The function is only called when rdd->dentry is non-NULL:
if (!err && rdd->first_maybe_whiteout && rdd->dentry)
err = ovl_check_whiteouts(realpath, rdd);
| Caller | Sets rdd->dentry? | Can call ovl_check_whiteouts()? |
|-------------------------------|-------------------|---------------------------------|
| ovl_dir_read_merged() | ✓ Yes (line 430) | ✓ YES |
| ovl_dir_read_impure() | ✗ No | ✗ NO |
| ovl_check_d_type_supported() | ✗ No | ✗ NO |
| ovl_workdir_cleanup_recurse() | ✗ No | ✗ NO |
| ovl_indexdir_cleanup() | ✗ No | ✗ NO |
VFS layer (.iterate_shared file operation)
→ ovl_iterate()
[CRED OVERRIDE]
→ ovl_cache_get()
→ ovl_dir_read_merged()
→ ovl_dir_read()
→ ovl_check_whiteouts()
[CRED REVERT]
ovl_unlink()
→ ovl_do_remove()
→ ovl_check_empty_dir()
[CRED OVERRIDE]
→ ovl_dir_read_merged()
→ ovl_dir_read()
→ ovl_check_whiteouts()
[CRED REVERT]
ovl_rename()
→ ovl_check_empty_dir()
[CRED OVERRIDE]
→ ovl_dir_read_merged()
→ ovl_dir_read()
→ ovl_check_whiteouts()
[CRED REVERT]
All valid callchains already override credentials so drop the override.
Link: https://patch.msgid.link/20251117-work-ovl-cred-guard-v4-24-b31603935724@kernel.org
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
static int ovl_check_whiteouts(const struct path *path, struct ovl_readdir_data *rdd)
{
- int err = 0;
struct dentry *dentry, *dir = path->dentry;
- const struct cred *old_cred;
-
- old_cred = ovl_override_creds(rdd->dentry->d_sb);
while (rdd->first_maybe_whiteout) {
struct ovl_cache_entry *p =
p->is_whiteout = ovl_is_whiteout(dentry);
dput(dentry);
} else if (PTR_ERR(dentry) == -EINTR) {
- err = -EINTR;
- break;
+ return -EINTR;
}
}
- ovl_revert_creds(old_cred);
- return err;
+ return 0;
}
static inline int ovl_dir_read(const struct path *realpath,
projects / thirdparty / kernel / linux.git / commitdiff
