HID: hiddev: Fix slab-out-of-bounds write in hiddev_ioctl_usage()
[linux/fpc-iii.git] / fs / affs / super.c
blobf90c535703cec8c5965ff73d487ce3ec6350061d
1 /*
2 * linux/fs/affs/inode.c
4 * (c) 1996 Hans-Joachim Widmaier - Rewritten
6 * (C) 1993 Ray Burr - Modified for Amiga FFS filesystem.
8 * (C) 1992 Eric Youngdale Modified for ISO 9660 filesystem.
10 * (C) 1991 Linus Torvalds - minix filesystem
13 #include <linux/module.h>
14 #include <linux/init.h>
15 #include <linux/statfs.h>
16 #include <linux/parser.h>
17 #include <linux/magic.h>
18 #include <linux/sched.h>
19 #include <linux/slab.h>
20 #include <linux/writeback.h>
21 #include <linux/blkdev.h>
22 #include "affs.h"
24 static int affs_statfs(struct dentry *dentry, struct kstatfs *buf);
25 static int affs_remount (struct super_block *sb, int *flags, char *data);
27 static void
28 affs_commit_super(struct super_block *sb, int wait)
30 struct affs_sb_info *sbi = AFFS_SB(sb);
31 struct buffer_head *bh = sbi->s_root_bh;
32 struct affs_root_tail *tail = AFFS_ROOT_TAIL(sb, bh);
34 lock_buffer(bh);
35 secs_to_datestamp(get_seconds(), &tail->disk_change);
36 affs_fix_checksum(sb, bh);
37 unlock_buffer(bh);
39 mark_buffer_dirty(bh);
40 if (wait)
41 sync_dirty_buffer(bh);
44 static void
45 affs_put_super(struct super_block *sb)
47 struct affs_sb_info *sbi = AFFS_SB(sb);
48 pr_debug("%s()\n", __func__);
50 cancel_delayed_work_sync(&sbi->sb_work);
53 static int
54 affs_sync_fs(struct super_block *sb, int wait)
56 affs_commit_super(sb, wait);
57 return 0;
60 static void flush_superblock(struct work_struct *work)
62 struct affs_sb_info *sbi;
63 struct super_block *sb;
65 sbi = container_of(work, struct affs_sb_info, sb_work.work);
66 sb = sbi->sb;
68 spin_lock(&sbi->work_lock);
69 sbi->work_queued = 0;
70 spin_unlock(&sbi->work_lock);
72 affs_commit_super(sb, 1);
75 void affs_mark_sb_dirty(struct super_block *sb)
77 struct affs_sb_info *sbi = AFFS_SB(sb);
78 unsigned long delay;
80 if (sb->s_flags & MS_RDONLY)
81 return;
83 spin_lock(&sbi->work_lock);
84 if (!sbi->work_queued) {
85 delay = msecs_to_jiffies(dirty_writeback_interval * 10);
86 queue_delayed_work(system_long_wq, &sbi->sb_work, delay);
87 sbi->work_queued = 1;
89 spin_unlock(&sbi->work_lock);
92 static struct kmem_cache * affs_inode_cachep;
94 static struct inode *affs_alloc_inode(struct super_block *sb)
96 struct affs_inode_info *i;
98 i = kmem_cache_alloc(affs_inode_cachep, GFP_KERNEL);
99 if (!i)
100 return NULL;
102 i->vfs_inode.i_version = 1;
103 i->i_lc = NULL;
104 i->i_ext_bh = NULL;
105 i->i_pa_cnt = 0;
107 return &i->vfs_inode;
110 static void affs_i_callback(struct rcu_head *head)
112 struct inode *inode = container_of(head, struct inode, i_rcu);
113 kmem_cache_free(affs_inode_cachep, AFFS_I(inode));
116 static void affs_destroy_inode(struct inode *inode)
118 call_rcu(&inode->i_rcu, affs_i_callback);
121 static void init_once(void *foo)
123 struct affs_inode_info *ei = (struct affs_inode_info *) foo;
125 sema_init(&ei->i_link_lock, 1);
126 sema_init(&ei->i_ext_lock, 1);
127 inode_init_once(&ei->vfs_inode);
130 static int __init init_inodecache(void)
132 affs_inode_cachep = kmem_cache_create("affs_inode_cache",
133 sizeof(struct affs_inode_info),
134 0, (SLAB_RECLAIM_ACCOUNT|
135 SLAB_MEM_SPREAD),
136 init_once);
137 if (affs_inode_cachep == NULL)
138 return -ENOMEM;
139 return 0;
142 static void destroy_inodecache(void)
145 * Make sure all delayed rcu free inodes are flushed before we
146 * destroy cache.
148 rcu_barrier();
149 kmem_cache_destroy(affs_inode_cachep);
152 static const struct super_operations affs_sops = {
153 .alloc_inode = affs_alloc_inode,
154 .destroy_inode = affs_destroy_inode,
155 .write_inode = affs_write_inode,
156 .evict_inode = affs_evict_inode,
157 .put_super = affs_put_super,
158 .sync_fs = affs_sync_fs,
159 .statfs = affs_statfs,
160 .remount_fs = affs_remount,
161 .show_options = generic_show_options,
164 enum {
165 Opt_bs, Opt_mode, Opt_mufs, Opt_notruncate, Opt_prefix, Opt_protect,
166 Opt_reserved, Opt_root, Opt_setgid, Opt_setuid,
167 Opt_verbose, Opt_volume, Opt_ignore, Opt_err,
170 static const match_table_t tokens = {
171 {Opt_bs, "bs=%u"},
172 {Opt_mode, "mode=%o"},
173 {Opt_mufs, "mufs"},
174 {Opt_notruncate, "nofilenametruncate"},
175 {Opt_prefix, "prefix=%s"},
176 {Opt_protect, "protect"},
177 {Opt_reserved, "reserved=%u"},
178 {Opt_root, "root=%u"},
179 {Opt_setgid, "setgid=%u"},
180 {Opt_setuid, "setuid=%u"},
181 {Opt_verbose, "verbose"},
182 {Opt_volume, "volume=%s"},
183 {Opt_ignore, "grpquota"},
184 {Opt_ignore, "noquota"},
185 {Opt_ignore, "quota"},
186 {Opt_ignore, "usrquota"},
187 {Opt_err, NULL},
190 static int
191 parse_options(char *options, kuid_t *uid, kgid_t *gid, int *mode, int *reserved, s32 *root,
192 int *blocksize, char **prefix, char *volume, unsigned long *mount_opts)
194 char *p;
195 substring_t args[MAX_OPT_ARGS];
197 /* Fill in defaults */
199 *uid = current_uid();
200 *gid = current_gid();
201 *reserved = 2;
202 *root = -1;
203 *blocksize = -1;
204 volume[0] = ':';
205 volume[1] = 0;
206 *mount_opts = 0;
207 if (!options)
208 return 1;
210 while ((p = strsep(&options, ",")) != NULL) {
211 int token, n, option;
212 if (!*p)
213 continue;
215 token = match_token(p, tokens, args);
216 switch (token) {
217 case Opt_bs:
218 if (match_int(&args[0], &n))
219 return 0;
220 if (n != 512 && n != 1024 && n != 2048
221 && n != 4096) {
222 pr_warn("Invalid blocksize (512, 1024, 2048, 4096 allowed)\n");
223 return 0;
225 *blocksize = n;
226 break;
227 case Opt_mode:
228 if (match_octal(&args[0], &option))
229 return 0;
230 *mode = option & 0777;
231 affs_set_opt(*mount_opts, SF_SETMODE);
232 break;
233 case Opt_mufs:
234 affs_set_opt(*mount_opts, SF_MUFS);
235 break;
236 case Opt_notruncate:
237 affs_set_opt(*mount_opts, SF_NO_TRUNCATE);
238 break;
239 case Opt_prefix:
240 *prefix = match_strdup(&args[0]);
241 if (!*prefix)
242 return 0;
243 affs_set_opt(*mount_opts, SF_PREFIX);
244 break;
245 case Opt_protect:
246 affs_set_opt(*mount_opts, SF_IMMUTABLE);
247 break;
248 case Opt_reserved:
249 if (match_int(&args[0], reserved))
250 return 0;
251 break;
252 case Opt_root:
253 if (match_int(&args[0], root))
254 return 0;
255 break;
256 case Opt_setgid:
257 if (match_int(&args[0], &option))
258 return 0;
259 *gid = make_kgid(current_user_ns(), option);
260 if (!gid_valid(*gid))
261 return 0;
262 affs_set_opt(*mount_opts, SF_SETGID);
263 break;
264 case Opt_setuid:
265 if (match_int(&args[0], &option))
266 return 0;
267 *uid = make_kuid(current_user_ns(), option);
268 if (!uid_valid(*uid))
269 return 0;
270 affs_set_opt(*mount_opts, SF_SETUID);
271 break;
272 case Opt_verbose:
273 affs_set_opt(*mount_opts, SF_VERBOSE);
274 break;
275 case Opt_volume: {
276 char *vol = match_strdup(&args[0]);
277 if (!vol)
278 return 0;
279 strlcpy(volume, vol, 32);
280 kfree(vol);
281 break;
283 case Opt_ignore:
284 /* Silently ignore the quota options */
285 break;
286 default:
287 pr_warn("Unrecognized mount option \"%s\" or missing value\n",
289 return 0;
292 return 1;
295 /* This function definitely needs to be split up. Some fine day I'll
296 * hopefully have the guts to do so. Until then: sorry for the mess.
