[PATCH v2 0/6] exfat: unify FAT chain walking helpers

[PATCH v2 0/6] exfat: unify FAT chain walking helpers

[Chi Zhiling]

From: Chi Zhiling <chizhiling@kylinos.cn>

This series introduces and uses two new helpers to simplify FAT chain
walking logic across the exfat driver:

1. exfat_fat_walk - walks FAT chain by a given step, handling both
   ALLOC_NO_FAT_CHAIN and ALLOC_FAT_CHAIN modes

2. exfat_chain_advance - walks an exfat_chain structure by a given step,
   updating both ->dir and ->size fields atomically with proper boundary
   checking

These helpers replace open-coded cluster walking logic in dir.c, namei.c
and inode.c, improving code readability and ensuring consistent error
handling for corrupted FAT chains.

Also includes a fix for incorrect directory checksum when renaming a
file to a shorter name.

---

Changes in v2: rework exfat_chain_advance()

v1:https://lore.kernel.org/linux-fsdevel/20260331091113.20882-1-chizhiling@163.com/


Chi Zhiling (6):
  exfat: fix incorrect directory checksum after rename to shorter name
  exfat: introduce exfat_fat_walk helper
  exfat: use exfat_fat_walk helper to simplify fat entry walking
  exfat: remove NULL cache pointer case in exfat_ent_get
  exfat: introduce exfat_chain_advance helper
  exfat: use exfat_chain_advance helper

 fs/exfat/dir.c      | 111 +++++++++-----------------------------------
 fs/exfat/exfat_fs.h |  40 +++++++++++++++-
 fs/exfat/fatent.c   |  23 ++++-----
 fs/exfat/inode.c    |  11 +----
 fs/exfat/namei.c    |  29 +++---------
 5 files changed, 79 insertions(+), 135 deletions(-)


base-commit: 4129a3a2751cba8511cee5d13145223662a8e019
-- 
2.43.0

[PATCH v2 1/6] exfat: fix incorrect directory checksum after rename to shorter name

[Chi Zhiling]

From: Chi Zhiling <chizhiling@kylinos.cn>

When renaming a file in-place to a shorter name, exfat_remove_entries
marks excess entries as DELETED, but es->num_entries is not updated
accordingly. As a result, exfat_update_dir_chksum iterates over the
deleted entries and computes an incorrect checksum.

This does not lead to persistent corruption because mark_inode_dirty()
is called afterward, and __exfat_write_inode later recomputes the
checksum using the correct num_entries value.

Fix by setting es->num_entries = num_entries in exfat_init_ext_entry.

Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
---
 fs/exfat/dir.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/fs/exfat/dir.c b/fs/exfat/dir.c
index a2c2b998808c..7619410d668e 100644
--- a/fs/exfat/dir.c
+++ b/fs/exfat/dir.c
@@ -490,6 +490,7 @@ void exfat_init_ext_entry(struct exfat_entry_set_cache *es, int num_entries,
 	unsigned short *uniname = p_uniname->name;
 	struct exfat_dentry *ep;
 
+	es->num_entries = num_entries;
 	ep = exfat_get_dentry_cached(es, ES_IDX_FILE);
 	ep->dentry.file.num_ext = (unsigned char)(num_entries - 1);
 
-- 
2.43.0

[PATCH v2 2/6] exfat: introduce exfat_fat_walk helper

[Chi Zhiling]

From: Chi Zhiling <chizhiling@kylinos.cn>

Introduce exfat_fat_walk() to walk the FAT chain by a given step,
handling both ALLOC_NO_FAT_CHAIN and ALLOC_FAT_CHAIN modes. Also
redefine exfat_get_next_cluster as a thin wrapper around it for
backward compatibility.

Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
---
 fs/exfat/exfat_fs.h | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/fs/exfat/exfat_fs.h b/fs/exfat/exfat_fs.h
index 9fed9fb33cae..530459ab9acc 100644
--- a/fs/exfat/exfat_fs.h
+++ b/fs/exfat/exfat_fs.h
@@ -437,7 +437,8 @@ int exfat_set_volume_dirty(struct super_block *sb);
 int exfat_clear_volume_dirty(struct super_block *sb);
 
 /* fatent.c */
-#define exfat_get_next_cluster(sb, pclu) exfat_ent_get(sb, *(pclu), pclu, NULL)
+#define exfat_get_next_cluster(sb, pclu) \
+	exfat_fat_walk(sb, (pclu), 1, ALLOC_FAT_CHAIN)
 
 int exfat_alloc_cluster(struct inode *inode, unsigned int num_alloc,
 		struct exfat_chain *p_chain, bool sync_bmap);
@@ -456,6 +457,26 @@ int exfat_count_num_clusters(struct super_block *sb,
 int exfat_blk_readahead(struct super_block *sb, sector_t sec,
 		sector_t *ra, blkcnt_t *ra_cnt, sector_t end);
 
+static inline int
+exfat_fat_walk(struct super_block *sb, unsigned int *clu,
+		unsigned int step, int flags)
+{
+	struct buffer_head *bh = NULL;
+
+	if (flags == ALLOC_NO_FAT_CHAIN) {
+		(*clu) += step;
+		return 0;
+	}
+
+	while (step--) {
+		if (exfat_ent_get(sb, *clu, clu, &bh))
+			return -EIO;
+	}
+	brelse(bh);
+
+	return 0;
+}
+
 /* balloc.c */
 int exfat_load_bitmap(struct super_block *sb);
 void exfat_free_bitmap(struct exfat_sb_info *sbi);
-- 
2.43.0

[PATCH v2 3/6] exfat: use exfat_fat_walk helper to simplify fat entry walking

[Chi Zhiling]

From: Chi Zhiling <chizhiling@kylinos.cn>

Replace the custom exfat_walk_fat_chain() function and open-coded
FAT chain walking logic with the exfat_fat_walk() helper across
exfat_find_location, __exfat_get_dentry_set, and exfat_map_cluster.

Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
---
 fs/exfat/dir.c   | 39 +++------------------------------------
 fs/exfat/inode.c | 11 ++---------
 2 files changed, 5 insertions(+), 45 deletions(-)

diff --git a/fs/exfat/dir.c b/fs/exfat/dir.c
index 7619410d668e..cfc6f16a5fb2 100644
--- a/fs/exfat/dir.c
+++ b/fs/exfat/dir.c
@@ -562,38 +562,6 @@ int exfat_put_dentry_set(struct exfat_entry_set_cache *es, int sync)
 	return err;
 }
 
-static int exfat_walk_fat_chain(struct super_block *sb,
-		struct exfat_chain *p_dir, unsigned int byte_offset,
-		unsigned int *clu)
-{
-	struct exfat_sb_info *sbi = EXFAT_SB(sb);
-	unsigned int clu_offset;
-	unsigned int cur_clu;
-
-	clu_offset = EXFAT_B_TO_CLU(byte_offset, sbi);
-	cur_clu = p_dir->dir;
-
-	if (p_dir->flags == ALLOC_NO_FAT_CHAIN) {
-		cur_clu += clu_offset;
-	} else {
-		while (clu_offset > 0) {
-			if (exfat_get_next_cluster(sb, &cur_clu))
-				return -EIO;
-			if (cur_clu == EXFAT_EOF_CLUSTER) {
-				exfat_fs_error(sb,
-					"invalid dentry access beyond EOF (clu : %u, eidx : %d)",
-					p_dir->dir,
-					EXFAT_B_TO_DEN(byte_offset));
-				return -EIO;
-			}
-			clu_offset--;
-		}
-	}
-
-	*clu = cur_clu;
-	return 0;
-}
-
 static int exfat_find_location(struct super_block *sb, struct exfat_chain *p_dir,
 			       int entry, sector_t *sector, int *offset)
 {
@@ -603,7 +571,8 @@ static int exfat_find_location(struct super_block *sb, struct exfat_chain *p_dir
 
 	off = EXFAT_DEN_TO_B(entry);
 
-	ret = exfat_walk_fat_chain(sb, p_dir, off, &clu);
+	clu = p_dir->dir;
+	ret = exfat_fat_walk(sb, &clu, EXFAT_B_TO_CLU(off, sbi), p_dir->flags);
 	if (ret)
 		return ret;
 
@@ -792,9 +761,7 @@ static int __exfat_get_dentry_set(struct exfat_entry_set_cache *es,
 		if (exfat_is_last_sector_in_cluster(sbi, sec)) {
 			unsigned int clu = exfat_sector_to_cluster(sbi, sec);
 
-			if (p_dir->flags == ALLOC_NO_FAT_CHAIN)
-				clu++;
-			else if (exfat_get_next_cluster(sb, &clu))
+			if (exfat_fat_walk(sb, &clu, 1, p_dir->flags))
 				goto put_es;
 			sec = exfat_cluster_to_sector(sbi, clu);
 		} else {
diff --git a/fs/exfat/inode.c b/fs/exfat/inode.c
index beb9ea7cca9f..817d9a135bb6 100644
--- a/fs/exfat/inode.c
+++ b/fs/exfat/inode.c
@@ -225,15 +225,8 @@ static int exfat_map_cluster(struct inode *inode, unsigned int clu_offset,
 		 * *clu = (the first cluster of the allocated chain) =>
 		 * (the last cluster of ...)
 		 */
-		if (ei->flags == ALLOC_NO_FAT_CHAIN) {
-			*clu += num_to_be_allocated - 1;
-		} else {
-			while (num_to_be_allocated > 1) {
-				if (exfat_get_next_cluster(sb, clu))
-					return -EIO;
-				num_to_be_allocated--;
-			}
-		}
+		if (exfat_fat_walk(sb, clu, num_to_be_allocated - 1, ei->flags))
+			return -EIO;
 		*count = 1;
 	}
 
-- 
2.43.0

[PATCH v2 4/6] exfat: remove NULL cache pointer case in exfat_ent_get

[Chi Zhiling]

From: Chi Zhiling <chizhiling@kylinos.cn>

Since exfat_get_next_cluster has been updated, no callers pass a NULL
pointer to exfat_ent_get, so remove the handling logic for this case.

Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
---
 fs/exfat/fatent.c | 23 +++++++++--------------
 1 file changed, 9 insertions(+), 14 deletions(-)

diff --git a/fs/exfat/fatent.c b/fs/exfat/fatent.c
index f2e5d5dde393..dce0955e689a 100644
--- a/fs/exfat/fatent.c
+++ b/fs/exfat/fatent.c
@@ -44,11 +44,11 @@ static int exfat_end_bh(struct super_block *sb, struct buffer_head *bh)
 }
 
 static int __exfat_ent_get(struct super_block *sb, unsigned int loc,
-		unsigned int *content, struct buffer_head **last)
+		unsigned int *content, struct buffer_head **cache)
 {
 	unsigned int off;
 	sector_t sec;
-	struct buffer_head *bh = last ? *last : NULL;
+	struct buffer_head *bh = *cache;
 
 	sec = FAT_ENT_OFFSET_SECTOR(sb, loc);
 	off = FAT_ENT_OFFSET_BYTE_IN_SECTOR(sb, loc);
@@ -56,8 +56,7 @@ static int __exfat_ent_get(struct super_block *sb, unsigned int loc,
 	if (!bh || bh->b_blocknr != sec || !buffer_uptodate(bh)) {
 		brelse(bh);
 		bh = sb_bread(sb, sec);
-		if (last)
-			*last = bh;
+		*cache = bh;
 		if (unlikely(!bh))
 			return -EIO;
 	}
@@ -68,8 +67,6 @@ static int __exfat_ent_get(struct super_block *sb, unsigned int loc,
 	if (*content > EXFAT_BAD_CLUSTER)
 		*content = EXFAT_EOF_CLUSTER;
 
