KASAN: use-after-free Read in path_lookupat

[Linus Torvalds]

On Wed, Apr 10, 2019 at 8:11 AM Al Viro <viro at zeniv.linux.org.uk> wrote:
>
> Both are in vfs.git#fixes.  Which way should that go - directly or
> via linux-security.git?

Just do it directly. I doubt you can trigger them for securityfs and
apparmourfs, since normal users have no way to remove any files from
them, so the race with final unlink sounds fairly irrelevant in
practice, no?

               Linus