry, name, value, size,
flags);
else {
WARN_ON(flags != XATTR_REPLACE);
err = vfs_removexattr(&init_user_ns, realdentry, name);
}
ovl_revert_creds(dentry->d_sb, old_cred);
/* copy c/mtime */
ovl_copyattr(inode);
out_drop_write:
ovl_drop_write(dentry);
out:
return err;
}
int ovl_xattr_get(struct dentry *dentry, struct inode *inode, const char *name,
void *value, size_t size)
{
ssize_t res;
const struct cred *old_cred;
struct dentry *realdentry =
ovl_i_dentry_upper(inode) ?: ovl_dentry_lower(dentry);
old_cred = ovl_override_creds(dentry->d_sb);
res = vfs_getxattr(&init_user_ns, realdentry, name, value, size);
ovl_revert_creds(dentry->d_sb, old_cred);
return res;
}
static bool ovl_can_list(struct super_block *sb, const char *s)
{
/* Never list private (.overlay) */
if (ovl_is_private_xattr(sb, s))
return false;
/* List all non-trusted xattrs */
if (strncmp(s, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN) != 0)
return true;
/* list other trusted for superuser only */
return ns_capable_noaudit(&init_user_ns, CAP_SYS_ADMIN);
}
ssize_t ovl_listxattr(struct dentry *dentry, char *list, size_t size)
{
struct dentry *realdentry = ovl_dentry_real(dentry);
ssize_t res;
size_t len;
char *s;
const struct cred *old_cred;
old_cred = ovl_override_creds(dentry->d_sb);
res = vfs_listxattr(realdentry, list, size);
ovl_revert_creds(dentry->d_sb, old_cred);
if (res <= 0 || size == 0)
return res;
/* filter out private xattrs */
for (s = list, len = res; len;) {
size_t slen = strnlen(s, len) + 1;
/* underlying fs providing us with an broken xattr list? */
if (WARN_ON(slen > len))
return -EIO;
len -= slen;
if (!ovl_can_list(dentry->d_sb, s)) {
res -= slen;
memmove(s, s + slen, len);
} else {
s += slen;
}
}
return res;
}
struct posix_acl *ovl_get_acl(struct inode *inode, int type, bool rcu)
{
struct inode *realinode = ovl_inode_real(inode);
const struct cred *old_cred;
struct posix_acl *acl;
if (!IS_ENABLED(CONFIG_FS_POSIX_ACL) || !IS_POSIXACL(realinode))
return NULL;
if (rcu)
return get_cached_acl_rcu(realinode, type);
old_cred = ovl_override_creds(inode->i_sb);
acl = get_acl(realinode, type);
ovl_revert_creds(inode->i_sb, old_cred);
return acl;
}
int ovl_update_time(struct inode *inode, struct timespec64 *ts, int flags)
{
if (flags & S_ATIME) {
struct ovl_fs *ofs = inode->i_sb->s_fs_info;
struct path upperpath = {
.mnt = ovl_upper_mnt(ofs),
.dentry = ovl_upperdentry_dereference(OVL_I(inode)),
};
if (upperpath.dentry) {
touch_atime(&upperpath);
inode->i_atime = d_inode(upperpath.dentry)->i_atime;
}
}
return 0;
}
static int ovl_fiemap(struct inode *inode, struct fiemap_extent_info *fieinfo,
u64 start, u64 len)
{
int err;
struct inode *realinode = ovl_inode_realdata(inode);
const struct cred *old_cred;
if (!realinode->i_op->fiemap)
return -EOPNOTSUPP;
old_cred = ovl_override_creds(inode->i_sb);
err = realinode->i_op->fiemap(realinode, fieinfo, start, len);
ovl_revert_creds(inode->i_sb, old_cred);
return err;
}
/*
* Work around the fact that security_file_ioctl() takes a file argument.
* Introducing security_inode_fileattr_get/set() hooks would solve this issue
* properly.
