cred: get rid of CONFIG_DEBUG_CREDENTIALS

-1

arch/powerpc/configs/skiroot_defconfig

··· 301 301 CONFIG_DEBUG_SG=y 302 302 CONFIG_DEBUG_NOTIFIERS=y 303 303 CONFIG_BUG_ON_DATA_CORRUPTION=y 304 - CONFIG_DEBUG_CREDENTIALS=y 305 304 # CONFIG_FTRACE is not set 306 305 CONFIG_XMON=y 307 306 # CONFIG_RUNTIME_TESTING_MENU is not set

-1

arch/s390/configs/debug_defconfig

··· 834 834 CONFIG_DEBUG_LIST=y 835 835 CONFIG_DEBUG_SG=y 836 836 CONFIG_DEBUG_NOTIFIERS=y 837 - CONFIG_DEBUG_CREDENTIALS=y 838 837 CONFIG_RCU_TORTURE_TEST=m 839 838 CONFIG_RCU_REF_SCALE_TEST=m 840 839 CONFIG_RCU_CPU_STALL_TIMEOUT=300

-4

fs/nfsd/auth.c

··· 26 26 int i; 27 27 int flags = nfsexp_flags(rqstp, exp); 28 28 29 - validate_process_creds(); 30 - 31 29 /* discard any old override before preparing the new set */ 32 30 revert_creds(get_cred(current_real_cred())); 33 31 new = prepare_creds(); ··· 79 81 else 80 82 new->cap_effective = cap_raise_nfsd_set(new->cap_effective, 81 83 new->cap_permitted); 82 - validate_process_creds(); 83 84 put_cred(override_creds(new)); 84 85 put_cred(new); 85 - validate_process_creds(); 86 86 return 0; 87 87 88 88 oom:

-1

fs/nfsd/nfssvc.c

··· 955 955 rqstp->rq_server->sv_maxconn = nn->max_connections; 956 956 957 957 svc_recv(rqstp); 958 - validate_process_creds(); 959 958 } 960 959 961 960 atomic_dec(&nfsdstats.th_cnt);

+1 -8

fs/nfsd/vfs.c

··· 901 901 int host_err; 902 902 bool retried = false; 903 903 904 - validate_process_creds(); 905 904 /* 906 905 * If we get here, then the client has already done an "open", 907 906 * and (hopefully) checked permission - so allow OWNER_OVERRIDE ··· 925 926 } 926 927 err = nfserrno(host_err); 927 928 } 928 - validate_process_creds(); 929 929 return err; 930 930 } 931 931 ··· 941 943 nfsd_open_verified(struct svc_rqst *rqstp, struct svc_fh *fhp, int may_flags, 942 944 struct file **filp) 943 945 { 944 - int err; 945 - 946 - validate_process_creds(); 947 - err = __nfsd_open(rqstp, fhp, S_IFREG, may_flags, filp); 948 - validate_process_creds(); 949 - return err; 946 + return __nfsd_open(rqstp, fhp, S_IFREG, may_flags, filp); 950 947 } 951 948 952 949 /*

-3

fs/open.c

··· 1088 1088 int error; 1089 1089 struct file *f; 1090 1090 1091 - validate_creds(cred); 1092 - 1093 1091 /* We must always pass in a valid mount pointer. */ 1094 1092 BUG_ON(!path->mnt); 1095 1093 ··· 1126 1128 struct file *f; 1127 1129 int error; 1128 1130 1129 - validate_creds(cred); 1130 1131 f = alloc_empty_file(flags, cred); 1131 1132 if (IS_ERR(f)) 1132 1133 return f;