299 static int affs_fill_super(struct super_block *sb, void *data, int silent)
301 struct affs_sb_info *sbi;
302 struct buffer_head *root_bh = NULL;
303 struct buffer_head *boot_bh;
304 struct inode *root_inode = NULL;
305 s32 root_block;
306 int size, blocksize;
307 u32 chksum;
308 int num_bm;
309 int i, j;
310 kuid_t uid;
311 kgid_t gid;
312 int reserved;
313 unsigned long mount_flags;
314 int tmp_flags; /* fix remount prototype... */
315 u8 sig[4];
316 int ret;
318 save_mount_options(sb, data);
320 pr_debug("read_super(%s)\n", data ? (const char *)data : "no options");
322 sb->s_magic = AFFS_SUPER_MAGIC;
323 sb->s_op = &affs_sops;
324 sb->s_flags |= MS_NODIRATIME;
326 sbi = kzalloc(sizeof(struct affs_sb_info), GFP_KERNEL);
327 if (!sbi)
328 return -ENOMEM;
330 sb->s_fs_info = sbi;
331 sbi->sb = sb;
332 mutex_init(&sbi->s_bmlock);
333 spin_lock_init(&sbi->symlink_lock);
334 spin_lock_init(&sbi->work_lock);
335 INIT_DELAYED_WORK(&sbi->sb_work, flush_superblock);
337 if (!parse_options(data,&uid,&gid,&i,&reserved,&root_block,
338 &blocksize,&sbi->s_prefix,
339 sbi->s_volume, &mount_flags)) {
340 pr_err("Error parsing options\n");
341 return -EINVAL;
343 /* N.B. after this point s_prefix must be released */
345 sbi->s_flags = mount_flags;
346 sbi->s_mode = i;
347 sbi->s_uid = uid;
348 sbi->s_gid = gid;
349 sbi->s_reserved= reserved;
351 /* Get the size of the device in 512-byte blocks.
352 * If we later see that the partition uses bigger
353 * blocks, we will have to change it.
356 size = i_size_read(sb->s_bdev->bd_inode) >> 9;
357 pr_debug("initial blocksize=%d, #blocks=%d\n", 512, size);
359 affs_set_blocksize(sb, PAGE_SIZE);
360 /* Try to find root block. Its location depends on the block size. */
362 i = bdev_logical_block_size(sb->s_bdev);
363 j = PAGE_SIZE;
364 if (blocksize > 0) {
365 i = j = blocksize;
366 size = size / (blocksize / 512);
369 for (blocksize = i; blocksize <= j; blocksize <<= 1, size >>= 1) {
370 sbi->s_root_block = root_block;
371 if (root_block < 0)
372 sbi->s_root_block = (reserved + size - 1) / 2;
373 pr_debug("setting blocksize to %d\n", blocksize);
374 affs_set_blocksize(sb, blocksize);
375 sbi->s_partition_size = size;
377 /* The root block location that was calculated above is not
378 * correct if the partition size is an odd number of 512-
379 * byte blocks, which will be rounded down to a number of
380 * 1024-byte blocks, and if there were an even number of
381 * reserved blocks. Ideally, all partition checkers should
382 * report the real number of blocks of the real blocksize,
383 * but since this just cannot be done, we have to try to
384 * find the root block anyways. In the above case, it is one
385 * block behind the calculated one. So we check this one, too.
