| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250824185303.18519-1-ssrane_b23@ee.vjti.ac.in>
Date: Mon, 25 Aug 2025 00:23:03 +0530
From: ssranevjti@...il.com
To: linux-fsdevel@...r.kernel.org
Cc: linux-kernel@...r.kernel.org,
viro@...iv.linux.org.uk,
brauner@...nel.org,
jack@...e.cz,
syzbot+0cee785b798102696a4b@...kaller.appspotmail.com,
Shaurya Rane <ssrane_b23@...vjti.ac.in>
Subject: [PATCH] fs/namei: fix WARNING in do_mknodat due to invalid inode unlock
From: Shaurya Rane <ssrane_b23@...vjti.ac.in>
The done_path_create() function unconditionally calls inode_unlock() on
path->dentry->d_inode without verifying that the path and inode are valid.
Under certain error conditions or race scenarios, this can lead to attempting
to unlock an inode that was never locked or has been corrupted, resulting in
a WARNING from the rwsem debugging code.
Add defensive checks to ensure both path->dentry and path->dentry->d_inode
are valid before attempting to unlock. This prevents the rwsem warning while
maintaining existing behavior for normal cases.
Reported-by: syzbot+0cee785b798102696a4b@...kaller.appspotmail.com
Signed-off-by: Shaurya Rane <ssrane_b23@...vjti.ac.in>
---
fs/namei.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/namei.c b/fs/namei.c
index cd43ff89fbaa..75ef579c38b7 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -4174,7 +4174,8 @@ void done_path_create(struct path *path, struct dentry *dentry)
{
if (!IS_ERR(dentry))
dput(dentry);
- inode_unlock(path->dentry->d_inode);
+ if (path->dentry && path->dentry->d_inode)
+ inode_unlock(path->dentry->d_inode);
mnt_drop_write(path->mnt);
path_put(path);
}
--
2.34.1
Powered by blists - more mailing lists