Gentwo Git Trees - linux/.git/commit

author	NeilBrown <neil@brown.name>
	Thu, 13 Nov 2025 00:18:29 +0000 (11:18 +1100)
committer	Christian Brauner <brauner@kernel.org>
	Fri, 14 Nov 2025 12:15:56 +0000 (13:15 +0100)
commit	c9ba789dad15ba65662bba17595c0aeaa0cfcf1c
tree	d6eaf6573d9222905a67f12a4015d9a85a47eeea	tree \| snapshot
parent	bd6ede8a06e89ca5a94a8b51cea792705d1b8ca2	commit \| diff

VFS: introduce start_creating_noperm() and start_removing_noperm()

xfs, fuse, ipc/mqueue need variants of start_creating or start_removing
which do not check permissions.
This patch adds _noperm versions of these functions.

Note that do_mq_open() was only calling mntget() so it could call
path_put() - it didn't really need an extra reference on the mnt.
Now it doesn't call mntget() and uses end_creating() which does
the dput() half of path_put().

Also mq_unlink() previously passed
   d_inode(dentry->d_parent)
as the dir inode to vfs_unlink().  This is after locking
   d_inode(mnt->mnt_root)
These two inodes are the same, but normally calls use the textual
parent.
So I've changes the vfs_unlink() call to be given d_inode(mnt->mnt_root).

Reviewed-by: Amir Goldstein <amir73il@gmail.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: NeilBrown <neil@brown.name>
--
changes since v2:
- dir arg passed to vfs_unlink() in mq_unlink() changed to match
   the dir passed to lookup_noperm()
- restore assignment to path->mnt even though the mntget() is removed.

Link: https://patch.msgid.link/20251113002050.676694-7-neilb@ownmail.net
Tested-by: syzbot@syzkaller.appspotmail.com
Signed-off-by: Christian Brauner <brauner@kernel.org>

fs/fuse/dir.c		diff \| blob \| blame \| history
fs/namei.c		diff \| blob \| blame \| history
fs/xfs/scrub/orphanage.c		diff \| blob \| blame \| history
include/linux/namei.h		diff \| blob \| blame \| history
ipc/mqueue.c		diff \| blob \| blame \| history