[PATCH 2/2] misc: nsm: do not unlock mutex before locking it

Next message: Marco Scardovi: "[PATCH 0/1] platform/x86: asus-armoury: Add power limits for FA401KM"
Previous message: Vu Nguyen Anh Khoa: "[PATCH 1/2] misc: nsm: require CAP_SYS_ADMIN for raw ioctl"
In reply to: Vu Nguyen Anh Khoa: "[PATCH 1/2] misc: nsm: require CAP_SYS_ADMIN for raw ioctl"
Next in thread: Graf (AWS), Alexander: "Re: [PATCH 2/2] misc: nsm: do not unlock mutex before locking it"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Vu Nguyen Anh Khoa

Date: Sun Jun 21 2026 - 05:03:16 EST

nsm_dev_ioctl() jumps to the common out label when the initial
copy_from_user() fails. That failure path runs before
mutex_lock(&nsm->lock), but the out label unconditionally calls
mutex_unlock(&nsm->lock).

Return -EFAULT directly for the pre-lock copy_from_user() failure so
only paths that acquired the mutex release it.

Signed-off-by: Vu Nguyen Anh Khoa <khoavna.tin.2225@xxxxxxxxx>
---
drivers/misc/nsm.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/misc/nsm.c b/drivers/misc/nsm.c
index 52790df7d..8153edff3 100644
--- a/drivers/misc/nsm.c
+++ b/drivers/misc/nsm.c
@@ -369,9 +369,8 @@ static long nsm_dev_ioctl(struct file *file, unsigned int cmd,
return -EINVAL;

/* Copy user argument struct to kernel argument struct */
- r = -EFAULT;
if (copy_from_user(&raw, argp, _IOC_SIZE(cmd)))
- goto out;
+ return -EFAULT;

mutex_lock(&nsm->lock);

--
2.43.0