GitHub/LineageOS/G12/android_kernel_amlogic_linux-4.9.git
16 years agoChar: moxa, ioctl cleanup
Jiri Slaby [Wed, 30 Apr 2008 07:53:43 +0000 (00:53 -0700)]
Char: moxa, ioctl cleanup

- allow stats only for sys_admin
- move TCSBRK* processing to .break_ctl tty op
- let TIOCGSOFTCAR and TIOCSSOFTCAR be processed by ldisc
- remove MOXA_GET_MAJOR, MOXA_GET_CUMAJOR
- fix jiffies subtraction by time_after
- move moxa ioctl numbers into the header; still not exported to userspace,
  needs _IOC and 32/64 compat cleanup anyways

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Tested-by: Oyvind Aabling <Oyvind.Aabling@uni-c.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoChar: moxa, timer cleanup
Jiri Slaby [Wed, 30 Apr 2008 07:53:42 +0000 (00:53 -0700)]
Char: moxa, timer cleanup

- schedule timer even after some card is installed, not after insmod
- cleanup timer functions

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Tested-by: Oyvind Aabling <Oyvind.Aabling@uni-c.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoChar: moxa, centralize board readiness
Jiri Slaby [Wed, 30 Apr 2008 07:53:41 +0000 (00:53 -0700)]
Char: moxa, centralize board readiness

The only relevant sign of port being ready is its board->ready since now.
Remove all other flags for this purpose which are set almost on the same
place.  Move ports inside the board to be sure that nobody will grab reference
to the port without being sure that it exists.

[jirislaby@gmail.com: fix unused var warning]
Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Tested-by: Oyvind Aabling <Oyvind.Aabling@uni-c.dk>
Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoChar: moxa, remove unused port entries
Jiri Slaby [Wed, 30 Apr 2008 07:53:41 +0000 (00:53 -0700)]
Char: moxa, remove unused port entries

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Tested-by: Oyvind Aabling <Oyvind.Aabling@uni-c.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoChar: moxa, remove port->port
Jiri Slaby [Wed, 30 Apr 2008 07:53:40 +0000 (00:53 -0700)]
Char: moxa, remove port->port

We don't need to hold a reference to port index.  In most cases we need port
structure anyway and index is available in port->tty->index.

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Tested-by: Oyvind Aabling <Oyvind.Aabling@uni-c.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoChar: moxa, merge c2xx and c320 firmware loading
Jiri Slaby [Wed, 30 Apr 2008 07:53:39 +0000 (00:53 -0700)]
Char: moxa, merge c2xx and c320 firmware loading

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Tested-by: Oyvind Aabling <Oyvind.Aabling@uni-c.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoChar: moxa, add firmware loading
Jiri Slaby [Wed, 30 Apr 2008 07:53:39 +0000 (00:53 -0700)]
Char: moxa, add firmware loading

Substitute ioctl load firmware interface by kernel firmware api.

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Tested-by: Oyvind Aabling <Oyvind.Aabling@uni-c.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoChar: moxa, fix TIOC(G/S)SOFTCAR param
Jiri Slaby [Wed, 30 Apr 2008 07:53:38 +0000 (00:53 -0700)]
Char: moxa, fix TIOC(G/S)SOFTCAR param

according to ioctl_list, both have int * as a param, not ulong *.

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Tested-by: Oyvind Aabling <Oyvind.Aabling@uni-c.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoChar: moxa, pci io space fixup
Jiri Slaby [Wed, 30 Apr 2008 07:53:37 +0000 (00:53 -0700)]
Char: moxa, pci io space fixup

- request region before remapping pci io space
- use ioremap, iounmap istead of iomap interface, because we use
  readX/writeX for accessing this space because of isa support

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Tested-by: Oyvind Aabling <Oyvind.Aabling@uni-c.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoChar: moxa, cleanup module-param passed isa init
Jiri Slaby [Wed, 30 Apr 2008 07:53:37 +0000 (00:53 -0700)]
Char: moxa, cleanup module-param passed isa init

Make the code more readable, remap the base address directly.  Describe module
parameters.

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Tested-by: Oyvind Aabling <Oyvind.Aabling@uni-c.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoChar: moxa, remove static isa support
Jiri Slaby [Wed, 30 Apr 2008 07:53:36 +0000 (00:53 -0700)]
Char: moxa, remove static isa support

Static ISA field is empty and probably will never be filled in, remove it.
The driver still supports ISA cards passed through module parameter.  This
actually fixes one bug inside the initialization of module-param passed cards
initialization.

Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Tested-by: Oyvind Aabling <Oyvind.Aabling@uni-c.dk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoSGI Altix mmtimer: allow larger number of timers per node
Dimitri Sivanich [Wed, 30 Apr 2008 07:53:35 +0000 (00:53 -0700)]
SGI Altix mmtimer: allow larger number of timers per node

The purpose of this patch to the SGI Altix specific mmtimer (posix timer)
driver is to allow a virtually infinite number of timers to be set per
node.

Timers will now be kept on a sorted per-node list and a single node-based
hardware comparator is used to trigger the next timer.

[akpm@linux-foundation.org: mark things static]
[akpm@linux-foundation.org: fix warning]
Signed-off-by: Dimitri Sivanich <sivanich@sgi.com>
Cc: "Luck, Tony" <tony.luck@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agotty: drop the BKL for driver/ldisc ioctl methods
Alan Cox [Wed, 30 Apr 2008 07:53:34 +0000 (00:53 -0700)]
tty: drop the BKL for driver/ldisc ioctl methods

Now we have pushed the lock down we can stop wrapping the call with a lock in
the tty layer.

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agotty_ioctl: soft carrier handling
Alan Cox [Wed, 30 Apr 2008 07:53:34 +0000 (00:53 -0700)]
tty_ioctl: soft carrier handling

First cut at moving the soft carrier handling knowledge entirely into the core
code.  One or two drivers still needed to snoop these functions to track
CLOCAL internally.  Instead make TIOCSSOFTCAR generate the same driver calls
as other termios ioctls changing the clocal flag.  This allows us to remove
any driver knowledge and special casing.  Also while we are at it we can fix
the error handling.

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agotty_ioctl: locking for tty_wait_until_sent
Alan Cox [Wed, 30 Apr 2008 07:53:32 +0000 (00:53 -0700)]
tty_ioctl: locking for tty_wait_until_sent

This function still depends on the big kernel lock in some cases.  Push
locking into the function ready for removal of the BKL from ioctl call paths.

Signed-off-by: Alan Cox <alan@redhat.com>
Cc: Andi Kleen <andi@firstfloor.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agotty_io: fix remaining pid struct locking
Alan Cox [Wed, 30 Apr 2008 07:53:31 +0000 (00:53 -0700)]
tty_io: fix remaining pid struct locking

This fixes the last couple of pid struct locking failures I know about.

[oleg@tv-sign.ru: clean up do_task_stat()]
Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoResume TTY on SUSP and fix CRNL order in N_TTY line discipline
Joe Peterson [Wed, 30 Apr 2008 07:53:30 +0000 (00:53 -0700)]
Resume TTY on SUSP and fix CRNL order in N_TTY line discipline

Refine these behaviors in the N_TTY line discipline:

1) Handle the signal characters consistently when received in a stopped TTY
   so that SUSP (typically ctrl-Z) behaves like INTR and QUIT in resuming a
   stopped TTY.

2) Adjust the order in which the IGNCR/ICRNL/INLCR processing is applied to
   be more logical and consistent with the behavior of other Unix systems.

Signed-off-by: Joe Peterson <joe@skyrush.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoredo locking of tty->pgrp
Alan Cox [Wed, 30 Apr 2008 07:53:30 +0000 (00:53 -0700)]
redo locking of tty->pgrp

Historically tty->pgrp and friends were pid_t and the code "knew" they were
safe.  The change to pid structs opened up a few races and the removal of the
BKL in places made them quite hittable.  We put tty->pgrp under the ctrl_lock
for the tty.

Signed-off-by: Alan Cox <alan@redhat.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agotty: BKL pushdown
Alan Cox [Wed, 30 Apr 2008 07:53:29 +0000 (00:53 -0700)]
tty: BKL pushdown

- Push the BKL down into the line disciplines
- Switch the tty layer to unlocked_ioctl
- Introduce a new ctrl_lock spin lock for the control bits
- Eliminate much of the lock_kernel use in n_tty
- Prepare to (but don't yet) call the drivers with the lock dropped
  on the paths that historically held the lock

BKL now primarily protects open/close/ldisc change in the tty layer

[jirislaby@gmail.com: a couple of fixes]
Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Jiri Slaby <jirislaby@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoserial_core: Prepare for BKL push down
Alan Cox [Wed, 30 Apr 2008 07:53:28 +0000 (00:53 -0700)]
serial_core: Prepare for BKL push down

Instead of checking for the BKL in these methods, take it ourselves.  That
avoids propogating it into the serial drivers and we can then fix them later
on.

Signed-off-by: Alan Cox <alan@redhat.com>
Cc: Russell King <rmk@arm.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years ago68360serial: Note that there isn't any info->mcr locking
Alan Cox [Wed, 30 Apr 2008 07:53:27 +0000 (00:53 -0700)]
68360serial: Note that there isn't any info->mcr locking

Noticed while auditing the code for the BKL elimination project

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoisdn_tty: Prepare for BKL push down
Alan Cox [Wed, 30 Apr 2008 07:53:27 +0000 (00:53 -0700)]
isdn_tty: Prepare for BKL push down

Three things here
- Remove softcar handler
- Correct termios change detection logic
- Wrap break/ioctl in lock_kernel ready to drop it in the caller

Signed-off-by: Alan Cox <alan@redhat.com>
Cc: Karsten Keil <kkeil@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agovt_ioctl: Prepare for BKL push down
Alan Cox [Wed, 30 Apr 2008 07:53:26 +0000 (00:53 -0700)]
vt_ioctl: Prepare for BKL push down

This one could do with some eyeballs on it.  In theory it simply wraps the
ioctl handler in lock/unlock_kernel ready for the lock/unlocks to be pushed
into specific switch values.  To do that means changing the code to return via
a common exit path not all over the place as it does now, hence the big diff

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoviocons: BKL locking
Alan Cox [Wed, 30 Apr 2008 07:53:25 +0000 (00:53 -0700)]
viocons: BKL locking

For some weird reason I can't ascertain (translation "I think its
broken") the viocons driver calls directly into the n_tty ldisc code even
if another ldisc is in use. It'll probably break if you do that but I'm
just fixing the locking and adding a comment that its horked.

Signed-off-by: Alan Cox <alan@redhat.com>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosynclink series: Prepare for BKL pushdown
Alan Cox [Wed, 30 Apr 2008 07:53:24 +0000 (00:53 -0700)]
synclink series: Prepare for BKL pushdown

As these are quite complex I've simply pushed the BKL down into the ioctl
handler not tried to do anything neater.

Signed-off-by: Alan Cox <alan@redhat.com>
Cc: Paul Fulghum <paulkf@microgate.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosx: prepare for BKL pushdown
Alan Cox [Wed, 30 Apr 2008 07:53:24 +0000 (00:53 -0700)]
sx: prepare for BKL pushdown

Wrap the ioctl handler, and in this case the break handler also in the
BKL. Remove bogus softcar handlers.

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agostallion: Prepare for BKL push down
Alan Cox [Wed, 30 Apr 2008 07:53:23 +0000 (00:53 -0700)]
stallion: Prepare for BKL push down

Remove broken softcar functions, wrap ioctl handler in BKL

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agospecialix: Prepare for BKL pushdown
Alan Cox [Wed, 30 Apr 2008 07:53:22 +0000 (00:53 -0700)]
specialix: Prepare for BKL pushdown

Lock the ioctl handlers and remove bogus softcar handling.

