From: Greg Kroah-Hartman Date: Mon, 10 Nov 2014 02:59:37 +0000 (+0900) Subject: 3.14-stable patches X-Git-Tag: v3.10.60~55 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3ca9eccc5ccb0340509136dc3b7a351726d99a25;p=thirdparty%2Fkernel%2Fstable-queue.git 3.14-stable patches added patches: ext4-add-ext4_iget_normal-which-is-to-be-used-for-dir-tree-lookups.patch ext4-check-ea-value-offset-when-loading.patch ext4-check-s_chksum_driver-when-looking-for-bg-csum-presence.patch ext4-don-t-check-quota-format-when-there-are-no-quota-files.patch ext4-enable-journal-checksum-when-metadata-checksum-feature-enabled.patch ext4-fix-mmap-data-corruption-when-blocksize-pagesize.patch ext4-fix-oops-when-loading-block-bitmap-failed.patch ext4-fix-overflow-when-updating-superblock-backups-after-resize.patch ext4-fix-reservation-overflow-in-ext4_da_write_begin.patch ext4-grab-missed-write_count-for-ext4_ioc_swap_boot.patch ext4-replace-open-coded-mdata-csum-feature-to-helper-function.patch jbd2-free-bh-when-descriptor-block-checksum-fails.patch qxl-don-t-create-too-large-primary-surface.patch --- diff --git a/queue-3.14/ext4-add-ext4_iget_normal-which-is-to-be-used-for-dir-tree-lookups.patch b/queue-3.14/ext4-add-ext4_iget_normal-which-is-to-be-used-for-dir-tree-lookups.patch new file mode 100644 index 00000000000..bde82b0d7a8 --- /dev/null +++ b/queue-3.14/ext4-add-ext4_iget_normal-which-is-to-be-used-for-dir-tree-lookups.patch @@ -0,0 +1,87 @@ +From f4bb2981024fc91b23b4d09a8817c415396dbabb Mon Sep 17 00:00:00 2001 +From: Theodore Ts'o +Date: Sun, 5 Oct 2014 22:56:00 -0400 +Subject: ext4: add ext4_iget_normal() which is to be used for dir tree lookups + +From: Theodore Ts'o + +commit f4bb2981024fc91b23b4d09a8817c415396dbabb upstream. + +If there is a corrupted file system which has directory entries that +point at reserved, metadata inodes, prohibit them from being used by +treating them the same way we treat Boot Loader inodes --- that is, +mark them to be bad inodes. This prohibits them from being opened, +deleted, or modified via chmod, chown, utimes, etc. + +In particular, this prevents a corrupted file system which has a +directory entry which points at the journal inode from being deleted +and its blocks released, after which point Much Hilarity Ensues. + +Reported-by: Sami Liedes +Signed-off-by: Theodore Ts'o +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/ext4.h | 1 + + fs/ext4/inode.c | 7 +++++++ + fs/ext4/namei.c | 4 ++-- + fs/ext4/super.c | 2 +- + 4 files changed, 11 insertions(+), 3 deletions(-) + +--- a/fs/ext4/ext4.h ++++ b/fs/ext4/ext4.h +@@ -2110,6 +2110,7 @@ int do_journal_get_write_access(handle_t + #define CONVERT_INLINE_DATA 2 + + extern struct inode *ext4_iget(struct super_block *, unsigned long); ++extern struct inode *ext4_iget_normal(struct super_block *, unsigned long); + extern int ext4_write_inode(struct inode *, struct writeback_control *); + extern int ext4_setattr(struct dentry *, struct iattr *); + extern int ext4_getattr(struct vfsmount *mnt, struct dentry *dentry, +--- a/fs/ext4/inode.c ++++ b/fs/ext4/inode.c +@@ -4250,6 +4250,13 @@ bad_inode: + return ERR_PTR(ret); + } + ++struct inode *ext4_iget_normal(struct super_block *sb, unsigned long ino) ++{ ++ if (ino < EXT4_FIRST_INO(sb) && ino != EXT4_ROOT_INO) ++ return ERR_PTR(-EIO); ++ return ext4_iget(sb, ino); ++} ++ + static int ext4_inode_blocks_set(handle_t *handle, + struct ext4_inode *raw_inode, + struct ext4_inode_info *ei) +--- a/fs/ext4/namei.c ++++ b/fs/ext4/namei.c +@@ -1429,7 +1429,7 @@ static struct dentry *ext4_lookup(struct + dentry); + return ERR_PTR(-EIO); + } +- inode = ext4_iget(dir->i_sb, ino); ++ inode = ext4_iget_normal(dir->i_sb, ino); + if (inode == ERR_PTR(-ESTALE)) { + EXT4_ERROR_INODE(dir, + "deleted inode referenced: %u", +@@ -1460,7 +1460,7 @@ struct dentry *ext4_get_parent(struct de + return ERR_PTR(-EIO); + } + +- return d_obtain_alias(ext4_iget(child->d_inode->i_sb, ino)); ++ return d_obtain_alias(ext4_iget_normal(child->d_inode->i_sb, ino)); + } + + /* +--- a/fs/ext4/super.c ++++ b/fs/ext4/super.c +@@ -996,7 +996,7 @@ static struct inode *ext4_nfs_get_inode( + * Currently we don't know the generation for parent directory, so + * a generation of 0 means "accept any" + */ +- inode = ext4_iget(sb, ino); ++ inode = ext4_iget_normal(sb, ino); + if (IS_ERR(inode)) + return ERR_CAST(inode); + if (generation && inode->i_generation != generation) { diff --git a/queue-3.14/ext4-check-ea-value-offset-when-loading.patch b/queue-3.14/ext4-check-ea-value-offset-when-loading.patch new file mode 100644 index 00000000000..1d54d1c8309 --- /dev/null +++ b/queue-3.14/ext4-check-ea-value-offset-when-loading.patch @@ -0,0 +1,100 @@ +From a0626e75954078cfacddb00a4545dde821170bc5 Mon Sep 17 00:00:00 2001 +From: "Darrick J. Wong" +Date: Tue, 16 Sep 2014 14:34:59 -0400 +Subject: ext4: check EA value offset when loading + +From: "Darrick J. Wong" + +commit a0626e75954078cfacddb00a4545dde821170bc5 upstream. + +When loading extended attributes, check each entry's value offset to +make sure it doesn't collide with the entries. + +Without