[PATCH v2 00/29] cred: rework {override,revert}_creds()

From: Christian Brauner
Date: Mon Nov 25 2024 - 09:10:28 EST


For the v6.13 cycle we switched overlayfs to a variant of
override_creds() that doesn't take an extra reference. To this end I
suggested introducing {override,revert}_creds_light() which overlayfs
could use.

This seems to work rather well. This series follow Linus advice and
unifies the separate helpers and simply makes {override,revert}_creds()
do what {override,revert}_creds_light() currently does. Caller's that
really need the extra reference count can take it manually.

---
Changes in v2:
- Remove confusion around dangling pointer.
- Use the revert_creds(old) + put_cred(new) pattern instead of
put_cred(revert_creds(old)).
- Fill in missing justifications in various commit message why not using
a separate reference count is safe.
- Make get_new_cred() argument const to easily use it during the
conversion.
- Get rid of get_new_cred() completely at the end of the series.
- Link to v1: https://lore.kernel.org/r/20241124-work-cred-v1-0-f352241c3970@xxxxxxxxxx

---
Christian Brauner (29):
tree-wide: s/override_creds()/override_creds_light(get_new_cred())/g
cred: return old creds from revert_creds_light()
tree-wide: s/revert_creds()/put_cred(revert_creds_light())/g
cred: remove old {override,revert}_creds() helpers
tree-wide: s/override_creds_light()/override_creds()/g
tree-wide: s/revert_creds_light()/revert_creds()/g
firmware: avoid pointless reference count bump
sev-dev: avoid pointless cred reference count bump
target_core_configfs: avoid pointless cred reference count bump
aio: avoid pointless cred reference count bump
binfmt_misc: avoid pointless cred reference count bump
coredump: avoid pointless cred reference count bump
nfs/localio: avoid pointless cred reference count bumps
nfs/nfs4idmap: avoid pointless reference count bump
nfs/nfs4recover: avoid pointless cred reference count bump
nfsfh: avoid pointless cred reference count bump
open: avoid pointless cred reference count bump
ovl: avoid pointless cred reference count bump
cifs: avoid pointless cred reference count bump
cifs: avoid pointless cred reference count bump
smb: avoid pointless cred reference count bump
io_uring: avoid pointless cred reference count bump
acct: avoid pointless reference count bump
cgroup: avoid pointless cred reference count bump
trace: avoid pointless cred reference count bump
dns_resolver: avoid pointless cred reference count bump
cachefiles: avoid pointless cred reference count bump
nfsd: avoid pointless cred reference count bump
cred: remove unused get_new_cred()

Documentation/security/credentials.rst | 5 ----
drivers/crypto/ccp/sev-dev.c | 2 +-
fs/backing-file.c | 20 +++++++-------
fs/nfsd/auth.c | 3 +-
fs/nfsd/filecache.c | 2 +-
fs/nfsd/nfs4recover.c | 3 +-
fs/nfsd/nfsfh.c | 1 -
fs/open.c | 11 ++------
fs/overlayfs/dir.c | 4 +--
fs/overlayfs/util.c | 4 +--
fs/smb/server/smb_common.c | 10 ++-----
include/linux/cred.h | 26 ++++--------------
kernel/cred.c | 50 ----------------------------------
13 files changed, 27 insertions(+), 114 deletions(-)
---
base-commit: e7675238b9bf4db0b872d5dbcd53efa31914c98f
change-id: 20241124-work-cred-349b65450082