From 1a4022f88d40e1255920b017556092ab926d7f66 Mon Sep 17 00:00:00 2001 From: Erez Zadok Date: Sat, 21 May 2011 01:19:59 -0400 Subject: [PATCH] VFS: move BUG_ON test for symlink nd->depth after current->link_count test This solves a serious VFS-level bug in nested_symlink (which was rewritten from do_follow_link), and follows the order of depth tests that existed before. The bug triggers a BUG_ON in fs/namei.c:1381, when running racer with symlink and rename ops. Signed-off-by: Erez Zadok Acked-by: Miklos Szeredi Cc: stable@kernel.org Signed-off-by: Linus Torvalds --- fs/namei.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/namei.c b/fs/namei.c index e3c4f112ebf7..6ff858c049c0 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -1378,12 +1378,12 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) { int res; - BUG_ON(nd->depth >= MAX_NESTED_LINKS); if (unlikely(current->link_count >= MAX_NESTED_LINKS)) { path_put_conditional(path, nd); path_put(&nd->path); return -ELOOP; } + BUG_ON(nd->depth >= MAX_NESTED_LINKS); nd->depth++; current->link_count++;