btrfs: handle directory and dentry mismatch in btrfs_may_delete()

The helper btrfs_may_delete() is a copy of generic fs/namei.c:may_delete() to verify various conditions before deletion. There's a BUG_ON added before linux.git started, we can turn it to a proper error handling at least in our local helper. A mistmatch between directory and the deleted dentry is clearly invalid. This won't be probably ever hit due to the way how the parameters are set from the caller btrfs_ioctl_snap_destroy(), using a VFS helper lookup_one(). Reviewed-by: Josef Bacik <josef@toxicpanda.com> Reviewed-by: Anand Jain <anand.jain@oracle.com> Signed-off-by: David Sterba <dsterba@suse.com>
2024-09-28 21:33:52 +00:00 · 2024-01-19 20:23:56 +01:00 · 2024-01-19 20:23:56 +01:00 · 1686570265
commit 1686570265
parent 4dc4a3be6c
1 changed files with 3 additions and 1 deletions
--- a/fs/btrfs/ioctl.c
+++ b/fs/btrfs/ioctl.c
@ -906,7 +906,9 @@ static int btrfs_may_delete(struct mnt_idmap *idmap,
 	if (d_really_is_negative(victim))
 		return -ENOENT;

-	BUG_ON(d_inode(victim->d_parent) != dir);
+	/* The @victim is not inside @dir. */
+	if (d_inode(victim->d_parent) != dir)
+		return -EINVAL;
 	audit_inode_child(dir, victim, AUDIT_TYPE_CHILD_DELETE);

 	error = inode_permission(idmap, dir, MAY_WRITE | MAY_EXEC);