-	if (!last)
-		brelse(bh);
 	return 0;
 }
 
@@ -111,7 +108,7 @@ int exfat_ent_set(struct super_block *sb, unsigned int loc,
  * Caller must release the buffer_head if no error return.
  */
 int exfat_ent_get(struct super_block *sb, unsigned int loc,
-		unsigned int *content, struct buffer_head **last)
+		unsigned int *content, struct buffer_head **cache)
 {
 	struct exfat_sb_info *sbi = EXFAT_SB(sb);
 
@@ -122,7 +119,7 @@ int exfat_ent_get(struct super_block *sb, unsigned int loc,
 		goto err;
 	}
 
-	if (unlikely(__exfat_ent_get(sb, loc, content, last))) {
+	if (unlikely(__exfat_ent_get(sb, loc, content, cache))) {
 		exfat_fs_error_ratelimit(sb,
 			"failed to access to FAT (entry 0x%08x)",
 			loc);
@@ -151,13 +148,11 @@ int exfat_ent_get(struct super_block *sb, unsigned int loc,
 	}
 
 	return 0;
-err:
-	if (last) {
-		brelse(*last);
 
-		/* Avoid double release */
-		*last = NULL;
-	}
+err:
+	/* Avoid double release */
+	brelse(*cache);
+	*cache = NULL;
 	return -EIO;
 }
 
-- 
2.43.0

[PATCH v2 5/6] exfat: introduce exfat_chain_advance helper

[Chi Zhiling]

From: Chi Zhiling <chizhiling@kylinos.cn>

Introduce exfat_chain_advance() to walk a exfat_chain structure by a
given step, updating both ->dir and ->size fields atomically. This
helper handles both ALLOC_NO_FAT_CHAIN and ALLOC_FAT_CHAIN modes with
proper boundary checking.

Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
Tested-by: syzbot@syzkaller.appspotmail.com

---
 fs/exfat/exfat_fs.h | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/fs/exfat/exfat_fs.h b/fs/exfat/exfat_fs.h
index 530459ab9acc..1035d20ba563 100644
--- a/fs/exfat/exfat_fs.h
+++ b/fs/exfat/exfat_fs.h
@@ -552,6 +552,23 @@ int exfat_read_volume_label(struct super_block *sb,
 int exfat_write_volume_label(struct super_block *sb,
 			     struct exfat_uni_name *label);
 
+static inline int exfat_chain_advance(struct super_block *sb,
+		struct exfat_chain *chain, unsigned int step)
+{
+	if (chain->size >= step)
+		chain->size -= step;
+	else
+		return -EIO;
+
+	if (exfat_fat_walk(sb, &chain->dir, step, chain->flags))
+		return -EIO;
+
+	if (chain->size == 0 && chain->flags == ALLOC_NO_FAT_CHAIN)
+		chain->dir = EXFAT_EOF_CLUSTER;
+
+	return 0;
+}
+
 /* inode.c */
 extern const struct inode_operations exfat_file_inode_operations;
 void exfat_sync_inode(struct inode *inode);
-- 
2.43.0

[PATCH v2 6/6] exfat: use exfat_chain_advance helper

[Chi Zhiling]

From: Chi Zhiling <chizhiling@kylinos.cn>

Replace open-coded cluster chain walking logic with exfat_chain_advance()
across exfat_readdir, exfat_find_dir_entry, exfat_count_dir_entries,
exfat_search_empty_slot and exfat_check_dir_empty.

Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
---
 fs/exfat/dir.c   | 71 ++++++++++++------------------------------------
 fs/exfat/namei.c | 29 +++++---------------
 2 files changed, 25 insertions(+), 75 deletions(-)

diff --git a/fs/exfat/dir.c b/fs/exfat/dir.c
index cfc6f16a5fb2..adc79694373a 100644
--- a/fs/exfat/dir.c
+++ b/fs/exfat/dir.c
@@ -93,25 +93,19 @@ static int exfat_readdir(struct inode *inode, loff_t *cpos, struct exfat_dir_ent
 	clu_offset = EXFAT_DEN_TO_CLU(dentry, sbi);
 	exfat_chain_dup(&clu, &dir);
 
-	if (clu.flags == ALLOC_NO_FAT_CHAIN) {
-		clu.dir += clu_offset;
-		clu.size -= clu_offset;
-	} else {
+	if (clu.flags == ALLOC_FAT_CHAIN) {
 		/* hint_information */
 		if (clu_offset > 0 && ei->hint_bmap.off != EXFAT_EOF_CLUSTER &&
 		    ei->hint_bmap.off > 0 && clu_offset >= ei->hint_bmap.off) {
 			clu_offset -= ei->hint_bmap.off;
 			clu.dir = ei->hint_bmap.clu;
-		}
-
-		while (clu_offset > 0 && clu.dir != EXFAT_EOF_CLUSTER) {
-			if (exfat_get_next_cluster(sb, &(clu.dir)))
-				return -EIO;
-
-			clu_offset--;
+			clu.size -= ei->hint_bmap.off;
 		}
 	}
 
+	if (exfat_chain_advance(sb, &clu, clu_offset))
+		return -EIO;
+
 	while (clu.dir != EXFAT_EOF_CLUSTER && dentry < max_dentries) {
 		i = dentry & (dentries_per_clu - 1);
 
@@ -160,15 +154,8 @@ static int exfat_readdir(struct inode *inode, loff_t *cpos, struct exfat_dir_ent
 			return 0;
 		}
 
-		if (clu.flags == ALLOC_NO_FAT_CHAIN) {
-			if (--clu.size > 0)
-				clu.dir++;
-			else
-				clu.dir = EXFAT_EOF_CLUSTER;
-		} else {
-			if (exfat_get_next_cluster(sb, &(clu.dir)))
-				return -EIO;
-		}
+		if (exfat_chain_advance(sb, &clu, 1))
+			return -EIO;
 	}
 
 out:
@@ -1077,19 +1064,12 @@ int exfat_find_dir_entry(struct super_block *sb, struct exfat_inode_info *ei,
 			step = DIRENT_STEP_FILE;
 		}
 
