]> www.infradead.org Git - nvme.git/commitdiff
xfs: reset child dir '..' entry when unlinking child
authorDarrick J. Wong <djwong@kernel.org>
Mon, 12 Jul 2021 19:58:48 +0000 (12:58 -0700)
committerDarrick J. Wong <djwong@kernel.org>
Thu, 15 Jul 2021 16:58:42 +0000 (09:58 -0700)
While running xfs/168, I noticed a second source of post-shrink
corruption errors causing shutdowns.

Let's say that directory B has a low inode number and is a child of
directory A, which has a high number.  If B is empty but open, and
unlinked from A, B's dotdot link continues to point to A.  If A is then
unlinked and the filesystem shrunk so that A is no longer a valid inode,
a subsequent AIL push of B will trip the inode verifiers because the
dotdot entry points outside of the filesystem.

To avoid this problem, reset B's dotdot entry to the root directory when
unlinking directories, since the root directory cannot be removed.

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Gao Xiang <hsiangkao@linux.alibaba.com>
fs/xfs/xfs_inode.c

index a835ceb79ba55ad9d915003e8e2c1e05a0ecec86..990b72ae36350a3ccfd41b3074a2538eafa7c531 100644 (file)
@@ -2763,6 +2763,19 @@ xfs_remove(
                error = xfs_droplink(tp, ip);
                if (error)
                        goto out_trans_cancel;
+
+               /*
+                * Point the unlinked child directory's ".." entry to the root
+                * directory to eliminate back-references to inodes that may
+                * get freed before the child directory is closed.  If the fs
+                * gets shrunk, this can lead to dirent inode validation errors.
+                */
+               if (dp->i_ino != tp->t_mountp->m_sb.sb_rootino) {
+                       error = xfs_dir_replace(tp, ip, &xfs_name_dotdot,
+                                       tp->t_mountp->m_sb.sb_rootino, 0);
+                       if (error)
+                               return error;
+               }
        } else {
                /*
                 * When removing a non-directory we need to log the parent