[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241105193514.828616-5-vinicius.gomes@intel.com>
Date: Tue, 5 Nov 2024 11:35:14 -0800
From: Vinicius Costa Gomes <vinicius.gomes@...el.com>
To: brauner@...nel.org,
amir73il@...il.com,
hu1.chen@...el.com
Cc: miklos@...redi.hu,
malini.bhandaru@...el.com,
tim.c.chen@...el.com,
mikko.ylinen@...el.com,
linux-unionfs@...r.kernel.org,
linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org,
Vinicius Costa Gomes <vinicius.gomes@...el.com>
Subject: [PATCH overlayfs-next v3 4/4] fs/overlayfs: Drop creds usage decrement for ovl_setup_for_create()
After the previous commit, we do not need to modify the mounter
credentials (returned by override_creds()) 'usage' counter when
preparing for "create" operations, as 'usage' will be kept constant.
Add a warning to verify that we are indeed working with the mounter
credentials (stored in the superblock). Failure in this assumption
means that creds may leak.
Suggested-by: Christian Brauner <brauner@...nel.org>
Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@...el.com>
---
fs/overlayfs/dir.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/fs/overlayfs/dir.c b/fs/overlayfs/dir.c
index 74769d47c8ae..de012db6c169 100644
--- a/fs/overlayfs/dir.c
+++ b/fs/overlayfs/dir.c
@@ -571,7 +571,12 @@ static int ovl_setup_cred_for_create(struct dentry *dentry, struct inode *inode,
put_cred(override_cred);
return err;
}
- put_cred(override_creds(override_cred));
+
+ /*
+ * We must be called with creator creds already, otherwise we risk
+ * leaking creds.
+ */
+ WARN_ON_ONCE(override_creds(override_cred) != ovl_creds(dentry->d_sb));
put_cred(override_cred);
return 0;
--
2.47.0
Powered by blists - more mailing lists