net/dns_resolver: use credential guards in dns_query()

Use credential guards for scoped credential override with automatic
restoration on scope exit.

Link: https://patch.msgid.link/20251103-work-creds-guards-simple-v1-16-a3e156839e7f@kernel.org
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>

diff --git a/net/dns_resolver/dns_query.c b/net/dns_resolver/dns_query.c
index 82b084cc1cc6349bb532d5ada555b0bcbb1cdbea..53da6298444758b4f4482d264c907071e2ae8c6a 100644 (file)
--- a/net/dns_resolver/dns_query.c
+++ b/net/dns_resolver/dns_query.c
@@ -78,7 +78,6 @@ int dns_query(struct net *net,
 {
        struct key *rkey;
        struct user_key_payload *upayload;
-       const struct cred *saved_cred;
        size_t typelen, desclen;
        char *desc, *cp;
        int ret, len;
@@ -124,9 +123,8 @@ int dns_query(struct net *net,
        /* make the upcall, using special credentials to prevent the use of
         * add_key() to preinstall malicious redirections
         */
-       saved_cred = override_creds(dns_resolver_cache);
-       rkey = request_key_net(&key_type_dns_resolver, desc, net, options);
-       revert_creds(saved_cred);
+       scoped_with_creds(dns_resolver_cache)
+               rkey = request_key_net(&key_type_dns_resolver, desc, net, options);
        kfree(desc);
        if (IS_ERR(rkey)) {
                ret = PTR_ERR(rkey);