git.osdn.net Git - android-x86/kernel.git/log

ANDROID: android-verity: Add API to verify signature with builtin keys.

The builtin keyring was exported prior to this which allowed
android-verity to simply lookup the key in the builtin keyring and
verify the signature of the verity metadata.

This is now broken as the kernel expects the signature to be
in pkcs#7 format (same used for module signing). Obviously, this doesn't
work with the verity metadata as we just append the raw signature in the
metadata .. sigh.

*This one time*, add an API to accept arbitrary signature and verify
that with a key from system's trusted keyring.

Bug: 72722987
Test:
$ adb push verity_fs.img /data/local/tmp/
$ adb root && adb shell
> cd /data/local/tmp
> losetup /dev/block/loop0 verity_fs.img
> dmctl create verity-fs android-verity 0 4200 Android:#7e4333f9bba00adfe0ede979e28ed1920492b40f 7:0
> mount -t ext4 /dev/block/dm-0 temp/
> cat temp/foo.txt temp/bar.txt

Change-Id: I0c14f3cb2b587b73a4c75907367769688756213e
Signed-off-by: Sandeep Patil <sspatil@google.com>

ANDROID: verity: fix android-verity Kconfig dependencies

Bug: 72722987
Test: Android verity now shows up in 'make menuconfig'

Change-Id: I21c2f36c17f45e5eb0daa1257f5817f9d56527e7
Signed-off-by: Sandeep Patil <sspatil@google.com>

ANDROID: uid_sys_stats: Replace tasklist lock with RCU in uid_cputime_show

Tasklist lock is acuquired in uid_cputime_show for updating the stats
for all tasks in the system. This can potentially disable preemption
for several milli seconds. Replace tasklist_lock with RCU read side
primitives.

Change-Id: Ife69cb577bfdceaae6eb21b9bda09a0fe687e140
Signed-off-by: Pavankumar Kondeti <pkondeti@codeaurora.org>

ANDROID: mnt: Fix next_descendent

next_descendent did not properly handle the case
where the initial mount had no slaves. In this case,
we would look for the next slave, but since don't
have a master, the check for wrapping around to the
start of the list will always fail. Instead, we check
for this case, and ensure that we end the iteration
when we come back to the root.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 62094374
Change-Id: I43dfcee041aa3730cb4b9a1161418974ef84812e

ANDROID: Fix massive cpufreq_times memory leaks

Every time _cpu_up() is called for a CPU, idle_thread_get() is called
which then re-initializes a CPU's idle thread that was already
previously created and cached in a global variable in
smpboot.c. idle_thread_get() calls init_idle() which then calls
__sched_fork(). __sched_fork() is where cpufreq_task_times_init() is,
and cpufreq_task_times_init() allocates memory for the task struct's
time_in_state array.

Since idle_thread_get() reuses a task struct instance that was already
previously created, this means that every time it calls init_idle(),
cpufreq_task_times_init() allocates this array again and overwrites
the existing allocation that the idle thread already had.

This causes memory to be leaked every time a CPU is onlined. In order
to fix this, move allocation of time_in_state into _do_fork to avoid
allocating it at all for idle threads. The cpufreq times interface is
intended to be used for tracking userspace tasks, so we can safely
remove it from the kernel's idle threads without killing any
functionality.

But that's not all!

Task structs can be freed outside of release_task(), which creates
another memory leak because a task struct can be freed without having
its cpufreq times allocation freed. To fix this, free the cpufreq
times allocation at the same time that task struct allocations are
freed, in free_task().

Since free_task() can also be called in error paths of copy_process()
after dup_task_struct(), set time_in_state to NULL immediately after
calling dup_task_struct() to avoid possible double free.

Bug description and fix adapted from patch submitted by
Sultan Alsawaf <sultanxda@gmail.com> at
https://android-review.googlesource.com/c/kernel/msm/+/700134

Bug: 110044919
Test: Hikey960 builds, boots & reports /proc/<pid>/time_in_state
correctly
Change-Id: I12fe7611fc88eb7f6c39f8f7629ad27b6ec4722c
Signed-off-by: Connor O'Brien <connoro@google.com>

ANDROID: Reduce use of #ifdef CONFIG_CPU_FREQ_TIMES

Add empty versions of functions to cpufreq_times.h to cut down on use
of #ifdef in .c files.

Test: kernel builds with and without CONFIG_CPU_FREQ_TIMES=y
Change-Id: I49ac364fac3d42bba0ca1801e23b15081094fb12
Signed-off-by: Connor O'Brien <connoro@google.com>

ANDROID: sdcardfs: fix potential crash when reserved_mb is not zero

sdcardfs_mkdir() calls check_min_free_space(). When reserved_mb is not zero, a negative dentry will be passed to
ext4_statfs() at last and ext4_statfs() will crash. The parent dentry is positive. So we use the parent dentry to
check free space.

Change-Id: I80ab9623fe59ba911f4cc9f0e029a1c6f7ee421b
Signed-off-by: Lianjun Huang <huanglianjun@vivo.com>

ANDROID: xt_qtaguid: Remove unnecessary null checks to device's name

'name' will never be NULL since it isn't a plain pointer but an array
of char values.

../net/netfilter/xt_qtaguid.c:1195:27: warning: address of array
'(*el_dev)->name' will always evaluate to 'true'
[-Wpointer-bool-conversion]
if (unlikely(!(*el_dev)->name)) {
~~~~~~~~~~~~^~~~

Change-Id: If3b25f17829b43e8a639193fb9cd04ae45947200
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
(cherry picked from android-4.4 commit 207b579e3db6fd0cb6fe40ba3e929635ad748d89)
Signed-off-by: Chenbo Feng <fengc@google.com>

ANDROID: Add kconfig to make dm-verity check_at_most_once default enabled

This change adds a kernel config for default enable
the check_at_most_once dm-verity option. This is to give us
the ability to enforce the usage of at_most_once
for entry-level phones.

Change-Id: Id40416672c4c2209a9866997d8c164b5de5dc7dc
Signed-off-by: Patrik Torstensson <totte@google.com>
Bug: 72664474

ANDROID: add extra free kbytes tunable

Add a userspace visible knob to tell the VM to keep an extra amount
of memory free, by increasing the gap between each zone's min and
low watermarks.

This is useful for realtime applications that call system
calls and have a bound on the number of allocations that happen
in any short time period. In this application, extra_free_kbytes
would be left at an amount equal to or larger than than the
maximum number of allocations that happen in any burst.

It may also be useful to reduce the memory use of virtual
machines (temporarily?), in a way that does not cause memory
fragmentation like ballooning does.

[ccross]
Revived for use on old kernels where no other solution exists.
The tunable will be removed on kernels that do better at avoiding
direct reclaim.

[surenb]
Will be reverted as soon as Android framework is reworked to
use upstream-supported watermark_scale_factor instead of
extra_free_kbytes.

Bug: 86445363
Change-Id: I765a42be8e964bfd3e2886d1ca85a29d60c3bb3e
Signed-off-by: Rik van Riel<riel@redhat.com>
Signed-off-by: Colin Cross <ccross@android.com>
Signed-off-by: Suren Baghdasaryan <surenb@google.com>

ANDROID: x86_64_cuttlefish_defconfig: Enable F2FS

Bug: 80475502
Change-Id: I061467404f1d4b828ac1b7423db375a35934ce28
Signed-off-by: Alistair Strachan <astrachan@google.com>

ANDROID: Update x86_64_cuttlefish_defconfig

Merge with the configs from kernel/configs.git added recently.

This should fix ipsec VPN functionality.

Bug: 80540078
Change-Id: I9cc99f5e34d2809670fe2fc0df121610657f6769
Signed-off-by: Alistair Strachan <astrachan@google.com>

ANDROID: proc: fix undefined behavior in proc_uid_base_readdir

When uid_base_stuff has no entries, proc_uid_base_readdir tries to
compute an address before the start of the array. Revise this check to
use uid_base_stuff + nents instead, which makes the code valid
regardless of array size.

Bug: 80158484
Test: No more compiler warning with CONFIG_CPU_FREQ_TIMES=n
Change-Id: I6e55b27c3ba8210cee194f6d27bbd62c0b263796
Signed-off-by: Connor O'Brien <connoro@google.com>

x86: vdso: Fix leaky vdso linker with CC=clang.

The vdso{32,64}.so can fail to build when CC=clang when clang tries to
find a suitable GCC toolchain to link these libraries with.

/usr/bin/ld: arch/x86/entry/vdso/vclock_gettime.o: access beyond end of merged section (782)

This happens because the host environment leaked into the CROSS_COMPILE
environment due to the way clang searches for suitable GCC toolchains.

Most of the time this goes unnoticed because the host linker is new
enough to work anyway, but on this particular machine it was not.

Extract the needed --target and --gcc-toolchain flags added in the top
level Makefile from KBUILD_CFLAGS.

Bug: 63889157
Change-Id: If7d4097d1d2eaf95f18d0295483bde8792a06844
Signed-off-by: Alistair Strachan <astrachan@google.com>

ANDROID: x86_64_cuttlefish_defconfig: Disable ORC unwinder.

Disable the ORC unwinder. This feature requires libelf-dev, which is
breaking some automated build systems that do not have it installed.

As we already enabled CONFIG_FRAME_POINTER, we already incurred the
performance penalty of the legacy stack unwinder, so this is pretty
much a no-op change.

Bug: 63889157
Change-Id: Ic0704ebb726c97449ed873556262cc0db3e9a6cf
Signed-off-by: Alistair Strachan <astrachan@google.com>

ANDROID: build: cuttlefish: Upgrade clang to newer version.

The last upgrade introduced a new build failure, because it had a bug
which caused it to emit PLT relocations, certain types of which cannot
be handled by the reloc tool in the kernel.

See https://bugs.llvm.org/show_bug.cgi?id=36674 for more details.

Bug: 63889157
Change-Id: I813febdbacb0579abcb12dc7f2164cce1e2f5a26
Signed-off-by: Alistair Strachan <astrachan@google.com>

ANDROID: build: cuttlefish: Upgrade clang to newer version.

Use the same clang version as hikey-linaro.

Bug: 63889157
Change-Id: I6932d6149642d429086207e63aa8a8d5c2afd6f7
Signed-off-by: Alistair Strachan <astrachan@google.com>

