ret = -ENOMEM;
goto out;
}
- old_cred = override_creds_light(get_new_cred(kern_cred));
+ old_cred = override_creds(get_new_cred(kern_cred));
ret = fw_get_filesystem_firmware(device, fw->priv, "", NULL);
if (!cred)
return ERR_PTR(-ENOMEM);
cred->fsuid = GLOBAL_ROOT_UID;
- old_cred = override_creds_light(get_new_cred(cred));
+ old_cred = override_creds(get_new_cred(cred));
fp = file_open_root(&root, filename, flags, mode);
path_put(&root);
ret = -ENOMEM;
goto out;
}
- old_cred = override_creds_light(get_new_cred(kern_cred));
+ old_cred = override_creds(get_new_cred(kern_cred));
target_init_dbroot();
put_cred(revert_creds_light(old_cred));
put_cred(kern_cred);
static void aio_fsync_work(struct work_struct *work)
{
struct aio_kiocb *iocb = container_of(work, struct aio_kiocb, fsync.work);
- const struct cred *old_cred = override_creds_light(get_new_cred(iocb->fsync.creds));
+ const struct cred *old_cred = override_creds(get_new_cred(iocb->fsync.creds));
iocb->ki_res.res = vfs_fsync(iocb->fsync.file, iocb->fsync.datasync);
put_cred(revert_creds_light(old_cred));
!(file->f_mode & FMODE_CAN_ODIRECT))
return -EINVAL;
- old_cred = override_creds_light(ctx->cred);
+ old_cred = override_creds(ctx->cred);
if (is_sync_kiocb(iocb)) {
rwf_t rwf = iocb_to_rw_flags(flags);
*/
flags &= ~IOCB_DIO_CALLER_COMP;
- old_cred = override_creds_light(ctx->cred);
+ old_cred = override_creds(ctx->cred);
if (is_sync_kiocb(iocb)) {
rwf_t rwf = iocb_to_rw_flags(flags);
if (WARN_ON_ONCE(!(in->f_mode & FMODE_BACKING)))
return -EIO;
- old_cred = override_creds_light(ctx->cred);
+ old_cred = override_creds(ctx->cred);
ret = vfs_splice_read(in, &iocb->ki_pos, pipe, len, flags);
revert_creds_light(old_cred);
if (ret)
return ret;
- old_cred = override_creds_light(ctx->cred);
+ old_cred = override_creds(ctx->cred);
file_start_write(out);
ret = out->f_op->splice_write(pipe, out, &iocb->ki_pos, len, flags);
file_end_write(out);
vma_set_file(vma, file);
- old_cred = override_creds_light(ctx->cred);
+ old_cred = override_creds(ctx->cred);
ret = call_mmap(vma->vm_file, vma);
revert_creds_light(old_cred);
* didn't matter much as only a privileged process could open
* the register file.
*/
- old_cred = override_creds_light(get_new_cred(file->f_cred));
+ old_cred = override_creds(get_new_cred(file->f_cred));
f = open_exec(e->interpreter);
put_cred(revert_creds_light(old_cred));
if (IS_ERR(f)) {
static inline void cachefiles_begin_secure(struct cachefiles_cache *cache,
const struct cred **_saved_cred)
{
- *_saved_cred = override_creds_light(get_new_cred(cache->cache_cred));
+ *_saved_cred = override_creds(get_new_cred(cache->cache_cred));
}
static inline void cachefiles_end_secure(struct cachefiles_cache *cache,
if (retval < 0)
goto fail_creds;
- old_cred = override_creds_light(get_new_cred(cred));
+ old_cred = override_creds(get_new_cred(cred));
ispipe = format_corename(&cn, &cprm, &argv, &argc);
struct iov_iter iter;
ssize_t status;
- save_cred = override_creds_light(get_new_cred(filp->f_cred));
+ save_cred = override_creds(get_new_cred(filp->f_cred));
nfs_local_iter_init(&iter, iocb, READ);
ssize_t status;
current->flags |= PF_LOCAL_THROTTLE | PF_MEMALLOC_NOIO;
- save_cred = override_creds_light(get_new_cred(filp->f_cred));
+ save_cred = override_creds(get_new_cred(filp->f_cred));
nfs_local_iter_init(&iter, iocb, WRITE);
const struct user_key_payload *payload;
ssize_t ret;
- saved_cred = override_creds_light(get_new_cred(id_resolver_cache));
+ saved_cred = override_creds(get_new_cred(id_resolver_cache));
rkey = nfs_idmap_request_key(name, namelen, type, idmap);
put_cred(revert_creds_light(saved_cred));
else
new->cap_effective = cap_raise_nfsd_set(new->cap_effective,
new->cap_permitted);
- put_cred(override_creds_light(get_new_cred(new)));
+ put_cred(override_creds(get_new_cred(new)));
put_cred(new);
return 0;
new->fsuid = GLOBAL_ROOT_UID;
new->fsgid = GLOBAL_ROOT_GID;
- *original_creds = override_creds_light(get_new_cred(new));
+ *original_creds = override_creds(get_new_cred(new));
put_cred(new);
return 0;
}
new->cap_effective =
cap_raise_nfsd_set(new->cap_effective,
new->cap_permitted);
- put_cred(override_creds_light(get_new_cred(new)));
+ put_cred(override_creds(get_new_cred(new)));
put_cred(new);
} else {
error = nfsd_setuser_and_check_port(rqstp, cred, exp);
*/
override_cred->non_rcu = 1;
- old_cred = override_creds_light(get_new_cred(override_cred));
+ old_cred = override_creds(get_new_cred(override_cred));
/* override_cred() gets its own ref */
put_cred(override_cred);
return err;
if (cc->new)
- cc->old = override_creds_light(get_new_cred(cc->new));
+ cc->old = override_creds(get_new_cred(cc->new));
return 0;
}
* We must be called with creator creds already, otherwise we risk
* leaking creds.