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoserial167: prepare to push BKL down into drivers
Alan Cox [Wed, 30 Apr 2008 07:53:22 +0000 (00:53 -0700)]
serial167: prepare to push BKL down into drivers

Kill the softcar handlers again, wrap the ioctl handler in the BKL

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agorocket: Prepare for BKL pushdown
Alan Cox [Wed, 30 Apr 2008 07:53:21 +0000 (00:53 -0700)]
rocket: Prepare for BKL pushdown

Wrap the ioctl code in lock_kernel calls

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoriscom8: Prepare for BKL pushdown
Alan Cox [Wed, 30 Apr 2008 07:53:21 +0000 (00:53 -0700)]
riscom8: Prepare for BKL pushdown

Push the locking down into a couple of functions that need it and remove
bogus TIOCG/SSOFTCAR handling

Signed-off-by: Alan Cox <alan@redhat.com>
Cc: Jeff Garzik <jeff@garzik.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agomxser: prepare for BKL pushdown
Alan Cox [Wed, 30 Apr 2008 07:53:20 +0000 (00:53 -0700)]
mxser: prepare for BKL pushdown

Push the BKL down into various internal routines in the driver ready to
remove it from the break, ioctl and other call points.

Signed-off-by: Alan Cox <alan@redhat.com>
Cc: Jiri Slaby <jirislaby@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoisicom: istallion prepare for lock_kernel pushdown
Alan Cox [Wed, 30 Apr 2008 07:53:19 +0000 (00:53 -0700)]
isicom: istallion prepare for lock_kernel pushdown

This is an ancient driver so just wrap it in lock_kernel internally and
be done.

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoisicom: prepare for lock_kernel push down
Alan Cox [Wed, 30 Apr 2008 07:53:19 +0000 (00:53 -0700)]
isicom: prepare for lock_kernel push down

Again lock the bits we can't trivially prove are safe without the BKL and
remove the broken TIOCS/GSOFTCAR handler.

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoesp: lock_kernel push down
Alan Cox [Wed, 30 Apr 2008 07:53:18 +0000 (00:53 -0700)]
esp: lock_kernel push down

Push the BKL down into a few internal bits of code in this driver.

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoepca: lock_kernel push down
Alan Cox [Wed, 30 Apr 2008 07:53:17 +0000 (00:53 -0700)]
epca: lock_kernel push down

Prepare epca for removing the lock from above. Most of epca is internally
locked so we can trivially push it down to a few bits of code. Drop the TIOCG/SSOFTCAR handling as that is done *properly* with locks by the mid layer.

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agocyclades: Prepare for relaxed locking in callers
Alan Cox [Wed, 30 Apr 2008 07:53:16 +0000 (00:53 -0700)]
cyclades: Prepare for relaxed locking in callers

Basically wrap it in lock_kernel where it is hard to prove the locking is
ok.

Signed-off-by: Alan Cox <alan@redhat.com>
Cc: "John Stoffel" <john@stoffel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoamiserial: prepare for locking relaxation in caller
Alan Cox [Wed, 30 Apr 2008 07:53:16 +0000 (00:53 -0700)]
amiserial: prepare for locking relaxation in caller

Just wrap this one in a lock_kernel. As I understand it there is no M68K
SMP anyway.

Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoptrace: permit ptracing of /sbin/init
Oleg Nesterov [Wed, 30 Apr 2008 07:53:15 +0000 (00:53 -0700)]
ptrace: permit ptracing of /sbin/init

Afaics, currently there are no kernel problems with ptracing init, it can't
lose SIGNAL_UNKILLABLE flag and be killed/stopped by accident.

The ability to strace/debug init can be very useful if you try to figure out
why it does not work as expected.

However, admin should know what he does, "gdb /sbin/init 1" stops init, it
can't reap orphaned zombies or take care of /etc/inittab until continued.  It
is even possible to crash init (and thus the whole system) if you wish,
ptracer has full control.

See also the long discussion: http://marc.info/?t=120628018600001

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Acked-by: Roland McGrath <roland@redhat.com>
Acked-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoptrace: ptrace_attach: use send_sig_info() instead force_sig_specific()
Oleg Nesterov [Wed, 30 Apr 2008 07:53:14 +0000 (00:53 -0700)]
ptrace: ptrace_attach: use send_sig_info() instead force_sig_specific()

Nobody can block/ignore SIGSTOP, no need to use force_sig_specific() in
ptrace_attach.  Use the "regular" send_sig_info().

With this patch stracing of /sbin/init doesn't clear its SIGNAL_UNKILLABLE,
but not that this makes ptracing of init safe.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoptrace: __ptrace_unlink: use the ptrace_reparented() helper
Oleg Nesterov [Wed, 30 Apr 2008 07:53:14 +0000 (00:53 -0700)]
ptrace: __ptrace_unlink: use the ptrace_reparented() helper

Currently __ptrace_unlink() checks list_empty(->ptrace_list) to figure out
whether the child was reparented.  Change the code to use ptrace_reparented()
to make this check more explicit and consistent.

No functional changes.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Acked-by: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoptrace: introduce ptrace_reparented() helper
Oleg Nesterov [Wed, 30 Apr 2008 07:53:13 +0000 (00:53 -0700)]
ptrace: introduce ptrace_reparented() helper

Add another trivial helper for the sake of grep.  It also auto-documents the
fact that ->parent != real_parent implies ->ptrace.

No functional changes.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Acked-by: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agodocument de_thread() with exit_notify() connection
Oleg Nesterov [Wed, 30 Apr 2008 07:53:12 +0000 (00:53 -0700)]
document de_thread() with exit_notify() connection

Add a couple of small comments, it is not easy to see what this code does.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoreparent_thread: use same_thread_group()
Oleg Nesterov [Wed, 30 Apr 2008 07:53:12 +0000 (00:53 -0700)]
reparent_thread: use same_thread_group()

Trivial, use same_thread_group() in reparent_thread().

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoptrace: introduce task_detached() helper
Oleg Nesterov [Wed, 30 Apr 2008 07:53:11 +0000 (00:53 -0700)]
ptrace: introduce task_detached() helper

exit.c has numerous "->exit_signal == -1" comparisons, this check is subtle
and deserves a helper.  Imho makes the code more parseable for humans.  At
least it's surely more greppable.

Also, a couple of whitespace cleanups. No functional changes.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: x86 TS_RESTORE_SIGMASK
Roland McGrath [Wed, 30 Apr 2008 07:53:10 +0000 (00:53 -0700)]
signals: x86 TS_RESTORE_SIGMASK

Replace TIF_RESTORE_SIGMASK with TS_RESTORE_SIGMASK and define our own
set_restore_sigmask() function.  This saves the costly SMP-safe set_bit
operation, which we do not need for the sigmask flag since TIF_SIGPENDING
always has to be set too.