this check it is easy to crash the kernel by mounting a +malicious FS containing a file with an EA wherein e_value_offs = 0 and +e_value_size > 0 and then deleting the EA, which corrupts the name +list. + +(See the f_ea_value_crash test's FS image in e2fsprogs for an example.) + +Signed-off-by: Darrick J. Wong +Signed-off-by: Theodore Ts'o +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/xattr.c | 32 ++++++++++++++++++++++++-------- + 1 file changed, 24 insertions(+), 8 deletions(-) + +--- a/fs/ext4/xattr.c ++++ b/fs/ext4/xattr.c +@@ -189,14 +189,28 @@ ext4_listxattr(struct dentry *dentry, ch + } + + static int +-ext4_xattr_check_names(struct ext4_xattr_entry *entry, void *end) ++ext4_xattr_check_names(struct ext4_xattr_entry *entry, void *end, ++ void *value_start) + { +- while (!IS_LAST_ENTRY(entry)) { +- struct ext4_xattr_entry *next = EXT4_XATTR_NEXT(entry); ++ struct ext4_xattr_entry *e = entry; ++ ++ while (!IS_LAST_ENTRY(e)) { ++ struct ext4_xattr_entry *next = EXT4_XATTR_NEXT(e); + if ((void *)next >= end) + return -EIO; +- entry = next; ++ e = next; + } ++ ++ while (!IS_LAST_ENTRY(entry)) { ++ if (entry->e_value_size != 0 && ++ (value_start + le16_to_cpu(entry->e_value_offs) < ++ (void *)e + sizeof(__u32) || ++ value_start + le16_to_cpu(entry->e_value_offs) + ++ le32_to_cpu(entry->e_value_size) > end)) ++ return -EIO; ++ entry = EXT4_XATTR_NEXT(entry); ++ } ++ + return 0; + } + +@@ -213,7 +227,8 @@ ext4_xattr_check_block(struct inode *ino + return -EIO; + if (!ext4_xattr_block_csum_verify(inode, bh->b_blocknr, BHDR(bh))) + return -EIO; +- error = ext4_xattr_check_names(BFIRST(bh), bh->b_data + bh->b_size); ++ error = ext4_xattr_check_names(BFIRST(bh), bh->b_data + bh->b_size, ++ bh->b_data); + if (!error) + set_buffer_verified(bh); + return error; +@@ -329,7 +344,7 @@ ext4_xattr_ibody_get(struct inode *inode + header = IHDR(inode, raw_inode); + entry = IFIRST(header); + end = (void *)raw_inode + EXT4_SB(inode->i_sb)->s_inode_size; +- error = ext4_xattr_check_names(entry, end); ++ error = ext4_xattr_check_names(entry, end, entry); + if (error) + goto cleanup; + error = ext4_xattr_find_entry(&entry, name_index, name, +@@ -457,7 +472,7 @@ ext4_xattr_ibody_list(struct dentry *den + raw_inode = ext4_raw_inode(&iloc); + header = IHDR(inode, raw_inode); + end = (void *)raw_inode + EXT4_SB(inode->i_sb)->s_inode_size; +- error = ext4_xattr_check_names(IFIRST(header), end); ++ error = ext4_xattr_check_names(IFIRST(header), end, IFIRST(header)); + if (error) + goto cleanup; + error = ext4_xattr_list_entries(dentry, IFIRST(header), +@@ -972,7 +987,8 @@ int ext4_xattr_ibody_find(struct inode * + is->s.here = is->s.first; + is->s.end = (void *)raw_inode + EXT4_SB(inode->i_sb)->s_inode_size; + if (ext4_test_inode_state(inode, EXT4_STATE_XATTR)) { +- error = ext4_xattr_check_names(IFIRST(header), is->s.end); ++ error = ext4_xattr_check_names(IFIRST(header), is->s.end, ++ IFIRST(header)); + if (error) + return error; + /* Find the named attribute. */ diff --git a/queue-3.14/ext4-check-s_chksum_driver-when-looking-for-bg-csum-presence.patch b/queue-3.14/ext4-check-s_chksum_driver-when-looking-for-bg-csum-presence.patch new file mode 100644 index 00000000000..5b8931d77e2 --- /dev/null +++ b/queue-3.14/ext4-check-s_chksum_driver-when-looking-for-bg-csum-presence.patch @@ -0,0 +1,61 @@ +From 813d32f91333e4c33d5a19b67167c4bae42dae75 Mon Sep 17 00:00:00 2001 +From: "Darrick J. Wong" +Date: Tue, 14 Oct 2014 02:35:49 -0400 +Subject: ext4: check s_chksum_driver when looking for bg csum presence + +From: "Darrick J. Wong" + +commit 813d32f91333e4c33d5a19b67167c4bae42dae75 upstream. + +Convert the ext4_has_group_desc_csum predicate to look for a checksum +driver instead of the metadata_csum flag and change the bg checksum +calculation function to look for GDT_CSUM before taking the crc16 +path. + +Without this patch, if we mount with ^uninit_bg,^metadata_csum and +later metadata_csum gets turned on by accident, the block group +checksum functions will incorrectly assume that checksumming is +enabled (metadata_csum) but that crc16 should be used +(!s_chksum_driver). This is totally wrong, so fix the predicate +and the checksum formula selection. + +(Granted, if the metadata_csum feature bit gets enabled on a live FS +then something underhanded is going on, but we could at least avoid +writing garbage into the on-disk fields.) + +Signed-off-by: Darrick J. Wong +Signed-off-by: Theodore Ts'o +Reviewed-by: Dmitry Monakhov +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/ext4.h | 4 ++-- + fs/ext4/super.c | 4 ++++ + 2 files changed, 6 insertions(+), 2 deletions(-) + +--- a/fs/ext4/ext4.h ++++ b/fs/ext4/ext4.h +@@ -2341,8 +2341,8 @@ extern int ext4_register_li_request(stru + static inline int ext4_has_group_desc_csum(struct super_block *sb) + { + return EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_GDT_CSUM | +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM); ++ EXT4_FEATURE_RO_COMPAT_GDT_CSUM) || ++ (EXT4_SB(sb)->s_chksum_driver != NULL); + } + + static inline int ext4_has_metadata_csum(struct super_block *sb) +--- a/fs/ext4/super.c ++++ b/fs/ext4/super.c +@@ -2019,6 +2019,10 @@ static __le16 ext4_group_desc_csum(struc + } + + /* old crc16 code */ ++ if (!