ovl: port ovl_getattr() to cred guard

Use the scoped ovl cred guard.

Link: https://patch.msgid.link/20251117-work-ovl-cred-guard-v4-14-b31603935724@kernel.org
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>

diff --git a/fs/overlayfs/inode.c b/fs/overlayfs/inode.c
index 7b28318b7f31375ccb732e34b9b69d484fa3b2b6..37c56218f9ac345727fd1d29f6046f19d3ea945c 100644 (file)
--- a/fs/overlayfs/inode.c
+++ b/fs/overlayfs/inode.c
@@ -151,13 +151,22 @@ static void ovl_map_dev_ino(struct dentry *dentry, struct kstat *stat, int fsid)
        }
 }
 
+static inline int ovl_real_getattr_nosec(struct super_block *sb,
+                                        const struct path *path,
+                                        struct kstat *stat, u32 request_mask,
+                                        unsigned int flags)
+{
+       with_ovl_creds(sb)
+               return vfs_getattr_nosec(path, stat, request_mask, flags);
+}
+
 int ovl_getattr(struct mnt_idmap *idmap, const struct path *path,
                struct kstat *stat, u32 request_mask, unsigned int flags)
 {
        struct dentry *dentry = path->dentry;
+       struct super_block *sb = dentry->d_sb;
        enum ovl_path_type type;
        struct path realpath;
-       const struct cred *old_cred;
        struct inode *inode = d_inode(dentry);
        bool is_dir = S_ISDIR(inode->i_mode);
        int fsid = 0;
@@ -167,10 +176,9 @@ int ovl_getattr(struct mnt_idmap *idmap, const struct path *path,
        metacopy_blocks = ovl_is_metacopy_dentry(dentry);
 
        type = ovl_path_real(dentry, &realpath);
-       old_cred = ovl_override_creds(dentry->d_sb);
-       err = vfs_getattr_nosec(&realpath, stat, request_mask, flags);
+       err = ovl_real_getattr_nosec(sb, &realpath, stat, request_mask, flags);
        if (err)
-               goto out;
+               return err;
 
        /* Report the effective immutable/append-only STATX flags */
        generic_fill_statx_attr(inode, stat);
@@ -193,10 +201,9 @@ int ovl_getattr(struct mnt_idmap *idmap, const struct path *path,
                                        (!is_dir ? STATX_NLINK : 0);
 
                        ovl_path_lower(dentry, &realpath);
-                       err = vfs_getattr_nosec(&realpath, &lowerstat, lowermask,
-                                               flags);
+                       err = ovl_real_getattr_nosec(sb, &realpath, &lowerstat, lowermask, flags);
                        if (err)
-                               goto out;
+                               return err;
 
                        /*
                         * Lower hardlinks may be broken on copy up to different
@@ -246,10 +253,10 @@ int ovl_getattr(struct mnt_idmap *idmap, const struct path *path,
 
                        ovl_path_lowerdata(dentry, &realpath);
                        if (realpath.dentry) {
-                               err = vfs_getattr_nosec(&realpath, &lowerdatastat,
-                                                       lowermask, flags);
+                               err = ovl_real_getattr_nosec(sb, &realpath, &lowerdatastat,
+                                                            lowermask, flags);
                                if (err)
-                                       goto out;
+                                       return err;
                        } else {
                                lowerdatastat.blocks =
                                        round_up(stat->size, stat->blksize) >> 9;
@@ -277,9 +284,6 @@ int ovl_getattr(struct mnt_idmap *idmap, const struct path *path,
        if (!is_dir && ovl_test_flag(OVL_INDEX, d_inode(dentry)))
                stat->nlink = dentry->d_inode->i_nlink;
 
-out:
-       ovl_revert_creds(old_cred);
-
        return err;
 }