Re: [PATCH -next] cred: add missing return error code when set_cred_ucounts() failed
From: Eric W. Biederman
Date: Wed May 26 2021 - 18:11:14 EST
Yang Yingliang <yangyingliang@xxxxxxxxxx> writes:
> If set_cred_ucounts() failed, we need return the error code.
Alex how does this look to you?
This is showing up now as I have finally dropped the code in linux-next
and other people are looking at it.
At a quick fix looks correct to me.
> Fixes: 905ae01c4ae2 ("Add a reference to ucounts for each cred")
> Reported-by: Hulk Robot <hulkci@xxxxxxxxxx>
> Signed-off-by: Yang Yingliang <yangyingliang@xxxxxxxxxx>
> ---
> kernel/cred.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/kernel/cred.c b/kernel/cred.c
> index db7c46bf36e5..e6fd2b3fc31f 100644
> --- a/kernel/cred.c
> +++ b/kernel/cred.c
> @@ -372,7 +372,8 @@ int copy_creds(struct task_struct *p, unsigned long clone_flags)
> ret = create_user_ns(new);
> if (ret < 0)
> goto error_put;
> - if (set_cred_ucounts(new) < 0)
> + ret = set_cred_ucounts(new);
> + if (ret < 0)
> goto error_put;
> }