From nobody Sat Feb 17 21:11:11 2024 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TchL75xWCz59h33; Sat, 17 Feb 2024 21:11:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TchL74f84z4ZSK; Sat, 17 Feb 2024 21:11:11 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1708204271; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=89hBo54n5ppD7yWUCjpNeuB9llDg4YAhm6y2KxP//kI=; b=jMEz/A+3r34tTF9kOtrk79lK6tuzWeRepd1LsDjQ1fdWAy8Wc6ougsa+oVGEXg8SgnoK1e POKDGKhEWWssBuuojIlC2dvr3Cn5ImLM4mR8j1UF9NpKfdoBIDWWvM+ZRwEteOzngOVhfz jSO2HBZgQF88PvVXiQIFqNTu58BCTXlP9sjVGGSFLrYn2HAUJ2Xy7eavsqik2lP+AtFqab hTcT6agwWvi9R6I0fH1Phdj4b3VfelbVUfgpqzdYK9KRjJLwtWzJZlbdvpEz81AWCjlawx zTVHDVLnovN9bdjZGTC2UWyi33NOqj3KZrADm253KvnF3Kh/yaz8MdGwoMYftg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1708204271; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=89hBo54n5ppD7yWUCjpNeuB9llDg4YAhm6y2KxP//kI=; b=f4zlMa/qVq5gRQJOpN5Rf9mxM1Qw7wqSXcqc47xObMbh+sU3VCBlwpjPLd9nxhxO/qfXyc /eD6EMo/VKMyNABRTLl6lZyKkCWBHHPJKZDoZVoNqImxq7kxU9NS2T0BIDsOwqneW+PShS LO3a3WB5wqHnWLMqFs7vO2rqIfIwpnWWuPEb/ftcmQwL4HSg37CyVDTwQm5yTEo1hxLLC+ XzoES5hNKwc8adNdK2LHHMem4FqGgTt2oCQ7LGT1RsWzXS/K/Vm9SnZ6yAJLmoq8/+/c80 uHgcoQJb22NOpznjbXd3jTK3DS9OGeyfeopsquk1u+EK3GiGbsNuCF+Lrac5hA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1708204271; a=rsa-sha256; cv=none; b=fjxSAfuK+7aaF9e4LX77w0ZD+6pOUCLgDyk85GmHl+sRAQAsAseJyQB+MIPFNrwirN6rbH GHk6zhBY7mOIHRvjbrxBAust8Tiol2G5muu2fy70b9yNkpFyhnhHXovhFbrQMLO7u9C4I4 nlLfWRPPUKK4eKJCaLYrpxQEC/kh3YEJFSdlEgdW/aDWmNEjlOZh1iLfVn/GTp9FvJEj1q 4AZre7oPL81XQyew63cBJgjX8vtRZ+yszUpyAKxb0stR/EgNMWYdIGoFqPNaFjhONIbwuy 8aNrQhOU3VianMZHOk3V1IxaBuTolN+EzSPAAIQkDx+Tk0Q2V0l6LOPr7kJxsQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TchL73SH9zNfy; Sat, 17 Feb 2024 21:11:11 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 41HLBB3x080100; Sat, 17 Feb 2024 21:11:11 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 41HLBBiV080097; Sat, 17 Feb 2024 21:11:11 GMT (envelope-from git) Date: Sat, 17 Feb 2024 21:11:11 GMT Message-Id: <202402172111.41HLBBiV080097@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Stefan =?utf-8?Q?E=C3=9Fer?= Subject: git: 8b67c670a49b - main - msdosfs: fix directory corruption after rename operation List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: se X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 8b67c670a49b4efe7e1557121b5bbae682ea3bc7 Auto-Submitted: auto-generated The branch main has been updated by se: URL: https://cgit.FreeBSD.org/src/commit/?id=8b67c670a49b4efe7e1557121b5bbae682ea3bc7 commit 8b67c670a49b4efe7e1557121b5bbae682ea3bc7 Author: Stefan Eßer AuthorDate: 2024-02-17 21:04:49 +0000 Commit: Stefan Eßer CommitDate: 2024-02-17 21:04:49 +0000 msdosfs: fix directory corruption after rename operation The is a bug in MSDOSFS that can be triggered when the target of a rename operation exists. It is caused by the lack of inodes in the FAT file system, which are substituted by the location of the DOS 8.3 directory entry in the file system. This causes the "inode" of a file to change when its directory entry is moved to a different location. The rename operation wants to re-use the existing directory entry position of an existing target file name (POS1). But the code does instead locate the first position in the directory that provides sufficient free directory slots (POS2) to hold the target file name and fills it with the directory data. The rename operation continues and at the end writes directory data to the initially retrieved location (POS1) of the old target directory. This leads to 2 directory entries for the target file, but with inconsistent data in the directory and in the cached file system state. The location that should have been re-used (POS1) is marked as deleted in the directory, and new directory data has been written to a different location (POS2). But the VFS cache has the newly written data stored under the inode number that corresponds to the initially planned position (POS1). If then a new file is written, it can allocate the deleted directory entries (POS1) and when it queries the cache, it retrieves data that is valid for the target of the prior rename operation, leading to a corrupt directory entry (at POS1) being written (DOS file name of the earlier rename target combined with the Windows long file name of the newly written file). PR: 268005 Reported by: wbe@psr.com Approved by: kib, mckusick Fixes: 2c9cbc2d45b94 MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D43951 --- sys/fs/msdosfs/msdosfs_vnops.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sys/fs/msdosfs/msdosfs_vnops.c b/sys/fs/msdosfs/msdosfs_vnops.c index 31d9b003a6fa..078ea5e52312 100644 --- a/sys/fs/msdosfs/msdosfs_vnops.c +++ b/sys/fs/msdosfs/msdosfs_vnops.c @@ -1180,8 +1180,10 @@ relock: memcpy(oldname, fip->de_Name, 11); memcpy(fip->de_Name, toname, 11); /* update denode */ error = msdosfs_lookup_ino(tdvp, NULL, tcnp, &scn, &blkoff); - if (error == EJUSTRETURN) + if (error == EJUSTRETURN) { + tdip->de_fndoffset = to_diroffset; error = createde(fip, tdip, NULL, tcnp); + } if (error != 0) { memcpy(fip->de_Name, oldname, 11); goto unlock;