mirror of https://github.com/torvalds/linux.git
ovl: port ovl_create_tmpfile() to new ovl_override_creator_creds cleanup guard
This clearly indicates the double-credential override and makes the code a lot easier to grasp with one glance. Link: https://patch.msgid.link/20251117-work-ovl-cred-guard-prepare-v2-2-bd1c97a36d7b@kernel.org Reviewed-by: Amir Goldstein <amir73il@gmail.com> Signed-off-by: Christian Brauner <brauner@kernel.org>
This commit is contained in:
Christian Brauner
parent
f37b334728
commit
8d7fc461e4
|
|
@ -1381,7 +1381,6 @@ static int ovl_rename(struct mnt_idmap *idmap, struct inode *olddir,
|
||||||
static int ovl_create_tmpfile(struct file *file, struct dentry *dentry,
|
static int ovl_create_tmpfile(struct file *file, struct dentry *dentry,
|
||||||
struct inode *inode, umode_t mode)
|
struct inode *inode, umode_t mode)
|
||||||
{
|
{
|
||||||
const struct cred *new_cred __free(put_cred) = NULL;
|
|
||||||
struct path realparentpath;
|
struct path realparentpath;
|
||||||
struct file *realfile;
|
struct file *realfile;
|
||||||
struct ovl_file *of;
|
struct ovl_file *of;
|
||||||
|
|
@ -1390,33 +1389,34 @@ static int ovl_create_tmpfile(struct file *file, struct dentry *dentry,
|
||||||
int flags = file->f_flags | OVL_OPEN_FLAGS;
|
int flags = file->f_flags | OVL_OPEN_FLAGS;
|
||||||
int err;
|
int err;
|
||||||
|
|
||||||
scoped_class(override_creds_ovl, old_cred, dentry->d_sb) {
|
with_ovl_creds(dentry->d_sb) {
|
||||||
new_cred = ovl_setup_cred_for_create(dentry, inode, mode, old_cred);
|
scoped_class(ovl_override_creator_creds, cred, dentry, inode, mode) {
|
||||||
if (IS_ERR(new_cred))
|
if (IS_ERR(cred))
|
||||||
return PTR_ERR(new_cred);
|
return PTR_ERR(cred);
|
||||||
|
|
||||||
ovl_path_upper(dentry->d_parent, &realparentpath);
|
ovl_path_upper(dentry->d_parent, &realparentpath);
|
||||||
realfile = backing_tmpfile_open(&file->f_path, flags, &realparentpath,
|
realfile = backing_tmpfile_open(&file->f_path, flags, &realparentpath,
|
||||||
mode, current_cred());
|
mode, current_cred());
|
||||||
err = PTR_ERR_OR_ZERO(realfile);
|
err = PTR_ERR_OR_ZERO(realfile);
|
||||||
pr_debug("tmpfile/open(%pd2, 0%o) = %i\n", realparentpath.dentry, mode, err);
|
pr_debug("tmpfile/open(%pd2, 0%o) = %i\n", realparentpath.dentry, mode, err);
|
||||||
if (err)
|
if (err)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
of = ovl_file_alloc(realfile);
|
of = ovl_file_alloc(realfile);
|
||||||
if (!of) {
|
if (!of) {
|
||||||
fput(realfile);
|
fput(realfile);
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ovl_instantiate() consumes the newdentry reference on success */
|
/* ovl_instantiate() consumes the newdentry reference on success */
|
||||||
newdentry = dget(realfile->f_path.dentry);
|
newdentry = dget(realfile->f_path.dentry);
|
||||||
err = ovl_instantiate(dentry, inode, newdentry, false, file);
|
err = ovl_instantiate(dentry, inode, newdentry, false, file);
|
||||||
if (!err) {
|
if (!err) {
|
||||||
file->private_data = of;
|
file->private_data = of;
|
||||||
} else {
|
} else {
|
||||||
dput(newdentry);
|
dput(newdentry);
|
||||||
ovl_file_free(of);
|
ovl_file_free(of);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return err;
|
return err;
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue