jffs2: fix use after free in jffs2_sum_write_data()

clang static analysis reports this problem

fs/jffs2/summary.c:794:31: warning: Use of memory after it is freed
c->summary->sum_list_head = temp->u.next;
^~~~~~~~~~~~

In jffs2_sum_write_data(), in a loop summary data is handles a node at
a time. When it has written out the node it is removed the summary list,
and the node is deleted. In the corner case when a
JFFS2_FEATURE_RWCOMPAT_COPY is seen, a call is made to
jffs2_sum_disable_collecting(). jffs2_sum_disable_collecting() deletes
the whole list which conflicts with the loop's deleting the list by parts.

To preserve the old behavior of stopping the write midway, bail out of
the loop after disabling summary collection.

Fixes: 6171586a7ae5 ("[JFFS2] Correct handling of JFFS2_FEATURE_RWCOMPAT_COPY nodes.")
Signed-off-by: Tom Rix <trix@redhat.com>
Reviewed-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Richard Weinberger <richard@nod.at>

vfs: make the string hashes salt the hash

We always mixed in the parent pointer into the dentry name hash, but we
did it late at lookup time. It turns out that we can simplify that
lookup-time action by salting the hash with the parent pointer early
instead of late.

A few other users of our string hashes also wanted to mix in their own
pointers into the hash, and those are updated to use the same mechanism.

Hash users that don't have any particular initial salt can just use the
NULL pointer as a no-salt.

Cc: Vegard Nossum <vegard.nossum@oracle.com>
Cc: George Spelvin <linux@sciencehorizons.net>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

jffs2: fix sparse warning: unexpected unlock

fs/jffs2/summary.c:846:5: warning: context imbalance in 'jffs2_sum_write_sumnode' - unexpected unlock

Suggested-by: Brian Norris <computersforpeace@gmail.com>
Suggested-by: Josh Triplett <josh@joshtriplett.org>
Signed-off-by: Fabian Frederick <fabf@skynet.be>
Reviewed-by: Josh Triplett <josh@joshtriplett.org>
Signed-off-by: Brian Norris <computersforpeace@gmail.com>

jffs2: Use pr_fmt and remove jffs: from formats

Use pr_fmt to prefix KBUILD_MODNAME to appropriate logging messages.

Remove now unnecessary internal prefixes from formats.

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

jffs2: Convert printks to pr_<level>

Use the more current logging style.

Coalesce formats, align arguments.
Convert uses of embedded function names to %s, __func__.

A couple of long line checkpatch errors I don't care about exist.

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix common misspellings

Fixes generated by 'codespell' and manually reviewed.

Signed-off-by: Lucas De Marchi <lucas.demarchi@profusion.mobi>

JFFS2: fix min/max confusion

MAX_SUMMARY_SIZE was meant as a limit, not as a minimum

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

[JFFS2] Fix allocation of summary buffer

We can't use vmalloc for the buffer we use for writing summaries,
because some drivers may want to DMA from it. So limit the size to 64KiB
and use kmalloc for it instead.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

[JFFS2] Handle dirents on the flash with embedded zero bytes in names.

In three places: summary scan, normal scan, REF_PRISTINE GC.

Just truncate at the NUL, since that was the correct thing to do in the
only case where this (inexplicable) breakage has been seen.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Whitespace cleanups.

Convert many spaces to tabs; one or two other minor cosmetic fixes.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Tidy up licensing/copyright boilerplate.

In particular, remove the bit in the LICENCE file about contacting
Red Hat for alternative arrangements. Their errant IS department broke
that arrangement a long time ago -- the policy of collecting copyright
assignments from contributors came to an end when the plug was pulled on
the servers hosting the project, without notice or reason.

We do still dual-license it for use with eCos, with the GPL+exception
licence approved by the FSF as being GPL-compatible. It's just that nobody
has the right to license it differently.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[PATCH] remove many unneeded #includes of sched.h

After Al Viro (finally) succeeded in removing the sched.h #include in module.h
recently, it makes sense again to remove other superfluous sched.h includes.
There are quite a lot of files which include it but don't actually need
anything defined in there. Presumably these includes were once needed for
macros that used to live in sched.h, but moved to other header files in the
course of cleaning it up.

To ease the pain, this time I did not fiddle with any header files and only
removed #includes from .c-files, which tend to cause less trouble.

Compile tested against 2.6.20-rc2 and 2.6.20-rc2-mm2 (with offsets) on alpha,
arm, i386, ia64, mips, powerpc, and x86_64 with allnoconfig, defconfig,
allmodconfig, and allyesconfig as well as a few randconfigs on x86_64 and all
configs in arch/arm/configs on arm. I also checked that no new warnings were
introduced by the patch (actually, some warnings are removed that were emitted
by unnecessarily included header files).

Signed-off-by: Tim Schmielau <tim@physik3.uni-rostock.de>
Acked-by: Russell King <rmk+kernel@arm.linux.org.uk>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

[JFFS2] Reschedule in loops

Make JFFS2 nicer and teach it to call cond_resched() in loops
which may be quite large.

