• Al Viro's avatar
    configfs: fix a deadlock in configfs_symlink() · 5e36cf8e
    Al Viro authored
    commit 351e5d86 upstream.
    
    Configfs abuses symlink(2).  Unlike the normal filesystems, it
    wants the target resolved at symlink(2) time, like link(2) would've
    done.  The problem is that ->symlink() is called with the parent
    directory locked exclusive, so resolving the target inside the
    ->symlink() is easily deadlocked.
    
    Short of really ugly games in sys_symlink() itself, all we can
    do is to unlock the parent before resolving the target and
    relock it after.  However, that invalidates the checks done
    by the caller of ->symlink(), so we have to
    	* check that dentry is still where it used to be
    (it couldn't have been moved, but it could've been unhashed)
    	* recheck that it's still negative (somebody else
    might've successfully created a symlink with the same name
    while we were looking the target up)
    	* recheck the permissions on the parent directory.
    
    Cc: stable@vger.kernel.org
    Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
    Signed-off-by: default avatarChristoph Hellwig <hch@lst.de>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    5e36cf8e
symlink.c 8.42 KB