ANDROID: build: cuttlefish: Fix path to clang.

Reconcile with changes made to the kernel manifest. Clang must come from
master because it was not usable for kernel builds in older branches of
the Android platform.

Bug: 63889157
Change-Id: Id0a080fc2f1cba495f37f26afa48e43e736b756a
Signed-off-by: Alistair Strachan <astrachan@google.com>

ANDROID: sdcardfs: Don't d_drop in d_revalidate

After d_revalidate returns 0, the vfs will call
d_invalidate, which will call d_drop itself, along
with other cleanup.

Bug: 78262592
Change-Id: Idbb30e008c05d62edf2217679cb6a5517d8d1a2c
Signed-off-by: Daniel Rosenberg <drosen@google.com>

ANDROID: goldfish: drop CONFIG_INPUT_KEYCHORD

Remove keychord driver, replaced in user space by
https://android-review.googlesource.com/c/677629.

Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Cc: Jin Qian <jinqian@google.com>
Cc: Amit Pundir <amit.pundir@linaro.org>
Bug: 64114943
Change-Id: I0b673a5c68dbe28afa033d2ca70e12daea144b2a

ANDROID: build.config: enforce trace_printk check

Bug: 79166848
Change-Id: I41d2fe57b377e305b4b68c30c98ee94643d142e4
Test: Build a kernel with trace_prink and see warning
Signed-off-by: Wei Wang <wvw@google.com>

ANDROID: sdcardfs: Set s_root to NULL after putting

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 77923821
Change-Id: I1705bfd146009561d2d1da5f0e6a342ec6932a1c

ANDROID: sdcardfs: d_make_root calls iput

d_make_root will call iput on failure, so we
shouldn't try to do that ourselves.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 77923821
Change-Id: I1abb4afb0f894ab917b7c6be8c833676f436beb7

ANDROID: sdcardfs: Check for private data earlier

When an sdcardfs dentry is destroyed, it may not yet
have its fsdata initialized. It must be checked before
we try to access the paths in its private data.

Additionally, when cleaning up the superblock after
a failure, we don't have our sb private data, so
check for that case.

Bug: 77923821
Change-Id: I89caf6e121ed86480b42024664453fe0031bbcf3
Signed-off-by: Daniel Rosenberg <drosen@google.com>

FROMLIST: arm64: kvm: use -fno-jump-tables with clang

Starting with LLVM r308050, clang generates a jump table with EL1
virtual addresses in __init_stage2_translation, which results in a
kernel panic when booting at EL2:

  Kernel panic - not syncing: HYP panic:
  PS:800003c9 PC:ffff0000089e6fd8 ESR:86000004
  FAR:ffff0000089e6fd8 HPFAR:0000000009825000 PAR:0000000000000000
  VCPU:000804fc20001221

  CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.14.0-rc7-dirty #3
  Hardware name: ARM Juno development board (r1) (DT)
  Call trace:
  [<ffff000008088ea4>] dump_backtrace+0x0/0x34c
  [<ffff000008089208>] show_stack+0x18/0x20
  [<ffff0000089c73ec>] dump_stack+0xc4/0xfc
  [<ffff0000080c8e1c>] panic+0x138/0x2b4
  [<ffff0000080c8ce4>] panic+0x0/0x2b4
  SMP: stopping secondary CPUs
  SMP: failed to stop secondary CPUs 0-3,5
  Kernel Offset: disabled
  CPU features: 0x002086
  Memory Limit: none
  ---[ end Kernel panic - not syncing: HYP panic:
  PS:800003c9 PC:ffff0000089e6fd8 ESR:86000004
  FAR:ffff0000089e6fd8 HPFAR:0000000009825000 PAR:0000000000000000
  VCPU:000804fc20001221

This change adds -fno-jump-tables to arm64/hyp to work around the
bug.

Bug: 62093296
Bug: 67506682
Change-Id: I1257be1febdcbfcc886fe6183c698b7a98d2a153
(am from https://patchwork.kernel.org/patch/10060301/)
Suggested-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>

ANDROID: Add build server config for cuttlefish.

The build server config can be used with gcc or clang.
Specify CC=clang to build with clang.

Change-Id: Id346ab1489ecaaef8e9e66b084cc416dd0581f69
Signed-off-by: Alistair Strachan <astrachan@google.com>

ANDROID: Add defconfig for cuttlefish.

This file is based on x86_64_defconfig, merged with the base and
recommended configs from configs.git, with the virtio drivers enabled
and some spurious kernel features turned off.

Change-Id: I61bde941e8cfef2dd83cb4ff040f7380922cc44e
Signed-off-by: Alistair Strachan <astrachan@google.com>

ANDROID: cpufreq: Add time_in_state to /proc/uid directories

Add per-uid files that report the data in binary format rather than
text, to allow faster reading & parsing by userspace.

Signed-off-by: Connor O'Brien <connoro@google.com>
Bug: 72339335
Test: compare values to those reported in /proc/uid_time_in_state
Change-Id: I463039ea7f17b842be4c70024fe772539fe2ce02

ANDROID: proc: Add /proc/uid directory

Add support for reporting per-uid information through procfs, roughly
following the approach used for per-tid and per-tgid directories in
fs/proc/base.c.
This also entails some new tracking of which uids have been used, to
avoid losing information when the last task with a given uid exits.

Signed-off-by: Connor O'Brien <connoro@google.com>
Bug: 72339335
Test: ls /proc/uid/; compare with UIDs in /proc/uid_time_in_state
Change-Id: I0908f0c04438b11ceb673d860e58441bf503d478

ANDROID: cpufreq: times: track per-uid time in state

Add /proc/uid_time_in_state showing per uid/frequency/cluster
times. Allow uid removal through /proc/uid_cputime/remove_uid_range.

Signed-off-by: Connor O'Brien <connoro@google.com>
Bug: 72339335
Test: Read /proc/uid_time_in_state
Change-Id: I20ba3546a27c25b7e7991e2a86986e158aafa58c

ANDROID: cpufreq: track per-task time in state

Add time in state data to task structs, and create
/proc/<pid>/time_in_state files to show how long each individual task
has run at each frequency.
Create a CONFIG_CPU_FREQ_TIMES option to enable/disable this tracking.

Signed-off-by: Connor O'Brien <connoro@google.com>
Bug: 72339335
Test: Read /proc/<pid>/time_in_state
Change-Id: Ia6456754f4cb1e83b2bc35efa8fbe9f8696febc8

ANDROID: fuse: Add null terminator to path in canonical path to avoid issue

page allocated in fuse_dentry_canonical_path to be handled in
fuse_dev_do_write is allocated using __get_free_pages(GFP_KERNEL).
This may not return a page with data filled with 0. Now this
page may not have a null terminator at all.
If this happens and userspace fuse daemon screws up by passing a string
to kernel which is not NULL terminated (or did not fill anything),
then inside fuse driver in kernel when we try to do
strlen(fuse_dev_write->kern_path->getname_kernel)
on that page data -> it may give us issue with kernel paging request.

Unable to handle kernel paging request at virtual address
------------[ cut here ]------------
<..>
PC is at strlen+0x10/0x90
LR is at getname_kernel+0x2c/0xf4
<..>
strlen+0x10/0x90
kern_path+0x28/0x4c
fuse_dev_do_write+0x5b8/0x694
fuse_dev_write+0x74/0x94
do_iter_readv_writev+0x80/0xb8
do_readv_writev+0xec/0x1cc
vfs_writev+0x54/0x64
SyS_writev+0x64/0xe4
el0_svc_naked+0x24/0x28

To avoid this we should ensure in case of FUSE_CANONICAL_PATH,
the page is null terminated.

Change-Id: I33ca7cc76b4472eaa982c67bb20685df451121f5
Signed-off-by: Ritesh Harjani <riteshh@codeaurora.org>
Bug: 75984715
[Daniel - small edit, using args size ]
Signed-off-by: Daniel Rosenberg <drosen@google.com>

ANDROID: sdcardfs: Fix sdcardfs to stop creating cases-sensitive duplicate entries.

sdcardfs_name_match gets a 'name' argument from the underlying FS.
This need not be null terminated string.
So in sdcardfs_name_match -> qstr_case_eq -> we should use
str_n_case_eq.

This happens because few of the entries in lower level FS may not be
NULL terminated and may have some garbage characters passed while
doing sdcardfs_name_match.

For e.g.
# dmesg |grep Download
[  103.646386] sdcardfs_name_match: q1->name=.nomedia, q1->len=8,
q2->name=Download\x17\x80\x03, q2->len=8
[  104.021340] sdcardfs_name_match: q1->name=.nomedia, q1->len=8,
q2->name=Download\x17\x80\x03, q2->len=8
[  105.196864] sdcardfs_name_match: q1->name=.nomedia, q1->len=8,
q2->name=Download\x17\x80\x03, q2->len=8
[  109.113521] sdcardfs_name_match: q1->name=logs, q1->len=4,
q2->name=Download\x17\x80\x03, q2->len=8

Now when we try to create a directory with different case for a such
files. SDCARDFS creates a entry if it could not find the underlying
entry in it's dcache.

To reproduce:-
1. bootup the device wait for some time after sdcardfs mounting to
   complete.
2. cd /storage/emulated/0
3. echo 3 > /proc/sys/vm/drop_caches
4. mkdir download

We now start seeing two entries with name.
Download & download.

Change-Id: I976d92a220a607dd8cdb96c01c2041c5c2bc3326
Signed-off-by: Ritesh Harjani <riteshh@codeaurora.org>
bug: 75987238

ANDROID: arm64: Image.gz-dtb build target depends on Image.gz

While doing parallel builds using "make -j" option, I ran into
a build race condition a few times where-in Image.gz-dtb target
starts building before Image.gz is even ready, resulting in a
corrupt Image.gz-dtb kernel image.

How to reproduce -->

$ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-androidkernel- defconfig menuconfig
+
CONFIG_BUILD_ARM64_APPENDED_DTB_IMAGE=y
CONFIG_BUILD_ARM64_APPENDED_DTB_IMAGE_NAMES="qcom/apq8096-db820c"

$ make ARCH=arm64 CROSS_COMPILE=aarch64-linux-androidkernel- -j9
<snip> ..
  SYSMAP  System.map
  OBJCOPY arch/arm64/boot/Image
  GZIP    arch/arm64/boot/Image.gz
  DTC     arch/arm64/boot/dts/qcom/apq8096-db820c.dtb
  Building modules, stage 2.
  CAT     arch/arm64/boot/Image.gz-dtb
  GZIP    arch/arm64/boot/Image.gz
.. <snip>

$ du -sh arch/arm64/boot/Image.gz-dtb
28K arch/arm64/boot/Image.gz-dtb

When built with this patch -->

$ du -sh arch/arm64/boot/Image.gz-dtb
8.9M arch/arm64/boot/Image.gz-dtb

Let's make Image.gz-dtb build target depend on Image.gz explicitly.

Signed-off-by: Amit Pundir <amit.pundir@linaro.org>

ANDROID: sdcardfs: fix lock issue on 32 bit/SMP architectures

Fixes: cc668ff4b6a1 ("ANDROID: sdcardfs: Hold i_mutex for i_size_write")

Change-Id: If7f2ed90f59c552b9ef9262b0f6aaed394f68784
