From patchwork Mon May 28 17:34:05 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Theodore Ts'o X-Patchwork-Id: 161632 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id DEDC5B6FA9 for ; Tue, 29 May 2012 03:34:10 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752278Ab2E1ReH (ORCPT ); Mon, 28 May 2012 13:34:07 -0400 Received: from li9-11.members.linode.com ([67.18.176.11]:46015 "EHLO imap.thunk.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752035Ab2E1ReH (ORCPT ); Mon, 28 May 2012 13:34:07 -0400 Received: from root (helo=tytso-glaptop.cam.corp.google.com) by imap.thunk.org with local-esmtp (Exim 4.72) (envelope-from ) id 1SZ3pW-0004KH-T2; Mon, 28 May 2012 17:34:06 +0000 Received: from tytso by tytso-glaptop.cam.corp.google.com with local (Exim 4.71) (envelope-from ) id 1SZ3pV-0002KH-Oj; Mon, 28 May 2012 13:34:05 -0400 From: Theodore Ts'o To: linux-fsdevel@vger.kernel.org Cc: Ext4 Developers List , viro@ZenIV.linux.org.uk, sami.liedes@iki.fi, Theodore Ts'o Subject: [PATCH] vfs: avoid hang caused by attempting to rmdir an invalid file system Date: Mon, 28 May 2012 13:34:05 -0400 Message-Id: <1338226445-8911-1-git-send-email-tytso@mit.edu> X-Mailer: git-send-email 1.7.10.2.552.gaa3bb87 In-Reply-To: <20120528173133.GA31109@thunk.org> References: <20120528173133.GA31109@thunk.org> X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: tytso@thunk.org X-SA-Exim-Scanned: No (on imap.thunk.org); SAEximRunCond expanded to false Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org If we rmdir a directory which is a hard link to '.', we will deadlock trying to grab the directory's i_mutex. Check for this condition and return EINVAL, which is what we return if the user attempts to rmdir "/foo/bar/." Signed-off-by: "Theodore Ts'o" --- fs/namei.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/fs/namei.c b/fs/namei.c index 0062dd1..081f872 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -2774,6 +2774,17 @@ static long do_rmdir(int dfd, const char __user *pathname) error = -ENOENT; goto exit3; } + if (nd.path.dentry->d_inode == dentry->d_inode) { + /* + * Corrupt file system where there is a symlink to + * '.'; treat it as if we are trying to rmdir '.' + * + * XXX Should we call into the low-level file system + * to request that the file system be marked corrupt? + */ + error = -EINVAL; + goto exit3; + } error = mnt_want_write(nd.path.mnt); if (error) goto exit3;