execute: drop 'seen_creds' set

When checking whether we already loaded a credential before, let's just
use faccessat() in the credential dir we are populating. First of all,
we already do it exactly that way when appliying SetCredential= settings
later. Secondly, this is not performance relevant, and by using
faccessat() things simply become a lot simpler.

diff --git a/src/core/execute.c b/src/core/execute.c
index de6ea283665b2375557d846d49c192ca5b951f5f..a0c58ac255e1fa548e58b61ef03f53c2ccd96dd5 100644 (file)
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -2698,7 +2698,6 @@ static int load_credential(
 }
 
 struct load_cred_args {
-        Set *seen_creds;
         const ExecContext *context;
         const ExecParameters *params;
         bool encrypted;
@@ -2735,14 +2734,12 @@ static int load_cred_recurse_dir_cb(
         if (!credential_name_valid(sub_id))
                 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "Credential would get ID %s, which is not valid, refusing", sub_id);
 
-        if (set_contains(args->seen_creds, sub_id)) {
+        if (faccessat(args->dfd, sub_id, F_OK, AT_SYMLINK_NOFOLLOW) >= 0) {
                 log_debug("Skipping credential with duplicated ID %s at %s", sub_id, path);
                 return RECURSE_DIR_CONTINUE;
         }
-
-        r = set_put_strdup(&args->seen_creds, sub_id);
-        if (r < 0)
-                return r;
+        if (errno != ENOENT)
+                return log_debug_errno(errno, "Failed to test if credential %s exists: %m", sub_id);
 
         r = load_credential(
                         args->context,
@@ -2772,7 +2769,6 @@ static int acquire_credentials(
 
         uint64_t left = CREDENTIALS_TOTAL_SIZE_MAX;
         _cleanup_close_ int dfd = -1;
-        _cleanup_set_free_ Set *seen_creds = NULL;
         ExecLoadCredential *lc;
         ExecSetCredential *sc;
         int r;
@@ -2784,10 +2780,6 @@ static int acquire_credentials(
         if (dfd < 0)
                 return -errno;
 
-        seen_creds = set_new(&string_hash_ops_free);
-        if (!seen_creds)
-                return -ENOMEM;
-
         /* First, load credentials off disk (or acquire via AF_UNIX socket) */
         HASHMAP_FOREACH(lc, context->load_credentials) {
                 _cleanup_close_ int sub_fd = -1;
@@ -2804,10 +2796,6 @@ static int acquire_credentials(
                 if (sub_fd < 0) {
                         /* Regular file */
 
-                        r = set_put_strdup(&seen_creds, lc->id);
-                        if (r < 0)
-                                return r;
-
                         r = load_credential(
                                         context,
                                         params,
@@ -2834,7 +2822,6 @@ static int acquire_credentials(
                                         RECURSE_DIR_IGNORE_DOT|RECURSE_DIR_ENSURE_TYPE,
                                         load_cred_recurse_dir_cb,
                                         &(struct load_cred_args) {
-                                                .seen_creds = seen_creds,
                                                 .context = context,
                                                 .params = params,
                                                 .encrypted = lc->encrypted,