changelog

linux 内核源代码

2.1.23 - Implement extension of resident files and make writing safe as well as
	 many bug fixes, cleanups, and enhancements...

	- Add printk rate limiting for ntfs_warning() and ntfs_error() when
	  compiled without debug.  This avoids a possible denial of service
	  attack.  Thanks to Carl-Daniel Hailfinger from SuSE for pointing this
	  out.
	- Fix compilation warnings on ia64.  (Randy Dunlap)
	- Use i_size_{read,write}() instead of reading i_size by hand and cache
	  the value where apropriate.
	- Add size_lock to the ntfs_inode structure.  This is an rw spinlock
	  and it locks against access to the inode sizes.  Note, ->size_lock
	  is also accessed from irq context so you must use the _irqsave and
	  _irqrestore lock and unlock functions, respectively.  Protect all
	  accesses to allocated_size, initialized_size, and compressed_size.
	- Minor optimization to fs/ntfs/super.c::ntfs_statfs() and its helpers.
	- Implement extension of resident files in the regular file write code
	  paths (fs/ntfs/aops.c::ntfs_{prepare,commit}_write()).  At present
	  this only works until the data attribute becomes too big for the mft
	  record after which we abort the write returning -EOPNOTSUPP from
	  ntfs_prepare_write().
	- Add disable_sparse mount option together with a per volume sparse
	  enable bit which is set appropriately and a per inode sparse disable
	  bit which is preset on some system file inodes as appropriate.
	- Enforce that sparse support is disabled on NTFS volumes pre 3.0.
	- Fix a bug in fs/ntfs/runlist.c::ntfs_mapping_pairs_decompress() in
	  the creation of the unmapped runlist element for the base attribute
	  extent.
	- Split ntfs_map_runlist() into ntfs_map_runlist() and a non-locking
	  helper ntfs_map_runlist_nolock() which is used by ntfs_map_runlist().
	  This allows us to map runlist fragments with the runlist lock already
	  held without having to drop and reacquire it around the call.  Adapt
	  all callers.
	- Change ntfs_find_vcn() to ntfs_find_vcn_nolock() which takes a locked
	  runlist.  This allows us to find runlist elements with the runlist
	  lock already held without having to drop and reacquire it around the
	  call.  Adapt all callers.
	- Change time to u64 in time.h::ntfs2utc() as it otherwise generates a
	  warning in the do_div() call on sparc32.  Thanks to Meelis Roos for
	  the report and analysis of the warning.
	- Fix a nasty runlist merge bug when merging two holes.
	- Set the ntfs_inode->allocated_size to the real allocated size in the
	  mft record for resident attributes (fs/ntfs/inode.c).
	- Small readability cleanup to use "a" instead of "ctx->attr"
	  everywhere (fs/ntfs/inode.c).
	- Make fs/ntfs/namei.c::ntfs_get_{parent,dentry} static and move the
	  definition of ntfs_export_ops from fs/ntfs/super.c to namei.c.  Also,
	  declare ntfs_export_ops in fs/ntfs/ntfs.h.
	- Correct sparse file handling.  The compressed values need to be
	  checked and set in the ntfs inode as done for compressed files and
	  the compressed size needs to be used for vfs inode->i_blocks instead
	  of the allocated size, again, as done for compressed files.
	- Add AT_EA in addition to AT_DATA to whitelist for being allowed to be
	  non-resident in fs/ntfs/attrib.c::ntfs_attr_can_be_non_resident().
	- Add fs/ntfs/attrib.c::ntfs_attr_vcn_to_lcn_nolock() used by the new
	  write code.
	- Fix bug in fs/ntfs/attrib.c::ntfs_find_vcn_nolock() where after
	  dropping the read lock and taking the write lock we were not checking
	  whether someone else did not already do the work we wanted to do.
	- Rename fs/ntfs/attrib.c::ntfs_find_vcn_nolock() to
	  ntfs_attr_find_vcn_nolock() and update all callers.
	- Add fs/ntfs/attrib.[hc]::ntfs_attr_make_non_resident().
	- Fix sign of various error return values to be negative in
	  fs/ntfs/lcnalloc.c.
	- Modify ->readpage and ->writepage (fs/ntfs/aops.c) so they detect and
	  handle the case where an attribute is converted from resident to
	  non-resident by a concurrent file write.
	- Remove checks for NULL before calling kfree() since kfree() does the
	  checking itself.  (Jesper Juhl)
	- Some utilities modify the boot sector but do not update the checksum.
	  Thus, relax the checking in fs/ntfs/super.c::is_boot_sector_ntfs() to
	  only emit a warning when the checksum is incorrect rather than
	  refusing the mount.  Thanks to Bernd Casimir for pointing this
	  problem out.
	- Update attribute definition handling.
	- Add NTFS_MAX_CLUSTER_SIZE and NTFS_MAX_PAGES_PER_CLUSTER constants.
	- Use NTFS_MAX_CLUSTER_SIZE in super.c instead of hard coding 0x10000.
	- Use MAX_BUF_PER_PAGE instead of variable sized array allocation for
	  better code generation and one less sparse warning in fs/ntfs/aops.c.
	- Remove spurious void pointer casts from fs/ntfs/.  (Pekka Enberg)
