OpenAFS Master Repository branch, master, updated. openafs-devel-1_9_2-264-g37aead6

[Gerrit Code Review]

The following commit has been merged in the master branch:
commit 37aead65271d96dc2cc408e0a299aaab734892fa
Author: Mark Vitale <mvitale@sinenomine.net>
Date:   Fri Jul 18 14:10:07 2025 -0400

    afs: Get tc->lock before release in afs_lookup
    
    Since OpenAFS 1.0, the 'locktype' parameter has been ignored for many
    libafs APIs.  This is a vestigial remnant of fine-grained locking code
    that was in older versions of AFS, but was not open-sourced with OpenAFS
    1.0.
    
    Commit d8237165f73f (afsd -dynroot-sparse mode for hushed cells) added
    logic to afs_lookup() that erroneously assumed that afs_GetCellByName()
    returns a cell struct that has been locked with the specified
    locktype=WRITE_LOCK.  After modifying the returned cell struct, it then
    issued ReleaseWriteLock(&tc->lock), which succeeded even though the lock
    was not actually held.
    
    Before commit b1082ff53ea7 (afs: Assert harder in kernel lock functions),
    this unbalanced ReleaseWriteLock() could theoretically unlock a write-lock
    that another thread held, potentially causing undefined behavior. After
    that commit, this ReleaseWriteLock() now results in a kernel panic
    because the write lock is not held by us.
    
    To avoid all of this, call ObtainWriteLock(&tc->lock) to 1) properly
    protect the change to the cell struct and 2) prevent the panic.
    
    Change-Id: I426037ac70c7977167e2cb8d4990ecfda96622ea
    Reviewed-on: https://gerrit.openafs.org/16443
    Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
    Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
    Tested-by: BuildBot <buildbot@rampaginggeek.com>
    Reviewed-by: Andrew Deason <adeason@sinenomine.net>

 src/afs/VNOPS/afs_vnop_lookup.c | 1 +
 1 file changed, 1 insertion(+)

-- 
OpenAFS Master Repository