pass creds to get_empty_filp(), make sure dentry_open() passes the right creds ... and rename get_empty_filp() to alloc_empty_file(). dentry_open() gets creds as argument, but the only thing that sees those is security_file_open() - file->f_cred still ends up with current_cred(). For almost all callers it's the same thing, but there are several broken cases. Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

commit: 6de37b6dc085e7c5e092b69289af66876526da44 [log] [tgz]
author: Al Viro <viro@zeniv.linux.org.uk> Tue Jul 10 13:12:05 2018 -0400
committer: Al Viro <viro@zeniv.linux.org.uk> Thu Jul 12 10:04:13 2018 -0400
tree: 5d2519411b954eb4d97c70fb972d7b8a1fb1c635
parent: c9c554f21490bbc96cc554f80024d27d09670480 [diff] [blame]
diff --git a/fs/file_table.c b/fs/file_table.c
index 086c3f5..76cfa4c 100644
--- a/fs/file_table.c
+++ b/fs/file_table.c

@@ -101,9 +101,8 @@
  * done, you will imbalance int the mount's writer count
  * and a warning at __fput() time.
  */
-struct file *get_empty_filp(void)
+struct file *alloc_empty_file(const struct cred *cred)
 {
-	const struct cred *cred = current_cred();
 	static long old_max;
 	struct file *f;
 	int error;
@@ -161,7 +160,7 @@
 {
 	struct file *file;
 
-	file = get_empty_filp();
+	file = alloc_empty_file(current_cred());
 	if (IS_ERR(file))
 		return file;
commit	6de37b6dc085e7c5e092b69289af66876526da44	[log] [tgz]
author	Al Viro <viro@zeniv.linux.org.uk>	Tue Jul 10 13:12:05 2018 -0400
committer	Al Viro <viro@zeniv.linux.org.uk>	Thu Jul 12 10:04:13 2018 -0400
tree	5d2519411b954eb4d97c70fb972d7b8a1fb1c635
parent	c9c554f21490bbc96cc554f80024d27d09670480 [diff] [blame]