	- Use C99 style structure initialization after memory allocation where
	  possible (fs/ntfs/{attrib.c,index.c,super.c}).  Thanks to Al Viro and
	  Pekka Enberg.
	- Stamp the transaction log ($UsnJrnl), aka user space journal, if it
	  is active on the volume and we are mounting read-write or remounting
	  from read-only to read-write.
	- Fix a bug in address space operations error recovery code paths where
	  if the runlist was not mapped at all and a mapping error occured we
	  would leave the runlist locked on exit to the function so that the
	  next access to the same file would try to take the lock and deadlock.
	- Detect the case when Windows has been suspended to disk on the volume
	  to be mounted and if this is the case do not allow (re)mounting
	  read-write.  This is done by parsing hiberfil.sys if present.
	- Fix several occurences of a bug where we would perform 'var & ~const'
	  with a 64-bit variable and a int, i.e. 32-bit, constant.  This causes
	  the higher order 32-bits of the 64-bit variable to be zeroed.  To fix
	  this cast the 'const' to the same 64-bit type as 'var'.
	- Change the runlist terminator of the newly allocated cluster(s) to
	  LCN_ENOENT in ntfs_attr_make_non_resident().  Otherwise the runlist
	  code gets confused.
	- Add an extra parameter @last_vcn to ntfs_get_size_for_mapping_pairs()
	  and ntfs_mapping_pairs_build() to allow the runlist encoding to be
	  partial which is desirable when filling holes in sparse attributes.
	  Update all callers.
	- Change ntfs_map_runlist_nolock() to only decompress the mapping pairs
	  if the requested vcn is inside it.  Otherwise we get into problems
	  when we try to map an out of bounds vcn because we then try to map
	  the already mapped runlist fragment which causes
	  ntfs_mapping_pairs_decompress() to fail and return error.  Update
	  ntfs_attr_find_vcn_nolock() accordingly.
	- Fix a nasty deadlock that appeared in recent kernels.
	  The situation: VFS inode X on a mounted ntfs volume is dirty.  For
	  same inode X, the ntfs_inode is dirty and thus corresponding on-disk
	  inode, i.e. mft record, which is in a dirty PAGE_CACHE_PAGE belonging
	  to the table of inodes, i.e. $MFT, inode 0.
	  What happens:
	  Process 1: sys_sync()/umount()/whatever...  calls
	  __sync_single_inode() for $MFT -> do_writepages() -> write_page for
	  the dirty page containing the on-disk inode X, the page is now locked
	  -> ntfs_write_mst_block() which clears PageUptodate() on the page to
	  prevent anyone else getting hold of it whilst it does the write out.
	  This is necessary as the on-disk inode needs "fixups" applied before
	  the write to disk which are removed again after the write and
	  PageUptodate is then set again.  It then analyses the page looking
	  for dirty on-disk inodes and when it finds one it calls
	  ntfs_may_write_mft_record() to see if it is safe to write this
	  on-disk inode.  This then calls ilookup5() to check if the
	  corresponding VFS inode is in icache().  This in turn calls ifind()
	  which waits on the inode lock via wait_on_inode whilst holding the
	  global inode_lock.
	  Process 2: pdflush results in a call to __sync_single_inode for the
	  same VFS inode X on the ntfs volume.  This locks the inode (I_LOCK)
	  then calls write-inode -> ntfs_write_inode -> map_mft_record() ->
	  read_cache_page() for the page (in page cache of table of inodes
	  $MFT, inode 0) containing the on-disk inode.  This page has
	  PageUptodate() clear because of Process 1 (see above) so
	  read_cache_page() blocks when it tries to take the page lock for the
	  page so it can call ntfs_read_page().
	  Thus Process 1 is holding the page lock on the page containing the
	  on-disk inode X and it is waiting on the inode X to be unlocked in
	  ifind() so it can write the page out and then unlock the page.
	  And Process 2 is holding the inode lock on inode X and is waiting for
	  the page to be unlocked so it can call ntfs_readpage() or discover
	  that Process 1 set PageUptodate() again and use the page.
	  Thus we have a deadlock due to ifind() waiting on the inode lock.
	  The solution: The fix is to use the newly introduced
	  ilookup5_nowait() which does not wait on the inode's lock and hence
	  avoids the deadlock.  This is safe as we do not care about the VFS
	  inode and only use the fact that it is in the VFS inode cache and the
	  fact that the vfs and ntfs inodes are one struct in memory to find
	  the ntfs inode in memory if present.  Also, the ntfs inode has its
	  own locking so it does not matter if the vfs inode is locked.
	- Fix bug in mft record writing where we forgot to set the device in
	  the buffers when mapping them after the VM had discarded them.
	  Thanks to Martin MOKREJÅ for the bug report.

