CacheFiles: Fix error handling in cachefiles_determine_cache_security()
cachefiles_determine_cache_security() is expected to return with a security override in place. However, if set_create_files_as() fails, we fail to do this. In this case, we should just reinstate the security override that was set by the caller. Furthermore, if set_create_files_as() fails, we should dispose of the new credentials we were in the process of creating. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
91af708141
commit
7ac512aa82
|
@ -77,6 +77,8 @@ static int cachefiles_check_cache_dir(struct cachefiles_cache *cache,
|
|||
/*
|
||||
* check the security details of the on-disk cache
|
||||
* - must be called with security override in force
|
||||
* - must return with a security override in force - even in the case of an
|
||||
* error
|
||||
*/
|
||||
int cachefiles_determine_cache_security(struct cachefiles_cache *cache,
|
||||
struct dentry *root,
|
||||
|
@ -99,6 +101,8 @@ int cachefiles_determine_cache_security(struct cachefiles_cache *cache,
|
|||
* which create files */
|
||||
ret = set_create_files_as(new, root->d_inode);
|
||||
if (ret < 0) {
|
||||
abort_creds(new);
|
||||
cachefiles_begin_secure(cache, _saved_cred);
|
||||
_leave(" = %d [cfa]", ret);
|
||||
return ret;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue