Kconfig files under arch/ directory are ignored by all_kconfigs(),
so include them for tags generation.
Signed-off-by: Hou Tao <hout...@huawei.com>
---
scripts/tags.sh | 2 ++
1 file changed, 2 insertions(+)
diff --git a/scripts/tags.sh b/scripts/tags.sh
index df5fa77..d661f2f
s OK to renew the time slice.
2. If there is no queued bio, the time slice must have been expired,
so it's Ok to renew the time slice.
Signed-off-by: Hou Tao <hout...@huawei.com>
---
block/blk-throttle.c | 11 +--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/block/blk
queued=1/0
throtl /1 dispatch queued=2/0
..
throtl /1 dispatch disp=1
Signed-off-by: Hou Tao <hout...@huawei.com>
---
block/blk-throttle.c | 21 -
1 file changed, 12 insertions(+), 9 deletions(-)
diff --git a/block/blk-throttle.c b/block/blk-throttle.c
index 47a3
-by: Hou Tao <hout...@huawei.com>
---
fs/proc/generic.c | 21 -
fs/proc/inode.c| 5 +
fs/proc/internal.h | 1 +
3 files changed, 26 insertions(+), 1 deletion(-)
diff --git a/fs/proc/generic.c b/fs/proc/generic.c
index ee27feb..92c9dd4 100644
--- a/fs/proc/gen
Hi, any comment ?
On 2017/4/13 21:49, Hou Tao wrote:
> After the invocation of remove_proc_entry() for a proc fs directory,
> if the related dentry had been held by some processes (eg., by chdir),
> the lookup afterwards will still return the old proc_dir_entry. The
> new created p
Hi Jan and list,
When testing the hrtimer version of CFQ, we found a performance degradation
problem which seems to be caused by commit 0b31c10 ("cfq-iosched: Charge at
least 1 jiffie instead of 1 ns").
The following is the test process:
* filesystem and block device
* XFS + /dev/sda
Sorry for the resend, please refer to the later one.
On 2017/3/6 21:50, Hou Tao wrote:
> Hi Jan and list,
>
> When testing the hrtimer version of CFQ, we found a performance degradation
> problem which seems to be caused by commit 0b31c10 ("cfq-iosched: Charge at
> least 1 ji
Hi Jan and list,
When testing the hrtimer version of CFQ, we found a performance degradation
problem which seems to be caused by commit 0b31c10 ("cfq-iosched: Charge at
least 1 jiffie instead of 1 ns").
The following is the test process:
* filesystem and block device
* XFS + /dev/sda
.
To prevent the unnecessary RPCs, we need to check whether or not the
noac option is used, and always report the invocation of nfs_getattr()
as cache hit instead cache miss when it's on.
Signed-off-by: Hou Tao <hout...@huawei.com>
---
fs/nfs/inode.c | 5 -
1 file changed, 4 insertions(+), 1 de
Hi,
On 2017/10/28 21:58, Davidlohr Bueso wrote:
> On Sat, 28 Oct 2017, Hou Tao wrote:
>
>> Remove the global epmutex from ep_free() and eventpoll_release_file().
>> In the later patches, we will add locks with a smaller granularity
>> to serve the same purposes of e
added to the visited_list, we need to wait for its removal.
Signed-off-by: Hou Tao <hout...@huawei.com>
---
fs/eventpoll.c | 15 ++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/fs/eventpoll.c b/fs/eventpoll.c
index 26ab0c5..44ea587 100644
--- a/fs/eventpoll.c
++
needs to acquire ep->mtx which is a mutex, so we add a ref-counter to
eventpoll and increase it before leaving the rcu read critical region.
Signed-off-by: Hou Tao <hout...@huawei.com>
---
fs/eventpoll.c | 38 +++---
1 file changed, 31 insertions(+), 7 deletions
ay has already got the epi from
file->f_ep_links. To protect against the double-free case, check
rb_first_cached() in eventpoll_release_file() to ensure the epi
has not been removed by ep_free()
Signed-off-by: Hou Tao <hout...@huawei.com>
---
fs/eventpoll.c | 13 +++--
Remove the global epmutex from ep_free() and eventpoll_release_file().
In the later patches, we will add locks with a smaller granularity
to serve the same purposes of epmutex.
Signed-off-by: Hou Tao <hout...@huawei.com>
---
fs/eventpoll.c | 4
1 file changed, 4 deletions(-)
diff
struct belongs to an epoll fd
which also polls the target file.
So freeing eventpoll by rcu to ensure the accessed fields of
eventpoll are still valid when invoking reverse_path_check_proc().
Signed-off-by: Hou Tao <hout...@huawei.com>
---
fs/eventpoll.c | 12 +++-
1 file changed, 1
When ep_free() iterates the epi in ep->rbr, the epi may be removed
by eventpoll_release_file(). To protect again the case, acquiring
ep->mtx before the iteration of ep->rbr.
Signed-off-by: Hou Tao <hout...@huawei.com>
---
fs/eventpoll.c | 2 +-
1 file changed, 1 insertion(+), 1 de
ch 8 enlarge the protected region of ep->mtx to protect against
the iteration of ep->rbr.
The patch set has passed the epoll related test cases in LTP, and we are
planing to run some torture or performance test cases for nested-epoll
cases.
Comments and questions are welcome.
Regards,
Tao
---
Hou Tao
.
Signed-off-by: Hou Tao <hout...@huawei.com>
---
fs/eventpoll.c | 12
1 file changed, 12 insertions(+)
diff --git a/fs/eventpoll.c b/fs/eventpoll.c
index 44ea587..998c635 100644
--- a/fs/eventpoll.c
+++ b/fs/eventpoll.c
@@ -1029,6 +1029,18 @@ void eventpoll_release_file(struc
When eventpoll_release_file() iterates epitem in file->f_ep_links,
the epitem may be removed by ep_free(). To protect again the concurrent
writer, iterate file->f_ep_links by using rcu_read_lock() and
list_first_or_null_rcu()
Signed-off-by: Hou Tao <hout...@huawei.com>
---
fs/even
Hi all,
We are testing the patches for Spectre and Meltdown under OS derived from RH7.2,
and hit by a hard LOCKUP panic under a x86_64 host environment.
The hard LOCKUP can be reproduced, and it will gone if we disable ibpb by
writing 0 to ibpb_enabled file, and it will appear again when we
Hi Jason,
On 2017/10/18 22:03, Jason Baron wrote:
>
>
> On 10/17/2017 11:37 AM, Davidlohr Bueso wrote:
>> On Fri, 13 Oct 2017, Jason Baron wrote:
>>
>>> The ep_poll_safewake() function is used to wakeup potentially nested
>>> epoll
>>> file descriptors. The function uses ep_call_nested() to
On 2018/10/16 14:41, Richard Weinberger wrote:
> On Tue, Oct 16, 2018 at 7:53 AM Hou Tao wrote:
>>
>> ping ?
>>
>> On 2018/10/6 17:09, Hou Tao wrote:
>>> When an invalid mount option is passed to jffs2, jffs2_parse_options()
>>> will fail and jffs2_
3ad30970ff..cae4ecda3c50 100644
> --- a/fs/jffs2/super.c
> +++ b/fs/jffs2/super.c
> @@ -101,7 +101,8 @@ static int jffs2_sync_fs(struct super_block *sb, int wait)
> struct jffs2_sb_info *c = JFFS2_SB_INFO(sb);
>
> #ifdef CONFIG_JFFS2_FS_WRITEBUFFER
> - cancel_delayed_work_sync(
ping ?
On 2018/10/6 17:09, Hou Tao wrote:
> When an invalid mount option is passed to jffs2, jffs2_parse_options()
> will fail and jffs2_sb_info will be freed, but then jffs2_sb_info will
> be used (use-after-free) and freeed (double-free) in jffs2_kill_sb().
>
> Fix it by rem
When jffs2_xattr_ref is dead, xref->ic or xref->xd will be invalid
because these fields will be reused as xref->ino or xref->xid,
so access xref->ic->ino or xref->xd->xid will lead to Oops.
Fix the problem by checking whether or not it is a dead xref.