2.1.22 - Many bug and race fixes and error handling improvements.

	- Improve error handling in fs/ntfs/inode.c::ntfs_truncate().
	- Change fs/ntfs/inode.c::ntfs_truncate() to return an error code
	  instead of void and provide a helper ntfs_truncate_vfs() for the
	  vfs ->truncate method.
	- Add a new ntfs inode flag NInoTruncateFailed() and modify
	  fs/ntfs/inode.c::ntfs_truncate() to set and clear it appropriately.
	- Fix min_size and max_size definitions in ATTR_DEF structure in
	  fs/ntfs/layout.h to be signed.
	- Add attribute definition handling helpers to fs/ntfs/attrib.[hc]:
	  ntfs_attr_size_bounds_check(), ntfs_attr_can_be_non_resident(), and
	  ntfs_attr_can_be_resident(), which in turn use the new private helper
	  ntfs_attr_find_in_attrdef().
	- In fs/ntfs/aops.c::mark_ntfs_record_dirty(), take the
	  mapping->private_lock around the dirtying of the buffer heads
	  analagous to the way it is done in __set_page_dirty_buffers().
	- Ensure the mft record size does not exceed the PAGE_CACHE_SIZE at
	  mount time as this cannot work with the current implementation.
	- Check for location of attribute name and improve error handling in
	  general in fs/ntfs/inode.c::ntfs_read_locked_inode() and friends.
	- In fs/ntfs/aops.c::ntfs_writepage(), if the page is fully outside
	  i_size, i.e. race with truncate, invalidate the buffers on the page
	  so that they become freeable and hence the page does not leak.
	- Remove unused function fs/ntfs/runlist.c::ntfs_rl_merge().  (Adrian
	  Bunk)
	- Fix stupid bug in fs/ntfs/attrib.c::ntfs_attr_find() that resulted in
	  a NULL pointer dereference in the error code path when a corrupt
	  attribute was found.  (Thanks to Domen Puncer for the bug report.)
	- Add MODULE_VERSION() to fs/ntfs/super.c.
	- Make several functions and variables static.  (Adrian Bunk)
	- Modify fs/ntfs/aops.c::mark_ntfs_record_dirty() so it allocates
	  buffers for the page if they are not present and then marks the
	  buffers belonging to the ntfs record dirty.  This causes the buffers
	  to become busy and hence they are safe from removal until the page
	  has been written out.
	- Fix stupid bug in fs/ntfs/attrib.c::ntfs_external_attr_find() in the
	  error handling code path that resulted in a BUG() due to trying to
	  unmap an extent mft record when the mapping of it had failed and it
	  thus was not mapped.  (Thanks to Ken MacFerrin for the bug report.)
	- Drop the runlist lock after the vcn has been read in
	  fs/ntfs/lcnalloc.c::__ntfs_cluster_free().
	- Rewrite handling of multi sector transfer errors.  We now do not set
	  PageError() when such errors are detected in the async i/o handler
	  fs/ntfs/aops.c::ntfs_end_buffer_async_read().  All users of mst
	  protected attributes now check the magic of each ntfs record as they
	  use it and act appropriately.  This has the effect of making errors
	  granular per ntfs record rather than per page which solves the case
	  where we cannot access any of the ntfs records in a page when a
	  single one of them had an mst error.  (Thanks to Ken MacFerrin for
	  the bug report.)
	- Fix error handling in fs/ntfs/quota.c::ntfs_mark_quotas_out_of_date()
	  where we failed to release i_mutex on the $Quota/$Q attribute inode.
	- Fix bug in handling of bad inodes in fs/ntfs/namei.c::ntfs_lookup().
	- Add mapping of unmapped buffers to all remaining code paths, i.e.
	  fs/ntfs/aops.c::ntfs_write_mst_block(), mft.c::ntfs_sync_mft_mirror(),
	  and write_mft_record_nolock().  From now on we require that the
	  complete runlist for the mft mirror is always mapped into memory.
	- Add creation of buffers to fs/ntfs/mft.c::ntfs_sync_mft_mirror().
	- Improve error handling in fs/ntfs/aops.c::ntfs_{read,write}_block().
	- Cleanup fs/ntfs/aops.c::ntfs_{read,write}page() since we know that a
	  resident attribute will be smaller than a page which makes the code
	  simpler.  Also make the code more tolerant to concurrent ->truncate.

2.1.21 - Fix some races and bugs, rewrite mft write code, add mft allocator.

	- Implement extent mft record deallocation
	  fs/ntfs/mft.c::ntfs_extent_mft_record_free().
	- Splitt runlist related functions off from attrib.[hc] to runlist.[hc].
	- Add vol->mft_data_pos and initialize it at mount time.
	- Rename init_runlist() to ntfs_init_runlist(), ntfs_vcn_to_lcn() to
	  ntfs_rl_vcn_to_lcn(), decompress_mapping_pairs() to
	  ntfs_mapping_pairs_decompress(), ntfs_merge_runlists() to
	  ntfs_runlists_merge() and adapt all callers.