-		if (clu.flags == ALLOC_NO_FAT_CHAIN) {
-			if (--clu.size > 0)
-				clu.dir++;
-			else
-				clu.dir = EXFAT_EOF_CLUSTER;
-		} else {
-			if (exfat_get_next_cluster(sb, &clu.dir))
-				return -EIO;
+		if (exfat_chain_advance(sb, &clu, 1))
+			return -EIO;
+		/* break if the cluster chain includes a loop */
+		if (unlikely(++clu_count > EXFAT_DATA_CLUSTER_COUNT(sbi)))
+			goto not_found;
 
-			/* break if the cluster chain includes a loop */
-			if (unlikely(++clu_count > EXFAT_DATA_CLUSTER_COUNT(sbi)))
-				goto not_found;
-		}
 	}
 
 not_found:
@@ -1124,14 +1104,7 @@ int exfat_find_dir_entry(struct super_block *sb, struct exfat_inode_info *ei,
 	if (!((dentry + 1) & (dentries_per_clu - 1))) {
 		int ret = 0;
 
-		if (clu.flags == ALLOC_NO_FAT_CHAIN) {
-			if (--clu.size > 0)
-				clu.dir++;
-			else
-				clu.dir = EXFAT_EOF_CLUSTER;
-		} else {
-			ret = exfat_get_next_cluster(sb, &clu.dir);
-		}
+		ret = exfat_chain_advance(sb, &clu, 1);
 
 		if (ret || clu.dir == EXFAT_EOF_CLUSTER) {
 			/* just initialized hint_stat */
@@ -1176,20 +1149,12 @@ int exfat_count_dir_entries(struct super_block *sb, struct exfat_chain *p_dir)
 			count++;
 		}
 
-		if (clu.flags == ALLOC_NO_FAT_CHAIN) {
-			if (--clu.size > 0)
-				clu.dir++;
-			else
-				clu.dir = EXFAT_EOF_CLUSTER;
-		} else {
-			if (exfat_get_next_cluster(sb, &(clu.dir)))
-				return -EIO;
-
-			if (unlikely(++clu_count > sbi->used_clusters)) {
-				exfat_fs_error(sb, "FAT or bitmap is corrupted");
-				return -EIO;
-			}
+		if (exfat_chain_advance(sb, &clu, 1))
+			return -EIO;
 
+		if (unlikely(++clu_count > sbi->used_clusters)) {
+			exfat_fs_error(sb, "FAT or bitmap is corrupted");
+			return -EIO;
 		}
 	}
 
diff --git a/fs/exfat/namei.c b/fs/exfat/namei.c
index d0ea1ff81c09..7cfec2adc365 100644
--- a/fs/exfat/namei.c
+++ b/fs/exfat/namei.c
@@ -246,16 +246,8 @@ static int exfat_search_empty_slot(struct super_block *sb,
 		i += ret;
 
 		while (i >= dentries_per_clu) {
-			if (clu.flags == ALLOC_NO_FAT_CHAIN) {
-				if (--clu.size > 0)
-					clu.dir++;
-				else
-					clu.dir = EXFAT_EOF_CLUSTER;
-			} else {
-				if (exfat_get_next_cluster(sb, &clu.dir))
-					return -EIO;
-			}
-
+			if (exfat_chain_advance(sb, &clu, 1))
+				return -EIO;
 			i -= dentries_per_clu;
 		}
 	}
@@ -925,19 +917,12 @@ static int exfat_check_dir_empty(struct super_block *sb,
 			return -ENOTEMPTY;
 		}
 
-		if (clu.flags == ALLOC_NO_FAT_CHAIN) {
-			if (--clu.size > 0)
-				clu.dir++;
-			else
-				clu.dir = EXFAT_EOF_CLUSTER;
-		} else {
-			if (exfat_get_next_cluster(sb, &(clu.dir)))
-				return -EIO;
+		if (exfat_chain_advance(sb, &clu, 1))
+			return -EIO;
 
-			/* break if the cluster chain includes a loop */
-			if (unlikely(++clu_count > EXFAT_DATA_CLUSTER_COUNT(sbi)))
-				break;
-		}
+		/* break if the cluster chain includes a loop */
+		if (unlikely(++clu_count > EXFAT_DATA_CLUSTER_COUNT(sbi)))
+			break;
 	}
 
 	return 0;
-- 
2.43.0

RE: [PATCH v2 3/6] exfat: use exfat_fat_walk helper to simplify fat entry walking

[Sungjong Seo]

Hi, Chi Zhiling,
> Replace the custom exfat_walk_fat_chain() function and open-coded FAT 
> chain walking logic with the exfat_fat_walk() helper across 
> exfat_find_location, __exfat_get_dentry_set, and exfat_map_cluster.
> 
> Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
> ---
>  fs/exfat/dir.c   | 39 +++------------------------------------
>  fs/exfat/inode.c | 11 ++---------
>  2 files changed, 5 insertions(+), 45 deletions(-)
> 
> diff --git a/fs/exfat/dir.c b/fs/exfat/dir.c index
> 7619410d668e..cfc6f16a5fb2 100644
> --- a/fs/exfat/dir.c
> +++ b/fs/exfat/dir.c
> @@ -562,38 +562,6 @@ int exfat_put_dentry_set(struct 
> exfat_entry_set_cache *es, int sync)
>  	return err;
>  }
> 
> -static int exfat_walk_fat_chain(struct super_block *sb,
> -		struct exfat_chain *p_dir, unsigned int byte_offset,
> -		unsigned int *clu)
> -{
> -	struct exfat_sb_info *sbi = EXFAT_SB(sb);
> -	unsigned int clu_offset;
> -	unsigned int cur_clu;
> -
> -	clu_offset = EXFAT_B_TO_CLU(byte_offset, sbi);
> -	cur_clu = p_dir->dir;
> -
> -	if (p_dir->flags == ALLOC_NO_FAT_CHAIN) {
> -		cur_clu += clu_offset;
> -	} else {
> -		while (clu_offset > 0) {
> -			if (exfat_get_next_cluster(sb, &cur_clu))
> -				return -EIO;
> -			if (cur_clu == EXFAT_EOF_CLUSTER) {

The intentional exfat_fs_error() call for chain damage conditions is lost.
Instead of removing the error handling for this condition, it had better be
moved to exfat_find_location().

