From b7b4f7554bcc6b9ee0ec0404999bf080adad1f3c Mon Sep 17 00:00:00 2001
From: Christian Brauner <brauner@kernel.org>
Date: Mon, 3 Nov 2025 15:57:30 +0100
Subject: [PATCH] sev-dev: use override credential guards

Use override credential guards for scoped credential override with
automatic restoration on scope exit.

Link: https://patch.msgid.link/20251103-work-creds-guards-prepare_creds-v1-4-b447b82f2c9b@kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
 drivers/crypto/ccp/sev-dev.c | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index be3e5454c285..b28a6f50daaa 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -260,8 +260,6 @@ static int sev_cmd_buffer_len(int cmd)
 static struct file *open_file_as_root(const char *filename, int flags, umode_t mode)
 {
 	struct path root __free(path_put) = {};
-	struct file *fp;
-	const struct cred *old_cred;
 
 	task_lock(&init_task);
 	get_fs_root(init_task.fs, &root);
@@ -272,13 +270,9 @@ static struct file *open_file_as_root(const char *filename, int flags, umode_t m
 		return ERR_PTR(-ENOMEM);
 
 	cred->fsuid = GLOBAL_ROOT_UID;
-	old_cred = override_creds(cred);
-
-	fp = file_open_root(&root, filename, flags, mode);
-
-	revert_creds(old_cred);
 
-	return fp;
+	scoped_with_creds(cred)
+		return file_open_root(&root, filename, flags, mode);
 }
 
 static int sev_read_init_ex_file(void)
-- 
2.47.3