From: Christian Brauner <brauner@kernel.org>
Date: Mon, 17 Nov 2025 09:33:37 +0000 (+0100)
Subject: ovl: port ovl_create_tmpfile() to cred guard
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5f51dfe768a1ef3b5f478bdfb0597aacf2e080da;p=thirdparty%2Fkernel%2Flinux.git

ovl: port ovl_create_tmpfile() to cred guard

Use the scoped ovl cred guard.

Link: https://patch.msgid.link/20251117-work-ovl-cred-guard-v4-6-b31603935724@kernel.org
Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>
---

diff --git a/fs/overlayfs/dir.c b/fs/overlayfs/dir.c
index e51c53bbf1b89..ef00fc43ee652 100644
--- a/fs/overlayfs/dir.c
+++ b/fs/overlayfs/dir.c
@@ -1317,7 +1317,7 @@ out_unlock:
 static int ovl_create_tmpfile(struct file *file, struct dentry *dentry,
 			      struct inode *inode, umode_t mode)
 {
-	const struct cred *old_cred, *new_cred = NULL;
+	const struct cred *new_cred __free(put_cred) = NULL;
 	struct path realparentpath;
 	struct file *realfile;
 	struct ovl_file *of;
@@ -1326,41 +1326,35 @@ static int ovl_create_tmpfile(struct file *file, struct dentry *dentry,
 	int flags = file->f_flags | OVL_OPEN_FLAGS;
 	int err;
 
-	old_cred = ovl_override_creds(dentry->d_sb);
-	new_cred = ovl_setup_cred_for_create(dentry, inode, mode, old_cred);
-	err = PTR_ERR(new_cred);
-	if (IS_ERR(new_cred)) {
-		new_cred = NULL;
-		goto out_revert_creds;
-	}
-
-	ovl_path_upper(dentry->d_parent, &realparentpath);
-	realfile = backing_tmpfile_open(&file->f_path, flags, &realparentpath,
-					mode, current_cred());
-	err = PTR_ERR_OR_ZERO(realfile);
-	pr_debug("tmpfile/open(%pd2, 0%o) = %i\n", realparentpath.dentry, mode, err);
-	if (err)
-		goto out_revert_creds;
+	scoped_class(override_creds_ovl, old_cred, dentry->d_sb) {
+		new_cred = ovl_setup_cred_for_create(dentry, inode, mode, old_cred);
+		if (IS_ERR(new_cred))
+			return PTR_ERR(new_cred);
+
+		ovl_path_upper(dentry->d_parent, &realparentpath);
+		realfile = backing_tmpfile_open(&file->f_path, flags, &realparentpath,
+						mode, current_cred());
+		err = PTR_ERR_OR_ZERO(realfile);
+		pr_debug("tmpfile/open(%pd2, 0%o) = %i\n", realparentpath.dentry, mode, err);
+		if (err)
+			return err;
 
-	of = ovl_file_alloc(realfile);
-	if (!of) {
-		fput(realfile);
-		err = -ENOMEM;
-		goto out_revert_creds;
-	}
+		of = ovl_file_alloc(realfile);
+		if (!of) {
+			fput(realfile);
+			return -ENOMEM;
+		}
 
-	/* ovl_instantiate() consumes the newdentry reference on success */
-	newdentry = dget(realfile->f_path.dentry);
-	err = ovl_instantiate(dentry, inode, newdentry, false, file);
-	if (!err) {
-		file->private_data = of;
-	} else {
-		dput(newdentry);
-		ovl_file_free(of);
+		/* ovl_instantiate() consumes the newdentry reference on success */
+		newdentry = dget(realfile->f_path.dentry);
+		err = ovl_instantiate(dentry, inode, newdentry, false, file);
+		if (!err) {
+			file->private_data = of;
+		} else {
+			dput(newdentry);
+			ovl_file_free(of);
+		}
 	}
-out_revert_creds:
-	ovl_revert_creds(old_cred);
-	put_cred(new_cred);
 	return err;
 }