On 11/23/24 15:21, Max Kellermann wrote:
This eliminates a redundant get_current_cred() call, because ceph_mds_check_access() has already obtained this pointer. As a side effect, this also fixes a reference leak in ceph_mds_auth_match(): by omitting the get_current_cred() call, no additional cred reference is taken. Fixes: 596afb0b8933 ("ceph: add ceph_mds_check_access() helper") Cc: stable@xxxxxxxxxxxxxxx Signed-off-by: Max Kellermann <max.kellermann@xxxxxxxxx> --- fs/ceph/mds_client.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c index 6baec1387f7d..e8a5994de8b6 100644 --- a/fs/ceph/mds_client.c +++ b/fs/ceph/mds_client.c @@ -5615,9 +5615,9 @@ void send_flush_mdlog(struct ceph_mds_session *s)static int ceph_mds_auth_match(struct ceph_mds_client *mdsc,struct ceph_mds_cap_auth *auth, + const struct cred *cred, char *tpath) { - const struct cred *cred = get_current_cred(); u32 caller_uid = from_kuid(&init_user_ns, cred->fsuid); u32 caller_gid = from_kgid(&init_user_ns, cred->fsgid); struct ceph_client *cl = mdsc->fsc->client; @@ -5740,7 +5740,7 @@ int ceph_mds_check_access(struct ceph_mds_client *mdsc, char *tpath, int mask) for (i = 0; i < mdsc->s_cap_auths_num; i++) { struct ceph_mds_cap_auth *s = &mdsc->s_cap_auths[i];- err = ceph_mds_auth_match(mdsc, s, tpath);+ err = ceph_mds_auth_match(mdsc, s, cred, tpath); if (err < 0) { return err; } else if (err > 0) {
Good catch. Reviewed-by: Xiubo Li <xiubli@xxxxxxxxxx>