*/
static int ovl_security_fileattr(struct path *realpath, struct fileattr *fa,
bool set)
{
struct file *file;
unsigned int cmd;
int err;
file = dentry_open(realpath, O_RDONLY, current_cred());
if (IS_ERR(file))
return PTR_ERR(file);
if (set)
cmd = fa->fsx_valid ? FS_IOC_FSSETXATTR : FS_IOC_SETFLAGS;
else
cmd = fa->fsx_valid ? FS_IOC_FSGETXATTR : FS_IOC_GETFLAGS;
err = security_file_ioctl(file, cmd, 0);
fput(file);
return err;
}
int ovl_real_fileattr_set(struct path *realpath, struct fileattr *fa)
{
int err;
err = ovl_security_fileattr(realpath, fa, true);
if (err)
return err;
return vfs_fileattr_set(&init_user_ns, realpath->dentry, fa);
}
int ovl_fileattr_set(struct user_namespace *mnt_userns,
struct dentry *dentry, struct fileattr *fa)
{
struct inode *inode = d_inode(dentry);
struct path upperpath;
const struct cred *old_cred;
unsigned int flags;
int err;
err = ovl_want_write(dentry);
if (err)
goto out;
err = ovl_copy_up(dentry);
if (!err) {
ovl_path_real(dentry, &upperpath);
old_cred = ovl_override_creds(inode->i_sb);
/*
* Store immutable/append-only flags in xattr and clear them
* in upper fileattr (in case they were set by older kernel)
* so children of "ovl-immutable" directories lower aliases of
* "ovl-immutable" hardlinks could be copied up.
* Clear xattr when flags are cleared.
*/
err = ovl_set_protattr(inode, upperpath.dentry, fa);
if (!err)
err = ovl_real_fileattr_set(&upperpath, fa);
ovl_revert_creds(inode->i_sb, old_cred);
/*
* Merge real inode flags with inode flags read from
* overlay.protattr xattr
*/
flags = ovl_inode_real(inode)->i_flags & OVL_COPY_I_FLAGS_MASK;
BUILD_BUG_ON(OVL_PROT_I_FLAGS_MASK & ~OVL_COPY_I_FLAGS_MASK);
flags |= inode->i_flags & OVL_PROT_I_FLAGS_MASK;
inode_set_flags(inode, flags, OVL_COPY_I_FLAGS_MASK);
/* Update ctime */
ovl_copyattr(inode);
}
ovl_drop_write(dentry);
out:
return err;
}
/* Convert inode protection flags to fileattr flags */
static void ovl_fileattr_prot_flags(struct inode *inode, struct fileattr *fa)
{
BUILD_BUG_ON(OVL_PROT_FS_FLAGS_MASK & ~FS_COMMON_FL);
BUILD_BUG_ON(OVL_PROT_FSX_FLAGS_MASK & ~FS_XFLAG_COMMON);
if (inode->i_flags & S_APPEND) {
fa->flags |= FS_APPEND_FL;
fa->fsx_xflags |= FS_XFLAG_APPEND;
}
if (inode->i_flags & S_IMMUTABLE) {
fa->flags |= FS_IMMUTABLE_FL;
fa->fsx_xflags |= FS_XFLAG_IMMUTABLE;
}
}
int ovl_real_fileattr_get(struct path *realpath, struct fileattr *fa)
{
int err;
err = ovl_security_fileattr(realpath, fa, false);
if (err)
return err;
err = vfs_fileattr_get(realpath->dentry, fa);
if (err == -ENOIOCTLCMD)
err = -ENOTTY;
return err;
}
int ovl_fileattr_get(struct dentry *dentry, struct fileattr *fa)
{
struct inode *inode = d_inode(dentry);
struct path realpath;
const struct cred *old_cred;
int err;
ovl_path_real(dentry, &realpath);
old_cred = ovl_override_creds(inode->i_sb);
err = ovl_real_fileattr_get(&realpath, fa);
ovl_fileattr_prot_flags(inode, fa);
ovl_revert_creds(inode->i_sb, old_cred);
return err;
}
static const struct inode_operations ovl_file_inode_operations = {
.setattr = ovl_setattr,
.permission = ovl_permission,
.getattr = ovl_getattr,
.listxattr = ovl_listxattr,
.get_acl = ovl_get_acl,
.update_time = ovl_update_time,
.fiemap = ovl_fiemap,
.fileattr_get = ovl_fileattr_get,
.fileattr_set = ovl_fileattr_set,
};
static const struct inode_operations ovl_symlink_inode_operations = {
.setattr = ovl_setattr,
.get_link = ovl_get_link,
.getattr = ovl_getattr,
.listxattr = ovl_listxattr,
.update_time = ovl_update_time,
};
static const struct inode_operations ovl_special_inode_operations = {
.setattr = ovl_setattr,
.permission = ovl_permission,
.getattr = ovl_getattr,
.listxattr = ovl_listxattr,
.get_acl = ovl_get_acl,
.update_time = ovl_update_time,
};
static const struct address_space_operations ovl_aops = {
/* For O_DIRECT dentry_open() checks f_mapping->a_ops->direct_IO */
.direct_IO = noop_direct_IO,
};
/*
* It is possible to stack overlayfs instance on top of another
* overlayfs instance as lower layer. We need to annotate the
* stackable i_mutex locks according to stack level of the super
* block instance. An overlayfs instance can never be in stack
* depth 0 (there is always a real fs below it). An overlayfs
* inode lock will use the lockdep annotation ovl_i_mutex_key[depth].
*
* For example, here is a snip from /proc/lockdep_chains after
* dir_iterate of nested overlayfs:
*
* [...] &ovl_i_mutex_dir_key[depth] (stack_depth=2)
* [...] &ovl_i_mutex_dir_key[depth]#2 (stack_depth=1)
* [...] &type->i_mutex_dir_key (stack_depth=0)
*
* Locking order w.r.t ovl_want_write() is important for nested overlayfs.
*
* This chain is valid:
* - inode->i_rwsem (inode_lock[2])
* - upper_mnt->mnt_sb->s_writers (ovl_want_write[0])
* - OVL_I(inode)->lock (ovl_inode_lock[2])
* - OVL_I(lowerinode)->lock (ovl_inode_lock[1])
*
* And this chain is valid:
* - inode->i_rwsem (inode_lock[2])
* - OVL_I(inode)->lock (ovl_inode_lock[2])
* - lowerinode->i_rwsem (inode_lock[1])
* - OVL_I(lowerinode)->lock (ovl_inode_lock[1])
*
* But lowerinode->i_rwsem SHOULD NOT be acquired while ovl_want_write() is
* held, because it is in reverse order of the non-nested case using the same
* upper fs:
* - inode->i_rwsem (inode_lock[1])
* - upper_mnt->mnt_sb->s_writers (ovl_want_write[0])
* - OVL_I(inode)->lock (ovl_inode_lock[1])
*/
#define OVL_MAX_NESTING FILESYSTEM_MAX_STACK_DEPTH
static inline void ovl_lockdep_annotate_inode_mutex_key(struct inode *inode)
{
#ifdef CONFIG_LOCKDEP
static struct lock_class_key ovl_i_mutex_key[OVL_MAX_NESTING];
static struct lock_class_key ovl_i_mutex_dir_key[OVL_MAX_NESTING];
static struct lock_class_key ovl_i_lock_key[OVL_MAX_NESTING];
int depth = inode->i_sb->s_stack_depth - 1;
if (WARN_ON_ONCE(depth < 0 || depth >= OVL_MAX_NESTING))
depth = 0;
if (S_ISDIR(inode->i_mode))
lockdep_set_class(&inode->i_rwsem, &ovl_i_mutex_dir_key[depth]);
else
lockdep_set_class(&inode->i_rwsem, &ovl_i_mutex_key[depth]);
lockdep_set_class(&OVL_I(inode)->lock, &ovl_i_lock_key[depth]);
#endif
}
static void ovl_next_ino(struct inode *inode)
{
struct ovl_fs *ofs = inode->i_sb->s_fs_info;
inode->i_ino = atomic_long_inc_return(&ofs->last_ino);
if (unlikely(!inode->i_ino))
inode->i_ino = atomic_long_inc_return(&ofs->last_ino);
}
static void ovl_map_ino(struct inode *inode, unsigned long ino, int fsid)
{
int xinobits = ovl_xino_bits(inode->i_sb);
unsigned int xinoshift = 64 - xinobits;
/*
* When d_ino is consistent with st_ino (samefs or i_ino has enough
* bits to encode layer), set the same value used for st_ino to i_ino,
* so inode number exposed via /proc/locks and a like will be
* consistent with d_ino and st_ino values. An i_ino value inconsistent
* with d_ino also causes nfsd readdirplus to fail.
*/
inode->i_ino = ino;
if (ovl_same_fs(inode->i_sb)) {
return;
} else if (xinobits && likely(!(ino >> xinoshift))) {
inode->i_ino |= (unsigned long)fsid << (xinoshift + 1);
return;
}
/*
* For directory inodes on non-samefs with xino disabled or xino
* overflow, we allocate a non-persistent inode number, to be used for
* resolving st_ino collisions in ovl_map_dev_ino().
*
* To avoid ino collision with legitimate xino values from upper
* layer (fsid 0), use the lowest xinobit to map the non
* persistent inode numbers to the unified st_ino address space.
