From 0ca54ea5dea71ac83c897eb380cf65e686bc257b Mon Sep 17 00:00:00 2001
From: waterwin <qianjiaxing@huawei.com>
Date: Tue, 20 Jun 2023 09:52:30 +0000
Subject: [PATCH] fixed 75d32a9 from
 https://gitee.com/waterwin/kernel_linux_5.10/pulls/902 hmdfs: prohibits
 renaming cross-view Signed-off-by: waterwin <qianjiaxing@huawei.com>

---
 fs/hmdfs/comm/transport.c | 32 ++++++++++++++++++++++++--------
 fs/hmdfs/inode_local.c    |  7 +++++++
 fs/hmdfs/inode_merge.c    | 12 +++++++++---
 fs/hmdfs/inode_remote.c   |  6 ++++++
 4 files changed, 46 insertions(+), 11 deletions(-)

diff --git a/fs/hmdfs/comm/transport.c b/fs/hmdfs/comm/transport.c
index a68cf800c51a..1754b1da2685 100644
--- a/fs/hmdfs/comm/transport.c
+++ b/fs/hmdfs/comm/transport.c
@@ -892,6 +892,21 @@ static int set_tfm(__u8 *master_key, struct crypto_aead *tfm)
 	return ret;
 }
 
+static bool is_tcp_socket(struct tcp_handle *tcp)
+{
+	if (!tcp || !tcp->sock || !tcp->sock->sk) {
+		hmdfs_err("invalid tcp handle");
+		return false;
+	}
+
+	if (tcp->sock->sk->sk_protocol != IPPROTO_TCP) {
+		hmdfs_err("invalid socket protocol");
+		return false;
+	}
+
+	return true;
+}
+
 static int tcp_update_socket(struct tcp_handle *tcp, int fd,
 			     uint8_t *master_key, struct socket *socket)
 {
@@ -903,19 +918,20 @@ static int tcp_update_socket(struct tcp_handle *tcp, int fd,
 
 	tcp->sock = socket;
 	tcp->fd = fd;
+
+	if (!is_tcp_socket(tcp)) {
+		err = -EINVAL;
+		goto put_sock;
+	}
+
 	if (!tcp_handle_is_available(tcp)) {
 		err = -EPIPE;
 		goto put_sock;
 	}
 
-        hmdfs_info("socket fd %d, state %d, refcount %ld protocol %d",
-                fd, socket->state, file_count(socket->file),
-                   socket->sk->sk_protocol);
-
-        if (socket->sk->sk_protocol != IPPROTO_TCP) {
-                hmdfs_err("invalid socket protocol");
-                return -EINVAL;
-        }
+	hmdfs_info("socket fd %d, state %d, refcount %ld protocol %d", fd,
+		   socket->state, file_count(socket->file),
+		   socket->sk->sk_protocol);
 
 	tcp->recv_cache = kmem_cache_create("hmdfs_socket",
 					    tcp->recvbuf_maxsize,
diff --git a/fs/hmdfs/inode_local.c b/fs/hmdfs/inode_local.c
index 346309fd94aa..bb0f89572fb8 100644
--- a/fs/hmdfs/inode_local.c
+++ b/fs/hmdfs/inode_local.c
@@ -672,6 +672,13 @@ int hmdfs_rename_local(struct inode *old_dir, struct dentry *old_dentry,
 		err = -EACCES;
 		goto rename_out;
 	}
+
+	if (hmdfs_i(old_dir)->inode_type != hmdfs_i(new_dir)->inode_type) {
+		hmdfs_err("in different view");
+		err = -EPERM;
+		goto rename_out;
+	}
+
 	if (hmdfs_d(old_dentry)->device_id != hmdfs_d(new_dentry)->device_id) {
 		err = -EXDEV;
 		goto rename_out;
diff --git a/fs/hmdfs/inode_merge.c b/fs/hmdfs/inode_merge.c
index 0ef8defc2b86..17a7af217d8d 100644
--- a/fs/hmdfs/inode_merge.c
+++ b/fs/hmdfs/inode_merge.c
@@ -1181,7 +1181,7 @@ int do_unlink_merge(struct inode *dir, struct dentry *dentry)
 	mutex_lock(&dim->comrade_list_lock);
 	list_for_each_entry(comrade, &(dim->comrade_list), list) {
 		lo_d = comrade->lo_d;
-                dget(lo_d);
+		dget(lo_d);
 		lo_d_dir = lock_parent(lo_d);
 		/* lo_d could be unhashed, need to lookup again here */
 		lo_d_lookup = lookup_one_len(lo_d->d_name.name, lo_d_dir,
@@ -1197,7 +1197,7 @@ int do_unlink_merge(struct inode *dir, struct dentry *dentry)
 		ret = vfs_unlink(lo_i_dir, lo_d_lookup, NULL);
 		dput(lo_d_lookup);
 		unlock_dir(lo_d_dir);
-                dput(lo_d);
+		dput(lo_d);
 		if (ret)
 			break;
 	}
@@ -1333,6 +1333,13 @@ int hmdfs_rename_merge(struct inode *old_dir, struct dentry *old_dentry,
 		ret = -EACCES;
 		goto rename_out;
 	}
+
+	if (hmdfs_i(old_dir)->inode_type != hmdfs_i(new_dir)->inode_type) {
+		hmdfs_err("in different view");
+		ret = -EPERM;
+		goto rename_out;
+	}
+
 	old_dir_buf = kmalloc(PATH_MAX, GFP_KERNEL);
 	new_dir_buf = kmalloc(PATH_MAX, GFP_KERNEL);
 	if (!old_dir_buf || !new_dir_buf) {
@@ -1373,7 +1380,6 @@ int hmdfs_rename_merge(struct inode *old_dir, struct dentry *old_dentry,
 		d_invalidate(old_dentry);
 
 rename_out:
-	hmdfs_trace_rename_merge(old_dir, old_dentry, new_dir, new_dentry, ret);
 	kfree(old_dir_buf);
 	kfree(new_dir_buf);
 	return ret;
diff --git a/fs/hmdfs/inode_remote.c b/fs/hmdfs/inode_remote.c
index f906b2410407..2670e3e81891 100644
--- a/fs/hmdfs/inode_remote.c
+++ b/fs/hmdfs/inode_remote.c
@@ -809,6 +809,12 @@ int hmdfs_rename_remote(struct inode *old_dir, struct dentry *old_dentry,
 	    hmdfs_file_type(new_dentry->d_name.name) != HMDFS_TYPE_COMMON) {
 		return -EACCES;
 	}
+
+	if (hmdfs_i(old_dir)->inode_type != hmdfs_i(new_dir)->inode_type) {
+		hmdfs_err("in different view");
+		return -EPERM;
+	}
+
 	if (hmdfs_d(old_dentry)->device_id != hmdfs_d(new_dentry)->device_id)
 		return -EXDEV;
 
-- 
Gitee