Signed-off-by
necessary writing of delete marker.")
Signed-off-by: Hou Tao
---
fs/jffs2/xattr.c | 61 +++-
fs/jffs2/xattr.h | 8 +++-
2 files changed, 63 insertions(+), 6 deletions(-)
diff --git a/fs/jffs2/xattr.c b/fs/jffs2/xattr.c
index da3e18503c6
using it in jffs2_verify_write().
Cc: sta...@vger.kernel.org
Fixes: 0029da3bf430 ("JFFS2: add UBI support")
Signed-off-by: Hou Tao
---
fs/jffs2/wbuf.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/fs/jffs2/wbuf.c b/fs/jffs2/wbuf.c
index c6821a509481..3de45f4559d1 10064
.
Cc: sta...@kernel.org
Signed-off-by: Hou Tao
---
fs/jffs2/super.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
index 87bdf0f4cba1..902a7dd10e5c 100644
--- a/fs/jffs2/super.c
+++ b/fs/jffs2/super.c
@@ -285,10 +285,8 @@ static int
ion of inode will be fine
And no __GFP_FS may lead to hang in __alloc_pages_slowpath() if a
squashfs page fault occurs in the context of a memory hogger, because
the hogger will not be killed due to the logic in __alloc_pages_may_oom().
Signed-off-by: Hou Tao
---
fs/squashfs/file.c |
ping ?
On 2018/12/4 10:08, Hou Tao wrote:
> There is no need to disable __GFP_FS in ->readpage:
> * It's a read-only fs, so there will be no dirty/writeback page and
> there will be no deadlock against the caller's locked page
> * It just allocates one page, so compaction will
Remove the global epmutex from ep_free() and eventpoll_release_file().
In the later patches, we will add locks with a smaller granularity
to serve the same purposes of epmutex.
Signed-off-by: Hou Tao
---
fs/eventpoll.c | 4
1 file changed, 4 deletions(-)
diff --git a/fs/eventpoll.c b/fs
struct belongs to an epoll fd
which also polls the target file.
So freeing eventpoll by rcu to ensure the accessed fields of
eventpoll are still valid when invoking reverse_path_check_proc().
Signed-off-by: Hou Tao
---
fs/eventpoll.c | 12 +++-
1 file changed, 11 insertions(+), 1 de
added to the visited_list, we need to wait for its removal.
Signed-off-by: Hou Tao
---
fs/eventpoll.c | 15 ++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/fs/eventpoll.c b/fs/eventpoll.c
index 26ab0c5..44ea587 100644
--- a/fs/eventpoll.c
+++ b/fs/eventpoll.c
@@ -862,6
needs to acquire ep->mtx which is a mutex, so we add a ref-counter to
eventpoll and increase it before leaving the rcu read critical region.
Signed-off-by: Hou Tao
---
fs/eventpoll.c | 38 +++---
1 file changed, 31 insertions(+), 7 deletions(-)
diff --git a/fs/eventpo
ay has already got the epi from
file->f_ep_links. To protect against the double-free case, check
rb_first_cached() in eventpoll_release_file() to ensure the epi
has not been removed by ep_free()
Signed-off-by: Hou Tao
---
fs/eventpoll.c | 13 +++--
1 file changed, 11 inserti
When ep_free() iterates the epi in ep->rbr, the epi may be removed
by eventpoll_release_file(). To protect again the case, acquiring
ep->mtx before the iteration of ep->rbr.
Signed-off-by: Hou Tao
---
fs/eventpoll.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff -
ch 8 enlarge the protected region of ep->mtx to protect against
the iteration of ep->rbr.
The patch set has passed the epoll related test cases in LTP, and we are
planing to run some torture or performance test cases for nested-epoll
cases.
Comments and questions are welcome.
Regards,
Tao
---
Hou Tao
.
