Re: [PATCH v2 00/29] cred: rework {override,revert}_creds()

Chuck Lever <chuck.lever@xxxxxxxxxx> · Mon, 25 Nov 2024 10:37:53 -0500

On Mon, Nov 25, 2024 at 03:09:56PM +0100, Christian Brauner wrote:
> For the v6.13 cycle we switched overlayfs to a variant of
> override_creds() that doesn't take an extra reference. To this end I
> suggested introducing {override,revert}_creds_light() which overlayfs
> could use.
> 
> This seems to work rather well. This series follow Linus advice and
> unifies the separate helpers and simply makes {override,revert}_creds()
> do what {override,revert}_creds_light() currently does. Caller's that
> really need the extra reference count can take it manually.
> 
> ---
> Changes in v2:
> - Remove confusion around dangling pointer.
> - Use the revert_creds(old) + put_cred(new) pattern instead of
>   put_cred(revert_creds(old)).
> - Fill in missing justifications in various commit message why not using
>   a separate reference count is safe.
> - Make get_new_cred() argument const to easily use it during the
>   conversion.
> - Get rid of get_new_cred() completely at the end of the series.
> - Link to v1: https://lore.kernel.org/r/20241124-work-cred-v1-0-f352241c3970@xxxxxxxxxx
> 
> ---
> Christian Brauner (29):
>       tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g
>       cred: return old creds from revert_creds_light()
>       tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g
>       cred: remove old {override,revert}_creds() helpers
>       tree-wide: s/override_creds_light()/override_creds()/g
>       tree-wide: s/revert_creds_light()/revert_creds()/g
>       firmware: avoid pointless reference count bump
>       sev-dev: avoid pointless cred reference count bump
>       target_core_configfs: avoid pointless cred reference count bump
>       aio: avoid pointless cred reference count bump
>       binfmt_misc: avoid pointless cred reference count bump
>       coredump: avoid pointless cred reference count bump
>       nfs/localio: avoid pointless cred reference count bumps
>       nfs/nfs4idmap: avoid pointless reference count bump
>       nfs/nfs4recover: avoid pointless cred reference count bump
>       nfsfh: avoid pointless cred reference count bump
>       open: avoid pointless cred reference count bump
>       ovl: avoid pointless cred reference count bump
>       cifs: avoid pointless cred reference count bump
>       cifs: avoid pointless cred reference count bump
>       smb: avoid pointless cred reference count bump
>       io_uring: avoid pointless cred reference count bump
>       acct: avoid pointless reference count bump
>       cgroup: avoid pointless cred reference count bump
>       trace: avoid pointless cred reference count bump
>       dns_resolver: avoid pointless cred reference count bump
>       cachefiles: avoid pointless cred reference count bump
>       nfsd: avoid pointless cred reference count bump
>       cred: remove unused get_new_cred()
> 
>  Documentation/security/credentials.rst |  5 ----
>  drivers/crypto/ccp/sev-dev.c           |  2 +-
>  fs/backing-file.c                      | 20 +++++++-------
>  fs/nfsd/auth.c                         |  3 +-
>  fs/nfsd/filecache.c                    |  2 +-
>  fs/nfsd/nfs4recover.c                  |  3 +-
>  fs/nfsd/nfsfh.c                        |  1 -
>  fs/open.c                              | 11 ++------
>  fs/overlayfs/dir.c                     |  4 +--
>  fs/overlayfs/util.c                    |  4 +--
>  fs/smb/server/smb_common.c             | 10 ++-----
>  include/linux/cred.h                   | 26 ++++--------------
>  kernel/cred.c                          | 50 ----------------------------------
>  13 files changed, 27 insertions(+), 114 deletions(-)
> ---
> base-commit: e7675238b9bf4db0b872d5dbcd53efa31914c98f
> change-id: 20241124-work-cred-349b65450082
> 
> 

For the patches that touch fs/nfsd/*:

Acked-by: Chuck Lever <chuck.lever@xxxxxxxxxx>

-- 
Chuck Lever