filelock: fix potential use-after-free in posix_lock_inode

jira VULN-8259
cve CVE-2024-41049
commit-author Jeff Layton <jlayton@kernel.org>
commit 1b3ec4f

Light Hsieh reported a KASAN UAF warning in trace_posix_lock_inode().
The request pointer had been changed earlier to point to a lock entry
that was added to the inode's list. However, before the tracepoint could
fire, another task raced in and freed that lock.

Fix this by moving the tracepoint inside the spinlock, which should
ensure that this doesn't happen.

Fixes: 74f6f59 ("locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock")
Link: https://lore.kernel.org/linux-fsdevel/724ffb0a2962e912ea62bb0515deadf39c325112.camel@kernel.org/
	Reported-by: Light Hsieh (謝明燈) <Light.Hsieh@mediatek.com>
	Signed-off-by: Jeff Layton <jlayton@kernel.org>
Link: https://lore.kernel.org/r/20240702-filelock-6-10-v1-1-96e766aadc98@kernel.org
	Reviewed-by: Alexander Aring <aahringo@redhat.com>
	Signed-off-by: Christian Brauner <brauner@kernel.org>
(cherry picked from commit 1b3ec4f)
	Signed-off-by: Brett Mastbergen <bmastbergen@ciq.com>

Author: bmastbergen

fs/locks.c

@@ -1227,9 +1227,9 @@ static int posix_lock_inode(struct inode *inode, struct file_lock *request,
 		locks_wake_up_blocks(left);
 	}
  out:
+	trace_posix_lock_inode(inode, request, error);
 	spin_unlock(&ctx->flc_lock);
 	percpu_up_read(&file_rwsem);
-	trace_posix_lock_inode(inode, request, error);
 	/*
 	 * Free any unused locks.
 	 */