Al Viro 0785e29899 rename(): fix the locking of subdirectories ... commit 22e111ed6c upstream. We should never lock two subdirectories without having taken ->s_vfs_rename_mutex; inode pointer order or not, the "order" proposed in 28eceeda13 "fs: Lock moved directories" is not transitive, with the usual consequences. The rationale for locking renamed subdirectory in all cases was the possibility of race between rename modifying .. in a subdirectory to reflect the new parent and another thread modifying the same subdirectory. For a lot of filesystems that's not a problem, but for some it can lead to trouble (e.g. the case when short directory contents is kept in the inode, but creating a file in it might push it across the size limit and copy its contents into separate data block(s)). However, we need that only in case when the parent does change - otherwise ->rename() doesn't need to do anything with .. entry in the first place. Some instances are lazy and do a tautological update anyway, but it's really not hard to avoid. Amended locking rules for rename(): find the parent(s) of source and target if source and target have the same parent lock the common parent else lock ->s_vfs_rename_mutex lock both parents, in ancestor-first order; if neither is an ancestor of another, lock the parent of source first. find the source and target. if source and target have the same parent if operation is an overwriting rename of a subdirectory lock the target subdirectory else if source is a subdirectory lock the source if target is a subdirectory lock the target lock non-directories involved, in inode pointer order if both source and target are such. That way we are guaranteed that parents are locked (for obvious reasons), that any renamed non-directory is locked (nfsd relies upon that), that any victim is locked (emptiness check needs that, among other things) and subdirectory that changes parent is locked (needed to protect the update of .. entries). We are also guaranteed that any operation locking more than one directory either takes ->s_vfs_rename_mutex or locks a parent followed by its child. Cc: stable@vger.kernel.org Fixes: 28eceeda13 "fs: Lock moved directories" Reviewed-by: Jan Kara <jack@suse.cz> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2024-02-23 08:24:49 +01:00
..
caching
cifs
configfs
ext4
nfs
9p.txt
adfs.txt
affs.txt
afs.txt
api-summary.rst
autofs-mount-control.txt
autofs.txt
automount-support.txt
befs.txt
bfs.txt
btrfs.txt
ceph.txt
coda.txt
cramfs.txt
dax.txt
debugfs.txt
devpts.txt
directory-locking.rst	rename(): fix the locking of subdirectories	2024-02-23 08:24:49 +01:00
dlmfs.txt
dnotify.txt
ecryptfs.txt
efivarfs.txt
erofs.txt
ext2.txt
ext3.txt
f2fs.txt
fiemap.txt
files.txt
fscrypt.rst
fsverity.rst
fuse-io.txt
fuse.txt
gfs2-glocks.txt
gfs2-uevents.txt
gfs2.txt
hfs.txt
hfsplus.txt
hpfs.txt
index.rst
inotify.txt
isofs.txt
journalling.rst
locking.rst	rename(): fix the locking of subdirectories	2024-02-23 08:24:49 +01:00
locks.txt
mandatory-locking.txt
mount_api.txt
nilfs2.txt
ntfs.txt
ocfs2-online-filecheck.txt
ocfs2.txt
omfs.txt
orangefs.txt
overlayfs.txt
path-lookup.rst
path-lookup.txt
porting.rst	rename(): fix the locking of subdirectories	2024-02-23 08:24:49 +01:00
proc.txt
qnx6.txt
quota.txt
ramfs-rootfs-initramfs.txt
relay.txt
romfs.txt
seq_file.txt
sharedsubtree.txt
splice.rst
spufs.txt
squashfs.txt
sysfs-pci.txt
sysfs-tagging.txt
sysfs.txt
sysv-fs.txt
tmpfs.txt
ubifs-authentication.rst
ubifs.txt
udf.txt
vfat.txt
vfs.rst
virtiofs.rst
xfs-delayed-logging-design.txt
xfs-self-describing-metadata.txt