stable.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] fs: drop peer group ids under namespace lock
       [not found] ` <000000000000a0139105f81888eb@google.com>
@ 2023-03-30  7:13   ` Christian Brauner
  2023-03-31 10:36     ` Christian Brauner
  0 siblings, 1 reply; 2+ messages in thread
From: Christian Brauner @ 2023-03-30  7:13 UTC (permalink / raw)
  To: linux-fsdevel
  Cc: linux-kernel, syzkaller-bugs, viro, syzbot+8ac3859139c685c4f597,
	stable, Christian Brauner

When cleaning up peer group ids in the failure path we need to make sure
to hold on to the namespace lock. Otherwise another thread might just
turn the mount from a shared into a non-shared mount concurrently.

Reported-by: syzbot+8ac3859139c685c4f597@syzkaller.appspotmail.com
Link: https://lore.kernel.org/lkml/00000000000088694505f8132d77@google.com
Fixes: 2a1867219c7b ("fs: add mount_setattr()")
Cc: stable@vger.kernel.org # 5.12+
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
 fs/namespace.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/namespace.c b/fs/namespace.c
index bc0f15257b49..6836e937ee61 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -4183,9 +4183,9 @@ static int do_mount_setattr(struct path *path, struct mount_kattr *kattr)
 	unlock_mount_hash();
 
 	if (kattr->propagation) {
-		namespace_unlock();
 		if (err)
 			cleanup_group_ids(mnt, NULL);
+		namespace_unlock();
 	}
 
 	return err;

---
base-commit: 197b6b60ae7bc51dd0814953c562833143b292aa
change-id: 20230330-vfs-mount_setattr-propagation-fix-363b7c59d7fb


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] fs: drop peer group ids under namespace lock
  2023-03-30  7:13   ` [PATCH] fs: drop peer group ids under namespace lock Christian Brauner
@ 2023-03-31 10:36     ` Christian Brauner
  0 siblings, 0 replies; 2+ messages in thread
From: Christian Brauner @ 2023-03-31 10:36 UTC (permalink / raw)
  To: linux-fsdevel
  Cc: Christian Brauner, linux-kernel, syzkaller-bugs, viro,
	syzbot+8ac3859139c685c4f597, stable


On Thu, 30 Mar 2023 09:13:16 +0200, Christian Brauner wrote:
> When cleaning up peer group ids in the failure path we need to make sure
> to hold on to the namespace lock. Otherwise another thread might just
> turn the mount from a shared into a non-shared mount concurrently.
> 
> 

Ok, syzbot is happy with this as well so let's get this fixed and backported,

tree: git://git.kernel.org/pub/scm/linux/kernel/git/vfs/idmapping.git
branch: vfs.misc.fixes
[1/1] fs: drop peer group ids under namespace lock
      commit: cb2239c198ad9fbd5aced22cf93e45562da781eb

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-03-31 10:37 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <00000000000088694505f8132d77@google.com>
     [not found] ` <000000000000a0139105f81888eb@google.com>
2023-03-30  7:13   ` [PATCH] fs: drop peer group ids under namespace lock Christian Brauner
2023-03-31 10:36     ` Christian Brauner

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).