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 73287721

ANDROID: uid_sys_stats: Copy task_struct comm field to bigger buffer

get_task_comm() currently checks if buf_size != TASK_COMM_LEN
and fails even if sizeof(buf) > TASK_COMM_LEN.

Change-Id: Icb3e9c172607534ef1db10baf5d626083db73498
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>

ANDROID: sdcardfs: Set num in extension_details during make_item

Without this patch when you delete an extension from configfs
it still exists in the hash table data structures and we are
unable to delete it or change it's group.
This happens because during deletion the key & value is taken from
extension_details, and was not properly set.

Fix it by this patch.

Change-Id: I7c20cb1ab4d99e6aceadcb5ef850f0bb47f18be8
Signed-off-by: Ritesh Harjani <riteshh@codeaurora.org>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 73055997

ANDROID: sdcardfs: Hold i_mutex for i_size_write

When we call i_size_write, we must be holding i_mutex to avoid
possible lockups on 32 bit/SMP architectures. This is not
necessary on 64 bit architectures.

Change-Id: Ic3b946507c54d81b5c9046f9b57d25d4b0f9feef
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 73287721

ANDROID: sdcardfs: Protect set_top

If the top is changed while we're attempting to use it, it's
possible that the reference will be put while we are in the
process of grabbing a reference.

Now we grab a spinlock to protect grabbing our reference count.

Additionally, we now set the inode_info's top value to point to
it's own data when initializing, which makes tracking changes
easier.

Change-Id: If15748c786ce4c0480ab8c5051a92523aff284d2
Signed-off-by: Daniel Rosenberg <drosen@google.com>

ANDROID: fsnotify: Notify lower fs of open

If the filesystem being watched supports d_canonical_path,
notify the lower filesystem of the open as well.

Change-Id: I2b1739e068afbaf5eb39950516072bff8345ebfe
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 70706497

ANDROID: sdcardfs: Use lower getattr times/size

We now use the lower filesystem's getattr for time and size related
information.

Change-Id: I3dd05614a0c2837a13eeb033444fbdf070ddce2a
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 72007585

ANDROID: Revert "fs: unexport vfs_read and vfs_write"

This reverts commit bd8df82be66698042d11e7919e244c8d72b042ca.

These functions are used in sdcardfs

Change-Id: If740718cca903c211d1c2832c7fd95a4c4cfe20f
Signed-off-by: Daniel Rosenberg <drosen@google.com>

ANDROID: sdcardfs: port to 4.14

Change-Id: I03271d8e8229ce6f22f337dc7d1938e0bf060f2a
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 70278506

ANDROID: fs: Export vfs_rmdir2

allmodconfig builds fail with

ERROR: "vfs_rmdir2" undefined!

Export the missing function.

Change-Id: I983d327e59fd34e0484f3c54d925e97d3905c19c
Fixes: f9cb61dcb00c ("ANDROID: sdcardfs: User new permission2 functions")
Signed-off-by: Guenter Roeck <groeck@chromium.org>

ANDROID: mm: Export do_munmap

The 0-day build bot reports the following build error, seen if SDCARD_FS
is built as module.

ERROR: "do_munmap" undefined!

Fixes: 84a1b7d3d312 ("Included sdcardfs source code for kernel 3.0")
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Guenter Roeck <groeck@chromium.org>

ANDROID: fs: Export d_absolute_path

The 0-day build bot reports the following build error, seen if SDCARD_FS
is built as module.

ERROR: "d_absolute_path" undefined!

Fixes: 84a1b7d3d312 ("Included sdcardfs source code for kernel 3.0")
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Signed-off-by: Guenter Roeck <groeck@chromium.org>

ANDROID: fs: Export free_fs_struct and set_fs_pwd

allmodconfig builds fail with:

ERROR: "free_fs_struct" undefined!
ERROR: "set_fs_pwd" undefined!

Export the missing symbols.

Change-Id: I4877ead19d7e7f0c93d4c4cad5681364284323aa
Fixes: 0ec03f845799 ("ANDROID: sdcardfs: override umask on mkdir and create")
Signed-off-by: Guenter Roeck <groeck@chromium.org>

ANDROID: export security_path_chown

Signed-off-by: Daniel Rosenberg <drosen@google.com>
BUG: 35142419
Change-Id: I05a9430a3c1bc624e019055175ad377290b4e774

ANDROID: sdcardfs: Add default_normal option

The default_normal option causes mounts with the gid set to
AID_SDCARD_RW to have user specific gids, as in the normal case.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I9619b8ac55f41415df943484dc8db1ea986cef6f
Bug: 64672411

ANDROID: Sdcardfs: Move gid derivation under flag

This moves the code to adjust the gid/uid of lower filesystem
files under the mount flag derive_gid.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I44eaad4ef67c7fcfda3b6ea3502afab94442610c
Bug: 63245673

ANDROID: sdcardfs: override credential for ioctl to lower fs

Otherwise, lower_fs->ioctl() fails due to inode_owner_or_capable().

Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Bug: 63260873
Change-Id: I623a6c7c5f8a3cbd7ec73ef89e18ddb093c43805

ANDROID: sdcardfs: Remove unnecessary lock

The mmap_sem lock does not appear to be protecting
anything, and has been removed in Samsung's more
recent versions of sdcardfs.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I76ff3e33002716b8384fc8be368028ed63dffe4e
Bug: 63785372

ANDROID: sdcardfs: use mount_nodev and fix a issue in sdcardfs_kill_sb

Use the VFS mount_nodev instead of customized mount_nodev_with_options
and fix generic_shutdown_super to kill_anon_super because of set_anon_super

Signed-off-by: Gao Xiang <gaoxiang25@huawei.com>
Change-Id: Ibe46647aa2ce49d79291aa9d0295e9625cfccd80

ANDROID: sdcardfs: remove dead function open_flags_to_access_mode()

smatch warns about the suspicious formatting in the last line of
open_flags_to_access_mode(). It turns out the only caller was deleted
over a year ago by "ANDROID: sdcardfs: Bring up to date with Android M
permissions:", so we can "fix" the function's formatting by deleting it.

Change-Id: Id85946f3eb01722eef35b1815f405a6fda3aa4ff
Signed-off-by: Greg Hackmann <ghackmann@google.com>

ANDROID: sdcardfs: d_splice_alias can return error values

We must check that d_splice_alias was successful before using its
output.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 62390017
Change-Id: Ifda0a052fb3f67e35c635a4e5e907876c5400978

ANDROID: sdcardfs: Check for NULL in revalidate

If the inode is in the process of being evicted,
the top value may be NULL.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 38502532
Change-Id: I0b9d04aab621e0398d44d1c5dc53293106aa5f89

ANDROID: sdcardfs: Move top to its own struct

Move top, and the associated data, to its own struct.
This way, we can properly track refcounts on top
without interfering with the inode's accounting.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 38045152
Change-Id: I1968e480d966c3f234800b72e43670ca11e1d3fd

ANDROID: sdcardfs: fix sdcardfs_destroy_inode for the inode RCU approach

According to the following commits,
fs: icache RCU free inodes
vfs: fix the stupidity with i_dentry in inode destructors

sdcardfs_destroy_inode should be fixed for the fast path safety.

Signed-off-by: Gao Xiang <gaoxiang25@huawei.com>
Change-Id: I84f43c599209d23737c7e28b499dd121cb43636d

ANDROID: sdcardfs: Don't iput if we didn't igrab

If we fail to get top, top is either NULL, or igrab found
that we're in the process of freeing that inode, and did
not grab it. Either way, we didn't grab it, and have no
business putting it.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 38117720
Change-Id: Ie2f587483b9abb5144263156a443e89bc69b767b

ANDROID: sdcardfs: Call lower fs's revalidate

We should be calling the lower filesystem's revalidate
inside of sdcardfs's revalidate, as wrapfs does.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: I939d1c4192fafc1e21678aeab43fe3d588b8e2f4

ANDROID: sdcardfs: Avoid setting GIDs outside of valid ranges

When setting up the ownership of files on the lower filesystem,
ensure that these values are in reasonable ranges for apps. If
they aren't, default to AID_MEDIA_RW

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 37516160
Change-Id: I0bec76a61ac72aff0b993ab1ad04be8382178a00

ANDROID: sdcardfs: Copy meta-data from lower inode

From wrapfs commit 3ee9b365e38c ("Wrapfs: properly copy meta-data after
AIO operations from lower inode")

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: I9a789222e27a17b8d85ce61c45397d1839f9a675

ANDROID: sdcardfs: Use filesystem specific hash

We weren't accounting for FS specific hash functions,
causing us to miss negative dentries for any FS that
had one.

Similar to a patch from esdfs
commit 75bd25a9476d ("esdfs: support lower's own hash")

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I32d1ba304d728e0ca2648cacfb4c2e441ae63608

ANDROID: sdcardfs: Don't complain in fixup_lower_ownership

Not all filesystems support changing the owner of a file.
We shouldn't complain if it doesn't happen.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 37488099
Change-Id: I403e44ab7230f176e6df82f6adb4e5c82ce57f33

ANDROID: sdcardfs: Don't do d_add for lower fs

For file based encryption, ext4 explicitly does not
create negative dentries for encrypted files. If you
force one over it, the decrypted file will be hidden
until the cache is cleared. Instead, just fail out.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 37231161
Change-Id: Id2a9708dfa75e1c22f89915c529789caadd2ca4b

ANDROID: sdcardfs: ->iget fixes

Adapted from wrapfs
commit 8c49eaa0sb9c ("Wrapfs: ->iget fixes")

Change where we igrab/iput to ensure we always hold a valid lower_inode.
Return ENOMEM (not EACCES) if iget5_locked returns NULL.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959

Change-Id: Id8d4e0c0cbc685a0a77685ce73c923e9a3ddc094

