• Al Viro's avatar
    rename(): avoid a deadlock in the case of parents having no common ancestor · a8b00268
    Al Viro authored
    ... and fix the directory locking documentation and proof of correctness.
    Holding ->s_vfs_rename_mutex *almost* prevents ->d_parent changes; the
    case where we really don't want it is splicing the root of disconnected
    tree to somewhere.
    
    In other words, ->s_vfs_rename_mutex is sufficient to stabilize "X is an
    ancestor of Y" only if X and Y are already in the same tree.  Otherwise
    it can go from false to true, and one can construct a deadlock on that.
    
    Make lock_two_directories() report an error in such case and update the
    callers of lock_rename()/lock_rename_child() to handle such errors.
    
    And yes, such conditions are not impossible to create ;-/
    Reviewed-by: default avatarJan Kara <jack@suse.cz>
    Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
    a8b00268
namei.c 139 KB