From: Greg Kroah-Hartman gregkh@linuxfoundation.org
stable inclusion from stable-5.10.63 commit 0c1443874e1cb359b377a0e383c0dcce81aefa12 bugzilla: 182231 https://gitee.com/openeuler/kernel/issues/I4EFS1
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=...
--------------------------------
This reverts commit b493af3a66e067f93e5e03465507866ddeabff9e which is commit bbb6d0f3e1feb43d663af089c7dedb23be6a04fb upstream.
The "original" commit 905ae01c4ae2 ("Add a reference to ucounts for each cred"), should not have been applied to the 5.10.y tree, so revert it, and the follow-on fixup patches as well.
Reported-by: "Eric W. Biederman" ebiederm@xmission.com Link: https://lore.kernel.org/r/87v93k4bl6.fsf@disp2133 Cc: Alexey Gladkov legion@kernel.org Cc: Sasha Levin sashal@kernel.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org Signed-off-by: Chen Jun chenjun102@huawei.com Acked-by: Weilong Chen chenweilong@huawei.com
Signed-off-by: Chen Jun chenjun102@huawei.com --- kernel/cred.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/kernel/cred.c b/kernel/cred.c index 8c0983fa794a..098213d4a39c 100644 --- a/kernel/cred.c +++ b/kernel/cred.c @@ -286,11 +286,11 @@ struct cred *prepare_creds(void) new->security = NULL; #endif
- new->ucounts = get_ucounts(new->ucounts); - if (!new->ucounts) + if (security_prepare_creds(new, old, GFP_KERNEL_ACCOUNT) < 0) goto error;
- if (security_prepare_creds(new, old, GFP_KERNEL_ACCOUNT) < 0) + new->ucounts = get_ucounts(new->ucounts); + if (!new->ucounts) goto error;
validate_creds(new); @@ -753,11 +753,11 @@ struct cred *prepare_kernel_cred(struct task_struct *daemon) #ifdef CONFIG_SECURITY new->security = NULL; #endif - new->ucounts = get_ucounts(new->ucounts); - if (!new->ucounts) + if (security_prepare_creds(new, old, GFP_KERNEL_ACCOUNT) < 0) goto error;
- if (security_prepare_creds(new, old, GFP_KERNEL_ACCOUNT) < 0) + new->ucounts = get_ucounts(new->ucounts); + if (!new->ucounts) goto error;
put_cred(old);