(sbi->s_es->s_feature_ro_compat & ++ cpu_to_le32(EXT4_FEATURE_RO_COMPAT_GDT_CSUM))) ++ return 0; ++ + offset = offsetof(struct ext4_group_desc, bg_checksum); + + crc = crc16(~0, sbi->s_es->s_uuid, sizeof(sbi->s_es->s_uuid)); diff --git a/queue-3.14/ext4-don-t-check-quota-format-when-there-are-no-quota-files.patch b/queue-3.14/ext4-don-t-check-quota-format-when-there-are-no-quota-files.patch new file mode 100644 index 00000000000..2c964f5763f --- /dev/null +++ b/queue-3.14/ext4-don-t-check-quota-format-when-there-are-no-quota-files.patch @@ -0,0 +1,38 @@ +From 279bf6d390933d5353ab298fcc306c391a961469 Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Thu, 18 Sep 2014 01:12:15 -0400 +Subject: ext4: don't check quota format when there are no quota files + +From: Jan Kara + +commit 279bf6d390933d5353ab298fcc306c391a961469 upstream. + +The check whether quota format is set even though there are no +quota files with journalled quota is pointless and it actually +makes it impossible to turn off journalled quotas (as there's +no way to unset journalled quota format). Just remove the check. + +Signed-off-by: Jan Kara +Signed-off-by: Theodore Ts'o +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/super.c | 7 ------- + 1 file changed, 7 deletions(-) + +--- a/fs/ext4/super.c ++++ b/fs/ext4/super.c +@@ -1706,13 +1706,6 @@ static int parse_options(char *options, + "not specified"); + return 0; + } +- } else { +- if (sbi->s_jquota_fmt) { +- ext4_msg(sb, KERN_ERR, "journaled quota format " +- "specified with no journaling " +- "enabled"); +- return 0; +- } + } + #endif + if (test_opt(sb, DIOREAD_NOLOCK)) { diff --git a/queue-3.14/ext4-enable-journal-checksum-when-metadata-checksum-feature-enabled.patch b/queue-3.14/ext4-enable-journal-checksum-when-metadata-checksum-feature-enabled.patch new file mode 100644 index 00000000000..42cdd7601ae --- /dev/null +++ b/queue-3.14/ext4-enable-journal-checksum-when-metadata-checksum-feature-enabled.patch @@ -0,0 +1,33 @@ +From 98c1a7593fa355fda7f5a5940c8bf5326ca964ba Mon Sep 17 00:00:00 2001 +From: "Darrick J. Wong" +Date: Thu, 30 Oct 2014 10:53:16 -0400 +Subject: ext4: enable journal checksum when metadata checksum feature enabled + +From: "Darrick J. Wong" + +commit 98c1a7593fa355fda7f5a5940c8bf5326ca964ba upstream. + +If metadata checksumming is turned on for the FS, we need to tell the +journal to use checksumming too. + +Signed-off-by: Darrick J. Wong +Signed-off-by: Theodore Ts'o +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/super.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/fs/ext4/super.c ++++ b/fs/ext4/super.c +@@ -3486,6 +3486,10 @@ static int ext4_fill_super(struct super_ + #ifdef CONFIG_EXT4_FS_POSIX_ACL + set_opt(sb, POSIX_ACL); + #endif ++ /* don't forget to enable journal_csum when metadata_csum is enabled. */ ++ if (ext4_has_metadata_csum(sb)) ++ set_opt(sb, JOURNAL_CHECKSUM); ++ + if ((def_mount_opts & EXT4_DEFM_JMODE) == EXT4_DEFM_JMODE_DATA) + set_opt(sb, JOURNAL_DATA); + else if ((def_mount_opts & EXT4_DEFM_JMODE) == EXT4_DEFM_JMODE_ORDERED) diff --git a/queue-3.14/ext4-fix-mmap-data-corruption-when-blocksize-pagesize.patch b/queue-3.14/ext4-fix-mmap-data-corruption-when-blocksize-pagesize.patch new file mode 100644 index 00000000000..1f9a2fdc60f --- /dev/null +++ b/queue-3.14/ext4-fix-mmap-data-corruption-when-blocksize-pagesize.patch @@ -0,0 +1,37 @@ +From d6320cbfc92910a3e5f10c42d98c231c98db4f60 Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Wed, 1 Oct 2014 21:49:46 -0400 +Subject: ext4: fix mmap data corruption when blocksize < pagesize + +From: Jan Kara + +commit d6320cbfc92910a3e5f10c42d98c231c98db4f60 upstream. + +Use truncate_isize_extended() when hole is being created in a file so that +->page_mkwrite() will get called for the partial tail page if it is +mmaped (see the first patch in the series for details). + +Signed-off-by: Jan Kara +Signed-off-by: Theodore Ts'o +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/inode.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +--- a/fs/ext4/inode.c ++++ b/fs/ext4/inode.c +@@ -4645,8 +4645,12 @@ int ext4_setattr(struct dentry *dentry, + ext4_orphan_del(NULL, inode); + goto err_out; + } +- } else ++ } else { ++ loff_t oldsize = inode->i_size; ++ + i_size_write(inode, attr->ia_size); ++ pagecache_isize_extended(inode, oldsize, inode->i_size); ++ } + + /* + * Blocks are going to be removed from the inode. Wait diff --git a/queue-3.14/ext4-fix-oops-when-loading-block-bitmap-failed.patch b/queue-3.14/ext4-fix-oops-when-loading-block-bitmap-failed.patch new file mode 100644 index 00000000000..a2617dd137b --- /dev/null +++ b/queue-3.14/ext4-fix-oops-when-loading-block-bitmap-failed.patch @@ -0,0 +1,35 @@ +From 599a9b77ab289d85c2d5c8607624efbe1f552b0f Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Thu, 30 Oct 2014 10:53:16 -0400 +Subject: ext4: fix oops when loading block bitmap failed + +From: Jan Kara + +commit 599a9b77ab289d85c2d5c8607624efbe1f552b0f upstream. + +When we fail to load block bitmap in __ext4_new_inode() we will +dereference NULL pointer in ext4_journal_get_write_access(). So check +for error from ext4_read_block_bitmap(). + +Coverity-id: 989065 +Signed-off-by: Jan Kara +Signed-off-by: Theodore Ts'o +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/ialloc.