On Thu, Oct 23, 2014 at 06:21:58PM +0100, Al Viro wrote:
> Untested interim fix follows; as soon as d_splice_alias()/d_materialise_unique()
> merge happens, we'll be able to clean vfat_lookup() a bit more.
>
> a) don't bother with ->d_time for positives - we only check it for negatives
> anyway.
> b) make sure to set it at unlink and rmdir time - at *that* point soon-to-be
> negative dentry matches then-current directory contents
> c) don't go into renaming of old alias in vfat_lookup() unless it has
> the same parent (which it will, unless we are seeing corrupted image) *and*
> is a non-directory
> d) use (for now) d_materialise_unique() instead of d_splice_alias() - that one
> will do renames of old directory aliases just fine (and pretty soon so will
> d_splice_alias(), but this bug is -stable fodder)
>
> Signed-off-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Tested-by: Sami Liedes <sami.liedes@xxxxxx>
I can verify that this patch fixes the crash on 3.17.1. However I have
not tested that it doesn't break something else like non-fuzzed
filesystems :-) I'm going to rerun the fuzz tests on vfat with this
patch applied.
Sami
Attachment:
signature.asc
Description: Digital signature