*/
if (S_ISDIR(inode->i_mode)) {
ovl_next_ino(inode);
if (xinobits) {
inode->i_ino &= ~0UL >> xinobits;
inode->i_ino |= 1UL << xinoshift;
}
}
}
void ovl_inode_init(struct inode *inode, struct ovl_inode_params *oip,
unsigned long ino, int fsid)
{
struct inode *realinode;
struct ovl_inode *oi = OVL_I(inode);
if (oip->upperdentry)
oi->__upperdentry = oip->upperdentry;
if (oip->lowerpath && oip->lowerpath->dentry) {
oi->lowerpath.dentry = dget(oip->lowerpath->dentry);
oi->lowerpath.layer = oip->lowerpath->layer;
}
if (oip->lowerdata)
oi->lowerdata = igrab(d_inode(oip->lowerdata));
realinode = ovl_inode_real(inode);
ovl_copyattr(inode);
ovl_copyflags(realinode, inode);
ovl_map_ino(inode, ino, fsid);
}
static void ovl_fill_inode(struct inode *inode, umode_t mode, dev_t rdev)
{
inode->i_mode = mode;
inode->i_flags |= S_NOCMTIME;
#ifdef CONFIG_FS_POSIX_ACL
inode->i_acl = inode->i_default_acl = ACL_DONT_CACHE;
#endif
ovl_lockdep_annotate_inode_mutex_key(inode);
switch (mode & S_IFMT) {
case S_IFREG:
inode->i_op = &ovl_file_inode_operations;
inode->i_fop = &ovl_file_operations;
inode->i_mapping->a_ops = &ovl_aops;
break;
case S_IFDIR:
inode->i_op = &ovl_dir_inode_operations;
inode->i_fop = &ovl_dir_operations;
break;
case S_IFLNK:
inode->i_op = &ovl_symlink_inode_operations;
break;
default:
inode->i_op = &ovl_special_inode_operations;
init_special_inode(inode, mode, rdev);
break;
}
}
/*
* With inodes index enabled, an overlay inode nlink counts the union of upper
* hardlinks and non-covered lower hardlinks. During the lifetime of a non-pure
* upper inode, the following nlink modifying operations can happen:
*
* 1. Lower hardlink copy up
* 2. Upper hardlink created, unlinked or renamed over
* 3. Lower hardlink whiteout or renamed over
*
* For the first, copy up case, the union nlink does not change, whether the
* operation succeeds or fails, but the upper inode nlink may change.
* Therefore, before copy up, we store the union nlink value relative to the
* lower inode nlink in the index inode xattr .overlay.nlink.
*
* For the second, upper hardlink case, the union nlink should be incremented
* or decremented IFF the operation succeeds, aligned with nlink change of the
* upper inode. Therefore, before link/unlink/rename, we store the union nlink
* value relative to the upper inode nlink in the index inode.
*
* For the last, lower cover up case, we simplify things by preceding the
* whiteout or cover up with copy up. This makes sure that there is an index
* upper inode where the nlink xattr can be stored before the copied up upper
* entry is unlink.
*/
#define OVL_NLINK_ADD_UPPER (1 << 0)
/*
* On-disk format for indexed nlink:
*
* nlink relative to the upper inode - "U[+-]NUM"
* nlink relative to the lower inode - "L[+-]NUM"
*/
static int ovl_set_nlink_common(struct dentry *dentry,
struct dentry *realdentry, const char *format)
{
struct inode *inode = d_inode(dentry);
struct inode *realinode = d_inode(realdentry);
char buf[13];
int len;
len = snprintf(buf, sizeof(buf), format,
(int) (inode->i_nlink - realinode->i_nlink));
if (WARN_ON(len >= sizeof(buf)))
return -EIO;
return ovl_do_setxattr(OVL_FS(inode->i_sb), ovl_dentry_upper(dentry),
OVL_XATTR_NLINK, buf, len);
}
int ovl_set_nlink_upper(struct dentry *dentry)
{
return ovl_set_nlink_common(dentry, ovl_dentry_upper(dentry), "U%+i");
}
int ovl_set_nlink_lower(struct dentry *dentry)
{
return ovl_set_nlink_common(dentry, ovl_dentry_lower(dentry), "L%+i");
}
unsigned int ovl_get_nlink(struct ovl_fs *ofs, struct dentry *lowerdentry,
struct dentry *upperdentry,
unsigned int fallback)
{
int nlink_diff;
int nlink;
char buf[13];