387 for (num_bm = 0; num_bm < 2; num_bm++) {
388 pr_debug("Dev %s, trying root=%u, bs=%d, "
389 "size=%d, reserved=%d\n",
390 sb->s_id,
391 sbi->s_root_block + num_bm,
392 blocksize, size, reserved);
393 root_bh = affs_bread(sb, sbi->s_root_block + num_bm);
394 if (!root_bh)
395 continue;
396 if (!affs_checksum_block(sb, root_bh) &&
397 be32_to_cpu(AFFS_ROOT_HEAD(root_bh)->ptype) == T_SHORT &&
398 be32_to_cpu(AFFS_ROOT_TAIL(sb, root_bh)->stype) == ST_ROOT) {
399 sbi->s_hashsize = blocksize / 4 - 56;
400 sbi->s_root_block += num_bm;
401 goto got_root;
403 affs_brelse(root_bh);
404 root_bh = NULL;
407 if (!silent)
408 pr_err("No valid root block on device %s\n", sb->s_id);
409 return -EINVAL;
411 /* N.B. after this point bh must be released */
412 got_root:
413 /* Keep super block in cache */
414 sbi->s_root_bh = root_bh;
415 root_block = sbi->s_root_block;
417 /* Find out which kind of FS we have */
418 boot_bh = sb_bread(sb, 0);
419 if (!boot_bh) {
420 pr_err("Cannot read boot block\n");
421 return -EINVAL;
423 memcpy(sig, boot_bh->b_data, 4);
424 brelse(boot_bh);
425 chksum = be32_to_cpu(*(__be32 *)sig);
427 /* Dircache filesystems are compatible with non-dircache ones
428 * when reading. As long as they aren't supported, writing is
429 * not recommended.
431 if ((chksum == FS_DCFFS || chksum == MUFS_DCFFS || chksum == FS_DCOFS
432 || chksum == MUFS_DCOFS) && !(sb->s_flags & MS_RDONLY)) {
433 pr_notice("Dircache FS - mounting %s read only\n", sb->s_id);
434 sb->s_flags |= MS_RDONLY;
436 switch (chksum) {
437 case MUFS_FS:
438 case MUFS_INTLFFS:
439 case MUFS_DCFFS:
440 affs_set_opt(sbi->s_flags, SF_MUFS);
441 /* fall thru */
442 case FS_INTLFFS:
443 case FS_DCFFS:
444 affs_set_opt(sbi->s_flags, SF_INTL);
445 break;
446 case MUFS_FFS:
447 affs_set_opt(sbi->s_flags, SF_MUFS);
448 break;
449 case FS_FFS:
450 break;
451 case MUFS_OFS:
452 affs_set_opt(sbi->s_flags, SF_MUFS);
453 /* fall thru */
454 case FS_OFS:
455 affs_set_opt(sbi->s_flags, SF_OFS);
456 sb->s_flags |= MS_NOEXEC;
457 break;
458 case MUFS_DCOFS:
459 case MUFS_INTLOFS:
460 affs_set_opt(sbi->s_flags, SF_MUFS);
461 case FS_DCOFS:
462 case FS_INTLOFS:
463 affs_set_opt(sbi->s_flags, SF_INTL);
464 affs_set_opt(sbi->s_flags, SF_OFS);
465 sb->s_flags |= MS_NOEXEC;
466 break;
467 default:
468 pr_err("Unknown filesystem on device %s: %08X\n",
469 sb->s_id, chksum);
470 return -EINVAL;
473 if (affs_test_opt(mount_flags, SF_VERBOSE)) {
474 u8 len = AFFS_ROOT_TAIL(sb, root_bh)->disk_name[0];
475 pr_notice("Mounting volume \"%.*s\": Type=%.3s\\%c, Blocksize=%d\n",
476 len > 31 ? 31 : len,
477 AFFS_ROOT_TAIL(sb, root_bh)->disk_name + 1,
478 sig, sig[3] + '0', blocksize);
481 sb->s_flags |= MS_NODEV | MS_NOSUID;
483 sbi->s_data_blksize = sb->s_blocksize;
484 if (affs_test_opt(sbi->s_flags, SF_OFS))
485 sbi->s_data_blksize -= 24;
487 tmp_flags = sb->s_flags;
488 ret = affs_init_bitmap(sb, &tmp_flags);
489 if (ret)
490 return ret;
491 sb->s_flags = tmp_flags;
493 /* set up enough so that it can read an inode */
495 root_inode = affs_iget(sb, root_block);
496 if (IS_ERR(root_inode))
497 return PTR_ERR(root_inode);
499 if (affs_test_opt(AFFS_SB(sb)->s_flags, SF_INTL))
500 sb->s_d_op = &affs_intl_dentry_operations;
501 else
502 sb->s_d_op = &affs_dentry_operations;
504 sb->s_root = d_make_root(root_inode);
505 if (!sb->s_root) {
