--- /dev/null
+From b81de061fa59f17d2730aabb1b84419ef3913810 Mon Sep 17 00:00:00 2001
+From: Konstantin Khlebnikov <koct9i@gmail.com>
+Date: Sun, 31 Jan 2016 16:21:29 +0300
+Subject: ovl: copy new uid/gid into overlayfs runtime inode
+
+From: Konstantin Khlebnikov <koct9i@gmail.com>
+
+commit b81de061fa59f17d2730aabb1b84419ef3913810 upstream.
+
+Overlayfs must update uid/gid after chown, otherwise functions
+like inode_owner_or_capable() will check user against stale uid.
+Catched by xfstests generic/087, it chowns file and calls utimes.
+
+Signed-off-by: Konstantin Khlebnikov <koct9i@gmail.com>
+Signed-off-by: Miklos Szeredi <miklos@szeredi.hu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/overlayfs/inode.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/fs/overlayfs/inode.c
++++ b/fs/overlayfs/inode.c
+@@ -65,6 +65,8 @@ int ovl_setattr(struct dentry *dentry, s
+
+ mutex_lock(&upperdentry->d_inode->i_mutex);
+ err = notify_change(upperdentry, attr, NULL);
++ if (!err)
++ ovl_copyattr(upperdentry->d_inode, dentry->d_inode);
+ mutex_unlock(&upperdentry->d_inode->i_mutex);
+ }
+ ovl_drop_write(dentry);
--- /dev/null
+From ce9113bbcbf45a57c082d6603b9a9f342be3ef74 Mon Sep 17 00:00:00 2001
+From: Rui Wang <rui.y.wang@intel.com>
+Date: Fri, 8 Jan 2016 23:09:59 +0800
+Subject: ovl: fix getcwd() failure after unsuccessful rmdir
+
+From: Rui Wang <rui.y.wang@intel.com>
+
+commit ce9113bbcbf45a57c082d6603b9a9f342be3ef74 upstream.
+
+ovl_remove_upper() should do d_drop() only after it successfully
+removes the dir, otherwise a subsequent getcwd() system call will
+fail, breaking userspace programs.
+
+This is to fix: https://bugzilla.kernel.org/show_bug.cgi?id=110491
+
+Signed-off-by: Rui Wang <rui.y.wang@intel.com>
+Reviewed-by: Konstantin Khlebnikov <koct9i@gmail.com>
+Signed-off-by: Miklos Szeredi <miklos@szeredi.hu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+
+---
+ fs/overlayfs/dir.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/fs/overlayfs/dir.c
++++ b/fs/overlayfs/dir.c
+@@ -618,7 +618,8 @@ static int ovl_remove_upper(struct dentr
+ * sole user of this dentry. Too tricky... Just unhash for
+ * now.
+ */
+- d_drop(dentry);
++ if (!err)
++ d_drop(dentry);
+ mutex_unlock(&dir->i_mutex);
+
+ return err;
powerpc-fix-dedotify-for-binutils-2.26.patch
powerpc-powernv-add-a-kmsg_dumper-that-flushes-console-output-on-panic.patch
powerpc-powernv-fix-opal_console_flush-prototype-and-usages.patch
+userfaultfd-don-t-block-on-the-last-vm-updates-at-exit-time.patch
+ovl-copy-new-uid-gid-into-overlayfs-runtime-inode.patch
+ovl-fix-getcwd-failure-after-unsuccessful-rmdir.patch
--- /dev/null
+From 39680f50ae54cbbb6e72ac38b8329dd3eb9105f4 Mon Sep 17 00:00:00 2001
+From: Linus Torvalds <torvalds@linux-foundation.org>
+Date: Tue, 1 Mar 2016 11:56:22 -0800
+Subject: userfaultfd: don't block on the last VM updates at exit time
+
+From: Linus Torvalds <torvalds@linux-foundation.org>
+
+commit 39680f50ae54cbbb6e72ac38b8329dd3eb9105f4 upstream.
+
+The exit path will do some final updates to the VM of an exiting process
+to inform others of the fact that the process is going away.
+
+That happens, for example, for robust futex state cleanup, but also if
+the parent has asked for a TID update when the process exits (we clear
+the child tid field in user space).
+
+However, at the time we do those final VM accesses, we've already
+stopped accepting signals, so the usual "stop waiting for userfaults on
+signal" code in fs/userfaultfd.c no longer works, and the process can
+become an unkillable zombie waiting for something that will never
+happen.
+
+To solve this, just make handle_userfault() abort any user fault
+handling if we're already in the exit path past the signal handling
+state being dead (marked by PF_EXITING).
+
+This VM special case is pretty ugly, and it is possible that we should
+look at finalizing signals later (or move the VM final accesses
+earlier). But in the meantime this is a fairly minimally intrusive fix.
+
+Reported-and-tested-by: Dmitry Vyukov <dvyukov@google.com>
+Acked-by: Andrea Arcangeli <aarcange@redhat.com>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Sedat Dilek <sedat.dilek@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/userfaultfd.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/fs/userfaultfd.c
++++ b/fs/userfaultfd.c
+@@ -287,6 +287,12 @@ int handle_userfault(struct vm_area_stru
+ goto out;
+
+ /*
++ * We don't do userfault handling for the final child pid update.
++ */
++ if (current->flags & PF_EXITING)
++ goto out;
++
++ /*
+ * Check that we can return VM_FAULT_RETRY.
+ *
+ * NOTE: it should become possible to return VM_FAULT_RETRY
projects / thirdparty / kernel / stable-queue.git / commitdiff