-50

include/linux/cred.h

··· 110 110 */ 111 111 struct cred { 112 112 atomic_long_t usage; 113 - #ifdef CONFIG_DEBUG_CREDENTIALS 114 - atomic_t subscribers; /* number of processes subscribed */ 115 - void *put_addr; 116 - unsigned magic; 117 - #define CRED_MAGIC 0x43736564 118 - #define CRED_MAGIC_DEAD 0x44656144 119 - #endif 120 113 kuid_t uid; /* real UID of the task */ 121 114 kgid_t gid; /* real GID of the task */ 122 115 kuid_t suid; /* saved UID of the task */ ··· 165 172 extern void __init cred_init(void); 166 173 extern int set_cred_ucounts(struct cred *); 167 174 168 - /* 169 - * check for validity of credentials 170 - */ 171 - #ifdef CONFIG_DEBUG_CREDENTIALS 172 - extern void __noreturn __invalid_creds(const struct cred *, const char *, unsigned); 173 - extern void __validate_process_creds(struct task_struct *, 174 - const char *, unsigned); 175 - 176 - extern bool creds_are_invalid(const struct cred *cred); 177 - 178 - static inline void __validate_creds(const struct cred *cred, 179 - const char *file, unsigned line) 180 - { 181 - if (unlikely(creds_are_invalid(cred))) 182 - __invalid_creds(cred, file, line); 183 - } 184 - 185 - #define validate_creds(cred) \ 186 - do { \ 187 - __validate_creds((cred), __FILE__, __LINE__); \ 188 - } while(0) 189 - 190 - #define validate_process_creds() \ 191 - do { \ 192 - __validate_process_creds(current, __FILE__, __LINE__); \ 193 - } while(0) 194 - 195 - extern void validate_creds_for_do_exit(struct task_struct *); 196 - #else 197 - static inline void validate_creds(const struct cred *cred) 198 - { 199 - } 200 - static inline void validate_creds_for_do_exit(struct task_struct *tsk) 201 - { 202 - } 203 - static inline void validate_process_creds(void) 204 - { 205 - } 206 - #endif 207 - 208 175 static inline bool cap_ambient_invariant_ok(const struct cred *cred) 209 176 { 210 177 return cap_issubset(cred->cap_ambient, ··· 217 264 struct cred *nonconst_cred = (struct cred *) cred; 218 265 if (!cred) 219 266 return cred; 220 - validate_creds(cred); 221 267 nonconst_cred->non_rcu = 0; 222 268 return get_new_cred_many(nonconst_cred, nr); 223 269 } ··· 242 290 return NULL; 243 291 if (!atomic_long_inc_not_zero(&nonconst_cred->usage)) 244 292 return NULL; 245 - validate_creds(cred); 246 293 nonconst_cred->non_rcu = 0; 247 294 return cred; 248 295 } ··· 263 312 struct cred *cred = (struct cred *) _cred; 264 313 265 314 if (cred) { 266 - validate_creds(cred); 267 315 if (atomic_long_sub_and_test(nr, &cred->usage)) 268 316 __put_cred(cred); 269 317 }

