From: Christian Brauner <brau...@kernel.org> When cleaning up peer group ids in the failure path we need to make sure to hold on to the namespace lock. Otherwise another thread might just turn the mount from a shared into a non-shared mount concurrently.
Link: https://lore.kernel.org/lkml/00000000000088694505f8132...@google.com Fixes: 2a1867219c7b ("fs: add mount_setattr()") Reported-by: syzbot+8ac3859139c685c4f...@syzkaller.appspotmail.com Cc: sta...@vger.kernel.org # 5.12+ Message-Id: <20230330-vfs-mount_setattr-propagation-fix-v1-1-37548d915...@kernel.org> Signed-off-by: Christian Brauner <brau...@kernel.org> (cherry picked from commit cb2239c198ad9fbd5aced22cf93e45562da781eb) https://jira.sw.ru/browse/PSBM-144416 Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com> --- fs/namespace.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/namespace.c b/fs/namespace.c index f37cae055dbf..49d972024249 100644 --- a/fs/namespace.c +++ b/fs/namespace.c @@ -4280,9 +4280,9 @@ static int do_mount_setattr(struct path *path, struct mount_kattr *kattr) unlock_mount_hash(); if (kattr->propagation) { - namespace_unlock(); if (err) cleanup_group_ids(mnt, NULL); + namespace_unlock(); } return err; -- 2.39.2 _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel
