Re: [PATCH -next] cred: add missing return error code when set_cred_ucounts() failed

From: Eric W. Biederman
Date: Thu May 27 2021 - 12:10:49 EST


Alexey Gladkov <legion@xxxxxxxxxx> writes:

> On Wed, May 26, 2021 at 05:10:43PM -0500, Eric W. Biederman wrote:
>> Yang Yingliang <yangyingliang@xxxxxxxxxx> writes:
>>
>> > If set_cred_ucounts() failed, we need return the error code.
>>
>> Alex how does this look to you?
>>
>> This is showing up now as I have finally dropped the code in linux-next
>> and other people are looking at it.
>>
>> At a quick fix looks correct to me.
>
> Yes, this is the right fix. I miss it.


Can I have your Acked-by or Reviewed-by.
Thank you.

>> > Fixes: 905ae01c4ae2 ("Add a reference to ucounts for each cred")
>> > Reported-by: Hulk Robot <hulkci@xxxxxxxxxx>
>> > Signed-off-by: Yang Yingliang <yangyingliang@xxxxxxxxxx>
>> > ---
>> > kernel/cred.c | 3 ++-
>> > 1 file changed, 2 insertions(+), 1 deletion(-)
>> >
>> > diff --git a/kernel/cred.c b/kernel/cred.c
>> > index db7c46bf36e5..e6fd2b3fc31f 100644
>> > --- a/kernel/cred.c
>> > +++ b/kernel/cred.c
>> > @@ -372,7 +372,8 @@ int copy_creds(struct task_struct *p, unsigned long clone_flags)
>> > ret = create_user_ns(new);
>> > if (ret < 0)
>> > goto error_put;
>> > - if (set_cred_ucounts(new) < 0)
>> > + ret = set_cred_ucounts(new);
>> > + if (ret < 0)
>> > goto error_put;
>> > }
>>

Eric