+16 -215

kernel/cred.c

··· 43 43 */ 44 44 struct cred init_cred = { 45 45 .usage = ATOMIC_INIT(4), 46 - #ifdef CONFIG_DEBUG_CREDENTIALS 47 - .subscribers = ATOMIC_INIT(2), 48 - .magic = CRED_MAGIC, 49 - #endif 50 46 .uid = GLOBAL_ROOT_UID, 51 47 .gid = GLOBAL_ROOT_GID, 52 48 .suid = GLOBAL_ROOT_UID, ··· 62 66 .ucounts = &init_ucounts, 63 67 }; 64 68 65 - static inline void set_cred_subscribers(struct cred *cred, int n) 66 - { 67 - #ifdef CONFIG_DEBUG_CREDENTIALS 68 - atomic_set(&cred->subscribers, n); 69 - #endif 70 - } 71 - 72 - static inline int read_cred_subscribers(const struct cred *cred) 73 - { 74 - #ifdef CONFIG_DEBUG_CREDENTIALS 75 - return atomic_read(&cred->subscribers); 76 - #else 77 - return 0; 78 - #endif 79 - } 80 - 81 - static inline void alter_cred_subscribers(const struct cred *_cred, int n) 82 - { 83 - #ifdef CONFIG_DEBUG_CREDENTIALS 84 - struct cred *cred = (struct cred *) _cred; 85 - 86 - atomic_add(n, &cred->subscribers); 87 - #endif 88 - } 89 - 90 69 /* 91 70 * The RCU callback to actually dispose of a set of credentials 92 71 */ ··· 71 100 72 101 kdebug("put_cred_rcu(%p)", cred); 73 102 74 - #ifdef CONFIG_DEBUG_CREDENTIALS 75 - if (cred->magic != CRED_MAGIC_DEAD || 76 - atomic_long_read(&cred->usage) != 0 || 77 - read_cred_subscribers(cred) != 0) 78 - panic("CRED: put_cred_rcu() sees %p with" 79 - " mag %x, put %p, usage %ld, subscr %d\n", 80 - cred, cred->magic, cred->put_addr, 81 - atomic_long_read(&cred->usage), 82 - read_cred_subscribers(cred)); 83 - #else 84 103 if (atomic_long_read(&cred->usage) != 0) 85 104 panic("CRED: put_cred_rcu() sees %p with usage %ld\n", 86 105 cred, atomic_long_read(&cred->usage)); 87 - #endif 88 106 89 107 security_cred_free(cred); 90 108 key_put(cred->session_keyring); ··· 97 137 */ 98 138 void __put_cred(struct cred *cred) 99 139 { 100 - kdebug("__put_cred(%p{%ld,%d})", cred, 101 - atomic_long_read(&cred->usage), 102 - read_cred_subscribers(cred)); 140 + kdebug("__put_cred(%p{%ld})", cred, 141 + atomic_long_read(&cred->usage)); 103 142 104 143 BUG_ON(atomic_long_read(&cred->usage) != 0); 105 - #ifdef CONFIG_DEBUG_CREDENTIALS 106 - BUG_ON(read_cred_subscribers(cred) != 0); 107 - cred->magic = CRED_MAGIC_DEAD; 108 - cred->put_addr = __builtin_return_address(0); 109 - #endif 110 144 BUG_ON(cred == current->cred); 111 145 BUG_ON(cred == current->real_cred); 112 146 ··· 118 164 { 119 165 struct cred *real_cred, *cred; 120 166 121 - kdebug("exit_creds(%u,%p,%p,{%ld,%d})", tsk->pid, tsk->real_cred, tsk->cred, 122 - atomic_long_read(&tsk->cred->usage), 123 - read_cred_subscribers(tsk->cred)); 167 + kdebug("exit_creds(%u,%p,%p,{%ld})", tsk->pid, tsk->real_cred, tsk->cred, 168 + atomic_long_read(&tsk->cred->usage)); 124 169 125 170 real_cred = (struct cred *) tsk->real_cred; 126 171 tsk->real_cred = NULL; ··· 127 174 cred = (struct cred *) tsk->cred; 128 175 tsk->cred = NULL; 129 176 130 - validate_creds(cred); 131 177 if (real_cred == cred) { 132 - alter_cred_subscribers(cred, -2); 133 178 put_cred_many(cred, 2); 134 179 } else { 135 - validate_creds(real_cred); 136 - alter_cred_subscribers(real_cred, -1); 137 180 put_cred(real_cred); 138 - alter_cred_subscribers(cred, -1); 139 181 put_cred(cred); 140 182 } 141 183 ··· 179 231 return NULL; 180 232 181 233 atomic_long_set(&new->usage, 1); 182 - #ifdef CONFIG_DEBUG_CREDENTIALS 183 - new->magic = CRED_MAGIC; 184 - #endif 185 234 if (security_cred_alloc_blank(new, GFP_KERNEL_ACCOUNT) < 0) 186 235 goto error; 187 236 ··· 209 264 const struct cred *old; 210 265 struct cred *new; 211 266 212 - validate_process_creds(); 213 - 214 267 new = kmem_cache_alloc(cred_jar, GFP_KERNEL); 215 268 if (!new) 216 269 return NULL; ··· 220 277 221 278 new->non_rcu = 0; 222 279 atomic_long_set(&new->usage, 1); 223 - set_cred_subscribers(new, 0); 224 280 get_group_info(new->group_info); 225 281 get_uid(new->user); 226 282 get_user_ns(new->user_ns); ··· 242 300 if (security_prepare_creds(new, old, GFP_KERNEL_ACCOUNT) < 0) 243 301 goto error; 244 302 245 - validate_creds(new); 246 303 return new; 247 304 248 305 error: ··· 303 362 clone_flags & CLONE_THREAD 304 363 ) { 305 364 p->real_cred = get_cred_many(p->cred, 2); 306 - alter_cred_subscribers(p->cred, 2); 307 - kdebug("share_creds(%p{%ld,%d})", 308 - p->cred, atomic_long_read(&p->cred->usage), 309 - read_cred_subscribers(p->cred)); 365 + kdebug("share_creds(%p{%ld})", 366 + p->cred, atomic_long_read(&p->cred->usage)); 310 367 inc_rlimit_ucounts(task_ucounts(p), UCOUNT_RLIMIT_NPROC, 1); 311 368 return 0; 312 369 } ··· 343 404 344 405 p->cred = p->real_cred = get_cred(new); 345 406 inc_rlimit_ucounts(task_ucounts(p), UCOUNT_RLIMIT_NPROC, 1); 346 - alter_cred_subscribers(new, 2); 347 - validate_creds(new); 348 407 return 0; 349 408 350 409 error_put: ··· 394 457 struct task_struct *task = current; 395 458 const struct cred *old = task->real_cred; 396 459 397 - kdebug("commit_creds(%p{%ld,%d})", new, 398 - atomic_long_read(&new->usage), 399 - read_cred_subscribers(new)); 460 + kdebug("commit_creds(%p{%ld})", new, 461 + atomic_long_read(&new->usage)); 400 462 401 463 BUG_ON(task->cred != old); 402 - #ifdef CONFIG_DEBUG_CREDENTIALS 403 - BUG_ON(read_cred_subscribers(old) < 2); 404 - validate_creds(old); 405 - validate_creds(new); 406 - #endif 407 464 BUG_ON(atomic_long_read(&new->usage) < 1); 408 465 409 466 get_cred(new); /* we will require a ref for the subj creds too */ ··· 433 502 * RLIMIT_NPROC limits on user->processes have already been checked 434 503 * in set_user(). 435 504 */ 436 - alter_cred_subscribers(new, 2); 437 505 if (new->user != old->user || new->user_ns != old->user_ns) 438 506 inc_rlimit_ucounts(new->ucounts, UCOUNT_RLIMIT_NPROC, 1); 439 507 rcu_assign_pointer(task->real_cred, new); 440 508 rcu_assign_pointer(task->cred, new); 441 509 if (new->user != old->user || new->user_ns != old->user_ns) 442 510 dec_rlimit_ucounts(old->ucounts, UCOUNT_RLIMIT_NPROC, 1); 443 - alter_cred_subscribers(old, -2); 444 511 445 512 /* send notifications */ 446 513 if (!uid_eq(new->uid, old->uid) || ··· 468 539 */ 469 540 void abort_creds(struct cred *new) 470 541 { 471 - kdebug("abort_creds(%p{%ld,%d})", new, 472 - atomic_long_read(&new->usage), 473 - read_cred_subscribers(new)); 542 + kdebug("abort_creds(%p{%ld})", new, 543 + atomic_long_read(&new->usage)); 474 544 475 - #ifdef CONFIG_DEBUG_CREDENTIALS 476 - BUG_ON(read_cred_subscribers(new) != 0); 477 - #endif 478 545 BUG_ON(atomic_long_read(&new->usage) < 1); 479 546 put_cred(new); 480 547 } ··· 487 562 { 488 563 const struct cred *old = current->cred; 489 564 490 - kdebug("override_creds(%p{%ld,%d})", new, 491 - atomic_long_read(&new->usage), 492 - read_cred_subscribers(new)); 493 - 494 - validate_creds(old); 495 - validate_creds(new); 565 + kdebug("override_creds(%p{%ld})", new, 566 + atomic_long_read(&new->usage)); 496 567 497 568 /* 498 569 * NOTE! This uses 'get_new_cred()' rather than 'get_cred()'. ··· 497 576 * we are only installing the cred into the thread-synchronous 498 577 * '->cred' pointer, not the '->real_cred' pointer that is 499 578 * visible to other threads under RCU. 500 - * 501 - * Also note that we did validate_creds() manually, not depending 502 - * on the validation in 'get_cred()'. 503 579 */ 504 580 get_new_cred((struct cred *)new); 505 - alter_cred_subscribers(new, 1); 506 581 rcu_assign_pointer(current->cred, new); 507 - alter_cred_subscribers(old, -1); 508 582 509 - kdebug("override_creds() = %p{%ld,%d}", old, 510 - atomic_long_read(&old->usage), 511 - read_cred_subscribers(old)); 583 + kdebug("override_creds() = %p{%ld}", old, 584 + atomic_long_read(&old->usage)); 512 585 return old; 513 586 } 514 587 EXPORT_SYMBOL(override_creds); ··· 518 603 { 519 604 const struct cred *override = current->cred; 520 605 521 - kdebug("revert_creds(%p{%ld,%d})", old, 522 - atomic_long_read(&old->usage), 523 - read_cred_subscribers(old)); 606 + kdebug("revert_creds(%p{%ld})", old, 607 + atomic_long_read(&old->usage)); 524 608 525 - validate_creds(old); 526 - validate_creds(override); 527 - alter_cred_subscribers(old, 1); 528 609 rcu_assign_pointer(current->cred, old); 529 - alter_cred_subscribers(override, -1); 530 610 put_cred(override); 531 611 } 532 612 EXPORT_SYMBOL(revert_creds); ··· 641 731 kdebug("prepare_kernel_cred() alloc %p", new); 642 732 643 733 old = get_task_cred(daemon); 644 - validate_creds(old); 645 734 646 735 *new = *old; 647 736 new->non_rcu = 0; 648 737 atomic_long_set(&new->usage, 1); 649 - set_cred_subscribers(new, 0); 650 738 get_uid(new->user); 651 739 get_user_ns(new->user_ns); 652 740 get_group_info(new->group_info); ··· 668 760 goto error; 669 761 670 762 put_cred(old); 671 - validate_creds(new); 672 763 return new; 673 764 674 765 error: ··· 732 825 return security_kernel_create_files_as(new, inode); 733 826 } 734 827 EXPORT_SYMBOL(set_create_files_as); 735 - 736 - #ifdef CONFIG_DEBUG_CREDENTIALS 737 - 738 - bool creds_are_invalid(const struct cred *cred) 739 - { 740 - if (cred->magic != CRED_MAGIC) 741 - return true; 742 - return false; 743 - } 744 - EXPORT_SYMBOL(creds_are_invalid); 745 - 746 - /* 747 - * dump invalid credentials 748 - */ 749 - static void dump_invalid_creds(const struct cred *cred, const char *label, 750 - const