aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/cred.c
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2021-10-16 12:51:58 -0500
committerEric W. Biederman <ebiederm@xmission.com>2021-10-20 10:45:34 -0500
commit99c31f9feda41d0f10d030dc04ba106c93295aa2 (patch)
treecbc53b3ce9d8731a2d3b38cfe39f02c7fa9a64a3 /kernel/cred.c
parentucounts: Move get_ucounts from cred_alloc_blank to key_change_session_keyring (diff)
downloadlinux-99c31f9feda41d0f10d030dc04ba106c93295aa2.tar.gz
linux-99c31f9feda41d0f10d030dc04ba106c93295aa2.zip
ucounts: In set_cred_ucounts assume new->ucounts is non-NULL
Any cred that is destined for use by commit_creds must have a non-NULL cred->ucounts field. Only curing credential construction is a NULL cred->ucounts valid. Only abort_creds, put_cred, and put_cred_rcu needs to deal with a cred with a NULL ucount. As set_cred_ucounts is non of those case don't confuse people by handling something that can not happen. Link: https://lkml.kernel.org/r/871r4irzds.fsf_-_@disp2133 Tested-by: Yu Zhao <yuzhao@google.com> Reviewed-by: Alexey Gladkov <legion@kernel.org> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'kernel/cred.c')
-rw-r--r--kernel/cred.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/kernel/cred.c b/kernel/cred.c
index 1ae0b4948a5a..473d17c431f3 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -676,15 +676,14 @@ int set_cred_ucounts(struct cred *new)
* This optimization is needed because alloc_ucounts() uses locks
* for table lookups.
*/
- if (old_ucounts && old_ucounts->ns == new->user_ns && uid_eq(old_ucounts->uid, new->euid))
+ if (old_ucounts->ns == new->user_ns && uid_eq(old_ucounts->uid, new->euid))
return 0;
if (!(new_ucounts = alloc_ucounts(new->user_ns, new->euid)))
return -EAGAIN;
new->ucounts = new_ucounts;
- if (old_ucounts)
- put_ucounts(old_ucounts);
+ put_ucounts(old_ucounts);
return 0;
}
generated by cgit v1.2.3 (git 2.39.1) at 2026-01-04 16:02:58 +0000
627fb485003781&follow=1'>bpf: Reject bpf_timer for PREEMPT_RTLeon Hwang1-0/+4 2025-09-10libceph: fix invalid accesses to ceph_connection_v1_infoIlya Dryomov1-3/+4 2025-09-10PM: hibernate: Restrict GFP mask in hibernation_snapshot()Rafael J. Wysocki1-0/+1 2025-09-10MAINTAINERS: add Phil as netfilter reviewerFlorian Westphal1-0/+1 2025-09-10netfilter: nf_tables: restart set lookup on base_seq changeFlorian Westphal2-2/+32 2025-09-10netfilter: nf_tables: make nft_set_do_lookup available unconditionallyFlorian Westphal2-13/+14 2025-09-10netfilter: nf_tables: place base_seq in struct netFlorian Westphal3-33/+34 2025-09-10netfilter: nft_set_rbtree: continue traversal if element is inactiveFlorian Westphal1-3/+3 2025-09-10netfilter: nft_set_pipapo: don't check genbit from packetpath lookupsFlorian Westphal2-5/+19 2025-09-10netfilter: nft_set_bitmap: fix lockdep splat due to missing annotationFlorian Westphal1-1/+2 2025-09-10can: rcar_can: rcar_can_resume(): fix s2ram with PSCIGeert Uytterhoeven1-7/+1 2025-09-10can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKBAnssi Hannula1-8/+8 2025-09-10can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() ...Tetsuo Handa1-1/+4 2025-09-10can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_loc...Tetsuo Handa1-0/+3 2025-09-10can: j1939: implement NETDEV_UNREGISTER notification handlerTetsuo Handa3-0/+53