Other than this, the rest of the patchset looks excellent.
Thanks.

> -				exfat_fs_error(sb,
> -					"invalid dentry access beyond EOF
> (clu : %u, eidx : %d)",
> -					p_dir->dir,
> -					EXFAT_B_TO_DEN(byte_offset));
We lost 
> -				return -EIO;
> -			}
> -			clu_offset--;
> -		}
> -	}
> -
> -	*clu = cur_clu;
> -	return 0;
> -}
> -
>  static int exfat_find_location(struct super_block *sb, struct 
> exfat_chain *p_dir,
>  			       int entry, sector_t *sector, int *offset)  {
@@ -
> 603,7 +571,8 @@ static int exfat_find_location(struct super_block *sb, 
> struct exfat_chain *p_dir
> 
>  	off = EXFAT_DEN_TO_B(entry);
> 
> -	ret = exfat_walk_fat_chain(sb, p_dir, off, &clu);
> +	clu = p_dir->dir;
> +	ret = exfat_fat_walk(sb, &clu, EXFAT_B_TO_CLU(off, sbi), 
> +p_dir->flags);
>  	if (ret)
>  		return ret;
> 
> @@ -792,9 +761,7 @@ static int __exfat_get_dentry_set(struct 
> exfat_entry_set_cache *es,
>  		if (exfat_is_last_sector_in_cluster(sbi, sec)) {
>  			unsigned int clu = exfat_sector_to_cluster(sbi,
sec);
> 
> -			if (p_dir->flags == ALLOC_NO_FAT_CHAIN)
> -				clu++;
> -			else if (exfat_get_next_cluster(sb, &clu))
> +			if (exfat_fat_walk(sb, &clu, 1, p_dir->flags))
>  				goto put_es;
>  			sec = exfat_cluster_to_sector(sbi, clu);
>  		} else {
> diff --git a/fs/exfat/inode.c b/fs/exfat/inode.c index
> beb9ea7cca9f..817d9a135bb6 100644
> --- a/fs/exfat/inode.c
> +++ b/fs/exfat/inode.c
> @@ -225,15 +225,8 @@ static int exfat_map_cluster(struct inode *inode, 
> unsigned int clu_offset,
>  		 * *clu = (the first cluster of the allocated chain) =>
>  		 * (the last cluster of ...)
>  		 */
> -		if (ei->flags == ALLOC_NO_FAT_CHAIN) {
> -			*clu += num_to_be_allocated - 1;
> -		} else {
> -			while (num_to_be_allocated > 1) {
> -				if (exfat_get_next_cluster(sb, clu))
> -					return -EIO;
> -				num_to_be_allocated--;
> -			}
> -		}
> +		if (exfat_fat_walk(sb, clu, num_to_be_allocated - 1, ei-
> >flags))
> +			return -EIO;
>  		*count = 1;
>  	}
> 
> --
> 2.43.0

Re: [PATCH v2 2/6] exfat: introduce exfat_fat_walk helper

[Yuezhang.Mo]

> From: Chi Zhiling <chizhiling@kylinos.cn>
> 
> Introduce exfat_fat_walk() to walk the FAT chain by a given step,
> handling both ALLOC_NO_FAT_CHAIN and ALLOC_FAT_CHAIN modes. Also
> redefine exfat_get_next_cluster as a thin wrapper around it for
> backward compatibility.
> 
> Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
> ---
>  fs/exfat/exfat_fs.h | 23 ++++++++++++++++++++++-
>  1 file changed, 22 insertions(+), 1 deletion(-)
> 
> diff --git a/fs/exfat/exfat_fs.h b/fs/exfat/exfat_fs.h
> index 9fed9fb33cae..530459ab9acc 100644
> --- a/fs/exfat/exfat_fs.h
> +++ b/fs/exfat/exfat_fs.h
> @@ -437,7 +437,8 @@ int exfat_set_volume_dirty(struct super_block *sb);
>  int exfat_clear_volume_dirty(struct super_block *sb);
> 
>  /* fatent.c */
> -#define exfat_get_next_cluster(sb, pclu) exfat_ent_get(sb, *(pclu), pclu, NULL)
> +#define exfat_get_next_cluster(sb, pclu) \
> +       exfat_fat_walk(sb, (pclu), 1, ALLOC_FAT_CHAIN)
> 
>  int exfat_alloc_cluster(struct inode *inode, unsigned int num_alloc,
>                 struct exfat_chain *p_chain, bool sync_bmap);
> @@ -456,6 +457,26 @@ int exfat_count_num_clusters(struct super_block *sb,
>  int exfat_blk_readahead(struct super_block *sb, sector_t sec,
>                 sector_t *ra, blkcnt_t *ra_cnt, sector_t end);
> 
> +static inline int
> +exfat_fat_walk(struct super_block *sb, unsigned int *clu,
> +               unsigned int step, int flags)
> +{
> +       struct buffer_head *bh = NULL;
> +
> +       if (flags == ALLOC_NO_FAT_CHAIN) {
> +               (*clu) += step;
> +               return 0;
> +       }

For ALLOC_NO_FAT_CHAIN, since the FAT region is not accessed, it would be
better to use a more general function name, such as exfat_cluster_walk.

