From: Christian Brauner <brauner@kernel.org>
To: Miklos Szeredi <miklos@szeredi.hu>, Amir Goldstein <amir73il@gmail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
linux-unionfs@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Christian Brauner <brauner@kernel.org>
Subject: [PATCH v2 05/42] ovl: port ovl_do_remove() to cred guard
Date: Thu, 13 Nov 2025 17:37:10 +0100 [thread overview]
Message-ID: <20251113-work-ovl-cred-guard-v2-5-c08940095e90@kernel.org> (raw)
In-Reply-To: <20251113-work-ovl-cred-guard-v2-0-c08940095e90@kernel.org>
Use the scoped ovl cred guard.
Signed-off-by: Christian Brauner <brauner@kernel.org>
---
fs/overlayfs/dir.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/fs/overlayfs/dir.c b/fs/overlayfs/dir.c
index 63f2b3d07f54..1a801fa40dd1 100644
--- a/fs/overlayfs/dir.c
+++ b/fs/overlayfs/dir.c
@@ -903,7 +903,6 @@ static void ovl_drop_nlink(struct dentry *dentry)
static int ovl_do_remove(struct dentry *dentry, bool is_dir)
{
int err;
- const struct cred *old_cred;
bool lower_positive = ovl_lower_positive(dentry);
LIST_HEAD(list);
@@ -922,12 +921,12 @@ static int ovl_do_remove(struct dentry *dentry, bool is_dir)
if (err)
goto out;
- old_cred = ovl_override_creds(dentry->d_sb);
+ with_ovl_creds(dentry->d_sb) {
if (!lower_positive)
err = ovl_remove_upper(dentry, is_dir, &list);
else
err = ovl_remove_and_whiteout(dentry, &list);
- ovl_revert_creds(old_cred);
+ }
if (!err) {
if (is_dir)
clear_nlink(dentry->d_inode);
--
2.47.3
next prev parent reply other threads:[~2025-11-13 16:37 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-13 16:37 [PATCH v2 00/42] ovl: convert to cred guard Christian Brauner
2025-11-13 16:37 ` [PATCH v2 01/42] ovl: add override_creds cleanup guard extension for overlayfs Christian Brauner
2025-11-13 16:37 ` [PATCH v2 02/42] ovl: port ovl_copy_up_flags() to cred guards Christian Brauner
2025-11-13 16:37 ` [PATCH v2 03/42] ovl: port ovl_create_or_link() to cred guard Christian Brauner
2025-11-13 16:37 ` [PATCH v2 04/42] ovl: port ovl_set_link_redirect() " Christian Brauner
2025-11-13 16:37 ` Christian Brauner [this message]
2025-11-13 16:37 ` [PATCH v2 06/42] ovl: port ovl_create_tmpfile() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 07/42] ovl: port ovl_open_realfile() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 08/42] ovl: port ovl_llseek() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 09/42] ovl: port ovl_fsync() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 10/42] ovl: port ovl_fallocate() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 11/42] ovl: port ovl_fadvise() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 12/42] ovl: port ovl_flush() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 13/42] ovl: port ovl_setattr() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 14/42] ovl: port ovl_getattr() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 15/42] ovl: port ovl_permission() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 16/42] ovl: port ovl_get_link() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 17/42] ovl: port do_ovl_get_acl() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 18/42] ovl: port ovl_set_or_remove_acl() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 19/42] ovl: port ovl_fiemap() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 20/42] ovl: port ovl_fileattr_set() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 21/42] ovl: port ovl_fileattr_get() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 22/42] ovl: port ovl_maybe_validate_verity() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 23/42] ovl: port ovl_maybe_lookup_lowerdata() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 24/42] ovl: don't override credentials for ovl_check_whiteouts() Christian Brauner
2025-11-13 16:37 ` [PATCH v2 25/42] ovl: refactor ovl_iterate() and port to cred guard Christian Brauner
2025-11-13 16:37 ` [PATCH v2 26/42] ovl: port ovl_dir_llseek() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 27/42] ovl: port ovl_check_empty_dir() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 28/42] ovl: port ovl_nlink_start() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 29/42] ovl: port ovl_nlink_end() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 30/42] ovl: port ovl_xattr_set() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 31/42] ovl: port ovl_xattr_get() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 32/42] ovl: port ovl_listxattr() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 33/42] ovl: refactor ovl_rename() Christian Brauner
2025-11-13 16:37 ` [PATCH v2 34/42] ovl: port ovl_rename() to cred guard Christian Brauner
2025-11-13 16:37 ` [PATCH v2 35/42] ovl: port ovl_copyfile() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 36/42] ovl: refactor ovl_lookup() Christian Brauner
2025-11-13 16:37 ` [PATCH v2 37/42] ovl: port ovl_lookup() to cred guard Christian Brauner
2025-11-13 16:37 ` [PATCH v2 38/42] ovl: port ovl_lower_positive() " Christian Brauner
2025-11-13 16:37 ` [PATCH v2 39/42] ovl: refactor ovl_fill_super() Christian Brauner
2025-11-13 16:37 ` [PATCH v2 40/42] ovl: port ovl_fill_super() to cred guard Christian Brauner
2025-11-13 16:37 ` [PATCH v2 41/42] ovl: remove ovl_revert_creds() Christian Brauner
2025-11-13 16:37 ` [PATCH v2 42/42] ovl: detect double credential overrides Christian Brauner
2025-11-13 18:42 ` Amir Goldstein
2025-11-13 21:31 ` Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251113-work-ovl-cred-guard-v2-5-c08940095e90@kernel.org \
--to=brauner@kernel.org \
--cc=amir73il@gmail.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-unionfs@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).