int err;
if (!lowerdentry || !upperdentry || d_inode(lowerdentry)->i_nlink == 1)
return fallback;
err = ovl_do_getxattr(ofs, upperdentry, OVL_XATTR_NLINK,
&buf, sizeof(buf) - 1);
if (err < 0)
goto fail;
buf[err] = '\0';
if ((buf[0] != 'L' && buf[0] != 'U') ||
(buf[1] != '+' && buf[1] != '-'))
goto fail;
err = kstrtoint(buf + 1, 10, &nlink_diff);
if (err < 0)
goto fail;
nlink = d_inode(buf[0] == 'L' ? lowerdentry : upperdentry)->i_nlink;
nlink += nlink_diff;
if (nlink <= 0)
goto fail;
return nlink;
fail:
pr_warn_ratelimited("failed to get index nlink (%pd2, err=%i)\n",
upperdentry, err);
return fallback;
}
struct inode *ovl_new_inode(struct super_block *sb, umode_t mode, dev_t rdev)
{
struct inode *inode;
inode = new_inode(sb);
if (inode)
ovl_fill_inode(inode, mode, rdev);
return inode;
}
static int ovl_inode_test(struct inode *inode, void *data)
{
return inode->i_private == data;
}
static int ovl_inode_set(struct inode *inode, void *data)
{
inode->i_private = data;
return 0;
}
static bool ovl_verify_inode(struct inode *inode, struct dentry *lowerdentry,
struct dentry *upperdentry, bool strict)
{
/*
* For directories, @strict verify from lookup path performs consistency
* checks, so NULL lower/upper in dentry must match NULL lower/upper in
* inode. Non @strict verify from NFS handle decode path passes NULL for
* 'unknown' lower/upper.
*/
if (S_ISDIR(inode->i_mode) && strict) {
/* Real lower dir moved to upper layer under us? */
if (!lowerdentry && ovl_inode_lower(inode))
return false;
/* Lookup of an uncovered redirect origin? */
if (!upperdentry && ovl_inode_upper(inode))
return false;
}
/*
* Allow non-NULL lower inode in ovl_inode even if lowerdentry is NULL.
* This happens when finding a copied up overlay inode for a renamed
* or hardlinked overlay dentry and lower dentry cannot be followed
* by origin because lower fs does not support file handles.
*/
if (lowerdentry && ovl_inode_lower(inode) != d_inode(lowerdentry))
return false;
/*
* Allow non-NULL __upperdentry in inode even if upperdentry is NULL.
* This happens when finding a lower alias for a copied up hard link.
*/
if (upperdentry && ovl_inode_upper(inode) != d_inode(upperdentry))
return false;
return true;
}
struct inode *ovl_lookup_inode(struct super_block *sb, struct dentry *real,
bool is_upper)
{
struct inode *inode, *key = d_inode(real);
inode = ilookup5(sb, (unsigned long) key, ovl_inode_test, key);
if (!inode)
return NULL;
if (!ovl_verify_inode(inode, is_upper ? NULL : real,
is_upper ? real : NULL, false)) {
iput(inode);
return ERR_PTR(-ESTALE);
}
return inode;
}
bool ovl_lookup_trap_inode(struct super_block *sb, struct dentry *dir)
{
struct inode *key = d_inode(dir);
struct inode *trap;
bool res;
trap = ilookup5(sb, (unsigned long) key, ovl_inode_test, key);
if (!trap)
return false;
res = IS_DEADDIR(trap) && !ovl_inode_upper(trap) &&
!ovl_inode_lower(trap);
iput(trap);
return res;
}
/*
* Create an inode cache entry for layer root dir, that will intentionally
* fail ovl_verify_inode(), so any lookup that will find some layer root
* will fail.
*/
struct inode *ovl_get_trap_inode(struct super_block *sb, struct dentry *dir)
{
struct inode *key = d_inode(dir);
struct inode *trap;
if (!d_is_dir(dir))
return ERR_PTR(-ENOTDIR);
trap = iget5_locked(sb, (unsigned long) key, ovl_inode_test,
ovl_inode_set, key);
if (!trap)
return ERR_PTR(-ENOMEM);
if (!(trap->i_state & I_NEW)) {
/* Conflicting layer roots? */
iput(trap);
return ERR_PTR(-ELOOP);
}
trap->i_mode = S_IFDIR;
trap->i_flags = S_DEAD;
unlock_new_inode(trap);
return trap;
}
/*
* Does overlay inode need to be hashed by lower inode?
