From fdf79bad05d6ac4e617213a1daa925e15a0122b6 Mon Sep 17 00:00:00 2001 From: Tadeusz Struk Date: Thu, 27 Jan 2022 15:28:12 -0800 Subject: [PATCH] ANDROID: incremental-fs: populate userns before calling vfs_rename The old and new mount user name spaces need to be populated before calling vfs_rename(). Otherwise vfs_rename will try to dereference a null ptr and segfault. Bug: 211066171 Signed-off-by: Tadeusz Struk Change-Id: I3656073581218107fc3b1a52ebe7bcfd81a10fc2 --- fs/incfs/vfs.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/fs/incfs/vfs.c b/fs/incfs/vfs.c index 282f457c3904..63070071c1c6 100644 --- a/fs/incfs/vfs.c +++ b/fs/incfs/vfs.c @@ -43,7 +43,8 @@ static int dir_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry); static int dir_rmdir(struct inode *dir, struct dentry *dentry); static int dir_rename(struct inode *old_dir, struct dentry *old_dentry, - struct inode *new_dir, struct dentry *new_dentry); + struct inode *new_dir, struct dentry *new_dentry, + unsigned int flags); static int file_open(struct inode *inode, struct file *file); static int file_release(struct inode *inode, struct file *file); @@ -86,7 +87,7 @@ static int dir_rename_wrap(struct user_namespace *ns, struct inode *old_dir, struct dentry *old_dentry, struct inode *new_dir, struct dentry *new_dentry, unsigned int flags) { - return dir_rename(old_dir, old_dentry, new_dir, new_dentry); + return dir_rename(old_dir, old_dentry, new_dir, new_dentry, flags); } static const struct inode_operations incfs_dir_inode_ops = { @@ -1330,7 +1331,8 @@ path_err: } static int dir_rename(struct inode *old_dir, struct dentry *old_dentry, - struct inode *new_dir, struct dentry *new_dentry) + struct inode *new_dir, struct dentry *new_dentry, + unsigned int flags) { struct mount_info *mi = get_mount_info(old_dir->i_sb); struct dentry *backing_old_dentry; @@ -1385,6 +1387,11 @@ static int dir_rename(struct inode *old_dir, struct dentry *old_dentry, rd.old_dentry = backing_old_dentry; rd.new_dir = d_inode(backing_new_dir_dentry); rd.new_dentry = backing_new_dentry; + rd.flags = flags; + rd.old_mnt_userns = &init_user_ns; + rd.new_mnt_userns = &init_user_ns; + rd.delegated_inode = NULL; + error = vfs_rename(&rd); if (error) goto unlock_out;