f2fs: fix potential corruption when moving a directory

author Jaegeuk Kim <jaegeuk@kernel.org>

Thu, 6 Apr 2023 18:18:48 +0000 (11:18 -0700)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Wed, 17 May 2023 09:53:48 +0000 (11:53 +0200)
author Jaegeuk Kim <jaegeuk@kernel.org>
Thu, 6 Apr 2023 18:18:48 +0000 (11:18 -0700)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 17 May 2023 09:53:48 +0000 (11:53 +0200)
diff --git a/fs/f2fs/namei.c b/fs/f2fs/namei.c

index b6c14c9c33a08c1075a97ca3be1e7f3586d41bf5..51d0030bddb27d4d2c37a548ac67201ef83d67da 100644 (file)
--- a/fs/f2fs/namei.c
+++ b/fs/f2fs/namei.c
@@ -1002,12 +1002,20 @@ static int f2fs_rename(struct user_namespace *mnt_userns, struct inode *old_dir,
                         goto out;
         }
  
+       /*
+        * Copied from ext4_rename: we need to protect against old.inode
+        * directory getting converted from inline directory format into
+        * a normal one.
+        */
+       if (S_ISDIR(old_inode->i_mode))
+               inode_lock_nested(old_inode, I_MUTEX_NONDIR2);
+
         err = -ENOENT;
         old_entry = f2fs_find_entry(old_dir, &old_dentry->d_name, &old_page);
         if (!old_entry) {
                 if (IS_ERR(old_page))
                         err = PTR_ERR(old_page);
-               goto out;
+               goto out_unlock_old;
         }
  
         if (S_ISDIR(old_inode->i_mode)) {
@@ -1115,6 +1123,9 @@ static int f2fs_rename(struct user_namespace *mnt_userns, struct inode *old_dir,
  
         f2fs_unlock_op(sbi);
  
+       if (S_ISDIR(old_inode->i_mode))
+               inode_unlock(old_inode);
+
         if (IS_DIRSYNC(old_dir) || IS_DIRSYNC(new_dir))
                 f2fs_sync_fs(sbi->sb, 1);
  
@@ -1129,6 +1140,9 @@ static int f2fs_rename(struct user_namespace *mnt_userns, struct inode *old_dir,
                 f2fs_put_page(old_dir_page, 0);
  out_old:
         f2fs_put_page(old_page, 0);
+out_unlock_old:
+       if (S_ISDIR(old_inode->i_mode))
+               inode_unlock(old_inode);
  out:
         iput(whiteout);
         return err;
author	Jaegeuk Kim <jaegeuk@kernel.org>
	Thu, 6 Apr 2023 18:18:48 +0000 (11:18 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 17 May 2023 09:53:48 +0000 (11:53 +0200)