[PATCH 04/12] sev-dev: use override credential guards
From: Christian Brauner <brauner@kernel.org>
Date: 2025-11-03 14:58:02
Also in:
cgroups, linux-cifs, linux-crypto, linux-fsdevel, linux-nfs, linux-trace-kernel, linux-unionfs, lkml
Subsystem:
amd cryptographic coprocessor (ccp) driver, amd cryptographic coprocessor (ccp) driver - sev support, crypto api, the rest · Maintainers:
Tom Lendacky, John Allen, Ashish Kalra, Herbert Xu, "David S. Miller", Linus Torvalds
Use override credential guards for scoped credential override with automatic restoration on scope exit. Signed-off-by: Christian Brauner <brauner@kernel.org> --- drivers/crypto/ccp/sev-dev.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 09e4c9490d58..19422f422a59 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c@@ -260,7 +260,6 @@ static int sev_cmd_buffer_len(int cmd) static struct file *open_file_as_root(const char *filename, int flags, umode_t mode) { struct path root __free(path_put) = {}; - struct file *fp; struct cred *cred; const struct cred *old_cred;
@@ -273,13 +272,9 @@ static struct file *open_file_as_root(const char *filename, int flags, umode_t m return ERR_PTR(-ENOMEM); cred->fsuid = GLOBAL_ROOT_UID; - old_cred = override_creds(cred); - - fp = file_open_root(&root, filename, flags, mode); - - revert_creds(old_cred); - return fp; + with_creds(cred); + return file_open_root(&root, filename, flags, mode); } static int sev_read_init_ex_file(void)
--
2.47.3