Signed-off-by: Hou Tao
---
fs/eventpoll.c | 12
1 file changed, 12 insertions(+)
diff --git a/fs/eventpoll.c b/fs/eventpoll.c
index 44ea587..998c635 100644
--- a/fs/eventpoll.c
+++ b/fs/eventpoll.c
@@ -1029,6 +1029,18 @@ void eventpoll_release_file(struct file *file
When eventpoll_release_file() iterates epitem in file->f_ep_links,
the epitem may be removed by ep_free(). To protect again the concurrent
writer, iterate file->f_ep_links by using rcu_read_lock() and
list_first_or_null_rcu()
Signed-off-by: Hou Tao
---
fs/eventpoll.c | 12 +++-
Hi,
On 2017/10/28 21:58, Davidlohr Bueso wrote:
> On Sat, 28 Oct 2017, Hou Tao wrote:
>
>> Remove the global epmutex from ep_free() and eventpoll_release_file().
>> In the later patches, we will add locks with a smaller granularity
>> to serve the same purposes of e
wsem: Use this_cpu_{inc,dec}() for read_count
> From: Hou Tao
> Date: Tue, 15 Sep 2020 22:07:50 +0800
>
> From: Hou Tao
>
> The __this_cpu*() accessors are (in general) IRQ-unsafe which, given
> that percpu-rwsem is a blocking primitive, should be just fine.
>
&
ned-off-by: Hou Tao
---
kernel/locking/locktorture.c | 28 ++--
1 file changed, 22 insertions(+), 6 deletions(-)
diff --git a/kernel/locking/locktorture.c b/kernel/locking/locktorture.c
index bebdf98e6cd78..e91033e9b6f95 100644
--- a/kernel/locking/locktorture.c
+++ b/ker
To ensure there is always at least one locking thread.
Signed-off-by: Hou Tao
---
kernel/locking/locktorture.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/kernel/locking/locktorture.c b/kernel/locking/locktorture.c
index 9cfa5e89cff7f..bebdf98e6cd78 100644
--- a/kernel
Hou Tao (2):
locktorture: doesn't check nreaders_stress when no readlock support
locktorture: call percpu_free_rwsem() to do percpu-rwsem cleanup
kernel/locking/locktorture.c | 29 +++--
1 file changed, 23 insertions(+), 6 deletions(-)
--
2.25.0.4.g0ad7144999
it by using the IRQ-safe helper this_cpu_inc|dec() for
operations on read_count.
Another plausible fix is to state that percpu-rwsem can NOT be
used under IRQ context and convert all users which may
use it under IRQ context.
Signed-off-by: Hou Tao
---
include/linux/percpu-rwsem.h | 8
kernel
Hi,
On 2020/10/29 0:29, Casey Schaufler wrote:
> On 10/27/2020 7:06 PM, Chen Jun wrote:
>> From: Chen Jun
>>
>> Kmemleak will report a problem after using
>> "echo 1 > /sys/fs/selinux/disable" to disable selinux on runtime.
>
> Runtime disable of SELinux has been deprecated. It would be
>
Hi Paul,
On 2020/9/18 0:58, Paul E. McKenney wrote:
> On Thu, Sep 17, 2020 at 09:59:09PM +0800, Hou Tao wrote:
>> To ensure there is always at least one locking thread.
>>
>> Signed-off-by: Hou Tao
>> ---
>> kernel/locking/locktorture.c | 3 ++-
>> 1 fi
reject these parameters by returning
-EINVAL during module init.
Signed-off-by: Hou Tao
---
kernel/locking/locktorture.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/kernel/locking/locktorture.c b/kernel/locking/locktorture.c
index 9cfa5e89cff7f..bebdf98e6cd78 100644
Hi Paul,
On 2020/9/19 1:59, Paul E. McKenney wrote:
> On Fri, Sep 18, 2020 at 07:44:24PM +0800, Hou Tao wrote:
>> When do locktorture for exclusive lock which doesn't have readlock
>> support, the following module parameters will be considered as valid:
>>
>&g
Hi Will & Ard,
+to Ard Biesheuvel for the "regression" caused by
91fc957c9b1d6
("arm64/bpf: don't allocate BPF JIT programs in module memory")
On 2020/9/17 16:48, Will Deacon wrote:
> On Wed, Sep 16, 2020 at 08:32:20PM +0800, Hou Tao wrote:
>>> Subject: loc
called.
Signed-off-by: Hou Tao
---
v2: add init_called field in lock_torture_cxt instead of reusing
cxt->cur_ops for error handling
kernel/locking/locktorture.c | 26 +-
1 file changed, 21 insertions(+), 5 deletions(-)
diff --git a/kernel/locking/locktorture.
ule exits.
>>
>> Also needs to call exit hook if lock_torture_init() fails half-way,
>> so use ctx->cur_ops != NULL to signal that init hook has been called.
>
> Good catch, but please see below for comments and questions.
>
>> Signe
Hi Jason,
On 2017/10/18 22:03, Jason Baron wrote:
>
>
> On 10/17/2017 11:37 AM, Davidlohr Bueso wrote:
>> On Fri, 13 Oct 2017, Jason Baron wrote:
>>
>>> The ep_poll_safewake() function is used to wakeup potentially nested
>>> epoll
>>> file descriptors. The function uses ep_call_nested() to
Hi all,
We are testing the patches for Spectre and Meltdown under OS derived from RH7.2,
and hit by a hard LOCKUP panic under a x86_64 host environment.
The hard LOCKUP can be reproduced, and it will gone if we disable ibpb by
writing 0 to ibpb_enabled file, and it will appear again when we
Hi Richard,
On 2019/9/20 22:38, Richard Weinberger wrote:
> On Fri, Sep 20, 2019 at 4:14 PM Xiaoming Ni wrote:
>> I still think this is easier to understand:
>> Free the memory allocated by the current function in the failed branch
>
> Please note that jffs2 is in "odd fixes only" maintenance
Hi,
Cc +Richard +David
On 2020/1/6 16:04, zhangyi (F) wrote:
> After commit 4fdcfab5b553 ("jffs2: fix use-after-free on symlink
> traversal"), it expose a freeing uninitialized memory problem due to
> this commit move the operaion of freeing f->target to
> jffs2_i_callback(), which may not be
Using a sector_t as the return value is misleading, because
raise_barrier() only return 0 or -EINTR.
Also add comments for the return values of raise_barrier().
Signed-off-by: Hou Tao
---
drivers/md/raid1.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/md/raid1
It's just code clean-up.
Signed-off-by: Hou Tao
---
drivers/md/raid1.c | 39 ++-
1 file changed, 18 insertions(+), 21 deletions(-)
diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c
index 1755d2233e4d..d73ed94764c1 100644
--- a/drivers/md/raid1.c
+++ b
Hi,
On 2020/6/9 12:07, Josh Snyder wrote:
> Previously, io_ticks could be under-counted. Consider these I/Os along
> the time axis (in jiffies):
>
> t 012345678
> io1||
> io2|---|
>
> Under the old approach, io_ticks would count up to 6, like so:
>
> t
Reviewed-by: Hou Tao
On 2020/6/19 17:06, Zhe Li wrote:
> The log of UAF problem is listed below.
> BUG: KASAN: use-after-free in jffs2_rmdir+0xa4/0x1cc [jffs2] at addr c1f165fc
> Read of size 4 by task rm/8283
> ===
iter_file_splice_write().
Spotted by xfs-tests generic/091.
Signed-off-by: Hou Tao
---
fs/fat/file.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/fat/file.c b/fs/fat/file.c
index 13935ee99e1e..b3bed32946b1 100644
--- a/fs/fat/file.c
+++ b/fs/fat/file.c
@@ -214,6 +214,7 @@ const struct file_operations
On 2018/12/14 5:53, Richard Weinberger wrote:
> On Sun, Dec 9, 2018 at 7:52 AM Boris Brezillon
> wrote:
>>
>> On Sat, 20 Oct 2018 19:07:53 +0800
>> Hou Tao wrote:
>>
>>> When jffs2_xattr_ref is dead, xref->ic or xref->xd will be invalid
>>
ping ?
On 2018/12/9 14:21, Hou Tao wrote:
> For xattr modification, we do not write a new jffs2_raw_xref with
> delete marker into flash, so if a xattr is modified then removed,
> and the old xref & xdatum are not erased by GC, after reboot or
> remount, the new xattr x
ping ?
On 2018/12/9 14:35, Hou Tao wrote:
> ping ?
>
> On 2018/10/20 20:08, Hou Tao wrote:
>> Now MTD emulated by UBI volumn doesn't allocate wbuf_verify in
>> jffs2_ubivol_setup(), because UBI can do the verifcation itself,
>> so when CONFIG_JFFS2_FS_WBUF_VERIFY
ping ?
On 2018/12/13 10:18, Hou Tao wrote:
> ping ?
>
> On 2018/12/6 9:14, Hou Tao wrote:
>> ping ?
>>
>> On 2018/12/4 10:08, Hou Tao wrote:
>>> There is no need to disable __GFP_FS in ->readpage:
>>> * It's a read-o
Hi,
On 2018/12/15 22:38, Matthew Wilcox wrote:
> On Tue, Dec 04, 2018 at 10:08:40AM +0800, Hou Tao wrote:
>> There is no need to disable __GFP_FS in ->readpage:
>> * It's a read-only fs, so there will be no dirty/writeback page and
>> there will be no deadlock against
P_FS)) && oc->chosen &&
> + oc->chosen != (void *)-1UL && oc->chosen != current) {
> + put_task_struct(oc->chosen);
> + return true;
> + }
> +
> /* Found nothing?!?! */
> if (!oc
ping ?
On 2018/12/6 9:14, Hou Tao wrote:
> ping ?
>
> On 2018/12/4 10:08, Hou Tao wrote:
>> There is no need to disable __GFP_FS in ->readpage:
>> * It's a read-only fs, so there will be no dirty/writeback page and
>> there will be no deadlock against the cal
On 2018/12/16 0:23, Richard Weinberger wrote:
> The rtime compressor assumes that at least two bytes are
> compressed.
> If we try to compress just one byte, the loop condition will
> wrap around and an out-of-bounds write happens.
>
> Cc:
> Signed-off-by: Richard Weinberger
> ---
>
ping ?
On 2018/12/4 10:08, Hou Tao wrote:
> There is no need to disable __GFP_FS in ->readpage:
> * It's a read-only fs, so there will be no dirty/writeback page and
> there will be no deadlock against the caller's locked page
> * It just allocates one page, so compaction will
When jffs2_xattr_ref is dead, xref->ic or xref->xd will be invalid
because these fields will be reused as xref->ino or xref->xid,
so access xref->ic->ino or xref->xd->xid will lead to Oops.
Fix the problem by checking whether or not it is a dead xref.
Signed-off-by
necessary writing of delete marker.")
Signed-off-by: Hou Tao
---
fs/jffs2/xattr.c | 61 +++-
fs/jffs2/xattr.h | 8 +++-
2 files changed, 63 insertions(+), 6 deletions(-)
diff --git a/fs/jffs2/xattr.c b/fs/jffs2/xattr.c
index da3e18503c6
using it in jffs2_verify_write().
Cc: sta...@vger.kernel.org
Fixes: 0029da3bf430 ("JFFS2: add UBI support")
Signed-off-by: Hou Tao
---
fs/jffs2/wbuf.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/fs/jffs2/wbuf.c b/fs/jffs2/wbuf.c
index c6821a509481..3de45f4559d1 10064
ping ?
On 2018/10/6 17:09, Hou Tao wrote:
> When an invalid mount option is passed to jffs2, jffs2_parse_options()
> will fail and jffs2_sb_info will be freed, but then jffs2_sb_info will
> be used (use-after-free) and freeed (double-free) in jffs2_kill_sb().
>
> Fix it by rem
On 2018/10/16 14:41, Richard Weinberger wrote:
> On Tue, Oct 16, 2018 at 7:53 AM Hou Tao wrote:
>>
>> ping ?
>>
>> On 2018/10/6 17:09, Hou Tao wrote:
>>> When an invalid mount option is passed to jffs2, jffs2_parse_options()
>>> will fail and jffs2_
_flags & d_inode
are consistent, and lookup_slow() use inode lock to ensure that, so only
the REF-walk path in lookup_fast() is problematic.
Fixing it by adding a paired smp_rmb/smp_wmb between the reading/writing
of d_inode & d_flags to ensure the consistency.
Signed-off-by: Hou Tao
---
fs/dca
ping ?
On 2019/4/19 16:48, Hou Tao wrote:
> After extending the size of dentry from 192-bytes to 208-bytes
> under aarch64, we got oops during the running of xfstests generic/429:
>
> Unable to handle kernel NULL pointer dereference at virtual address
> 0002
>
ping ?
On 2019/2/25 17:03, Hou Tao wrote:
> Taking an extra file reference before call vfs_poll(), else
> the file may be released by aio_poll_wake() if an expected
> event is triggered immediately (e.g., by the close of a
> pair of pipes) after the return of vfs_poll(), and we may
arly when any stage of fsync fails.
Signed-off-by: Hou Tao
---
fs/fat/file.c | 11 ---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/fs/fat/file.c b/fs/fat/file.c
index b3bed32946b1..0e3ed79fcc3f 100644
--- a/fs/fat/file.c
+++ b/fs/fat/file.c
@@ -193,12 +193,17 @@ static
to be set the minimal value of file-max to be 1,
so one_ul can be used instead, but I'm not sure whether or not a file-max
with a value of zero has special purpose (e.g., prohibit the file-related
activities of all no-privileged users).
Signed-off-by: Hou Tao
---
kernel/sysctl.c | 2 +-
1 file
Hi,
Cc Andrew for patch inclusion
On 2019/4/6 0:27, Matthew Wilcox wrote:
> On Fri, Apr 05, 2019 at 02:52:17PM +0800, Hou Tao wrote:
>> We have got KASAN splat when tried to set /proc/sys/fs/file-max:
>
> Matteo Croce already has a patch in-flight for this.
>
>
Yes,
So jffs2_do_clear_inode() could mark all flash nodes used by
the inode as obsolete and GC procedure will reclaim these
flash nodes, else these flash spaces will not be reclaimable
forever.
Cc: sta...@vger.kernel.org
Signed-off-by: Hou Tao
---
fs/jffs2/dir.c | 28
1
, and then removing these files, and repeating.
Comments are welcome.
Hou
Hou Tao (2):
jffs2: reset pino_nlink to 0 when inode creation failed
jffs2: handle INO_STATE_CLEARING in jffs2_do_read_inode()
fs/jffs2/dir.c | 28
fs/jffs2/readinode.c | 1 +
2
des in use")
Cc: sta...@vger.kernel.org
Signed-off-by: Hou Tao
---
fs/jffs2/readinode.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/jffs2/readinode.c b/fs/jffs2/readinode.c
index 389ea53ea487..0bae0583106e 100644
--- a/fs/jffs2/readinode.c
+++ b/fs/jffs2/readinode.c
edly pushing back a jeb (has newly-creating
inodes) and picking up a new jeb (also has newly-creating inodes
and may be the same jeb) when there are many file creation threads.
Fixes: e72e6497e748 ("jffs2: Fix NFS race by using insert_inode_locked()")
Cc: sta...@vger.kernel.org
Reported-by
ll of jffs2_set_inocache_state() under
erase_completion_lock, else the inocache may be leaked because
jffs2_del_ino_cache() invoked by jffs2_remove_node_refs_from_ino_list()
may find the state of inocache is still INO_STATE_CHECKING and will
not free the inocache.
Cc: sta...@vger.kernel.org
ping ?
On 2019/3/1 18:09, Hou Tao wrote:
> ping ?
>
> On 2019/2/25 17:03, Hou Tao wrote:
>> Taking an extra file reference before call vfs_poll(), else
>> the file may be released by aio_poll_wake() if an expected
>> event is triggered immediately (e.g., by the close o
ping ?