struct task_struct *tsk) 751 - { 752 - pr_err("%s credentials: %p %s%s%s\n", 753 - label, cred, 754 - cred == &init_cred ? "[init]" : "", 755 - cred == tsk->real_cred ? "[real]" : "", 756 - cred == tsk->cred ? "[eff]" : ""); 757 - pr_err("->magic=%x, put_addr=%p\n", 758 - cred->magic, cred->put_addr); 759 - pr_err("->usage=%ld, subscr=%d\n", 760 - atomic_long_read(&cred->usage), 761 - read_cred_subscribers(cred)); 762 - pr_err("->*uid = { %d,%d,%d,%d }\n", 763 - from_kuid_munged(&init_user_ns, cred->uid), 764 - from_kuid_munged(&init_user_ns, cred->euid), 765 - from_kuid_munged(&init_user_ns, cred->suid), 766 - from_kuid_munged(&init_user_ns, cred->fsuid)); 767 - pr_err("->*gid = { %d,%d,%d,%d }\n", 768 - from_kgid_munged(&init_user_ns, cred->gid), 769 - from_kgid_munged(&init_user_ns, cred->egid), 770 - from_kgid_munged(&init_user_ns, cred->sgid), 771 - from_kgid_munged(&init_user_ns, cred->fsgid)); 772 - #ifdef CONFIG_SECURITY 773 - pr_err("->security is %p\n", cred->security); 774 - if ((unsigned long) cred->security >= PAGE_SIZE && 775 - (((unsigned long) cred->security & 0xffffff00) != 776 - (POISON_FREE << 24 | POISON_FREE << 16 | POISON_FREE << 8))) 777 - pr_err("->security {%x, %x}\n", 778 - ((u32*)cred->security)[0], 779 - ((u32*)cred->security)[1]); 780 - #endif 781 - } 782 - 783 - /* 784 - * report use of invalid credentials 785 - */ 786 - void __noreturn __invalid_creds(const struct cred *cred, const char *file, unsigned line) 787 - { 788 - pr_err("Invalid credentials\n"); 789 - pr_err("At %s:%u\n", file, line); 790 - dump_invalid_creds(cred, "Specified", current); 791 - BUG(); 792 - } 793 - EXPORT_SYMBOL(__invalid_creds); 794 - 795 - /* 796 - * check the credentials on a process 797 - */ 798 - void __validate_process_creds(struct task_struct *tsk, 799 - const char *file, unsigned line) 800 - { 801 - if (tsk->cred == tsk->real_cred) { 802 - if (unlikely(read_cred_subscribers(tsk->cred) < 2 || 803 - creds_are_invalid(tsk->cred))) 804 - goto invalid_creds; 805 - } else { 806 - if (unlikely(read_cred_subscribers(tsk->real_cred) < 1 || 807 - read_cred_subscribers(tsk->cred) < 1 || 808 - creds_are_invalid(tsk->real_cred) || 809 - creds_are_invalid(tsk->cred))) 810 - goto invalid_creds; 811 - } 812 - return; 813 - 814 - invalid_creds: 815 - pr_err("Invalid process credentials\n"); 816 - pr_err("At %s:%u\n", file, line); 817 - 818 - dump_invalid_creds(tsk->real_cred, "Real", tsk); 819 - if (tsk->cred != tsk->real_cred) 820 - dump_invalid_creds(tsk->cred, "Effective", tsk); 821 - else 822 - pr_err("Effective creds == Real creds\n"); 823 - BUG(); 824 - } 825 - EXPORT_SYMBOL(__validate_process_creds); 826 - 827 - /* 828 - * check creds for do_exit() 829 - */ 830 - void validate_creds_for_do_exit(struct task_struct *tsk) 831 - { 832 - kdebug("validate_creds_for_do_exit(%p,%p{%ld,%d})", 833 - tsk->real_cred, tsk->cred, 834 - atomic_long_read(&tsk->cred->usage), 835 - read_cred_subscribers(tsk->cred)); 836 - 837 - __validate_process_creds(tsk, __FILE__, __LINE__); 838 - } 839 - 840 - #endif /* CONFIG_DEBUG_CREDENTIALS */

