Bug at kernel/cred.c +432

From: rishabhb
Date: Mon Sep 09 2019 - 18:47:29 EST

Next message: rishabhb: "Re: Bug at kernel/cred.c +443"
Previous message: Laurent Pinchart: "Re: [PATCH] drm/tilcdc: include linux/pinctrl/consumer.h again"
Next in thread: rishabhb: "Re: Bug at kernel/cred.c +443"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Miklos

In 4.19 kernel when we write to a file that doesn't exist we see the
following stack:
[ 377.382745] ovl_create_or_link+0xac/0x710
[ 377.382745] ovl_create_object+0xb8/0x110
[ 377.382745] ovl_create+0x34/0x40
[ 377.382745] path_openat+0xd44/0x15a8
[ 377.382745] do_filp_open+0x80/0x128
[ 377.382745] do_sys_open+0x140/0x250
[ 377.382745] __arm64_sys_openat+0x2c/0x38

If the override_cred flag = off, the ovl_override_cred and ovl_revert_cred just returns NULL.
But there is another override_cred in between these two functions;
put_cred(override_creds(override_cred));
put_cred(override_cred);

This will override the credentials permanently as there is no corresponding revert_cred associated.
So whenever we do commit_creds for this task, we see a BUG_ON at kernel/cred.c +443.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/kernel/cred.c#n443

Should this override_cred be changed to ovl_override_cred to maintain consistency and avoid this
BUG_ON?

Thanks,
Rishabh

Next message: rishabhb: "Re: Bug at kernel/cred.c +443"
Previous message: Laurent Pinchart: "Re: [PATCH] drm/tilcdc: include linux/pinctrl/consumer.h again"
Next in thread: rishabhb: "Re: Bug at kernel/cred.c +443"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]