From nobody Tue Feb 10 05:27:05 2026
Received: from flow-a6-smtp.messagingengine.com
 (flow-a6-smtp.messagingengine.com [103.168.172.141])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id AEABE352F8A;
	Wed,  4 Feb 2026 05:08:38 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=103.168.172.141
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1770181718; cv=none;
 b=bjcwf3G6eI2aONgMdLDNaooXc9tAbbeydDX7NNTLq8yRwm+qOmPzMm+2El/Zq/VC+9lpN6OK1lP7qOhLwEKs73F4XEq/h02SI5VLHSzJsiXYr7HNAeqqGGNzgUq0CmQ8ngdIJGsot4+rgwk+t8cW72TWxk8gEAUQuxoM7bz7JsU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1770181718; c=relaxed/simple;
	bh=pNnjOc5fmEcwQUqR2kkDoAOFhmAX4yVyKqWdqZOoepM=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=ejMcLljjBbCudebFWVZqODxeDmtRFAPoA2FbNNMisstCYABhUMMgyB+8LltZrqJm0Hk77gFSHt3WbKB4tsaTulkUBGmG3fMH09zb7g3fSjg2Ij2BMbpQPdkUeWhjl3SDNmrRBjav8/5PIvbU8T9hClaffHUU+BlouH4fx0ufFgc=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=ownmail.net;
 spf=pass smtp.mailfrom=ownmail.net;
 dkim=pass (2048-bit key) header.d=ownmail.net header.i=@ownmail.net
 header.b=MXE/qyXA;
 dkim=pass (2048-bit key) header.d=messagingengine.com header.i=@messagingengine.com
 header.b=fb6DeRDI; arc=none smtp.client-ip=103.168.172.141
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=ownmail.net
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=ownmail.net
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=ownmail.net header.i=@ownmail.net
 header.b="MXE/qyXA";
	dkim=pass (2048-bit key) header.d=messagingengine.com
 header.i=@messagingengine.com header.b="fb6DeRDI"
Received: from phl-compute-07.internal (phl-compute-07.internal [10.202.2.47])
	by mailflow.phl.internal (Postfix) with ESMTP id 26B801380785;
	Wed,  4 Feb 2026 00:08:38 -0500 (EST)
Received: from phl-frontend-03 ([10.202.2.162])
  by phl-compute-07.internal (MEProxy); Wed, 04 Feb 2026 00:08:38 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ownmail.net; h=
	cc:cc:content-transfer-encoding:content-type:date:date:from:from
	:in-reply-to:in-reply-to:message-id:mime-version:references
	:reply-to:reply-to:subject:subject:to:to; s=fm3; t=1770181718;
	 x=1770188918; bh=8wI2eoS5Ti0e8e9a5OXGf4ICfst25BignuwQVay1myA=; b=
	MXE/qyXAO0SlibBo/pe9gHtfQbldudp4yLTK4aISviPikND1RrYRXxvbI1j/RajE
	yJ+x8Y6R49TL9etkHnQLkdFi5B7eRU+tBZFHwfZhUmfJQ+2CBVyWg/elDu/RfJPv
	Wekfj7kHXKYQh5k0uYFczMMMYaSRdikAfeV7E4U0Q7l4BscWYDjA+0aWRoyaqEPa
	RXU2UKxtNIpC3AmNBTcoGO7eQvtttO4GPmfSa4YSbWagFkkPHObAMmjCR2fx2sYm
	TxWXSWke9uqBqM9A8zDle/FguWenrQs0whblpMFI0jao0xMeNY9DrLNKSR9bM3YI
	xUTyJp/H++0pCUMlwi4ZsA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:cc:content-transfer-encoding
	:content-type:date:date:feedback-id:feedback-id:from:from
	:in-reply-to:in-reply-to:message-id:mime-version:references
	:reply-to:reply-to:subject:subject:to:to:x-me-proxy:x-me-sender
	:x-me-sender:x-sasl-enc; s=fm3; t=1770181718; x=1770188918; bh=8
	wI2eoS5Ti0e8e9a5OXGf4ICfst25BignuwQVay1myA=; b=fb6DeRDItfriYices
	U725N5r6W1CZEi9lKyh2eHtQ5QPZhuyxFRJklTnkZ/5p4ygYhmm32OwOmRsNzT9B
	xezOFIhjwBGHRR3HcienKwgx1r4+ri7pQ49HAeAjyuqBvpHJorToPTFdTIWkVXqs
	xCxyeaL8trBKh2wUnaCrf+gQkneQZd2Zj10wwwaS2ya2BwxfnfrlcZaRugr8BnkL
	WyASw4Y3xSsTcoPhVH9AdWOgmKForQPcyTnNyyj5MDJSrB5BHc9afYWV2ZmvRIDu
	P5vsrCUyTPCHv24TLe4Ob7bJ3tlrKc0RJ59sBZFg7bZhn26xTQl5gLZEiC3s2ErA