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/fs/ext4/ialloc.c ++++ b/fs/ext4/ialloc.c +@@ -864,6 +864,10 @@ got: + struct buffer_head *block_bitmap_bh; + + block_bitmap_bh = ext4_read_block_bitmap(sb, group); ++ if (!block_bitmap_bh) { ++ err = -EIO; ++ goto out; ++ } + BUFFER_TRACE(block_bitmap_bh, "get block bitmap access"); + err = ext4_journal_get_write_access(handle, block_bitmap_bh); + if (err) { diff --git a/queue-3.14/ext4-fix-overflow-when-updating-superblock-backups-after-resize.patch b/queue-3.14/ext4-fix-overflow-when-updating-superblock-backups-after-resize.patch new file mode 100644 index 00000000000..3aa28f059c7 --- /dev/null +++ b/queue-3.14/ext4-fix-overflow-when-updating-superblock-backups-after-resize.patch @@ -0,0 +1,36 @@ +From 9378c6768e4fca48971e7b6a9075bc006eda981d Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Thu, 30 Oct 2014 10:52:57 -0400 +Subject: ext4: fix overflow when updating superblock backups after resize + +From: Jan Kara + +commit 9378c6768e4fca48971e7b6a9075bc006eda981d upstream. + +When there are no meta block groups update_backups() will compute the +backup block in 32-bit arithmetics thus possibly overflowing the block +number and corrupting the filesystem. OTOH filesystems without meta +block groups larger than 16 TB should be rare. Fix the problem by doing +the counting in 64-bit arithmetics. + +Coverity-id: 741252 +Signed-off-by: Jan Kara +Signed-off-by: Theodore Ts'o +Reviewed-by: Lukas Czerner +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/resize.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/fs/ext4/resize.c ++++ b/fs/ext4/resize.c +@@ -1071,7 +1071,7 @@ static void update_backups(struct super_ + break; + + if (meta_bg == 0) +- backup_block = group * bpg + blk_off; ++ backup_block = ((ext4_fsblk_t)group) * bpg + blk_off; + else + backup_block = (ext4_group_first_block_no(sb, group) + + ext4_bg_has_super(sb, group)); diff --git a/queue-3.14/ext4-fix-reservation-overflow-in-ext4_da_write_begin.patch b/queue-3.14/ext4-fix-reservation-overflow-in-ext4_da_write_begin.patch new file mode 100644 index 00000000000..5344985cc15 --- /dev/null +++ b/queue-3.14/ext4-fix-reservation-overflow-in-ext4_da_write_begin.patch @@ -0,0 +1,79 @@ +From 0ff8947fc5f700172b37cbca811a38eb9cb81e08 Mon Sep 17 00:00:00 2001 +From: Eric Sandeen +Date: Sat, 11 Oct 2014 19:51:17 -0400 +Subject: ext4: fix reservation overflow in ext4_da_write_begin + +From: Eric Sandeen + +commit 0ff8947fc5f700172b37cbca811a38eb9cb81e08 upstream. + +Delalloc write journal reservations only reserve 1 credit, +to update the inode if necessary. However, it may happen +once in a filesystem's lifetime that a file will cross +the 2G threshold, and require the LARGE_FILE feature to +be set in the superblock as well, if it was not set already. + +This overruns the transaction reservation, and can be +demonstrated simply on any ext4 filesystem without the LARGE_FILE +feature already set: + +dd if=/dev/zero of=testfile bs=1 seek=2147483646 count=1 \ + conv=notrunc of=testfile +sync +dd if=/dev/zero of=testfile bs=1 seek=2147483647 count=1 \ + conv=notrunc of=testfile + +leads to: + +EXT4-fs: ext4_do_update_inode:4296: aborting transaction: error 28 in __ext4_handle_dirty_super +EXT4-fs error (device loop0) in ext4_do_update_inode:4301: error 28 +EXT4-fs error (device loop0) in ext4_reserve_inode_write:4757: Readonly filesystem +EXT4-fs error (device loop0) in ext4_dirty_inode:4876: error 28 +EXT4-fs error (device loop0) in ext4_da_write_end:2685: error 28 + +Adjust the number of credits based on whether the flag is +already set, and whether the current write may extend past the +LARGE_FILE limit. + +Signed-off-by: Eric Sandeen +Signed-off-by: Theodore Ts'o +Reviewed-by: Andreas Dilger +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/inode.c | 17 ++++++++++++++++- + 1 file changed, 16 insertions(+), 1 deletion(-) + +--- a/fs/ext4/inode.c ++++ b/fs/ext4/inode.c +@@ -2633,6 +2633,20 @@ static int ext4_nonda_switch(struct supe + return 0; + } + ++/* We always reserve for an inode update; the superblock could be there too */ ++static int ext4_da_write_credits(struct inode *inode, loff_t pos, unsigned len) ++{ ++ if (likely(EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, ++ EXT4_FEATURE_RO_COMPAT_LARGE_FILE))) ++ return 1; ++ ++ if (pos + len <= 0x7fffffffULL) ++ return 1; ++ ++ /* We might need to update the superblock to set LARGE_FILE */ ++ return 2; ++} ++ + static int ext4_da_write_begin(struct file *file, struct address_space *mapping, + loff_t pos, unsigned len, unsigned flags, + struct page **pagep, void **fsdata) +@@ -2683,7 +2697,8 @@ retry_grab: + * of file which has an already mapped buffer. + */ + retry_journal: +- handle = ext4_journal_start(inode, EXT4_HT_WRITE_PAGE, 1); ++ handle = ext4_journal_start(inode, EXT4_HT_WRITE_PAGE, ++ ext4_da_write_credits(inode, pos, len)); + if (IS_ERR(handle)) { + page_cache_release(page); + return PTR_ERR(handle); diff --git a/queue-3.14/ext4-grab-missed-write_count-for-ext4_ioc_swap_boot.patch b/queue-3.14/ext4-grab-missed-write_count-for-ext4_ioc_swap_boot.patch new file mode 100644 index 00000000000..161a362211f --- /dev/null +++ b/queue-3.14/ext4-grab-missed-write_count-for-ext4_ioc_swap_boot.patch @@ -0,0 +1,63 @@ +From 3e67cfad22230ebed85c56cbe413876f33fea82b Mon Sep 17 00:00:00 2001 +From: Dmitry Monakhov +Date: Fri, 3 Oct 2014 12:47:23 -0400 +Subject: ext4: grab missed write_count for EXT4_IOC_SWAP_BOOT + +From: Dmitry Monakhov + +commit 3e67cfad22230ebed85c56cbe413876f33fea82b upstream. + +Otherwise this provokes complain like follows: +WARNING: CPU: 12 PID: 5795 at fs/ext4/ext4_jbd2.c:48 ext4_journal_check_start+0x4e/0xa0() +Modules linked in: brd iTCO_wdt lpc_ich mfd_core igb ptp dm_mirror dm_region_hash dm_log dm_mod +CPU: 12 PID: 5795 Comm: python Not tainted 3.17.0-rc2-00175-gae5344f #158 +Hardware name: Intel Corporation W2600CR/W2600CR, BIOS SE5C600.86B.99.99.x028.061320111235 06/13/2011 + 0000000000000030 ffff8808116cfd28 ffffffff815c7dfc 0000000000000030 + 0000000000000000 ffff8808116cfd68 ffffffff8106ce8c ffff8808116cfdc8 + ffff880813b16000 ffff880806ad6ae8 ffffffff81202008 0000000000000000 +Call Trace: + [] dump_stack+0x51/0x6d + [] warn_slowpath_common+0x8c/0xc0 + [] ? ext4_ioctl+0x9e8/0xeb0 + [] warn_slowpath_null+0x1a/0x20 + [] ext4_journal_check_start+0x4e/0xa0 + [] __ext4_journal_start_sb+0x90/0x110 + [] ext4_ioctl+0x9e8/0xeb0 + [] ? ptrace_stop+0x24d/0x2f0 + [] ? alloc_pid+0x480/0x480 + [] ? ptrace_do_notify+0x92/0xb0 + [] do_vfs_ioctl+0x4e5/0x550 + [] ? _raw_spin_unlock_irq+0x2b/0x40 + [] SyS_ioctl+0x53/0x80 + [] tracesys+0xd0/0xd5 + +Reviewed-by: Jan Kara +Signed-off-by: Dmitry Monakhov +Signed-off-by: Theodore Ts'o +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/ioctl.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +--- a/fs/ext4/ioctl.c ++++ b/fs/ext4/ioctl.c +@@ -544,9 +544,17 @@ group_add_out: + } + + case EXT4_IOC_SWAP_BOOT: ++ { ++ int err; + if (!(filp->f_mode & FMODE_WRITE)) + return -EBADF; +- return swap_inode_boot_loader(sb, inode); ++ err = mnt_want_write_file(filp); ++ if (err) ++ return err; ++ err = swap_inode_boot_loader(sb, inode); ++ mnt_drop_write_file(filp); ++ return err; ++ } + + case EXT4_IOC_RESIZE_FS: { + ext4_fsblk_t n_blocks_count; diff --git a/queue-3.14/ext4-replace-open-coded-mdata-csum-feature-to-helper-function.patch b/queue-3.14/ext4-replace-open-coded-mdata-csum-feature-to-helper-function.patch new file mode 100644 index 00000000000..9dd6c899bd0 --- /dev/null +++ b/queue-3.14/ext4-replace-open-coded-mdata-csum-feature-to-helper-function.patch @@ -0,0 +1,442 @@ +From 9aa5d32ba269bec0e7eaba2697a986a7b0bc8528 Mon Sep 17 00:00:00 2001 +From: Dmitry Monakhov +Date: Mon, 13 Oct 2014 03:36:16 -0400 +Subject: ext4: Replace open coded mdata csum feature to helper function + +From: Dmitry Monakhov + +commit 9aa5d32ba269bec0e7eaba2697a986a7b0bc8528 upstream. + +Besides the fact that this replacement improves code readability +it also protects from errors caused direct EXT4_S(sb)->s_es manipulation +which may result attempt to use uninitialized csum machinery. + +#Testcase_BEGIN +IMG=/dev/ram0 +MNT=/mnt +mkfs.ext4 $IMG +mount $IMG $MNT +#Enable feature directly on disk, on mounted fs +tune2fs -O metadata_csum $IMG +# Provoke metadata update, likey result in OOPS +touch $MNT/test +umount $MNT +#Testcase_END + +# Replacement script +@@ +expression E; +@@ +- EXT4_HAS_RO_COMPAT_FEATURE(E, EXT4_FEATURE_RO_COMPAT_METADATA_CSUM) ++ ext4_has_metadata_csum(E) + +https://bugzilla.kernel.org/show_bug.cgi?id=82201 + +Signed-off-by: Dmitry Monakhov +Signed-off-by: Theodore Ts'o +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ext4/bitmap.c | 12 ++++-------- + fs/ext4/ext4.h | 8 ++++++++ + fs/ext4/extents.c | 6 ++---- + fs/ext4/ialloc.c | 3 +-- + fs/ext4/inline.c | 3 +-- + fs/ext4/inode.c | 9 +++------ + fs/ext4/ioctl.c | 3 +-- + fs/ext4/mmp.c | 6 ++---- + fs/ext4/namei.c | 39 +++++++++++++-------------------------- + fs/ext4/resize.c | 3 +-- + fs/ext4/super.c | 15 +++++---------- + fs/ext4/xattr.c | 6 ++---- + 12 files changed, 43 insertions(+), 70 deletions(-) + +--- a/fs/ext4/bitmap.c ++++ b/fs/ext4/bitmap.c +@@ -24,8 +24,7 @@ int ext4_inode_bitmap_csum_verify(struct + __u32 provided, calculated; + struct ext4_sb_info *sbi = EXT4_SB(sb); + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(sb)) + return 1; + + provided = le16_to_cpu(gdp->bg_inode_bitmap_csum_lo); +@@ -46,8 +45,7 @@ void ext4_inode_bitmap_csum_set(struct s + __u32 csum; + struct ext4_sb_info *sbi = EXT4_SB(sb); + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(sb)) + return; + + csum = ext4_chksum(sbi, sbi->s_csum_seed, (__u8 *)bh->b_data, sz); +@@ -65,8 +63,7 @@ int ext4_block_bitmap_csum_verify(struct + struct ext4_sb_info *sbi = EXT4_SB(sb); + int sz = EXT4_CLUSTERS_PER_GROUP(sb) / 8; + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(sb)) + return 1; + + provided = le16_to_cpu(gdp->bg_block_bitmap_csum_lo); +@@ -91,8 +88,7 @@ void ext4_block_bitmap_csum_set(struct s + __u32 csum; + struct ext4_sb_info *sbi = EXT4_SB(sb); + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(sb)) + return; + + csum = ext4_chksum(sbi, sbi->s_csum_seed, (__u8 *)bh->b_data, sz); +--- a/fs/ext4/ext4.h ++++ b/fs/ext4/ext4.h +@@ -2345,6 +2345,14 @@ static inline int ext4_has_group_desc_cs + EXT4_FEATURE_RO_COMPAT_METADATA_CSUM); + } + ++static inline int ext4_has_metadata_csum(struct super_block *sb) ++{ ++ WARN_ON_ONCE(EXT4_HAS_RO_COMPAT_FEATURE(sb, ++ EXT4_FEATURE_RO_COMPAT_METADATA_CSUM) && ++ !EXT4_SB(sb)->s_chksum_driver); ++ ++ return (EXT4_SB(sb)->s_chksum_driver != NULL); ++} + static inline ext4_fsblk_t ext4_blocks_count(struct ext4_super_block *es) + { + return ((ext4_fsblk_t)le32_to_cpu(es->s_blocks_count_hi) << 32) | +--- a/fs/ext4/extents.c ++++ b/fs/ext4/extents.c +@@ -74,8 +74,7 @@ static int ext4_extent_block_csum_verify + { + struct ext4_extent_tail *et; + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(inode->i_sb)) + return 1; + + et = find_ext4_extent_tail(eh); +@@ -89,8 +88,7 @@ static void ext4_extent_block_csum_set(s + { + struct ext4_extent_tail *et; + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(inode->i_sb)) + return; + + et = find_ext4_extent_tail(eh); +--- a/fs/ext4/ialloc.c ++++ b/fs/ext4/ialloc.c +@@ -988,8 +988,7 @@ got: + spin_unlock(&sbi->s_next_gen_lock); + + /* Precompute checksum seed for inode metadata */ +- if (EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) { ++ if (ext4_has_metadata_csum(sb)) { + __u32 csum; + __le32 inum = cpu_to_le32(inode->i_ino); + __le32 gen = cpu_to_le32(inode->i_generation); +--- a/fs/ext4/inline.c ++++ b/fs/ext4/inline.c +@@ -1128,8 +1128,7 @@ static int ext4_finish_convert_inline_di + memcpy((void *)de, buf + EXT4_INLINE_DOTDOT_SIZE, + inline_size - EXT4_INLINE_DOTDOT_SIZE); + +- if (EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (ext4_has_metadata_csum(inode->i_sb)) + csum_size = sizeof(struct ext4_dir_entry_tail); + + inode->i_size = inode->i_sb->s_blocksize; +--- a/fs/ext4/inode.c ++++ b/fs/ext4/inode.c +@@ -83,8 +83,7 @@ static int ext4_inode_csum_verify(struct + + if (EXT4_SB(inode->i_sb)->s_es->s_creator_os != + cpu_to_le32(EXT4_OS_LINUX) || +- !EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ !ext4_has_metadata_csum(inode->i_sb)) + return 1; + + provided = le16_to_cpu(raw->i_checksum_lo); +@@ -105,8 +104,7 @@ static void ext4_inode_csum_set(struct i + + if (EXT4_SB(inode->i_sb)->s_es->s_creator_os != + cpu_to_le32(EXT4_OS_LINUX) || +- !EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ !ext4_has_metadata_csum(inode->i_sb)) + return; + + csum = ext4_inode_csum(inode, raw, ei); +@@ -4076,8 +4074,7 @@ struct inode *ext4_iget(struct super_blo + ei->i_extra_isize = 0; + + /* Precompute checksum seed for inode metadata */ +- if (EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) { ++ if (ext4_has_metadata_csum(sb)) { + struct ext4_sb_info *sbi = EXT4_SB(inode->i_sb); + __u32 csum; + __le32 inum = cpu_to_le32(inode->i_ino); +--- a/fs/ext4/ioctl.c ++++ b/fs/ext4/ioctl.c +@@ -343,8 +343,7 @@ flags_out: + if (!inode_owner_or_capable(inode)) + return -EPERM; + +- if (EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) { ++ if (ext4_has_metadata_csum(inode->i_sb)) { + ext4_warning(sb, "Setting inode version is not " + "supported with metadata_csum enabled."); + return -ENOTTY; +--- a/fs/ext4/mmp.c ++++ b/fs/ext4/mmp.c +@@ -20,8 +20,7 @@ static __le32 ext4_mmp_csum(struct super + + int ext4_mmp_csum_verify(struct super_block *sb, struct mmp_struct *mmp) + { +- if (!EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(sb)) + return 1; + + return mmp->mmp_checksum == ext4_mmp_csum(sb, mmp); +@@ -29,8 +28,7 @@ int ext4_mmp_csum_verify(struct super_bl + + void ext4_mmp_csum_set(struct super_block *sb, struct mmp_struct *mmp) + { +- if (!EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(sb)) + return; + + mmp->mmp_checksum = ext4_mmp_csum(sb, mmp); +--- a/fs/ext4/namei.c ++++ b/fs/ext4/namei.c +@@ -123,8 +123,7 @@ static struct buffer_head *__ext4_read_d + "directory leaf block found instead of index block"); + return ERR_PTR(-EIO); + } +- if (!EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM) || ++ if (!ext4_has_metadata_csum(inode->i_sb) || + buffer_verified(bh)) + return bh; + +@@ -339,8 +338,7 @@ int ext4_dirent_csum_verify(struct inode + { + struct ext4_dir_entry_tail *t; + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(inode->i_sb)) + return 1; + + t = get_dirent_tail(inode, dirent); +@@ -361,8 +359,7 @@ static void ext4_dirent_csum_set(struct + { + struct ext4_dir_entry_tail *t; + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(inode->i_sb)) + return; + + t = get_dirent_tail(inode, dirent); +@@ -437,8 +434,7 @@ static int ext4_dx_csum_verify(struct in + struct dx_tail *t; + int count_offset, limit, count; + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(inode->i_sb)) + return 