Unverified Commit 280e36f0 authored by Christian Brauner's avatar Christian Brauner
Browse files

nsfs: use cleanup guard 

Ensure that rcu read lock is given up before returning.

Link: https://lore.kernel.org/r/20240716-elixier-fliesen-1ab342151a61@brauner


Fixes: ca567df7 ("nsfs: add pid translation ioctls")
Reported-by: default avatar <syzbot+a3e82ae343b26b4d2335@syzkaller.appspotmail.com>
Signed-off-by: default avatarChristian Brauner <brauner@kernel.org>
parent 400e4064

fs/nsfs.c

+3 −3
Original line number Diff line number Diff line
@@ -174,14 +174,14 @@ static long ns_ioctl(struct file *filp, unsigned int ioctl, 
		fallthrough;

	case NS_GET_PID_IN_PIDNS:

		fallthrough;

	case NS_GET_TGID_IN_PIDNS:

	case NS_GET_TGID_IN_PIDNS: {

		if (ns->ops->type != CLONE_NEWPID)

			return -EINVAL;



		ret = -ESRCH;

		pid_ns = container_of(ns, struct pid_namespace, ns);



		rcu_read_lock();

		guard(rcu)();



		if (ioctl == NS_GET_PID_IN_PIDNS ||

		    ioctl == NS_GET_TGID_IN_PIDNS)
@@ -208,11 +208,11 @@ static long ns_ioctl(struct file *filp, unsigned int ioctl, 
			ret = 0;

			break;

		}

		rcu_read_unlock();



		if (!ret)

			ret = -ESRCH;

		break;

	}

	default:

		ret = -ENOTTY;

	}