cgroup: fix and restructure error handling in copy_cgroup_ns()

copy_cgroup_ns()'s error handling was broken and the attempt to fix it
d22025570e ("cgroup: fix alloc_cgroup_ns() error handling in
copy_cgroup_ns()") was broken too in that it ended up trying an
ERR_PTR() value.

There's only one place where copy_cgroup_ns() needs to perform cleanup
after failure.  Simplify and fix the error handling by removing the
goto's.

Signed-off-by: Tejun Heo <tj@kernel.org>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>

kernel/cgroup.c

@@ -6058,9 +6058,8 @@ struct cgroup_namespace *copy_cgroup_ns(unsigned long flags,
 					struct user_namespace *user_ns,
 					struct cgroup_namespace *old_ns)
 {
-	struct cgroup_namespace *new_ns = NULL;
-	struct css_set *cset = NULL;
-	int err;
+	struct cgroup_namespace *new_ns;
+	struct css_set *cset;
 
 	BUG_ON(!old_ns);
 
@@ -6070,9 +6069,8 @@ struct cgroup_namespace *copy_cgroup_ns(unsigned long flags,
 	}
 
 	/* Allow only sysadmin to create cgroup namespace. */
-	err = -EPERM;
 	if (!ns_capable(user_ns, CAP_SYS_ADMIN))
-		goto err_out;
+		return ERR_PTR(-EPERM);
 
 	mutex_lock(&cgroup_mutex);
 	spin_lock_bh(&css_set_lock);
@@ -6085,20 +6083,14 @@ struct cgroup_namespace *copy_cgroup_ns(unsigned long flags,
 
 	new_ns = alloc_cgroup_ns();
 	if (IS_ERR(new_ns)) {
-		err = PTR_ERR(new_ns);
-		goto err_out;
+		put_css_set(cset);
+		return new_ns;
 	}
 
 	new_ns->user_ns = get_user_ns(user_ns);
 	new_ns->root_cset = cset;
 
 	return new_ns;
-
-err_out:
-	if (cset)
-		put_css_set(cset);
-	kfree(new_ns);
-	return ERR_PTR(err);
 }
 
 static inline struct cgroup_namespace *to_cg_ns(struct ns_common *ns)