	tgyLw==
X-ME-Sender: <xms:VdSCadVP2MH30OR1h8dWkFax2GSKzTZKUzgb2lhJR4yyO5pB9p02sA>
    <xme:VdSCaZICQfWPk40Qj-9vYoXwyKN6HMaXg0stz9trcbFlcwOhX0S7PZOdls9CKYyyN
    cp8OlkzObgeYUKY9RJkYHLcHOfzQxfqyOuZEtJWDrXNUAMmPh8>
X-ME-Received: 
 <xmr:VdSCaZbgj51ZaQMj8q2_ltLnUSB4VyOZvc1ufN-yZRuFb_hl1LvCJvuizA3XzTgNuTmUM8ga5vOBrFje9vhZ9Jla278DVurPEdg4Nhp3mlJV>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgeefgedrtddtgddukedukeeiucetufdoteggodetrf
    dotffvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfurfetoffkrfgpnffqhgenuceu
    rghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujf
    gurhephffvvefufffkofgjfhhrggfgsedtkeertdertddtnecuhfhrohhmpefpvghilheu
    rhhofihnuceonhgvihhlsgesohifnhhmrghilhdrnhgvtheqnecuggftrfgrthhtvghrnh
    epveevkeffudeuvefhieeghffgudektdelkeejiedtjedugfeukedvkeffvdefvddunecu
    vehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepnhgvihhlsg
    esohifnhhmrghilhdrnhgvthdpnhgspghrtghpthhtohepvddupdhmohguvgepshhmthhp
    ohhuthdprhgtphhtthhopehvihhrohesiigvnhhivhdrlhhinhhugidrohhrghdruhhkpd
    hrtghpthhtohepshgvlhhinhhugiesvhhgvghrrdhkvghrnhgvlhdrohhrghdprhgtphht
    thhopehlihhnuhigqdhunhhiohhnfhhssehvghgvrhdrkhgvrhhnvghlrdhorhhgpdhrtg
    hpthhtoheplhhinhhugidqshgvtghurhhithihqdhmohguuhhlvgesvhhgvghrrdhkvghr
    nhgvlhdrohhrghdprhgtphhtthhopehlihhnuhigqdhnfhhssehvghgvrhdrkhgvrhhnvg
    hlrdhorhhgpdhrtghpthhtoheplhhinhhugidqkhgvrhhnvghlsehvghgvrhdrkhgvrhhn
    vghlrdhorhhgpdhrtghpthhtoheplhhinhhugidqfhhsuggvvhgvlhesvhhgvghrrdhkvg
    hrnhgvlhdrohhrghdprhgtphhtthhopehmihhklhhoshesshiivghrvgguihdrhhhupdhr
    tghpthhtohepjhgrtghksehsuhhsvgdrtgii
X-ME-Proxy: <xmx:VdSCaVRXonrb6RplrVMiPA590J-M8hza80CYNBfxD0-ALcPQmLk-nQ>
    <xmx:VdSCaZi3MMO7_XbpxrPd3vKjaGax9sQLzBHI85Q2SlxOjE9ugsekHQ>
    <xmx:VdSCaZuLc_1UNVdCfQlMd7fuoY6MQiBEqZY6oHtD08zD0pGaQ_ZyLw>
    <xmx:VdSCaTwMzHJ76pqwzf3zAjInGkdIMMuCcoQNmZHbIwx53gTbJcxJhQ>
    <xmx:VtSCaZKE0Zkxx0LWDOG1ADgZwR4l3Dj0T0T6XZ9W5NYakgoGwbZ_oCDh>
Feedback-ID: iab3e480c:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Wed,
 4 Feb 2026 00:08:32 -0500 (EST)
From: NeilBrown <neilb@ownmail.net>
To: Christian Brauner <brauner@kernel.org>,
	Alexander Viro <viro@zeniv.linux.org.uk>,
	David Howells <dhowells@redhat.com>,
	Jan Kara <jack@suse.cz>,
	Chuck Lever <chuck.lever@oracle.com>,
	Jeff Layton <jlayton@kernel.org>,
	Miklos Szeredi <miklos@szeredi.hu>,
	Amir Goldstein <amir73il@gmail.com>,
	John Johansen <john.johansen@canonical.com>,
	Paul Moore <paul@paul-moore.com>,
	James Morris <jmorris@namei.org>,
	"Serge E. Hallyn" <serge@hallyn.com>,
	Stephen Smalley <stephen.smalley.work@gmail.com>
Cc: linux-kernel@vger.kernel.org,
	netfs@lists.linux.dev,
	linux-fsdevel@vger.kernel.org,
	linux-nfs@vger.kernel.org,
	linux-unionfs@vger.kernel.org,
	apparmor@lists.ubuntu.com,
	linux-security-module@vger.kernel.org,
	selinux@vger.kernel.org
Subject: [PATCH 04/13] Apparmor: Use simple_start_creating() /
 simple_done_creating()
Date: Wed,  4 Feb 2026 15:57:48 +1100
Message-ID: <20260204050726.177283-5-neilb@ownmail.net>
X-Mailer: git-send-email 2.50.0.107.gf914562f5916.dirty
In-Reply-To: <20260204050726.177283-1-neilb@ownmail.net>
References: <20260204050726.177283-1-neilb@ownmail.net>
Reply-To: NeilBrown <neil@brown.name>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

