ovl: port ovl_lower_positive() to cred guard

Use the scoped ovl cred guard.

Link: https://patch.msgid.link/20251117-work-ovl-cred-guard-v4-39-b31603935724@kernel.org
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>

diff --git a/fs/overlayfs/namei.c b/fs/overlayfs/namei.c
index 61c2dbd49b6fe9baab85c2a9634bc687d540a369..e9a69c95be918f17e7f31541d66259e5b1cb36fd 100644 (file)
--- a/fs/overlayfs/namei.c
+++ b/fs/overlayfs/namei.c
@@ -1418,7 +1418,6 @@ bool ovl_lower_positive(struct dentry *dentry)
 {
        struct ovl_entry *poe = OVL_E(dentry->d_parent);
        const struct qstr *name = &dentry->d_name;
-       const struct cred *old_cred;
        unsigned int i;
        bool positive = false;
        bool done = false;
@@ -1434,46 +1433,45 @@ bool ovl_lower_positive(struct dentry *dentry)
        if (!ovl_dentry_upper(dentry))
                return true;
 
-       old_cred = ovl_override_creds(dentry->d_sb);
-       /* Positive upper -> have to look up lower to see whether it exists */
-       for (i = 0; !done && !positive && i < ovl_numlower(poe); i++) {
-               struct dentry *this;
-               struct ovl_path *parentpath = &ovl_lowerstack(poe)[i];
+       with_ovl_creds(dentry->d_sb) {
+               /* Positive upper -> have to look up lower to see whether it exists */
+               for (i = 0; !done && !positive && i < ovl_numlower(poe); i++) {
+                       struct dentry *this;
+                       struct ovl_path *parentpath = &ovl_lowerstack(poe)[i];
 
-               /*
-                * We need to make a non-const copy of dentry->d_name,
-                * because lookup_one_positive_unlocked() will hash name
-                * with parentpath base, which is on another (lower fs).
-                */
-               this = lookup_one_positive_unlocked(
-                               mnt_idmap(parentpath->layer->mnt),
-                               &QSTR_LEN(name->name, name->len),
-                               parentpath->dentry);
-               if (IS_ERR(this)) {
-                       switch (PTR_ERR(this)) {
-                       case -ENOENT:
-                       case -ENAMETOOLONG:
-                               break;
-
-                       default:
-                               /*
-                                * Assume something is there, we just couldn't
-                                * access it.
-                                */
-                               positive = true;
-                               break;
+                       /*
+                        * We need to make a non-const copy of dentry->d_name,
+                        * because lookup_one_positive_unlocked() will hash name
+                        * with parentpath base, which is on another (lower fs).
+                        */
+                       this = lookup_one_positive_unlocked(mnt_idmap(parentpath->layer->mnt),
+                                                           &QSTR_LEN(name->name, name->len),
+                                                           parentpath->dentry);
+                       if (IS_ERR(this)) {
+                               switch (PTR_ERR(this)) {
+                               case -ENOENT:
+                               case -ENAMETOOLONG:
+                                       break;
+
+                               default:
+                                       /*
+                                        * Assume something is there, we just couldn't
+                                        * access it.
+                                        */
+                                       positive = true;
+                                       break;
+                               }
+                       } else {
+                               struct path path = {
+                                       .dentry = this,
+                                       .mnt    = parentpath->layer->mnt,
+                               };
+                               positive = !ovl_path_is_whiteout(OVL_FS(dentry->d_sb), &path);
+                               done = true;
+                               dput(this);
                        }
-               } else {
-                       struct path path = {
-                               .dentry = this,
-                               .mnt = parentpath->layer->mnt,
-                       };
-                       positive = !ovl_path_is_whiteout(OVL_FS(dentry->d_sb), &path);
-                       done = true;
-                       dput(this);
                }
        }
-       ovl_revert_creds(old_cred);
 
        return positive;
 }