On Thu, Sep 22, 2022 at 10:44:37AM +0200, Miklos Szeredi wrote: > Use the vfs_tmpfile_open() helper instead of doing tmpfile creation and > opening separately. > > The only minor difference is that previously no permission checking was > done, while vfs_tmpfile_open() will call may_open() with zero access mask > (i.e. no access is checked). Even if this would make a difference with > callers caps (don't see how it could, even in the LSM codepaths) cachfiles > raises caps before performing the tmpfile creation, so this extra > permission check will not result in any regression. > > Signed-off-by: Miklos Szeredi <mszeredi@xxxxxxxxxx> > --- With the may_open() in vfs_tmpfile_open() we hopefully won't cause any issues for this but it seems unlikely, Reviewed-by: Christian Brauner (Microsoft) <brauner@xxxxxxxxxx>
