Replace the manual init_task root retrieval with scoped_with_init_fs() to temporarily override current->fs. This allows using the simpler filp_open() instead of the init_root() + file_open_root() pattern. open_file_as_root() ← sev_read_init_ex_file() / sev_write_init_ex_file() ← sev_platform_init() ← __sev_guest_init() ← KVM ioctl — user process context Needs init's root because the SEV init_ex file path should resolve against the real root, not a KVM user's chroot. Signed-off-by: Christian Brauner --- drivers/crypto/ccp/sev-dev.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 096f993974d1..4320054da0f6 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -260,20 +260,16 @@ static int sev_cmd_buffer_len(int cmd) static struct file *open_file_as_root(const char *filename, int flags, umode_t mode) { - struct path root __free(path_put) = {}; - - task_lock(&init_task); - get_fs_root(init_task.fs, &root); - task_unlock(&init_task); - CLASS(prepare_creds, cred)(); if (!cred) return ERR_PTR(-ENOMEM); cred->fsuid = GLOBAL_ROOT_UID; - scoped_with_creds(cred) - return file_open_root(&root, filename, flags, mode); + scoped_with_init_fs() { + scoped_with_creds(cred) + return filp_open(filename, flags, mode); + } } static int sev_read_init_ex_file(void) -- 2.47.3