506 pr_err("AFFS: Get root inode failed\n");
507 return -ENOMEM;
510 pr_debug("s_flags=%lX\n", sb->s_flags);
511 return 0;
514 static int
515 affs_remount(struct super_block *sb, int *flags, char *data)
517 struct affs_sb_info *sbi = AFFS_SB(sb);
518 int blocksize;
519 kuid_t uid;
520 kgid_t gid;
521 int mode;
522 int reserved;
523 int root_block;
524 unsigned long mount_flags;
525 int res = 0;
526 char *new_opts;
527 char volume[32];
528 char *prefix = NULL;
530 new_opts = kstrdup(data, GFP_KERNEL);
531 if (data && !new_opts)
532 return -ENOMEM;
534 pr_debug("%s(flags=0x%x,opts=\"%s\")\n", __func__, *flags, data);
536 sync_filesystem(sb);
537 *flags |= MS_NODIRATIME;
539 memcpy(volume, sbi->s_volume, 32);
540 if (!parse_options(data, &uid, &gid, &mode, &reserved, &root_block,
541 &blocksize, &prefix, volume,
542 &mount_flags)) {
543 kfree(prefix);
544 kfree(new_opts);
545 return -EINVAL;
548 flush_delayed_work(&sbi->sb_work);
549 if (new_opts)
550 replace_mount_options(sb, new_opts);
552 sbi->s_flags = mount_flags;
553 sbi->s_mode = mode;
554 sbi->s_uid = uid;
555 sbi->s_gid = gid;
556 /* protect against readers */
557 spin_lock(&sbi->symlink_lock);
558 if (prefix) {
559 kfree(sbi->s_prefix);
560 sbi->s_prefix = prefix;
562 memcpy(sbi->s_volume, volume, 32);
563 spin_unlock(&sbi->symlink_lock);
565 if ((*flags & MS_RDONLY) == (sb->s_flags & MS_RDONLY))
566 return 0;
568 if (*flags & MS_RDONLY)
569 affs_free_bitmap(sb);
570 else
571 res = affs_init_bitmap(sb, flags);
573 return res;
576 static int
577 affs_statfs(struct dentry *dentry, struct kstatfs *buf)
579 struct super_block *sb = dentry->d_sb;
580 int free;
581 u64 id = huge_encode_dev(sb->s_bdev->bd_dev);
583 pr_debug("%s() partsize=%d, reserved=%d\n",
584 __func__, AFFS_SB(sb)->s_partition_size,
585 AFFS_SB(sb)->s_reserved);
587 free = affs_count_free_blocks(sb);
588 buf->f_type = AFFS_SUPER_MAGIC;
589 buf->f_bsize = sb->s_blocksize;
590 buf->f_blocks = AFFS_SB(sb)->s_partition_size - AFFS_SB(sb)->s_reserved;
591 buf->f_bfree = free;
592 buf->f_bavail = free;
593 buf->f_fsid.val[0] = (u32)id;
594 buf->f_fsid.val[1] = (u32)(id >> 32);
595 buf->f_namelen = AFFSNAMEMAX;
596 return 0;
599 static struct dentry *affs_mount(struct file_system_type *fs_type,
600 int flags, const char *dev_name, void *data)
602 return mount_bdev(fs_type, flags, dev_name, data, affs_fill_super);
605 static void affs_kill_sb(struct super_block *sb)
607 struct affs_sb_info *sbi = AFFS_SB(sb);
608 kill_block_super(sb);
609 if (sbi) {
610 affs_free_bitmap(sb);
611 affs_brelse(sbi->s_root_bh);
612 kfree(sbi->s_prefix);
613 mutex_destroy(&sbi->s_bmlock);
614 kfree(sbi);
618 static struct file_system_type affs_fs_type = {
619 .owner = THIS_MODULE,
620 .name = "affs",
621 .mount = affs_mount,
622 .kill_sb = affs_kill_sb,
623 .fs_flags = FS_REQUIRES_DEV,
625 MODULE_ALIAS_FS("affs");
627 static int __init init_affs_fs(void)
629 int err = init_inodecache();
630 if (err)
631 goto out1;
632 err = register_filesystem(&affs_fs_type);
633 if (err)
634 goto out;
635 return 0;
636 out:
637 destroy_inodecache();
638 out1:
639 return err;
642 static void __exit exit_affs_fs(void)
644 unregister_filesystem(&affs_fs_type);
645 destroy_inodecache();
648 MODULE_DESCRIPTION("Amiga filesystem support for Linux");
649 MODULE_LICENSE("GPL");
651 module_init(init_affs_fs)
652 module_exit(exit_affs_fs)