ANDROID: sdcardfs: Change cache GID value

Change-Id: Ieb955dd26493da26a458bc20fbbe75bca32b094f
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 37193650

ANDROID: sdcardfs: Directly pass lower file for mmap

Instead of relying on a copy hack, pass the lower file
as private data. This lets the kernel find the vma
mapping for pages used by the file, allowing pages
used by mapping to be reclaimed.

This is adapted from following esdfs patches
commit 0647e638d: ("esdfs: store lower file in vm_file for mmap")
commit 064850866: ("esdfs: keep a counter for mmaped file")

Change-Id: I75b74d1e5061db1b8c13be38d184e118c0851a1a
Signed-off-by: Daniel Rosenberg <drosen@google.com>

ANDROID: sdcardfs: update module info

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I958c7c226d4e9265fea8996803e5b004fb33d8ad

ANDROID: sdcardfs: use d_splice_alias

adapted from wrapfs
commit 9671770ff8b9 ("Wrapfs: use d_splice_alias")

Refactor interpose code to allow lookup to use d_splice_alias.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: Icf51db8658202c48456724275b03dc77f73f585b

ANDROID: sdcardfs: add read_iter/write_iter opeations

Adapted from wrapfs
commit f398bf6a7377 ("Wrapfs: add read_iter/write_iter opeations")

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Mengyang Li <li.mengyang@stonybrook.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: I2b3de59c9682fc705bf21df0de6df81e76fd2e40

ANDROID: sdcardfs: fix ->llseek to update upper and lower offset

Adapted from wrapfs
commit 1d1d23a47baa ("Wrapfs: fix ->llseek to update upper and lower
offsets")

Fixes bug: xfstests generic/257. f_pos consistently is required by and
only by dir_ops->wrapfs_readdir, main_ops is not affected.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Mengyang Li <li.mengyang@stonybrook.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: I360a1368ac37ea8966910a58972b81504031d437

ANDROID: sdcardfs: copy lower inode attributes in ->ioctl

Adapted from wrapfs
commit fbc9c6f83ea6 ("Wrapfs: copy lower inode attributes in ->ioctl")
commit e97d8e26cc9e ("Wrapfs: use file_inode helper")

Some ioctls (e.g., EXT2_IOC_SETFLAGS) can change inode attributes, so copy
them from lower inode.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: I0f12684b9dbd4088b4a622c7ea9c03087f40e572

ANDROID: sdcardfs: remove unnecessary call to do_munmap

Adapted from wrapfs
commit 5be6de9ecf02 ("Wrapfs: use vm_munmap in ->mmap")
commit 2c9f6014a8bb ("Wrapfs: remove unnecessary call
to vm_unmap in ->mmap")

Code is unnecessary and causes deadlocks in newer kernels.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35766959
Change-Id: Ia252d60c60799d7e28fc5f1f0f5b5ec2430a2379

ANDROID: sdcardfs: Fix style issues in macros

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: I89c4035029dc2236081a7685c55cac595d9e7ebf

ANDROID: sdcardfs: Use seq_puts over seq_printf

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: I3795ec61ce61e324738815b1ce3b0e09b25d723f

ANDROID: sdcardfs: Use to kstrout

Switch from deprecated simple_strtoul to kstrout

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: If18bd133b4d2877f71e58b58fc31371ff6613ed5

ANDROID: sdcardfs: Use pr_[...] instead of printk

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: Ibc635ec865750530d32b87067779f681fe58a003

ANDROID: sdcardfs: remove unneeded null check

As pointed out by checkpatch, these functions already
handle null inputs, so the checks are not needed.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: I189342f032dfcefee36b27648bb512488ad61d20

ANDROID: sdcardfs: Fix style issues with comments

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: I8791ef7eac527645ecb9407908e7e5ece35b8f80

ANDROID: sdcardfs: Fix formatting

This fixes various spacing and bracket related issues
pointed out by checkpatch.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: I6e248833a7a04e3899f3ae9462d765cfcaa70c96

ANDROID: sdcardfs: correct order of descriptors

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35331000
Change-Id: Ia6d16b19c8c911f41231d2a12be0740057edfacf

ANDROID: sdcardfs: Fix gid issue

We were already calculating most of these values,
and erroring out because the check was confused by this.
Instead of recalculating, adjust it as needed.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 36160015
Change-Id: I9caf3e2fd32ca2e37ff8ed71b1d392f1761bc9a9

ANDROID: sdcardfs: Remove uninformative prints

At best these prints do not provide useful information, and
at worst, some allow userspace to abuse the kernel log.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 36138424
Change-Id: I812c57cc6a22b37262935ab77f48f3af4c36827e

ANDROID: sdcardfs: move path_put outside of spinlock

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35643557
Change-Id: Ib279ebd7dd4e5884d184d67696a93e34993bc1ef

ANDROID: sdcardfs: Use case insensitive hash function

Case insensitive comparisons don't help us much if
we hash to different buckets...

Signed-off-by: Daniel Rosenberg <drosen@google.com>
bug: 36004503
Change-Id: I91e00dbcd860a709cbd4f7fd7fc6d855779f3285

ANDROID: sdcardfs: declare MODULE_ALIAS_FS

From commit ee616b78aa87 ("Wrapfs: declare MODULE_ALIAS_FS")

Signed-off-by: Daniel Rosenberg <drosen@google.com>
bug: 35766959
Change-Id: Ia4728ab49d065b1d2eb27825046f14b97c328cba

ANDROID: sdcardfs: Get the blocksize from the lower fs

This changes sdcardfs to be more in line with the
getattr in wrapfs, which calls the lower fs's getattr
to get the block size

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 34723223
Change-Id: I1c9e16604ba580a8cdefa17f02dcc489d7351aed

ANDROID: sdcardfs: Use d_invalidate instead of drop_recurisve

drop_recursive did not properly remove stale dentries.
Instead, we use the vfs's d_invalidate, which does the proper cleanup.

Additionally, remove the no longer used drop_recursive, and
fixup_top_recursive that that are no longer used.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: Ibff61b0c34b725b024a050169047a415bc90f0d8

ANDROID: sdcardfs: Switch to internal case insensitive compare

There were still a few places where we called into a case
insensitive lookup that was not defined by sdcardfs.
Moving them all to the same place will allow us to switch
the implementation in the future.

Additionally, the check in fixup_perms_recursive did not
take into account the length of both strings, causing
extraneous matches when the name we were looking for was
a prefix of the child name.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I45ce768cd782cb4ea1ae183772781387c590ecc2

ANDROID: sdcardfs: Use spin_lock_nested

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 36007653
Change-Id: I805d5afec797669679853fb2bb993ee38e6276e4

ANDROID: sdcardfs: Replace get/put with d_lock

dput cannot be called with a spin_lock. Instead,
we protect our accesses by holding the d_lock.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35643557
Change-Id: I22cf30856d75b5616cbb0c223724f5ab866b5114

ANDROID: sdcardfs: rate limit warning print

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35848445
Change-Id: Ida72ea0ece191b2ae4a8babae096b2451eb563f6

ANDROID: sdcardfs: Fix case insensitive lookup

The previous case insensitive lookup relied on the
entry being present in the dcache. This instead uses
iterate_dir to find the correct case.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
bug: 35633782
Change-Id: I556f7090773468c1943c89a5e2aa07f746ba49c5

ANDROID: sdcardfs: support direct-IO (DIO) operations

This comes from the wrapfs
commit 2e346c83b26e ("Wrapfs: support direct-IO (DIO) operations")

Signed-off-by: Li Mengyang <li.mengyang@stonybrook.edu>
Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 34133558
Change-Id: I3fd779c510ab70d56b1d918f99c20421b524cdc4

ANDROID: sdcardfs: implement vm_ops->page_mkwrite

This comes from wrapfs
commit 3dfec0ffe5e2 ("Wrapfs: implement vm_ops->page_mkwrite")

Some file systems (e.g., ext4) require it. Reported by Ted Ts'o.

Signed-off-by: Erez Zadok <ezk@cs.sunysb.edu>
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 34133558
Change-Id: I1a389b2422c654a6d3046bb8ec3e20511aebfa8e

ANDROID: sdcardfs: Don't bother deleting freelist

There is no point deleting entries from dlist, as
that is a temporary list on the stack from which
contains only entries that are being deleted.

Not all code paths set up dlist, so those that
don't were performing invalid accesses in
hash_del_rcu. As an additional means to prevent
any other issue, we null out the list entries when
we allocate from the cache.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35666680
Change-Id: Ibb1e28c08c3a600c29418d39ba1c0f3db3bf31e5

ANDROID: sdcardfs: Add missing path_put

"ANDROID: sdcardfs: Add GID Derivation to sdcardfs" introduced
an unbalanced pat_get, leading to storage space not being freed
after deleting a file until rebooting. This adds the missing path_put.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 34691169
Change-Id: Ia7ef97ec2eca2c555cc06b235715635afc87940e

ANDROID: sdcardfs: Fix incorrect hash

This adds back the hash calculation removed as part of
the previous patch, as it is in fact necessary.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35307857
Change-Id: Ie607332bcf2c5d2efdf924e4060ef3f576bf25dc

ANDROID: sdcardfs: Switch strcasecmp for internal call

This moves our uses of strcasecmp over to an internal call so we can
easily change implementations later if we so desire. Additionally,
we leverage qstr's where appropriate to save time on comparisons.

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Change-Id: I32fdc4fd0cd3b7b735dcfd82f60a2516fd8272a5