*/
static bool ovl_hash_bylower(struct super_block *sb, struct dentry *upper,
struct dentry *lower, bool index)
{
struct ovl_fs *ofs = sb->s_fs_info;
/* No, if pure upper */
if (!lower)
return false;
/* Yes, if already indexed */
if (index)
return true;
/* Yes, if won't be copied up */
if (!ovl_upper_mnt(ofs))
return true;
/* No, if lower hardlink is or will be broken on copy up */
if ((upper || !ovl_indexdir(sb)) &&
!d_is_dir(lower) && d_inode(lower)->i_nlink > 1)
return false;
/* No, if non-indexed upper with NFS export */
if (sb->s_export_op && upper)
return false;
/* Otherwise, hash by lower inode for fsnotify */
return true;
}
static struct inode *ovl_iget5(struct super_block *sb, struct inode *newinode,
struct inode *key)
{
return newinode ? inode_insert5(newinode, (unsigned long) key,
ovl_inode_test, ovl_inode_set, key) :
iget5_locked(sb, (unsigned long) key,
ovl_inode_test, ovl_inode_set, key);
}
struct inode *ovl_get_inode(struct super_block *sb,
struct ovl_inode_params *oip)
{
struct ovl_fs *ofs = OVL_FS(sb);
struct dentry *upperdentry = oip->upperdentry;
struct ovl_path *lowerpath = oip->lowerpath;
struct inode *realinode = upperdentry ? d_inode(upperdentry) : NULL;
struct inode *inode;
struct dentry *lowerdentry = lowerpath ? lowerpath->dentry : NULL;
bool bylower = ovl_hash_bylower(sb, upperdentry, lowerdentry,
oip->index);
int fsid = bylower ? lowerpath->layer->fsid : 0;
bool is_dir;
unsigned long ino = 0;
int err = oip->newinode ? -EEXIST : -ENOMEM;
if (!realinode)
realinode = d_inode(lowerdentry);
/*
* Copy up origin (lower) may exist for non-indexed upper, but we must
* not use lower as hash key if this is a broken hardlink.
*/
is_dir = S_ISDIR(realinode->i_mode);
if (upperdentry || bylower) {
struct inode *key = d_inode(bylower ? lowerdentry :
upperdentry);
unsigned int nlink = is_dir ? 1 : realinode->i_nlink;
inode = ovl_iget5(sb, oip->newinode, key);
if (!inode)
goto out_err;
if (!(inode->i_state & I_NEW)) {
/*
* Verify that the underlying files stored in the inode
* match those in the dentry.
*/
if (!ovl_verify_inode(inode, lowerdentry, upperdentry,
true)) {
iput(inode);
err = -ESTALE;
goto out_err;
}
dput(upperdentry);
kfree(oip->redirect);
goto out;
}
/* Recalculate nlink for non-dir due to indexing */
if (!is_dir)
nlink = ovl_get_nlink(ofs, lowerdentry, upperdentry,
nlink);
set_nlink(inode, nlink);
ino = key->i_ino;
} else {
/* Lower hardlink that will be broken on copy up */
inode = new_inode(sb);
if (!inode) {
err = -ENOMEM;
goto out_err;
}
ino = realinode->i_ino;
fsid = lowerpath->layer->fsid;
}
ovl_fill_inode(inode, realinode->i_mode, realinode->i_rdev);
ovl_inode_init(inode, oip, ino, fsid);
if (upperdentry && ovl_is_impuredir(sb, upperdentry))
ovl_set_flag(OVL_IMPURE, inode);
if (oip->index)
ovl_set_flag(OVL_INDEX, inode);
OVL_I(inode)->redirect = oip->redirect;
if (bylower)
ovl_set_flag(OVL_CONST_INO, inode);
/* Check for non-merge dir that may have whiteouts */
if (is_dir) {
if (((upperdentry && lowerdentry) || oip->numlower > 1) ||
ovl_check_origin_xattr(ofs, upperdentry ?: lowerdentry)) {
ovl_set_flag(OVL_WHITEOUTS, inode);
}
}
/* Check for immutable/append-only inode flags in xattr */
if (upperdentry)
ovl_check_protattr(inode, upperdentry);
if (inode->i_state & I_NEW)
unlock_new_inode(inode);
out:
return inode;
out_err:
pr_warn_ratelimited("failed to get inode (%i)\n", err);
inode = ERR_PTR(err);
goto out;
}
Reference in New Issue View Git Blame Copy Permalink