[PATCH] fuse: Fix crediantials leak in passthrough read_iter

From: Alessio Balsini
Date: Fri Feb 05 2021 - 05:58:49 EST


If the system doesn't have enough memory when fuse_passthrough_read_iter
is requested in asynchronous IO, an error is directly returned without
restoring the caller's credentials.
Fix by always ensuring credentials are restored.

Fixes: 20210125153057.3623715-8-balsini@xxxxxxxxxxx ("fuse: Use daemon creds in passthrough mode")
Signed-off-by: Alessio Balsini <balsini@xxxxxxxxxxx>
---
fs/fuse/passthrough.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/fs/fuse/passthrough.c b/fs/fuse/passthrough.c
index 284979f87747..1df94c1d8a00 100644
--- a/fs/fuse/passthrough.c
+++ b/fs/fuse/passthrough.c
@@ -69,8 +69,10 @@ ssize_t fuse_passthrough_read_iter(struct kiocb *iocb_fuse,
struct fuse_aio_req *aio_req;

aio_req = kmalloc(sizeof(struct fuse_aio_req), GFP_KERNEL);
- if (!aio_req)
- return -ENOMEM;
+ if (!aio_req) {
+ ret = -ENOMEM;
+ goto out;
+ }

aio_req->iocb_fuse = iocb_fuse;
kiocb_clone(&aio_req->iocb, iocb_fuse, passthrough_filp);
@@ -79,6 +81,7 @@ ssize_t fuse_passthrough_read_iter(struct kiocb *iocb_fuse,
if (ret != -EIOCBQUEUED)
fuse_aio_cleanup_handler(aio_req);
}
+out:
revert_creds(old_cred);

return ret;
--
2.30.0.365.g02bc693789-goog