Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ovl: port ovl_getattr() to cred guard 

Use the scoped ovl cred guard.

Link: https://patch.msgid.link/20251117-work-ovl-cred-guard-v4-14-b31603935724@kernel.org
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
This commit is contained in:
Christian Brauner 2025-11-17 10:33:45 +01:00
parent 7aedfa5a52
commit 81707ae827
No known key found for this signature in database
GPG Key ID: 91C61BC06578DCA2
1 changed files with 17 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
fs/overlayfs/inode.c
View File

@ -151,13 +151,22 @@ static void ovl_map_dev_ino(struct dentry *dentry, struct kstat *stat, int fsid)
}
}
static inline int ovl_real_getattr_nosec(struct super_block *sb,
const struct path *path,
struct kstat *stat, u32 request_mask,
unsigned int flags)
{
with_ovl_creds(sb)
return vfs_getattr_nosec(path, stat, request_mask, flags);
}
int ovl_getattr(struct mnt_idmap *idmap, const struct path *path,
struct kstat *stat, u32 request_mask, unsigned int flags)
{
struct dentry *dentry = path->dentry;
struct super_block *sb = dentry->d_sb;
enum ovl_path_type type;
struct path realpath;
const struct cred *old_cred;
struct inode *inode = d_inode(dentry);
bool is_dir = S_ISDIR(inode->i_mode);
int fsid = 0;
@ -167,10 +176,9 @@ int ovl_getattr(struct mnt_idmap *idmap, const struct path *path,
metacopy_blocks = ovl_is_metacopy_dentry(dentry);
type = ovl_path_real(dentry, &realpath);
old_cred = ovl_override_creds(dentry->d_sb);
err = vfs_getattr_nosec(&realpath, stat, request_mask, flags);
err = ovl_real_getattr_nosec(sb, &realpath, stat, request_mask, flags);
if (err)
goto out;
return err;
/* Report the effective immutable/append-only STATX flags */
generic_fill_statx_attr(inode, stat);
@ -193,10 +201,9 @@ int ovl_getattr(struct mnt_idmap *idmap, const struct path *path,
(!is_dir ? STATX_NLINK : 0);
ovl_path_lower(dentry, &realpath);
err = vfs_getattr_nosec(&realpath, &lowerstat, lowermask,
flags);
err = ovl_real_getattr_nosec(sb, &realpath, &lowerstat, lowermask, flags);
if (err)
goto out;
return err;
/*
* Lower hardlinks may be broken on copy up to different
@ -246,10 +253,10 @@ int ovl_getattr(struct mnt_idmap *idmap, const struct path *path,
ovl_path_lowerdata(dentry, &realpath);
if (realpath.dentry) {
err = vfs_getattr_nosec(&realpath, &lowerdatastat,
lowermask, flags);
err = ovl_real_getattr_nosec(sb, &realpath, &lowerdatastat,
lowermask, flags);
if (err)
goto out;
return err;
} else {
lowerdatastat.blocks =
round_up(stat->size, stat->blksize) >> 9;
@ -277,9 +284,6 @@ int ovl_getattr(struct mnt_idmap *idmap, const struct path *path,
if (!is_dir && ovl_test_flag(OVL_INDEX, d_inode(dentry)))
stat->nlink = dentry->d_inode->i_nlink;
out:
ovl_revert_creds(old_cred);
return err;
}