> +
> +       while (step--) {
> +               if (exfat_ent_get(sb, *clu, clu, &bh))
> +                       return -EIO;
> +       }
> +       brelse(bh);
> +
> +       return 0;
> +}
> +
>  /* balloc.c */
>  int exfat_load_bitmap(struct super_block *sb);
>  void exfat_free_bitmap(struct exfat_sb_info *sbi);
> --
> 2.43.0

Re: [PATCH v2 5/6] exfat: introduce exfat_chain_advance helper

[Yuezhang.Mo]

> From: Chi Zhiling <chizhiling@kylinos.cn>
> 
> Introduce exfat_chain_advance() to walk a exfat_chain structure by a
> given step, updating both ->dir and ->size fields atomically. This
> helper handles both ALLOC_NO_FAT_CHAIN and ALLOC_FAT_CHAIN modes with
> proper boundary checking.
> 
> Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
> Tested-by: syzbot@syzkaller.appspotmail.com
> 
> ---
> fs/exfat/exfat_fs.h | 17 +++++++++++++++++
>  1 file changed, 17 insertions(+)
> 
> diff --git a/fs/exfat/exfat_fs.h b/fs/exfat/exfat_fs.h
> index 530459ab9acc..1035d20ba563 100644
> --- a/fs/exfat/exfat_fs.h
> +++ b/fs/exfat/exfat_fs.h
> @@ -552,6 +552,23 @@ int exfat_read_volume_label(struct super_block *sb,
> int exfat_write_volume_label(struct super_block *sb,
>                              struct exfat_uni_name *label);
> 
> +static inline int exfat_chain_advance(struct super_block *sb,
> +               struct exfat_chain *chain, unsigned int step)
> +{
> +       if (chain->size >= step)
> +               chain->size -= step;

It would be better to not change *chain if return an error.

> +       else
> +               return -EIO;
> +
> +       if (exfat_fat_walk(sb, &chain->dir, step, chain->flags))
> +               return -EIO;
> +
> +       if (chain->size == 0 && chain->flags == ALLOC_NO_FAT_CHAIN)
> +               chain->dir = EXFAT_EOF_CLUSTER;
> +
> +       return 0;
> +}
> +
>  /* inode.c */
>  extern const struct inode_operations exfat_file_inode_operations;
>  void exfat_sync_inode(struct inode *inode);
> --
> 2.43.0

Re: [PATCH v2 3/6] exfat: use exfat_fat_walk helper to simplify fat entry walking

[Chi Zhiling]

On 4/2/26 10:22 PM, Sungjong Seo wrote:
> Hi, Chi Zhiling,
>> Replace the custom exfat_walk_fat_chain() function and open-coded FAT
>> chain walking logic with the exfat_fat_walk() helper across
>> exfat_find_location, __exfat_get_dentry_set, and exfat_map_cluster.
>>
>> Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
>> ---
>>   fs/exfat/dir.c   | 39 +++------------------------------------
>>   fs/exfat/inode.c | 11 ++---------
>>   2 files changed, 5 insertions(+), 45 deletions(-)
>>
>> diff --git a/fs/exfat/dir.c b/fs/exfat/dir.c index
>> 7619410d668e..cfc6f16a5fb2 100644
>> --- a/fs/exfat/dir.c
>> +++ b/fs/exfat/dir.c
>> @@ -562,38 +562,6 @@ int exfat_put_dentry_set(struct
>> exfat_entry_set_cache *es, int sync)
>>   	return err;
>>   }
>>
>> -static int exfat_walk_fat_chain(struct super_block *sb,
>> -		struct exfat_chain *p_dir, unsigned int byte_offset,
>> -		unsigned int *clu)
>> -{
>> -	struct exfat_sb_info *sbi = EXFAT_SB(sb);
>> -	unsigned int clu_offset;
>> -	unsigned int cur_clu;
>> -
>> -	clu_offset = EXFAT_B_TO_CLU(byte_offset, sbi);
>> -	cur_clu = p_dir->dir;
>> -
>> -	if (p_dir->flags == ALLOC_NO_FAT_CHAIN) {
>> -		cur_clu += clu_offset;
>> -	} else {
>> -		while (clu_offset > 0) {
>> -			if (exfat_get_next_cluster(sb, &cur_clu))
>> -				return -EIO;
>> -			if (cur_clu == EXFAT_EOF_CLUSTER) {
> 
> The intentional exfat_fs_error() call for chain damage conditions is lost.
> Instead of removing the error handling for this condition, it had better be
> moved to exfat_find_location().

Wow, you’re right, I did miss that.
and your suggestion is great.

Thanks,

Re: [PATCH v2 2/6] exfat: introduce exfat_fat_walk helper

[Chi Zhiling]

On 4/3/26 10:34 AM, Yuezhang.Mo@sony.com wrote:
>> From: Chi Zhiling <chizhiling@kylinos.cn>
>>
>> Introduce exfat_fat_walk() to walk the FAT chain by a given step,
>> handling both ALLOC_NO_FAT_CHAIN and ALLOC_FAT_CHAIN modes. Also
>> redefine exfat_get_next_cluster as a thin wrapper around it for
>> backward compatibility.
>>
>> Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
>> ---
>>   fs/exfat/exfat_fs.h | 23 ++++++++++++++++++++++-
>>   1 file changed, 22 insertions(+), 1 deletion(-)
>>
>> diff --git a/fs/exfat/exfat_fs.h b/fs/exfat/exfat_fs.h
>> index 9fed9fb33cae..530459ab9acc 100644
>> --- a/fs/exfat/exfat_fs.h
>> +++ b/fs/exfat/exfat_fs.h
>> @@ -437,7 +437,8 @@ int exfat_set_volume_dirty(struct super_block *sb);
>>   int exfat_clear_volume_dirty(struct super_block *sb);
>>
>>   /* fatent.c */
>> -#define exfat_get_next_cluster(sb, pclu) exfat_ent_get(sb, *(pclu), pclu, NULL)
>> +#define exfat_get_next_cluster(sb, pclu) \
>> +       exfat_fat_walk(sb, (pclu), 1, ALLOC_FAT_CHAIN)
>>
>>   int exfat_alloc_cluster(struct inode *inode, unsigned int num_alloc,
>>                  struct exfat_chain *p_chain, bool sync_bmap);
>> @@ -456,6 +457,26 @@ int exfat_count_num_clusters(struct super_block *sb,
>>   int exfat_blk_readahead(struct super_block *sb, sector_t sec,
>>                  sector_t *ra, blkcnt_t *ra_cnt, sector_t end);
>>
>> +static inline int
>> +exfat_fat_walk(struct super_block *sb, unsigned int *clu,
>> +               unsigned int step, int flags)
>> +{
>> +       struct buffer_head *bh = NULL;
>> +
>> +       if (flags == ALLOC_NO_FAT_CHAIN) {
>> +               (*clu) += step;
>> +               return 0;
>> +       }
> 
> For ALLOC_NO_FAT_CHAIN, since the FAT region is not accessed, it would be
> better to use a more general function name, such as exfat_cluster_walk.

Okay,

> 
>> +
>> +       while (step--) {
>> +               if (exfat_ent_get(sb, *clu, clu, &bh))
>> +                       return -EIO;
>> +       }
>> +       brelse(bh);
>> +
>> +       return 0;
>> +}
>> +
>>   /* balloc.c */
>>   int exfat_load_bitmap(struct super_block *sb);
>>   void exfat_free_bitmap(struct exfat_sb_info *sbi);
>> --
>> 2.43.0
> 
> 
> 

Re: [PATCH v2 5/6] exfat: introduce exfat_chain_advance helper

[Chi Zhiling]

On 4/3/26 10:34 AM, Yuezhang.Mo@sony.com wrote:
>> From: Chi Zhiling <chizhiling@kylinos.cn>
>>
>> Introduce exfat_chain_advance() to walk a exfat_chain structure by a
>> given step, updating both ->dir and ->size fields atomically. This
>> helper handles both ALLOC_NO_FAT_CHAIN and ALLOC_FAT_CHAIN modes with
>> proper boundary checking.
>>
>> Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
>> Tested-by: syzbot@syzkaller.appspotmail.com
>>
>> ---
>> fs/exfat/exfat_fs.h | 17 +++++++++++++++++
>>   1 file changed, 17 insertions(+)
>>
>> diff --git a/fs/exfat/exfat_fs.h b/fs/exfat/exfat_fs.h
>> index 530459ab9acc..1035d20ba563 100644
>> --- a/fs/exfat/exfat_fs.h
>> +++ b/fs/exfat/exfat_fs.h
>> @@ -552,6 +552,23 @@ int exfat_read_volume_label(struct super_block *sb,
>> int exfat_write_volume_label(struct super_block *sb,
>>                               struct exfat_uni_name *label);
>>
>> +static inline int exfat_chain_advance(struct super_block *sb,
>> +               struct exfat_chain *chain, unsigned int step)
>> +{
>> +       if (chain->size >= step)
>> +               chain->size -= step;
> 
> It would be better to not change *chain if return an error.

Okay,

v3:

static inline int exfat_chain_advance(struct super_block *sb,
                 struct exfat_chain *chain, unsigned int step)
{
         if (chain->size < step)
                 return -EIO;

         chain->size -= step;

         if (exfat_fat_walk(sb, &chain->dir, step, chain->flags))
                 return -EIO;

         if (chain->size == 0 && chain->flags == ALLOC_NO_FAT_CHAIN)
                 chain->dir = EXFAT_EOF_CLUSTER;

         return 0;
}


Thanks,
> 
>> +       else
>> +               return -EIO;
>> +
>> +       if (exfat_fat_walk(sb, &chain->dir, step, chain->flags))
>> +               return -EIO;
>> +
>> +       if (chain->size == 0 && chain->flags == ALLOC_NO_FAT_CHAIN)
>> +               chain->dir = EXFAT_EOF_CLUSTER;
>> +
>> +       return 0;
>> +}
>> +
>>   /* inode.c */
>>   extern const struct inode_operations exfat_file_inode_operations;
>>   void exfat_sync_inode(struct inode *inode);
>> --
>> 2.43.0
> 
> 

Re: [PATCH v2 5/6] exfat: introduce exfat_chain_advance helper

[Yuezhang.Mo]

> On 4/3/26 10:34 AM, Yuezhang.Mo@sony.com wrote:
> >> From: Chi Zhiling <chizhiling@kylinos.cn>
> >>
> >> Introduce exfat_chain_advance() to walk a exfat_chain structure by a
> >> given step, updating both ->dir and ->size fields atomically. This
> >> helper handles both ALLOC_NO_FAT_CHAIN and ALLOC_FAT_CHAIN modes with
> >> proper boundary checking.
> >>
> >> Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
> >> Tested-by: syzbot@syzkaller.appspotmail.com
> >>
> >> ---
> >> fs/exfat/exfat_fs.h | 17 +++++++++++++++++
> >>   1 file changed, 17 insertions(+)
> >>
> >> diff --git a/fs/exfat/exfat_fs.h b/fs/exfat/exfat_fs.h
> >> index 530459ab9acc..1035d20ba563 100644
> >> --- a/fs/exfat/exfat_fs.h
> >> +++ b/fs/exfat/exfat_fs.h
> >> @@ -552,6 +552,23 @@ int exfat_read_volume_label(struct super_block *sb,
> >> int exfat_write_volume_label(struct super_block *sb,
> >>                               struct exfat_uni_name *label);
> >>
> >> +static inline int exfat_chain_advance(struct super_block *sb,
> >> +               struct exfat_chain *chain, unsigned int step)
> >> +{
> >> +       if (chain->size >= step)
> >> +               chain->size -= step;
> >
> > It would be better to not change *chain if return an error.
> 
> Okay,
> 
> v3:
> 
> static inline int exfat_chain_advance(struct super_block *sb,
>                  struct exfat_chain *chain, unsigned int step)
> {
>          if (chain->size < step)
>                  return -EIO;
> 
>          chain->size -= step;
> 
>          if (exfat_fat_walk(sb, &chain->dir, step, chain->flags))
>                  return -EIO;
> 
>          if (chain->size == 0 && chain->flags == ALLOC_NO_FAT_CHAIN)
>                  chain->dir = EXFAT_EOF_CLUSTER;
> 
>          return 0;
> }
> 

chain->dir should also not be changed.