-3

kernel/exit.c

··· 824 824 ptrace_event(PTRACE_EVENT_EXIT, code); 825 825 user_events_exit(tsk); 826 826 827 - validate_creds_for_do_exit(tsk); 828 - 829 827 io_uring_files_cancel(); 830 828 exit_signals(tsk); /* sets PF_EXITING */ 831 829 ··· 907 909 if (tsk->task_frag.page) 908 910 put_page(tsk->task_frag.page); 909 911 910 - validate_creds_for_do_exit(tsk); 911 912 exit_task_stack_account(tsk); 912 913 913 914 check_stack_usage();

-15

lib/Kconfig.debug

··· 1739 1739 1740 1740 endmenu 1741 1741 1742 - config DEBUG_CREDENTIALS 1743 - bool "Debug credential management" 1744 - depends on DEBUG_KERNEL 1745 - help 1746 - Enable this to turn on some debug checking for credential 1747 - management. The additional code keeps track of the number of 1748 - pointers from task_structs to any given cred struct, and checks to 1749 - see that this number never exceeds the usage count of the cred 1750 - struct. 1751 - 1752 - Furthermore, if SELinux is enabled, this also checks that the 1753 - security pointer in the cred struct is never seen to be invalid. 1754 - 1755 - If unsure, say N. 1756 - 1757 1742 source "kernel/rcu/Kconfig.debug" 1758 1743 1759 1744 config DEBUG_WQ_FORCE_RR_CPU

-3

net/sunrpc/auth.c

··· 40 40 41 41 static struct cred machine_cred = { 42 42 .usage = ATOMIC_INIT(1), 43 - #ifdef CONFIG_DEBUG_CREDENTIALS 44 - .magic = CRED_MAGIC, 45 - #endif 46 43 }; 47 44 48 45 /*

-6

security/selinux/hooks.c

··· 1660 1660 struct inode_security_struct *isec; 1661 1661 u32 sid; 1662 1662 1663 - validate_creds(cred); 1664 - 1665 1663 if (unlikely(IS_PRIVATE(inode))) 1666 1664 return 0; 1667 1665 ··· 3054 3056 struct inode_security_struct *isec; 3055 3057 u32 sid; 3056 3058 3057 - validate_creds(cred); 3058 - 3059 3059 ad.type = LSM_AUDIT_DATA_DENTRY; 3060 3060 ad.u.dentry = dentry; 3061 3061 sid = cred_sid(cred); ··· 3096 3100 /* No permission to check. Existence test. */ 3097 3101 if (!mask) 3098 3102 return 0; 3099 - 3100 - validate_creds(cred); 3101 3103 3102 3104 if (unlikely(IS_PRIVATE(inode))) 3103 3105 return 0;

-1

tools/objtool/noreturns.h

··· 6 6 * 7 7 * Yes, this is unfortunate. A better solution is in the works. 8 8 */ 9 - NORETURN(__invalid_creds) 10 9 NORETURN(__kunit_abort) 11 10 NORETURN(__module_put_and_kthread_exit) 12 11 NORETURN(__reiserfs_panic)

-1

tools/testing/selftests/bpf/config.x86_64

··· 50 50 CONFIG_CRYPTO_XXHASH=y 51 51 CONFIG_DCB=y 52 52 CONFIG_DEBUG_ATOMIC_SLEEP=y 53 - CONFIG_DEBUG_CREDENTIALS=y 54 53 CONFIG_DEBUG_INFO_BTF=y 55 54 CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y 56 55 CONFIG_DEBUG_MEMORY_INIT=y

-1

tools/testing/selftests/hid/config.common

··· 46 46 CONFIG_CRYPTO_XXHASH=y 47 47 CONFIG_DCB=y 48 48 CONFIG_DEBUG_ATOMIC_SLEEP=y 49 - CONFIG_DEBUG_CREDENTIALS=y 50 49 CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y 51 50 CONFIG_DEBUG_MEMORY_INIT=y 52 51 CONFIG_DEFAULT_FQ_CODEL=y