From: Andreas Dilger <adilger@dilger.ca>
To: Theodore Ts'o <tytso@mit.edu>
Cc: linux-fsdevel@vger.kernel.org,
Ext4 Developers List <linux-ext4@vger.kernel.org>,
viro@ZenIV.linux.org.uk, sami.liedes@iki.fi
Subject: Re: [PATCH] vfs: avoid hang caused by attempting to rmdir an invalid file system
Date: Mon, 28 May 2012 14:29:05 -0600 [thread overview]
Message-ID: <4790434C-0DF2-4186-BE4C-CE97633F107C@dilger.ca> (raw)
In-Reply-To: <1338226422-8845-1-git-send-email-tytso@mit.edu>
On 2012-05-28, at 11:33 AM, Theodore Ts'o wrote:
> If we rmdir a directory which is a hard link to '.', we will deadlock
> trying to grab the directory's i_mutex. Check for this condition and
> return EINVAL, which is what we return if the user attempts to rmdir
> "/foo/bar/."
>
> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
> ---
> fs/namei.c | 11 +++++++++++
> 1 file changed, 11 insertions(+)
>
> diff --git a/fs/namei.c b/fs/namei.c
> index 0062dd1..081f872 100644
> --- a/fs/namei.c
> +++ b/fs/namei.c
> @@ -2774,6 +2774,17 @@ static long do_rmdir(int dfd, const char __user *pathname)
> error = -ENOENT;
> goto exit3;
> }
> + if (nd.path.dentry->d_inode == dentry->d_inode) {
> + /*
> + * Corrupt file system where there is a symlink to
> + * '.'; treat it as if we are trying to rmdir '.'
> + *
> + * XXX Should we call into the low-level file system
> + * to request that the file system be marked corrupt?
> + */
> + error = -EINVAL;
> + goto exit3;
> + }
> error = mnt_want_write(nd.path.mnt);
> if (error)
> goto exit3;
This patch is good from the POV of covering all filesystems, and
avoiding the deadlock at the dcache level. It would be possible to
detect this problem in the filesystem itself during lookup, before
the bad link got into the dcache itself. Something like:
diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index 349d7b3..4a9c99d 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -1037,6 +1037,12 @@ static struct dentry *ext4_lookup(struct inode
EXT4_ERROR_INODE(dir, "bad inode number: %u", ino);
return ERR_PTR(-EIO);
}
+ if (ino == dir->i_ino) {
+ EXT4_ERROR_INODE(dir, "'%.*s' linked to parent dir",
+ dentry->d_name.len,
+ dentry->d_name.name);
+ return ERR_PTR(-EIO);
+ }
inode = ext4_iget(dir->i_sb, ino);
if (inode == ERR_PTR(-ESTALE)) {
EXT4_ERROR_INODE(dir,
Though -EIO could be replaced with -EBADF or -ELOOP, or something else.
Cheers, Andreas
next prev parent reply other threads:[~2012-05-28 20:29 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-05-28 17:33 [PATCH] vfs: avoid hang caused by attempting to rmdir an invalid file system Theodore Ts'o
2012-05-28 20:29 ` Andreas Dilger [this message]
2012-05-28 21:05 ` Ted Ts'o
2012-05-29 19:50 ` Jan Kara
2012-05-29 20:08 ` Jan Kara
2012-05-30 17:37 ` J. Bruce Fields
2012-05-30 20:12 ` Jan Kara
2012-06-18 21:19 ` J. Bruce Fields
2012-06-20 9:57 ` Jan Kara
2012-05-29 8:21 ` Greg KH
2012-05-29 12:18 ` Ted Ts'o
2012-05-29 11:25 ` Bernd Schubert
-- strict thread matches above, loose matches on Subject: below --
2012-05-28 17:31 ext2 hang on (intentionally) corrupted filesystem Ted Ts'o
2012-05-28 17:34 ` [PATCH] vfs: avoid hang caused by attempting to rmdir an invalid file system Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4790434C-0DF2-4186-BE4C-CE97633F107C@dilger.ca \
--to=adilger@dilger.ca \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=sami.liedes@iki.fi \
--cc=tytso@mit.edu \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).