static inline int exfat_chain_advance(struct super_block *sb,
                 struct exfat_chain *chain, unsigned int step)
{
         unsigned int clu = chain->dir;

         if (chain->size < step)
                 return -EIO;

         if (exfat_fat_walk(sb, &clu, step, chain->flags))
                 return -EIO;

         chain->size -= step;

         if (chain->size == 0 && chain->flags == ALLOC_NO_FAT_CHAIN)
                 chain->dir = EXFAT_EOF_CLUSTER;
         else
                 chain->dir = clu;

         return 0;
}

> 
> Thanks,
> >
> >> +       else
> >> +               return -EIO;
> >> +
> >> +       if (exfat_fat_walk(sb, &chain->dir, step, chain->flags))
> >> +               return -EIO;
> >> +
> >> +       if (chain->size == 0 && chain->flags == ALLOC_NO_FAT_CHAIN)
> >> +               chain->dir = EXFAT_EOF_CLUSTER;
> >> +
> >> +       return 0;
> >> +}
> >> +
> >>   /* inode.c */
> >>   extern const struct inode_operations exfat_file_inode_operations;
> >>   void exfat_sync_inode(struct inode *inode);
> >> --
> >> 2.43.0
> >
> >

Re: [PATCH v2 5/6] exfat: introduce exfat_chain_advance helper

[Chi Zhiling]

On 4/3/26 11:33 AM, Yuezhang.Mo@sony.com wrote:
>> On 4/3/26 10:34 AM, Yuezhang.Mo@sony.com wrote:
>>>> From: Chi Zhiling <chizhiling@kylinos.cn>
>>>>
>>>> Introduce exfat_chain_advance() to walk a exfat_chain structure by a
>>>> given step, updating both ->dir and ->size fields atomically. This
>>>> helper handles both ALLOC_NO_FAT_CHAIN and ALLOC_FAT_CHAIN modes with
>>>> proper boundary checking.
>>>>
>>>> Signed-off-by: Chi Zhiling <chizhiling@kylinos.cn>
>>>> Tested-by: syzbot@syzkaller.appspotmail.com
>>>>
>>>> ---
>>>> fs/exfat/exfat_fs.h | 17 +++++++++++++++++
>>>>    1 file changed, 17 insertions(+)
>>>>
>>>> diff --git a/fs/exfat/exfat_fs.h b/fs/exfat/exfat_fs.h
>>>> index 530459ab9acc..1035d20ba563 100644
>>>> --- a/fs/exfat/exfat_fs.h
>>>> +++ b/fs/exfat/exfat_fs.h
>>>> @@ -552,6 +552,23 @@ int exfat_read_volume_label(struct super_block *sb,
>>>> int exfat_write_volume_label(struct super_block *sb,
>>>>                                struct exfat_uni_name *label);
>>>>
>>>> +static inline int exfat_chain_advance(struct super_block *sb,
>>>> +               struct exfat_chain *chain, unsigned int step)
>>>> +{
>>>> +       if (chain->size >= step)
>>>> +               chain->size -= step;
>>>
>>> It would be better to not change *chain if return an error.
>>
>> Okay,
>>
>> v3:
>>
>> static inline int exfat_chain_advance(struct super_block *sb,
>>                   struct exfat_chain *chain, unsigned int step)
>> {
>>           if (chain->size < step)
>>                   return -EIO;
>>
>>           chain->size -= step;
>>
>>           if (exfat_fat_walk(sb, &chain->dir, step, chain->flags))
>>                   return -EIO;
>>
>>           if (chain->size == 0 && chain->flags == ALLOC_NO_FAT_CHAIN)
>>                   chain->dir = EXFAT_EOF_CLUSTER;
>>
>>           return 0;
>> }
>>
> 
> chain->dir should also not be changed.
> 
> static inline int exfat_chain_advance(struct super_block *sb,
>                   struct exfat_chain *chain, unsigned int step)
> {
>           unsigned int clu = chain->dir;
> 
>           if (chain->size < step)
>                   return -EIO;
> 
>           if (exfat_fat_walk(sb, &clu, step, chain->flags))
>                   return -EIO;
> 
>           chain->size -= step;
> 
>           if (chain->size == 0 && chain->flags == ALLOC_NO_FAT_CHAIN)
>                   chain->dir = EXFAT_EOF_CLUSTER;
>           else
>                   chain->dir = clu;
> 
>           return 0;
> }

Alright, I got it, this is great.

I’ll update it in v3.


Thanks,

> 
>>
>> Thanks,
>>>
>>>> +       else
>>>> +               return -EIO;
>>>> +
>>>> +       if (exfat_fat_walk(sb, &chain->dir, step, chain->flags))
>>>> +               return -EIO;
>>>> +
>>>> +       if (chain->size == 0 && chain->flags == ALLOC_NO_FAT_CHAIN)
>>>> +               chain->dir = EXFAT_EOF_CLUSTER;
>>>> +
>>>> +       return 0;
>>>> +}
>>>> +
>>>>    /* inode.c */
>>>>    extern const struct inode_operations exfat_file_inode_operations;
>>>>    void exfat_sync_inode(struct inode *inode);
>>>> --
>>>> 2.43.0
>>>
>>>