*/
- old_cred = override_creds_light(override_cred);
+ old_cred = override_creds(override_cred);
WARN_ON_ONCE(old_cred != ovl_creds(dentry->d_sb));
return override_cred;
{
struct ovl_fs *ofs = OVL_FS(sb);
- return override_creds_light(ofs->creator_cred);
+ return override_creds(ofs->creator_cred);
}
void ovl_revert_creds(const struct cred *old_cred)
}
cifs_dbg(FYI, "key description = %s\n", description);
- saved_cred = override_creds_light(get_new_cred(spnego_cred));
+ saved_cred = override_creds(get_new_cred(spnego_cred));
spnego_key = request_key(&cifs_spnego_key_type, description, "");
put_cred(revert_creds_light(saved_cred));
return -EINVAL;
rc = 0;
- saved_cred = override_creds_light(get_new_cred(root_cred));
+ saved_cred = override_creds(get_new_cred(root_cred));
sidkey = request_key(&cifs_idmap_key_type, desc, "");
if (IS_ERR(sidkey)) {
rc = -EINVAL;
if (!sidstr)
return -ENOMEM;
- saved_cred = override_creds_light(get_new_cred(root_cred));
+ saved_cred = override_creds(get_new_cred(root_cred));
sidkey = request_key(&cifs_idmap_key_type, sidstr, "");
if (IS_ERR(sidkey)) {
cifs_dbg(FYI, "%s: Can't map SID %s to a %cid\n",
cred->cap_effective = cap_drop_fs_set(cred->cap_effective);
WARN_ON(work->saved_cred);
- work->saved_cred = override_creds_light(get_new_cred(cred));
+ work->saved_cred = override_creds(get_new_cred(cred));
if (!work->saved_cred) {
abort_creds(cred);
return -EINVAL;
cred->cap_inheritable));
}
-static inline const struct cred *override_creds_light(const struct cred *override_cred)
+static inline const struct cred *override_creds(const struct cred *override_cred)
{
const struct cred *old = current->cred;
return -EBADF;
if (unlikely((req->flags & REQ_F_CREDS) && req->creds != current_cred()))
- creds = override_creds_light(get_new_cred(req->creds));
+ creds = override_creds(get_new_cred(req->creds));
if (!def->audit_skip)
audit_uring_entry(req->opcode);
const struct cred *creds = NULL;
if (ctx->sq_creds != current_cred())
- creds = override_creds_light(get_new_cred(ctx->sq_creds));
+ creds = override_creds(get_new_cred(ctx->sq_creds));
mutex_lock(&ctx->uring_lock);
if (!wq_list_empty(&ctx->iopoll_list))
flim = rlimit(RLIMIT_FSIZE);
current->signal->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY;
/* Perform file operations on behalf of whoever enabled accounting */
- orig_cred = override_creds_light(get_new_cred(file->f_cred));
+ orig_cred = override_creds(get_new_cred(file->f_cred));
/*
* First check to see if there is enough free_space to continue
* permissions using the credentials from file open to protect against
* inherited fd attacks.
*/
- saved_cred = override_creds_light(get_new_cred(of->file->f_cred));
+ saved_cred = override_creds(get_new_cred(of->file->f_cred));
ret = cgroup_attach_permissions(src_cgrp, dst_cgrp,
of->file->f_path.dentry->d_sb,
threadgroup, ctx->ns);
*/
cred->fsuid = GLOBAL_ROOT_UID;
- old_cred = override_creds_light(get_new_cred(cred));
+ old_cred = override_creds(get_new_cred(cred));
if (visible)
ret = trace_add_event_call(&user->call);
/* make the upcall, using special credentials to prevent the use of
* add_key() to preinstall malicious redirections
*/
- saved_cred = override_creds_light(get_new_cred(dns_resolver_cache));
+ saved_cred = override_creds(get_new_cred(dns_resolver_cache));
rkey = request_key_net(&key_type_dns_resolver, desc, net, options);
put_cred(revert_creds_light(saved_cred));
kfree(desc);
projects / users / jedix / linux-maple.git / commitdiff