Signed-off-by: Roland McGrath <roland@redhat.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: "Luck, Tony" <tony.luck@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: use HAVE_SET_RESTORE_SIGMASK
Roland McGrath [Wed, 30 Apr 2008 07:53:09 +0000 (00:53 -0700)]
signals: use HAVE_SET_RESTORE_SIGMASK

Change all the #ifdef TIF_RESTORE_SIGMASK conditionals in non-arch code to
#ifdef HAVE_SET_RESTORE_SIGMASK.  If arch code defines it first, the generic
set_restore_sigmask() using TIF_RESTORE_SIGMASK is not defined.

Signed-off-by: Roland McGrath <roland@redhat.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: "Luck, Tony" <tony.luck@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: ia64 renumber TIF_RESTORE_SIGMASK
akpm@linux-foundation.org [Wed, 30 Apr 2008 07:53:09 +0000 (00:53 -0700)]
signals: ia64 renumber TIF_RESTORE_SIGMASK

TIF_RESTORE_SIGMASK no longer needs to be in the _TIF_WORK_* masks.
Those low bits are scarce.  Renumber TIF_RESTORE_SIGMASK to free one up.

Signed-off-by: Roland McGrath <roland@redhat.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: "Luck, Tony" <tony.luck@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: s390: renumber TIF_RESTORE_SIGMASK
Roland McGrath [Wed, 30 Apr 2008 07:53:08 +0000 (00:53 -0700)]
signals: s390: renumber TIF_RESTORE_SIGMASK

TIF_RESTORE_SIGMASK no longer needs to be in the _TIF_WORK_* masks.  Those low
bits are scarce, and are all used up now.  Renumber TIF_RESTORE_SIGMASK to
free one up.

Signed-off-by: Roland McGrath <roland@redhat.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: "Luck, Tony" <tony.luck@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: set_restore_sigmask TIF_SIGPENDING
Roland McGrath [Wed, 30 Apr 2008 07:53:07 +0000 (00:53 -0700)]
signals: set_restore_sigmask TIF_SIGPENDING

Set TIF_SIGPENDING in set_restore_sigmask.  This lets arch code take
TIF_RESTORE_SIGMASK out of the set of bits that will be noticed on return to
user mode.  On some machines those bits are scarce, and we can free this
unneeded one up for other uses.

It is probably the case that TIF_SIGPENDING is always set anyway everywhere
set_restore_sigmask() is used.  But this is some cheap paranoia in case there
is an arcane case where it might not be.

Signed-off-by: Roland McGrath <roland@redhat.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: "Luck, Tony" <tony.luck@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: add set_restore_sigmask
Roland McGrath [Wed, 30 Apr 2008 07:53:06 +0000 (00:53 -0700)]
signals: add set_restore_sigmask

This adds the set_restore_sigmask() inline in <linux/thread_info.h> and
replaces every set_thread_flag(TIF_RESTORE_SIGMASK) with a call to it.  No
change, but abstracts the details of the flag protocol from all the calls.

Signed-off-by: Roland McGrath <roland@redhat.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: "Luck, Tony" <tony.luck@intel.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: allow the kernel to actually kill /sbin/init
Oleg Nesterov [Wed, 30 Apr 2008 07:53:05 +0000 (00:53 -0700)]
signals: allow the kernel to actually kill /sbin/init

Currently the buggy /sbin/init hangs if SIGSEGV/etc happens.  The kernel sends
the signal, init dequeues it and ignores, returns from the exception, repeats
the faulting instruction, and so on forever.

Imho, such a behaviour is not good.  I think that the explicit loud death of
the buggy /sbin/init is better than the silent hang.

Change force_sig_info() to clear SIGNAL_UNKILLABLE when the task should be
really killed.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: de_thread: simplify the ->child_reaper switching
Oleg Nesterov [Wed, 30 Apr 2008 07:53:04 +0000 (00:53 -0700)]
signals: de_thread: simplify the ->child_reaper switching

Now that we rely on SIGNAL_UNKILLABLE flag, de_thread() doesn't need the nasty
hack to kill the old ->child_reaper during the mt-exec.

This also means we can avoid taking tasklist_lock around zap_other_threads().

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: fix /sbin/init protection from unwanted signals
Oleg Nesterov [Wed, 30 Apr 2008 07:53:03 +0000 (00:53 -0700)]
signals: fix /sbin/init protection from unwanted signals

The global init has a lot of long standing problems with the unhandled fatal
signals.

- The "is_global_init(current)" check in get_signal_to_deliver()
  protects only the main thread. Sub-thread can dequee the fatal
  signal and shutdown the whole thread group except the main thread.
  If it dequeues SIGSTOP /sbin/init will be stopped, this is not
  right too. Note that we can't use is_global_init(->group_leader),
  this breaks exec and this can't solve other problems we have.

- Even if afterwards ignored, the fatal signals sets SIGNAL_GROUP_EXIT
  on delivery. This breaks exec, has other bad implications, and this
  is just wrong.

Introduce the new SIGNAL_UNKILLABLE flag to fix these problems.  It also helps
to solve some other problems addressed by the subsequent patches.

Currently we use this flag for the global init only, but it could also be used
by kthreads and (perhaps) by the sub-namespace inits.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: check_kill_permission: remove tasklist_lock
Oleg Nesterov [Wed, 30 Apr 2008 07:53:02 +0000 (00:53 -0700)]
signals: check_kill_permission: remove tasklist_lock

Now that task_session() can't return a false NULL, check_kill_permission()
doesn't need tasklist_lock.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: check_kill_permission: check session under tasklist_lock
Oleg Nesterov [Wed, 30 Apr 2008 07:53:01 +0000 (00:53 -0700)]
signals: check_kill_permission: check session under tasklist_lock

This wasn't documented, but as Atsushi Tsuji pointed out
check_kill_permission() needs tasklist_lock for task_session_nr().  I missed
this fact when removed tasklist from the callers.

Change check_kill_permission() to take tasklist_lock for the SIGCONT case.
Re-order security checks so that we take tasklist_lock only if/when it is
actually needed.  This is a minimal fix for now, tasklist will be removed
later.

Also change the code to use task_session() instead of task_session_nr().

Also, remove the SIGCONT check from cap_task_kill(), it is bogus (and the
whole function is bogus.  Serge, Eric, why it is still alive?).

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Acked-by: Atsushi Tsuji <a-tsuji@bk.jp.nec.com>
Cc: Roland McGrath <roland@redhat.com>
Cc: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: send_signal: be paranoid about signalfd_notify()
Oleg Nesterov [Wed, 30 Apr 2008 07:53:00 +0000 (00:53 -0700)]
signals: send_signal: be paranoid about signalfd_notify()

send_signal() shouldn't call signalfd_notify() if it then fails with -EAGAIN.
Harmless, just a paranoid cleanup.

Also remove the comment.  It is obsolete, signalfd_notify() was simplified and
does a simple wakeup.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Acked-by: Davide Libenzi <davidel@xmailserver.org>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: document CLD_CONTINUED notification mechanics
Oleg Nesterov [Wed, 30 Apr 2008 07:53:00 +0000 (00:53 -0700)]
signals: document CLD_CONTINUED notification mechanics

A couple of small comments about how CLD_CONTINUED notification works.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: fold sig_ignored() into handle_stop_signal()
Oleg Nesterov [Wed, 30 Apr 2008 07:52:59 +0000 (00:52 -0700)]
signals: fold sig_ignored() into handle_stop_signal()

Rename handle_stop_signal() to prepare_signal(), make it return a boolean, and
move the callsites of sig_ignored() into it.

No functional changes for now.  But it would be nice to factor out the "should
we drop this signal" checks as much as possible, before we try to fix the bugs
with the sub-namespace init's signals (actually the global /sbin/init has some
problems with signals too).

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: cleanup the usage of print_fatal_signal()
Oleg Nesterov [Wed, 30 Apr 2008 07:52:58 +0000 (00:52 -0700)]
signals: cleanup the usage of print_fatal_signal()

Move the callsite of print_fatal_signal() down, under "if
(sig_kernel_coredump(signr))", so we don't need to check signr != SIGKILL.

We are only interested in the sig_kernel_coredump() signals anyway, and due to
the previous changes we almost never can see other fatal signals here except
SIGKILL.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: handle_stop_signal: don't worry about SIGKILL
Oleg Nesterov [Wed, 30 Apr 2008 07:52:58 +0000 (00:52 -0700)]
signals: handle_stop_signal: don't worry about SIGKILL

handle_stop_signal() clears SIGNAL_STOP_DEQUEUED when sig == SIGKILL.  Remove
this nasty special case.  It was needed to prevent the race with group stop
and exit caused by thread-specific SIGKILL.  Now that we use complete_signal()
for private signals too this is not needed, complete_signal() will notice
SIGKILL and abort the soon-to-begin group stop.

Except: the target thread is dead (has PF_EXITING).  But in that case we
should not just clear SIGNAL_STOP_DEQUEUED and nothing more.  We should either
kill the whole thread group, or silently ignore the signal.

I suspect we are not right wrt zombie leaders, but this is another issue which
and should be fixed separately.  Note that this check can't abort the group
stop if it was already started/finished, this check only adds a subtle side
effect if we race with the thread which has already dequeued sig_kernel_stop()
signal and temporary released ->siglock.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: join send_sigqueue() with send_group_sigqueue()
Oleg Nesterov [Wed, 30 Apr 2008 07:52:57 +0000 (00:52 -0700)]
signals: join send_sigqueue() with send_group_sigqueue()

We export send_sigqueue() and send_group_sigqueue() for the only user,
posix_timer_event().  This is a bit silly, because both are just trivial
helpers on top of do_send_sigqueue() and because the we pass the unused
.si_signo parameter.

Kill them both, rename do_send_sigqueue() to send_sigqueue(), and export it.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: unify send_sigqueue/send_group_sigqueue completely
Oleg Nesterov [Wed, 30 Apr 2008 07:52:56 +0000 (00:52 -0700)]
signals: unify send_sigqueue/send_group_sigqueue completely

Suggested by Pavel Emelyanov.

send_sigqueue/send_group_sigqueue are only differ in how they lock ->siglock.
Unify them.  send_group_sigqueue() uses spin_lock() because it knows the task
can't exit, but in that case lock_task_sighand() can't fail and doesn't hurt.

Note that the "sig" argument is ignored, it is always equal to ->si_signo.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: fold complete_signal() into send_signal/do_send_sigqueue
Pavel Emelyanov [Wed, 30 Apr 2008 07:52:55 +0000 (00:52 -0700)]
signals: fold complete_signal() into send_signal/do_send_sigqueue

Factor out complete_signal() callsites.  This change completely unifies the
helpers sending the specific/group signals.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: use __group_complete_signal() for the specific signals too
Oleg Nesterov [Wed, 30 Apr 2008 07:52:55 +0000 (00:52 -0700)]
signals: use __group_complete_signal() for the specific signals too

Based on Pavel Emelyanov's suggestion.

Rename __group_complete_signal() to complete_signal() and use it to process
the specific signals too.  To do this we simply add the "int group" argument.

This allows us to greatly simply the signal-sending code and adds a useful
behaviour change.  We can avoid the unneeded wakeups for the private signals
because wants_signal() is more clever than sigismember(blocked), but more
importantly we now take into account the fatal specific signals too.

The latter allows us to kill some subtle checks in handle_stop_signal() and
makes the specific/group signal's behaviour more consistent.  For example,
currently sigtimedwait(FATAL_SIGNAL) behaves differently depending on was the
signal sent by kill() or tkill() if the signal was not blocked.

And.  This allows us to tweak/fix the behaviour when the specific signal is
sent to the dying/dead ->group_leader.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: change send_signal/do_send_sigqueue to take "boolean group" parameter
Oleg Nesterov [Wed, 30 Apr 2008 07:52:54 +0000 (00:52 -0700)]
signals: change send_signal/do_send_sigqueue to take "boolean group" parameter

send_signal() is used either with ->pending or with ->signal->shared_pending.
Change it to take "int group" instead, this argument will be re-used later.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: move the definition of __group_complete_signal() up
Oleg Nesterov [Wed, 30 Apr 2008 07:52:53 +0000 (00:52 -0700)]
signals: move the definition of __group_complete_signal() up

Move the unchanged definition of __group_complete_signal() so that send_signal
can see it.  To simplify the reading of the next patches.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: microoptimize the usage of ->curr_target
Oleg Nesterov [Wed, 30 Apr 2008 07:52:52 +0000 (00:52 -0700)]
signals: microoptimize the usage of ->curr_target

Suggested by Roland McGrath.

Initialize signal->curr_target in copy_signal().  This way ->curr_target is
never == NULL, we can kill the check in __group_complete_signal's hot path.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: send_sig_info: don't take tasklist_lock
Oleg Nesterov [Wed, 30 Apr 2008 07:52:51 +0000 (00:52 -0700)]
signals: send_sig_info: don't take tasklist_lock

The comment in send_sig_info() is wrong, tasklist_lock can't help.

The caller must ensure the task can't go away, otherwise ->sighand can be NULL
even before we take the lock.

p->sighand could be changed by exec(), but I can't imagine how it is possible
to prevent exit(), but not exec().

Since the things seem to work, I assume all callers are correct.  However,
drm_vbl_send_signals() looks broken.  block_all_signals() which is solely used
by drm is definitely broken.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: do_tkill: don't use tasklist_lock
Oleg Nesterov [Wed, 30 Apr 2008 07:52:51 +0000 (00:52 -0700)]
signals: do_tkill: don't use tasklist_lock

Convert do_tkill() to use rcu_read_lock() + lock_task_sighand() to avoid
taking tasklist lock.

Note that we don't return an error if lock_task_sighand() fails, we pretend
the task dies after receiving the signal.  Otherwise, we should fight with the
nasty races with mt-exec without having any advantage.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: move handle_stop_signal() into send_signal()
Oleg Nesterov [Wed, 30 Apr 2008 07:52:50 +0000 (00:52 -0700)]
signals: move handle_stop_signal() into send_signal()

Move handle_stop_signal() into send_signal().  This factors out a couple of
callsites and allows us to do further unifications.

Also, with this change specific_send_sig_info() does handle_stop_signal().
Not that this is really important, we never send STOP/CONT via send_sig() and
friends, but still this looks more consistent.

The only (afaics) special case is get_signal_to_deliver().  If the traced task
dequeues SIGCONT, it can re-send it to itself after ptrace_stop() if the
signal was blocked by debugger.  In that case handle_stop_signal() is
unnecessary, but hopefully not a problem.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: send_group_sigqueue: don't take tasklist_lock
Oleg Nesterov [Wed, 30 Apr 2008 07:52:49 +0000 (00:52 -0700)]
signals: send_group_sigqueue: don't take tasklist_lock

handle_stop_signal() was changed, now send_group_sigqueue() doesn't need
tasklist_lock.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: __group_complete_signal: cache the value of p->signal
Oleg Nesterov [Wed, 30 Apr 2008 07:52:49 +0000 (00:52 -0700)]
signals: __group_complete_signal: cache the value of p->signal

Cosmetic, cache p->signal to make the code a bit more readable.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: send_sigqueue: don't forget about handle_stop_signal()
Oleg Nesterov [Wed, 30 Apr 2008 07:52:48 +0000 (00:52 -0700)]
signals: send_sigqueue: don't forget about handle_stop_signal()

send_group_sigqueue() calls handle_stop_signal(), send_sigqueue() doesn't.
This is not consistent and in fact I'd say this is (minor) bug.

Move handle_stop_signal() from send_group_sigqueue() to do_send_sigqueue(),
the latter is called by send_sigqueue() too.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: send_sigqueue: don't take rcu lock
Oleg Nesterov [Wed, 30 Apr 2008 07:52:48 +0000 (00:52 -0700)]
signals: send_sigqueue: don't take rcu lock

lock_task_sighand() was changed, send_sigqueue() doesn't need rcu_read_lock()
any longer.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoget_signal_to_deliver: use the cached ->signal/sighand values
Oleg Nesterov [Wed, 30 Apr 2008 07:52:47 +0000 (00:52 -0700)]
get_signal_to_deliver: use the cached ->signal/sighand values

Cache the values of current->signal/sighand.  Shrinks .text a bit and makes
the code more readable.  Also, remove "sigset_t *mask", it is pointless
because in fact we save the constant offset.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Cc: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agohandle_stop_signal: use the cached p->signal value
Oleg Nesterov [Wed, 30 Apr 2008 07:52:46 +0000 (00:52 -0700)]
handle_stop_signal: use the cached p->signal value

Cache the value of p->signal, and change the code to use while_each_thread()
helper.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Cc: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agohandle_stop_signal: unify partial/full stop handling
Oleg Nesterov [Wed, 30 Apr 2008 07:52:46 +0000 (00:52 -0700)]
handle_stop_signal: unify partial/full stop handling

Now that handle_stop_signal() doesn't drop ->siglock, we can't see both
->group_stop_count && SIGNAL_STOP_STOPPED.  Merge two "if" branches.

As Roland pointed out, we never actually needed 2 do_notify_parent_cldstop()
calls.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Cc: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agokill_pid_info: don't take now unneeded tasklist_lock
Oleg Nesterov [Wed, 30 Apr 2008 07:52:45 +0000 (00:52 -0700)]
kill_pid_info: don't take now unneeded tasklist_lock

Previously handle_stop_signal(SIGCONT) could drop ->siglock.  That is why
kill_pid_info(SIGCONT) takes tasklist_lock to make sure the target task can't
go away after unlock.  Not needed now.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Cc: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: re-assign CLD_CONTINUED notification from the sender to reciever
Oleg Nesterov [Wed, 30 Apr 2008 07:52:44 +0000 (00:52 -0700)]
signals: re-assign CLD_CONTINUED notification from the sender to reciever

Based on discussion with Jiri and Roland.

In short: currently handle_stop_signal(SIGCONT, p) sends the notification to
p->parent, with this patch p itself notifies its parent when it becomes
running.

handle_stop_signal(SIGCONT) has to drop ->siglock temporary in order to notify
the parent with do_notify_parent_cldstop().  This leads to multiple problems:

- as Jiri Kosina pointed out, the stopped task can resume without
  actually seeing SIGCONT which may have a handler.