From: NeilBrown <neil@brown.name>

Instead of explicitly locking the parent and performing a look up in
apparmor, use simple_start_creating(), and then simple_done_creating()
to unlock and drop the dentry.

This removes the need to check for an existing entry (as
simple_start_creating() acts like an exclusive create and can return
-EEXIST), simplifies error paths, and keeps dir locking code
centralised.

Signed-off-by: NeilBrown <neil@brown.name>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
---
 security/apparmor/apparmorfs.c | 38 ++++++++--------------------------
 1 file changed, 9 insertions(+), 29 deletions(-)

diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 907bd2667e28..7f78c36e6e50 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -282,32 +282,19 @@ static struct dentry *aafs_create(const char *name, u=
mode_t mode,
=20
 	dir =3D d_inode(parent);
=20
-	inode_lock(dir);
-	dentry =3D lookup_noperm(&QSTR(name), parent);
+	dentry =3D simple_start_creating(parent, name);
 	if (IS_ERR(dentry)) {
 		error =3D PTR_ERR(dentry);
-		goto fail_lock;
-	}
-
-	if (d_really_is_positive(dentry)) {
-		error =3D -EEXIST;
-		goto fail_dentry;
+		goto fail;
 	}
=20
 	error =3D __aafs_setup_d_inode(dir, dentry, mode, data, link, fops, iops);
+	simple_done_creating(dentry);
 	if (error)
-		goto fail_dentry;
-	inode_unlock(dir);
-
-	return dentry;
-
-fail_dentry:
-	dput(dentry);
-
-fail_lock:
-	inode_unlock(dir);
+		goto fail;
+	return 0;
+fail:
 	simple_release_fs(&aafs_mnt, &aafs_count);
-
 	return ERR_PTR(error);
 }
=20
@@ -2572,8 +2559,7 @@ static int aa_mk_null_file(struct dentry *parent)
 	if (error)
 		return error;
=20
-	inode_lock(d_inode(parent));
-	dentry =3D lookup_noperm(&QSTR(NULL_FILE_NAME), parent);
+	dentry =3D simple_start_creating(parent, NULL_FILE_NAME);
 	if (IS_ERR(dentry)) {
 		error =3D PTR_ERR(dentry);
 		goto out;
@@ -2581,7 +2567,7 @@ static int aa_mk_null_file(struct dentry *parent)
 	inode =3D new_inode(parent->d_inode->i_sb);
 	if (!inode) {
 		error =3D -ENOMEM;
-		goto out1;
+		goto out;
 	}
=20
 	inode->i_ino =3D get_next_ino();
@@ -2593,18 +2579,12 @@ static int aa_mk_null_file(struct dentry *parent)
 	aa_null.dentry =3D dget(dentry);
 	aa_null.mnt =3D mntget(mount);
=20
-	error =3D 0;
-
-out1:
-	dput(dentry);
 out:
-	inode_unlock(d_inode(parent));
+	simple_done_creating(dentry);
 	simple_release_fs(&mount, &count);
 	return error;
 }
=20
-
-
 static const char *policy_get_link(struct dentry *dentry,
 				   struct inode *inode,
 				   struct delayed_call *done)
--=20
2.50.0.107.gf914562f5916.dirty