1; + + c = get_dx_countlimit(inode, dirent, &count_offset); +@@ -467,8 +463,7 @@ static void ext4_dx_csum_set(struct inod + struct dx_tail *t; + int count_offset, limit, count; + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(inode->i_sb)) + return; + + c = get_dx_countlimit(inode, dirent, &count_offset); +@@ -556,8 +551,7 @@ static inline unsigned dx_root_limit(str + unsigned entry_space = dir->i_sb->s_blocksize - EXT4_DIR_REC_LEN(1) - + EXT4_DIR_REC_LEN(2) - infosize; + +- if (EXT4_HAS_RO_COMPAT_FEATURE(dir->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (ext4_has_metadata_csum(dir->i_sb)) + entry_space -= sizeof(struct dx_tail); + return entry_space / sizeof(struct dx_entry); + } +@@ -566,8 +560,7 @@ static inline unsigned dx_node_limit(str + { + unsigned entry_space = dir->i_sb->s_blocksize - EXT4_DIR_REC_LEN(0); + +- if (EXT4_HAS_RO_COMPAT_FEATURE(dir->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (ext4_has_metadata_csum(dir->i_sb)) + entry_space -= sizeof(struct dx_tail); + return entry_space / sizeof(struct dx_entry); + } +@@ -1534,8 +1527,7 @@ static struct ext4_dir_entry_2 *do_split + int csum_size = 0; + int err = 0, i; + +- if (EXT4_HAS_RO_COMPAT_FEATURE(dir->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (ext4_has_metadata_csum(dir->i_sb)) + csum_size = sizeof(struct ext4_dir_entry_tail); + + bh2 = ext4_append(handle, dir, &newblock); +@@ -1704,8 +1696,7 @@ static int add_dirent_to_buf(handle_t *h + int csum_size = 0; + int err; + +- if (EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (ext4_has_metadata_csum(inode->i_sb)) + csum_size = sizeof(struct ext4_dir_entry_tail); + + if (!de) { +@@ -1772,8 +1763,7 @@ static int make_indexed_dir(handle_t *ha + struct fake_dirent *fde; + int csum_size = 0; + +- if (EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (ext4_has_metadata_csum(inode->i_sb)) + csum_size = sizeof(struct ext4_dir_entry_tail); + + blocksize = dir->i_sb->s_blocksize; +@@ -1889,8 +1879,7 @@ static int ext4_add_entry(handle_t *hand + ext4_lblk_t block, blocks; + int csum_size = 0; + +- if (EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (ext4_has_metadata_csum(inode->i_sb)) + csum_size = sizeof(struct ext4_dir_entry_tail); + + sb = dir->i_sb; +@@ -2152,8 +2141,7 @@ static int ext4_delete_entry(handle_t *h + return err; + } + +- if (EXT4_HAS_RO_COMPAT_FEATURE(dir->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (ext4_has_metadata_csum(dir->i_sb)) + csum_size = sizeof(struct ext4_dir_entry_tail); + + BUFFER_TRACE(bh, "get_write_access"); +@@ -2372,8 +2360,7 @@ static int ext4_init_new_dir(handle_t *h + int csum_size = 0; + int err; + +- if (EXT4_HAS_RO_COMPAT_FEATURE(dir->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (ext4_has_metadata_csum(dir->i_sb)) + csum_size = sizeof(struct ext4_dir_entry_tail); + + if (ext4_test_inode_state(inode, EXT4_STATE_MAY_INLINE_DATA)) { +--- a/fs/ext4/resize.c ++++ b/fs/ext4/resize.c +@@ -1200,8 +1200,7 @@ static int ext4_set_bitmap_checksums(str + { + struct buffer_head *bh; + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(sb)) + return 0; + + bh = ext4_get_bitmap(sb, group_data->inode_bitmap); +--- a/fs/ext4/super.c ++++ b/fs/ext4/super.c +@@ -140,8 +140,7 @@ static __le32 ext4_superblock_csum(struc + int ext4_superblock_csum_verify(struct super_block *sb, + struct ext4_super_block *es) + { +- if (!EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(sb)) + return 1; + + return es->s_checksum == ext4_superblock_csum(sb, es); +@@ -151,8 +150,7 @@ void ext4_superblock_csum_set(struct sup + { + struct ext4_super_block *es = EXT4_SB(sb)->s_es; + +- if (!EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(sb)) + return; + + es->s_checksum = ext4_superblock_csum(sb, es); +@@ -2003,8 +2001,7 @@ static __le16 ext4_group_desc_csum(struc + __u16 crc = 0; + __le32 le_group = cpu_to_le32(block_group); + +- if ((sbi->s_es->s_feature_ro_compat & +- cpu_to_le32(EXT4_FEATURE_RO_COMPAT_METADATA_CSUM))) { ++ if (ext4_has_metadata_csum(sbi->s_sb)) { + /* Use new metadata_csum algorithm */ + __le16 save_csum; + __u32 csum32; +@@ -3160,8 +3157,7 @@ static int set_journal_csum_feature_set( + int compat, incompat; + struct ext4_sb_info *sbi = EXT4_SB(sb); + +- if (EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) { ++ if (ext4_has_metadata_csum(sb)) { + /* journal checksum v3 */ + compat = 0; + incompat = JBD2_FEATURE_INCOMPAT_CSUM_V3; +@@ -3468,8 +3464,7 @@ static int ext4_fill_super(struct super_ + } + + /* Precompute checksum seed for all metadata */ +- if (EXT4_HAS_RO_COMPAT_FEATURE(sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (ext4_has_metadata_csum(sb)) + sbi->s_csum_seed = ext4_chksum(sbi, ~0, es->s_uuid, + sizeof(es->s_uuid)); + +--- a/fs/ext4/xattr.c ++++ b/fs/ext4/xattr.c +@@ -141,8 +141,7 @@ static int ext4_xattr_block_csum_verify( + sector_t block_nr, + struct ext4_xattr_header *hdr) + { +- if (EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM) && ++ if (ext4_has_metadata_csum(inode->i_sb) && + (hdr->h_checksum != ext4_xattr_block_csum(inode, block_nr, hdr))) + return 