On 2019/2/10 17:47, Hou Tao wrote:
> Now splice() on O_DIRECT-opened fat file will return -EFAULT, that is
> because the default .splice_write, namely default_file_splice_write(),
> will construct an ITER_KVEC iov_iter and dio_refill_pages() in dio path
> can not handle
c>] (vfs_getattr_nosec) from [<802b895c>] (vfs_getattr+0x44/0x48)
[<802b8918>] (vfs_getattr) from [<802b8a74>] (vfs_statx+0x9c/0xec)
[<802b89d8>] (vfs_statx) from [<802b9428>] (sys_lstat64+0x48/0x78)
[<802b93e0>] (sys_lstat64) from [<80101000>] (
Hi,
On 2019/1/9 10:38, Dominique Martinet wrote:
> Hou Tao wrote on Wed, Jan 09, 2019:
>> Use inode->i_lock to protect i_size_write(), else i_size_read() in
>> generic_fillattr() may loop infinitely when multiple processes invoke
>> v9fs_vfs_getattr() or v9fs_vfs_getat
ion of inode will be fine
And no __GFP_FS may lead to hang in __alloc_pages_slowpath() if a
squashfs page fault occurs in the context of a memory hogger, because
the hogger will not be killed due to the logic in __alloc_pages_may_oom().
Signed-off-by: Hou Tao
---
fs/squashfs/file.c |
get the overwritten xattr instead of
non-existent error when reading the removed xattr.
Fix it by writing the deletion mark for xattr overwrite.
Fixes: 8a13695cbe4e ("[JFFS2][XATTR] rid unnecessary writing of delete marker.")
Signed-off-by: Hou Tao
---
fs/jffs
ping ?
On 2018/10/20 19:07, Hou Tao wrote:
> When jffs2_xattr_ref is dead, xref->ic or xref->xd will be invalid
> because these fields will be reused as xref->ino or xref->xid,
> so access xref->ic->ino or xref->xd->xid will lead to Oops.
>
&
ping ?
On 2018/10/20 20:08, Hou Tao wrote:
> Now MTD emulated by UBI volumn doesn't allocate wbuf_verify in
> jffs2_ubivol_setup(), because UBI can do the verifcation itself,
> so when CONFIG_JFFS2_FS_WBUF_VERIFY is enabled and a MTD device
> emulated by UBI volumn is used, a Oop
3ad30970ff..cae4ecda3c50 100644
> --- a/fs/jffs2/super.c
> +++ b/fs/jffs2/super.c
> @@ -101,7 +101,8 @@ static int jffs2_sync_fs(struct super_block *sb, int wait)
> struct jffs2_sb_info *c = JFFS2_SB_INFO(sb);
>
> #ifdef CONFIG_JFFS2_FS_WRITEBUFFER
> - cancel_delayed_work_sync(
.
Cc: sta...@kernel.org
Signed-off-by: Hou Tao
---
fs/jffs2/super.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
index 87bdf0f4cba1..902a7dd10e5c 100644
--- a/fs/jffs2/super.c
+++ b/fs/jffs2/super.c
@@ -285,10 +285,8 @@ static int
Hi Jan and list,
When testing the hrtimer version of CFQ, we found a performance degradation
problem which seems to be caused by commit 0b31c10 ("cfq-iosched: Charge at
least 1 jiffie instead of 1 ns").
The following is the test process:
* filesystem and block device
* XFS + /dev/sda
Sorry for the resend, please refer to the later one.
On 2017/3/6 21:50, Hou Tao wrote:
> Hi Jan and list,
>
> When testing the hrtimer version of CFQ, we found a performance degradation
> problem which seems to be caused by commit 0b31c10 ("cfq-iosched: Charge at
> least 1 ji
Hi, any comment ?
On 2017/4/13 21:49, Hou Tao wrote:
> After the invocation of remove_proc_entry() for a proc fs directory,
> if the related dentry had been held by some processes (eg., by chdir),
> the lookup afterwards will still return the old proc_dir_entry. The
> new created p
-by: Hou Tao
---
fs/proc/generic.c | 21 -
fs/proc/inode.c| 5 +
fs/proc/internal.h | 1 +
3 files changed, 26 insertions(+), 1 deletion(-)
diff --git a/fs/proc/generic.c b/fs/proc/generic.c
index ee27feb..92c9dd4 100644
--- a/fs/proc/generic.c
+++ b/fs/proc/generic.c
1 - 100 of 140 matches
Mail list logo