- we race with another sig_kernel_stop() signal which may come in
  that window.

- we race with sig_fatal() signals which may set SIGNAL_GROUP_EXIT
  in that window.

- we can't avoid taking tasklist_lock() while sending SIGCONT.

With this patch handle_stop_signal() just sets the new SIGNAL_CLD_CONTINUED
flag in p->signal->flags and returns.  The notification is sent by the first
task which returns from finish_stop() (there should be at least one) or any
other signalled thread from get_signal_to_deliver().

This is a user-visible change.  Say, currently kill(SIGCONT, stopped_child)
can't return without seeing SIGCHLD, with this patch SIGCHLD can be delayed
unpredictably.  Another difference is that if the child is ptraced by another
process, CLD_CONTINUED may be delivered to ->real_parent after ptrace_detach()
while currently it always goes to the tracer which doesn't actually need this
notification.  Hopefully not a problem.

The patch asks for the futher obvious cleanups, I'll send them separately.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Cc: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: cleanup security_task_kill() usage/implementation
Oleg Nesterov [Wed, 30 Apr 2008 07:52:42 +0000 (00:52 -0700)]
signals: cleanup security_task_kill() usage/implementation

Every implementation of ->task_kill() does nothing when the signal comes from
the kernel.  This is correct, but means that check_kill_permission() should
call security_task_kill() only for SI_FROMUSER() case, and we can remove the
same check from ->task_kill() implementations.

(sadly, check_kill_permission() is the last user of signal->session/__session
 but we can't s/task_session_nr/task_session/ here).

NOTE: Eric W.  Biederman pointed out cap_task_kill() should die, and I think
he is very right.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Serge Hallyn <serue@us.ibm.com>
Cc: Roland McGrath <roland@redhat.com>
Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: David Quigley <dpquigl@tycho.nsa.gov>
Cc: Eric Paris <eparis@redhat.com>
Cc: Harald Welte <laforge@gnumonks.org>
Cc: Pavel Emelyanov <xemul@openvz.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: consolidate send_sigqueue and send_group_sigqueue
Pavel Emelyanov [Wed, 30 Apr 2008 07:52:41 +0000 (00:52 -0700)]
signals: consolidate send_sigqueue and send_group_sigqueue

Both functions do the same thing after proper locking, but with
different sigpending structs, so move the common code into a helper.

After this we have 4 places that look very similar: send_sigqueue: calls
do_send_sigqueue and signal_wakeup send_group_sigqueue: calls
do_send_sigqueue and __group_complete_signal __group_send_sig_info:
calls send_signal and __group_complete_signal specific_send_sig_info:
calls send_signal and signal_wakeup

Besides, send_signal performs actions similar to do_send_sigqueue's
and __group_complete_signal - to signal_wakeup.

It looks like they can be consolidated gracefully.

Oleg said:

  Personally, I think this change is very good.  But send_sigqueue() and
  send_group_sigqueue() have a very subtle difference which I was never able
  to understand.

  Let's suppose that sigqueue is already queued, and the signal is ignored
  (the latter means we should re-schedule cpu timer or handle overrruns).  In
  that case send_sigqueue() returns 0, but send_group_sigqueue() returns 1.

  I think this is not the problem (in fact, I think this patch makes the
  behaviour more correct), but I hope Thomas can take a look and confirm.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: clean dequeue_signal from excess checks and assignments
Pavel Emelyanov [Wed, 30 Apr 2008 07:52:40 +0000 (00:52 -0700)]
signals: clean dequeue_signal from excess checks and assignments

The signr variable may be declared without initialization - it is set ro the
return value from __dequeue_signal() right at the function beginning.

Besides, after recalc_sigpending() two checks for signr to be not 0 may be
merged into one.  Both if-s become easier to read.

Thanks to Oleg for pointing out mistakes in the first version of this patch.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: consolidate checks for whether or not to ignore a signal
Pavel Emelyanov [Wed, 30 Apr 2008 07:52:39 +0000 (00:52 -0700)]
signals: consolidate checks for whether or not to ignore a signal

Both sig_ignored() and do_sigaction() check for signr to be explicitly or
implicitly ignored.  Introduce a helper for them.

This patch is aimed to help handling signals by pid namespace's init, and was
derived from one of Oleg's patches
https://lists.linux-foundation.org/pipermail/containers/2007-December/009308.html
so, if he doesn't mind, he should be considered as an author.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agodo_task_stat: don't take rcu_read_lock()
Oleg Nesterov [Wed, 30 Apr 2008 07:52:38 +0000 (00:52 -0700)]
do_task_stat: don't take rcu_read_lock()

lock_task_sighand() was changed, and do_task_stat() doesn't need
rcu_read_lock any longer.  sighand->siglock protects all "interesting"
fields.

Except: it doesn't protect ->tty->pgrp, but neither does rcu_read_lock(), this
should be fixed.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: Roland McGrath <roland@redhat.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: Pavel Emelyanov <xemul@sw.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agok_getrusage: don't take rcu_read_lock()
Oleg Nesterov [Wed, 30 Apr 2008 07:52:38 +0000 (00:52 -0700)]
k_getrusage: don't take rcu_read_lock()

Just a trivial example, more to come.

k_getrusage() holds rcu_read_lock() because it was previously required by
lock_task_sighand().  Unneeded now.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agolock_task_sighand: add rcu lock/unlock
Oleg Nesterov [Wed, 30 Apr 2008 07:52:37 +0000 (00:52 -0700)]
lock_task_sighand: add rcu lock/unlock

Most of the callers of lock_task_sighand() doesn't actually need rcu_lock().
lock_task_sighand() needs it only to safely play with tsk->sighand, it can
take the lock itself.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: do_group_exit(): use signal_group_exit() more consistently
Oleg Nesterov [Wed, 30 Apr 2008 07:52:36 +0000 (00:52 -0700)]
signals: do_group_exit(): use signal_group_exit() more consistently

do_group_exit() checks SIGNAL_GROUP_EXIT to avoid taking sighand->siglock.
Since ed5d2cac114202fe2978a9cbcab8f5032796d538 exec() doesn't set this
flag, we should use signal_group_exit().

This is not needed for correctness, but can speedup the multithreaded exec
and makes the code more consistent.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: do_signal_stop(): use signal_group_exit()
Oleg Nesterov [Wed, 30 Apr 2008 07:52:36 +0000 (00:52 -0700)]
signals: do_signal_stop(): use signal_group_exit()

do_signal_stop() needs signal_group_exit() but checks sig->group_exit_task.
 This (optimization) is correct, SIGNAL_STOP_DEQUEUED and SIGNAL_GROUP_EXIT
are mutually exclusive, but looks confusing.  Use signal_group_exit(), this
is not fastpath, the code clarity is more important.

Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: consolidate checking for ignored/legacy signals
Pavel Emelyanov [Wed, 30 Apr 2008 07:52:35 +0000 (00:52 -0700)]
signals: consolidate checking for ignored/legacy signals

Two callers for send_signal() - the specific_send_sig_info and the
__group_send_sig_info - both check for sig to be ignored or already queued.

Move these checks into send_signal() and make it return 1 to indicate that the
signal is dropped, but there's no error in this.

Besides, merge comments and spell-check them.

[oleg@tv-sign.ru: simplifications]
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Roland McGrath <roland@redhat.com>
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: turn LEGACY_QUEUE macro into static inline function
Pavel Emelyanov [Wed, 30 Apr 2008 07:52:34 +0000 (00:52 -0700)]
signals: turn LEGACY_QUEUE macro into static inline function

This makes the code more readable, due to less brackets and small letters in
name.

I also move it above the send_signal() as a preparation for the 3rd patch.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Roland McGrath <roland@redhat.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agosignals: remove unused variable from send_signal()
Pavel Emelyanov [Wed, 30 Apr 2008 07:52:34 +0000 (00:52 -0700)]
signals: remove unused variable from send_signal()

This function doesn't change the ret's value and thus always returns 0, with a
single exception of returning -EAGAIN explicitly.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Roland McGrath <roland@redhat.com>
Cc: Oleg Nesterov <oleg@tv-sign.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agoisofs: fix access to unallocated memory when reading corrupted filesystem
Jan Kara [Wed, 30 Apr 2008 07:52:33 +0000 (00:52 -0700)]
isofs: fix access to unallocated memory when reading corrupted filesystem

When a directory on isofs is corrupted, we did not check whether length of the
name in a directory entry and the length of the directory entry itself are
consistent.  This could lead to possible access beyond the end of buffer when
the length of the name was too big.  Add this sanity check to directory
reading code.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agomd: support blocking writes to an array on device failure
Dan Williams [Wed, 30 Apr 2008 07:52:32 +0000 (00:52 -0700)]
md: support blocking writes to an array on device failure

Allows a userspace metadata handler to take action upon detecting a device
failure.

Based on an original patch by Neil Brown.

Changes:
-added blocked_wait waitqueue to rdev
-don't qualify Blocked with Faulty always let userspace block writes
-added md_wait_for_blocked_rdev to wait for the block device to be clear, if
 userspace misses the notification another one is sent every 5 seconds
-set MD_RECOVERY_NEEDED after clearing "blocked"
-kill DoBlock flag, just test mddev->external

Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agomd: prevent duplicates in bind_rdev_to_array
Dan Williams [Wed, 30 Apr 2008 07:52:32 +0000 (00:52 -0700)]
md: prevent duplicates in bind_rdev_to_array

Found when trying to reassemble an active externally managed array.  Without
this check we hit the more noisy "sysfs duplicate" warning in the later call
to kobject_add.

Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agomd: remove a stray command from a copy and paste error in resync_start_store
Dan Williams [Wed, 30 Apr 2008 07:52:31 +0000 (00:52 -0700)]
md: remove a stray command from a copy and paste error in resync_start_store

Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agomd: fix up switching md arrays between read-only and read-write
NeilBrown [Wed, 30 Apr 2008 07:52:30 +0000 (00:52 -0700)]
md: fix up switching md arrays between read-only and read-write

When setting an array to 'readonly' or to 'active' via sysfs, we must make the
appropriate set_disk_ro call too.

Also when switching to "read_auto" (which is like readonly, but blocks on the
first write so that metadata can be marked 'dirty') we need to be more careful
about what state we are changing from.

Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agomd: fix 'safemode' handling for external metadata.
NeilBrown [Wed, 30 Apr 2008 07:52:30 +0000 (00:52 -0700)]
md: fix 'safemode' handling for external metadata.

'safemode' relates to marking an array as 'clean' if there has been no write
traffic for a while (a couple of seconds), to reduce the chance of the array
being found dirty on reboot.

->safemode is set to '1' when there have been no write for a while, and it
gets set to '0' when the superblock is updates with the 'clean' flag set.

This requires a few fixes for 'external' metadata:
 - When an array is set to 'clean' via sysfs, 'safemode' must be cleared.
 - when we write to an array that has 'safemode' set (there must have been
        some delay in updating the metadata), we need to clear safemode.
 - Don't try to update external metadata in md_check_recovery for safemode
        transitions - it won't work.

Also, don't try to support "immediate safe mode" (safemode==2) for external
metadata, it cannot really work (the safemode timeout can be set very low if
this is really needed).

Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agomd: reinitialise more mddev fields in do_md_stop.
NeilBrown [Wed, 30 Apr 2008 07:52:29 +0000 (00:52 -0700)]
md: reinitialise more mddev fields in do_md_stop.

I keep finding problems where an mddev gets reused and some fields has a value
from a previous usage that confuses the new usage.  So clear all fields that
could possible need clearing when calling do_md_stop.

Also initialise the 'level' of a new array to LEVEL_NONE (which isn't 0).

Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
16 years agomd: skip all metadata update processing when using external metadata.
NeilBrown [Wed, 30 Apr 2008 07:52:28 +0000 (00:52 -0700)]
md: skip all metadata update processing when using external metadata.

All the metadata update processing for external metadata is on in user-space
or through the sysfs interfaces, so make "md_update_sb" a no-op in that case.

Signed-off-by: Neil Brown <neilb@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>