Signed-off-by: Artem Bityutskiy <dedekind@infradead.org>

[JFFS2] replace kmalloc+memset with kzalloc

Replace kmalloc+memset with kzalloc

Signed-off-by: Yan Burman <burman.yan@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[PATCH] JFFS2: SUMMARY: fix a summary collecting bug

In some special case (padding because of sync or umount) it can be possible
that summary information is not fit to the end of the erase block. In
these cases the collecting of summary is disabled for this erase block.

The problem was that this was not respected by jffs2_sum_add_kvec(). This
patch fix this bug.

Signed-off-by: Ferenc Havasi <havasi@inf.u-szeged.hu>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

[JFFS2][SUMMARY] Fix a summary collecting bug.

In some special case (padding because of sync
or umount) it can be possible that summary
information is not fit to the end of the erase
block. In these cases the collecting of summary
is disabled for this erase block.

The problem was that this was not respected
by jffs2_sum_add_kvec(). This patch fix this
bug.

From: Zoltan Sogor <weth@inf.u-szeged.hu>
Signed-off-by: Ferenc Havasi <havasi@inf.u-szeged.hu>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2][XATTR] Fix wrong copyright

summary.c was modified at 2006.

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2][XATTR] using 'delete marker' for xdatum/xref deletion

- When xdatum is removed, a new xdatum with 'delete marker' is
written. (version==0xffffffff means 'delete marker')
- When xref is removed, a new xref with 'delete marker' is written.
(odd-numbered xseqno means 'delete marker')

- delete_xattr_(datum/xref)_delay() are new deletion functions
are added. We can only use them if we can detect the target
obsolete xdatum/xref as a orphan or errir one.
(e.g when inode deletion, or detecting crc error)

[1/3] jffs2-xattr-v6-01-delete_marker.patch

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

spelling fixes

acquired (aquired)
contiguous (contigious)
successful (succesful, succesfull)
surprise (suprise)
whether (weather)
some other misspellings

Signed-off-by: Andreas Mohr <andi@lisas.de>
Signed-off-by: Adrian Bunk <bunk@stusta.de>

[JFFS2] Check CRC32 on dirent and data nodes each time they're read

Also, make sure dirents are marked REF_UNCHECKED when we 'discover' them
through eraseblock summary.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Preallocate node refs for cleanmarker in summary scan

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Switch to using an array of jffs2_raw_node_refs instead of a list.

This allows us to drop another pointer from the struct jffs2_raw_node_ref,
shrinking it to 8 bytes on 32-bit machines (if the TEST_TOTLEN) paranoia
check is turned off, which will be committed soon).

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Fix and improve debugging output during scan.

Print wasted_size in scanned eraseblocks, print range correctly for
summary dirent and inode entries.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Add 'jeb' argument to jffs2_prealloc_raw_node_refs()

Preallocation of refs is shortly going to be a per-eraseblock thing,
rather than per-filesystem. Add the required argument to the function.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Correctly handle wasted space before summary node.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] jffs2_free_all_node_refs() doesn't free them all. Rename it.

... to jffs2_free_jeb_node_refs() since that's what it does.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Reduce visibility of raw_node_ref to upper layers of JFFS2 code.

As the first step towards eliminating the ref->next_phys member and saving
memory by using an _array_ of struct jffs2_raw_node_ref per eraseblock,
stop the write functions from allocating their own refs; have them just
_reserve_ the appropriate number instead. Then jffs2_link_node_ref() can
just fill them in.

Use a linked list of pre-allocated refs in the superblock, for now. Once
we switch to an array, it'll just be a case of extending that array.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Extend jffs2_link_node_ref() to link into per-inode list too.

Let's avoid the potential for forgetting to set ref->next_in_ino, by doing
it within jffs2_link_node_ref() instead.

This highlights the ugliness of what we're currently doing with
xattr_datum and xattr_ref structures -- we should find a nicer way of
dealing with that.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Locking issues in summary write code.

We can't use jffs2_scan_dirty_space() because it doesn't do any locking; it's
only for use at scan time -- hence the 'scan' in the name.

Also, don't allocate refs while we have c->erase_completion_lock held.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Remove stray kfree of summary info in XATTR code.

We don't allocate this locally any more -- it's given to us and owner by
our caller. Also improve the debug messages a little.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Mark gaps in summary list as dirty space

Make sure we allocate a ref for any dirty space which exists between nodes
which we find in an eraseblock summary.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Introduce jffs2_scan_dirty_space() function.

To eliminate the __totlen field from struct jffs2_raw_node_ref, we need
to allocate nodes for dirty space instead of just tweaking the accounting
data. Introduce jffs2_scan_dirty_space() in preparation for that.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Fix summary handling of unknown but compatible nodes.

