From: Sebastian Andrzej Siewior bigeasy@linutronix.de
[ Upstream commit 5b2fabf7fe8f745ff214ff003e6067b64f172271 ]
kernfs_node_dentry() passes kernfs_node::name to lookup_positive_unlocked().
Acquire kernfs_root::kernfs_rwsem to ensure the node is not renamed during the operation.
Acked-by: Tejun Heo tj@kernel.org Signed-off-by: Sebastian Andrzej Siewior bigeasy@linutronix.de Link: https://lore.kernel.org/r/20250213145023.2820193-4-bigeasy@linutronix.de Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org Signed-off-by: Sasha Levin sashal@kernel.org --- fs/kernfs/mount.c | 4 ++++ 1 file changed, 4 insertions(+)
diff --git a/fs/kernfs/mount.c b/fs/kernfs/mount.c index 1358c21837f1a..0f6379ae258d1 100644 --- a/fs/kernfs/mount.c +++ b/fs/kernfs/mount.c @@ -207,6 +207,7 @@ struct dentry *kernfs_node_dentry(struct kernfs_node *kn, { struct dentry *dentry; struct kernfs_node *knparent; + struct kernfs_root *root;
BUG_ON(sb->s_op != &kernfs_sops);
@@ -216,6 +217,9 @@ struct dentry *kernfs_node_dentry(struct kernfs_node *kn, if (!kn->parent) return dentry;
+ root = kernfs_root(kn); + guard(rwsem_read)(&root->kernfs_rwsem); + knparent = find_next_ancestor(kn, NULL); if (WARN_ON(!knparent)) { dput(dentry);