Merge patch series "ovl: convert creation credential override to cred guard"
Christian Brauner <brauner@kernel.org> says:
This cleans up the creation specific credential override.
The current code to override credentials for creation operations is
pretty difficult to understand as we override the credentials twice:
(1) override with the mounter's credentials
(2) copy the mounts credentials and override the fs{g,u}id with the inode {u,g}id
And then we elide the revert_creds() because it would be an idempotent
revert. That elision doesn't buy us anything anymore though because it's
all reference count less anyway.
The fact that this is done in a function and that the revert is
happening in the original override makes this a lot to grasp.
By introducing a cleanup guard for the creation case we can make this a
lot easier to understand and extremely visually prevalent:
with_ovl_creds(dentry->d_sb) {
scoped_class(prepare_creds_ovl, cred, dentry, inode, mode) {
if (IS_ERR(cred))
return PTR_ERR(cred);
ovl_path_upper(dentry->d_parent, &realparentpath);
/* more stuff you want to do */
}
I think this is a big improvement over what we have now.
* patches from https://patch.msgid.link/
20251117-work-ovl-cred-guard-prepare-v2-0-
bd1c97a36d7b@kernel.org:
ovl: drop ovl_setup_cred_for_create()
ovl: port ovl_create_or_link() to new ovl_override_creator_creds cleanup guard
ovl: mark ovl_setup_cred_for_create() as unused temporarily
ovl: reflow ovl_create_or_link()
ovl: port ovl_create_tmpfile() to new ovl_override_creator_creds cleanup guard
ovl: add ovl_override_creator_creds cred guard
Link: https://patch.msgid.link/20251117-work-ovl-cred-guard-prepare-v2-0-bd1c97a36d7b@kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
gentwo / linux / .git / commit