For RWCOMPAT and ROCOMPAT nodes, we should still allow the mount to
succeed. Just abandon the summary and fall through to the full scan.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Correct handling of JFFS2_FEATURE_RWCOMPAT_COPY nodes.

We should preserve these when we come to garbage collect them, not let
them get erased. Use jffs2_garbage_collect_pristine() for this, and make
sure the summary code copes -- just refrain from writing a summary for any
block which contains a node we don't understand.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Correct accounting of erroneous cleanmarkers and failed summaries.

It should all be counted as dirty space, not wasted and _definitely_ not
unchecked.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Introduce jffs2_link_node_ref() function to reduce code duplication

The same sequence of code was repeated in many places, to add a new
struct jffs2_raw_node_ref to an eraseblock and adjust the space accounting
accordingly. Move it out-of-line.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Optimise reading of eraseblock summary nodes

This improves the time to mount 512MiB of NAND flash on my OLPC prototype
by about 4%. We used to read the last page of the eraseblock twice -- once
to find the offset of the summary node, and again to actually _read_ the
summary node. Now we read the last page only once, and read more only if
we need to.

We also don't allocate a new buffer just for the summary code -- we use
the buffer which was already allocated for the scan. Better still, if the
'buffer' for the scan is actually just a pointer directly into NOR flash,
we use that too, avoiding the memcpy() which we used to do.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Fix printk format in jffs2_sum_write_data() error message.

fs/jffs2/summary.c: In function ‘jffs2_sum_write_data’:
fs/jffs2/summary.c:658: warning: format ‘%zd’ expects type ‘signed size_t’, but argument 4 has type ‘uint32_t’

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2][XATTR] Handling the duplicate JFFS2_NODETYPE_XATTR node cases.

When jffs2_sum_process_sum_data() found a JFFS2_NODETYPE_XATTR
which has duplicate xid and older version, an error was returned
without appropriate process.
In the result, mounting filesystem is failed.

This patch fix this problem. If jffs2_setup_xattr_datum() returned
-EEXIST, the caller marks this node as DIRTY_SPACE().

[1/2] jffs2-xattr-v5.2-01-fix-duplicate-xdatum.patch

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>

[JFFS2][XATTR] Remove 'struct list_head ilist' from jffs2_inode_cache.

This patch can reduce 4-byte of memory usage per inode_cache.

[4/10] jffs2-xattr-v5.1-04-remove_ilist_from_ic.patch

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>

[JFFS2][XATTR] XATTR support on JFFS2 (version. 5)

This attached patches provide xattr support including POSIX-ACL and
SELinux support on JFFS2 (version.5).

There are some significant differences from previous version posted
at last December.
The biggest change is addition of EBS(Erase Block Summary) support.
Currently, both kernel and usermode utility (sumtool) can recognize
xattr nodes which have JFFS2_NODETYPE_XATTR/_XREF nodetype.

In addition, some bugs are fixed.
- A potential race condition was fixed.
- Unexpected fail when updating a xattr by same name/value pair was fixed.
- A bug when removing xattr name/value pair was fixed.

The fundamental structures (such as using two new nodetypes and exclusion
mechanism by rwsem) are unchanged. But most of implementation were reviewed
and updated if necessary.
Espacially, we had to change several internal implementations related to
load_xattr_datum() to avoid a potential race condition.

[1/2] xattr_on_jffs2.kernel.version-5.patch
[2/2] xattr_on_jffs2.utils.version-5.patch

Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Remove number of pointer dereferences in fs/jffs2/summary.c

Reduce the nr. of pointer dereferences in fs/jffs2/summary.c

Benefits:
- micro speed optimization due to fewer pointer derefs
- generated code is slightly smaller
- better readability

(The first two sound like a compiler problem but I'll go with the third. dwmw2).

Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[PATCH] jffs2: fix printk warnings

Fix printk format warnings in jffs2.

Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>

[JFFS2] Clean up trailing white spaces

Signed-off-by: Thomas Gleixner <tglx@linutronix.de>

[JFFS2] Rename jffs2_summary_node to jffs2_raw_summary

Signed-off-by: Ferenc Havasi <havasi@inf.u-szeged.hu>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>

[JFFS2] Debug code simplification, update TODO

Simplify the debugging code further.
Update the TODO list

Signed-off-by: Artem B. Bityutskiy <dedekind@infradead.org>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>

[JFFS2] Add erase block summary support (mount time improvement)

The goal of summary is to speed up the mount time. Erase block summary (EBS)
stores summary information at the end of every (closed) erase block. It is
no longer necessary to scan all nodes separetly (and read all pages of them)
just read this "small" summary, where every information is stored which is
needed at mount time.

This summary information is stored in a JFFS2_FEATURE_RWCOMPAT_DELETE. During
the mount process if there is no summary info the orignal scan process will
be executed. EBS works with NAND and NOR flashes, too.

There is a user space tool called sumtool to generate this summary
information for a JFFS2 image.

Signed-off-by: Ferenc Havasi <havasi@inf.u-szeged.hu>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>