Re: [PATCH v2] ntfs: fix mrec_lock ABBA deadlock in rename
From: Namjae Jeon
Date: Tue Jun 30 2026 - 10:30:23 EST
On Tue, Jun 30, 2026 at 12:09 PM Peiyang He <peiyang_he@xxxxxxxxxxxxxxxx> wrote:
>
> ntfs_file_fsync(), ntfs_dir_fsync() and __ntfs_write_inode() lock an
> inode's mrec_lock before taking the mrec_lock of its parent directory.
>
> ntfs_rename() takes old_ni->mrec_lock and old_dir_ni->mrec_lock
> before taking new_ni->mrec_lock for an existing target, or
> new_dir_ni->mrec_lock for a cross-directory rename.
> This can deadlock when ntfs_file_fsync() or __ntfs_write_inode() holds
> the target inode, or when ntfs_dir_fsync() holds a child target
> directory, while rename() holds the parent directory and waits for the
> target.
>
> Fix this by locking the existing target inode before taking any parent
> directory mrec_lock. For cross-directory renames where the target parent
> is a descendant of the source parent, lock the target parent before the
> source parent so the directory order matches the child-to-parent order used
> by ntfs_file_fsync(), ntfs_dir_fsync(), and __ntfs_write_inode().
>
> Reported-by: Peiyang He <peiyang_he@xxxxxxxxxxxxxxxx>
> Closes: https://lore.kernel.org/all/C4D296F0E9F3D66C+9397ffbc-eb55-44bb-9b3f-5da4809e7955@xxxxxxxxxxxxxxxx/
> Fixes: af0db57d4293 ("ntfs: update inode operations")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Peiyang He <peiyang_he@xxxxxxxxxxxxxxxx>
> Assisted-by: Codex:gpt-5.5
Applied it to #ntfs-next.
Thanks!