0; + return 1; +@@ -152,8 +151,7 @@ static void ext4_xattr_block_csum_set(st + sector_t block_nr, + struct ext4_xattr_header *hdr) + { +- if (!EXT4_HAS_RO_COMPAT_FEATURE(inode->i_sb, +- EXT4_FEATURE_RO_COMPAT_METADATA_CSUM)) ++ if (!ext4_has_metadata_csum(inode->i_sb)) + return; + + hdr->h_checksum = ext4_xattr_block_csum(inode, block_nr, hdr); diff --git a/queue-3.14/jbd2-free-bh-when-descriptor-block-checksum-fails.patch b/queue-3.14/jbd2-free-bh-when-descriptor-block-checksum-fails.patch new file mode 100644 index 00000000000..c9c9cd5b260 --- /dev/null +++ b/queue-3.14/jbd2-free-bh-when-descriptor-block-checksum-fails.patch @@ -0,0 +1,34 @@ +From 064d83892e9ba547f7d4eae22cbca066d95210ce Mon Sep 17 00:00:00 2001 +From: "Darrick J. Wong" +Date: Tue, 16 Sep 2014 14:43:09 -0400 +Subject: jbd2: free bh when descriptor block checksum fails + +From: "Darrick J. Wong" + +commit 064d83892e9ba547f7d4eae22cbca066d95210ce upstream. + +Free the buffer head if the journal descriptor block fails checksum +verification. + +This is the jbd2 port of the e2fsprogs patch "e2fsck: free bh on csum +verify error in do_one_pass". + +Signed-off-by: Darrick J. Wong +Signed-off-by: Theodore Ts'o +Reviewed-by: Eric Sandeen +Signed-off-by: Greg Kroah-Hartman + +--- + fs/jbd2/recovery.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/fs/jbd2/recovery.c ++++ b/fs/jbd2/recovery.c +@@ -525,6 +525,7 @@ static int do_one_pass(journal_t *journa + !jbd2_descr_block_csum_verify(journal, + bh->b_data)) { + err = -EIO; ++ brelse(bh); + goto failed; + } + diff --git a/queue-3.14/qxl-don-t-create-too-large-primary-surface.patch b/queue-3.14/qxl-don-t-create-too-large-primary-surface.patch new file mode 100644 index 00000000000..19da2b489e3 --- /dev/null +++ b/queue-3.14/qxl-don-t-create-too-large-primary-surface.patch @@ -0,0 +1,68 @@ +From c572aaf46f71f63ae5914d4e194a955e0ba1b519 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= +Date: Thu, 16 Oct 2014 11:39:44 +0200 +Subject: qxl: don't create too large primary surface +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= + +commit c572aaf46f71f63ae5914d4e194a955e0ba1b519 upstream. + +Limit primary to qemu vgamem size, to avoid reaching +qemu guest bug "requested primary larger than framebuffer" +on resizing screen too large to fit. + +Remove unneeded and misleading variables. + +Related to: +https://bugzilla.redhat.com/show_bug.cgi?id=1127552 + +Signed-off-by: Marc-André Lureau +Signed-off-by: Dave Airlie +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/gpu/drm/qxl/qxl_display.c | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +--- a/drivers/gpu/drm/qxl/qxl_display.c ++++ b/drivers/gpu/drm/qxl/qxl_display.c +@@ -523,7 +523,6 @@ static int qxl_crtc_mode_set(struct drm_ + struct qxl_framebuffer *qfb; + struct qxl_bo *bo, *old_bo = NULL; + struct qxl_crtc *qcrtc = to_qxl_crtc(crtc); +- uint32_t width, height, base_offset; + bool recreate_primary = false; + int ret; + int surf_id; +@@ -553,9 +552,10 @@ static int qxl_crtc_mode_set(struct drm_ + if (qcrtc->index == 0) + recreate_primary = true; + +- width = mode->hdisplay; +- height = mode->vdisplay; +- base_offset = 0; ++ if (bo->surf.stride * bo->surf.height > qdev->vram_size) { ++ DRM_ERROR("Mode doesn't fit in vram size (vgamem)"); ++ return -EINVAL; ++ } + + ret = qxl_bo_reserve(bo, false); + if (ret != 0) +@@ -569,10 +569,10 @@ static int qxl_crtc_mode_set(struct drm_ + if (recreate_primary) { + qxl_io_destroy_primary(qdev); + qxl_io_log(qdev, +- "recreate primary: %dx%d (was %dx%d,%d,%d)\n", +- width, height, bo->surf.width, +- bo->surf.height, bo->surf.stride, bo->surf.format); +- qxl_io_create_primary(qdev, base_offset, bo); ++ "recreate primary: %dx%d,%d,%d\n", ++ bo->surf.width, bo->surf.height, ++ bo->surf.stride, bo->surf.format); ++ qxl_io_create_primary(qdev, 0, bo); + bo->is_primary = true; + surf_id = 0; + } else { diff --git a/queue-3.14/series b/queue-3.14/series index d70b9dffe56..7287f5ce610 100644 --- a/queue-3.14/series +++ b/queue-3.14/series @@ -93,3 +93,16 @@ target-fix-queue-full-status-null-pointer-for-scf_transport_task_sense.patch target-fix-aptpl-metadata-handling-for-dynamic-mappedluns.patch mips-ftrace-fix-a-micromips-build-problem.patch mips-tlbex-properly-fix-huge-tlb-refill-exception-handler.patch +qxl-don-t-create-too-large-primary-surface.patch +jbd2-free-bh-when-descriptor-block-checksum-fails.patch +ext4-check-ea-value-offset-when-loading.patch +ext4-don-t-check-quota-format-when-there-are-no-quota-files.patch +ext4-fix-mmap-data-corruption-when-blocksize-pagesize.patch +ext4-grab-missed-write_count-for-ext4_ioc_swap_boot.patch +ext4-add-ext4_iget_normal-which-is-to-be-used-for-dir-tree-lookups.patch +ext4-fix-reservation-overflow-in-ext4_da_write_begin.patch +ext4-replace-open-coded-mdata-csum-feature-to-helper-function.patch +ext4-check-s_chksum_driver-when-looking-for-bg-csum-presence.patch +ext4-fix-overflow-when-updating-superblock-backups-after-resize.patch +ext4-enable-journal-checksum-when-metadata-checksum-feature-enabled.patch +ext4-fix-oops-when-loading-block-bitmap-failed.patch