From patchwork Mon Mar  9 20:35:47 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Mateusz Guzik <mguzik@redhat.com>
X-Patchwork-Id: 5971151
Return-Path: <linux-fsdevel-owner@kernel.org>
X-Original-To: patchwork-linux-fsdevel@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id 4E12C9F380
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Mon,  9 Mar 2015 20:36:14 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 724932044B
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Mon,  9 Mar 2015 20:36:13 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 7A0C9201FA
	for <patchwork-linux-fsdevel@patchwork.kernel.org>;
	Mon,  9 Mar 2015 20:36:11 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754044AbbCIUgG (ORCPT
	<rfc822;patchwork-linux-fsdevel@patchwork.kernel.org>);
	Mon, 9 Mar 2015 16:36:06 -0400
Received: from mx1.redhat.com ([209.132.183.28]:50496 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753692AbbCIUgD (ORCPT <rfc822;linux-fsdevel@vger.kernel.org>);
	Mon, 9 Mar 2015 16:36:03 -0400
Received: from int-mx09.intmail.prod.int.phx2.redhat.com
	(int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22])
	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id t29Ka1hf024691
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256
	verify=FAIL); Mon, 9 Mar 2015 16:36:01 -0400
Received: from localhost.localdomain (ovpn-116-22.ams2.redhat.com
	[10.36.116.22])
	by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with
	ESMTP id t29KZmYj031311; Mon, 9 Mar 2015 16:35:57 -0400
From: Mateusz Guzik <mguzik@redhat.com>
To: Alexander Viro <viro@zeniv.linux.org.uk>,
	Serge Hallyn <serge.hallyn@canonical.com>
Cc: Paul Moore <pmoore@redhat.com>, Eric Paris <eparis@redhat.com>,
	linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org
Subject: [PATCH 2/2] fs: avoid unnecessary prepare_creds in faccessat
Date: Mon,  9 Mar 2015 21:35:47 +0100
Message-Id: <1425933347-6080-3-git-send-email-mguzik@redhat.com>
In-Reply-To: <1425933347-6080-1-git-send-email-mguzik@redhat.com>
References: <1425933347-6080-1-git-send-email-mguzik@redhat.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22
Sender: linux-fsdevel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-fsdevel.vger.kernel.org>
X-Mailing-List: linux-fsdevel@vger.kernel.org
X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	T_RP_MATCHES_RCVD,
	UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

Sometimes faccessat needs to modify current thread's credentials, but
calls prepare_creds unconditionally.

Take advantage of the fact that we can detect whether any modification
to credentials is needed and in turn avoid unnecessary allocations.

Signed-off-by: Mateusz Guzik <mguzik@redhat.com>
---
 fs/open.c | 53 +++++++++++++++++++++++++++++++++++------------------
 1 file changed, 35 insertions(+), 18 deletions(-)

diff --git a/fs/open.c b/fs/open.c
index 33f9cbf..166eb45 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -330,8 +330,10 @@ SYSCALL_DEFINE4(fallocate, int, fd, int, mode, loff_t, offset, loff_t, len)
  */
 SYSCALL_DEFINE3(faccessat, int, dfd, const char __user *, filename, int, mode)
 {
-	const struct cred *old_cred;
-	struct cred *override_cred;
+	const struct cred *old_cred = current_cred();
+	struct cred *override_cred = NULL;
+	kernel_cap_t cap_effective;
+	int modify_cap_effective = 0;
 	struct path path;
 	struct inode *inode;
 	int res;
@@ -340,24 +342,37 @@ SYSCALL_DEFINE3(faccessat, int, dfd, const char __user *, filename, int, mode)
 	if (mode & ~S_IRWXO)	/* where's F_OK, X_OK, W_OK, R_OK? */
 		return -EINVAL;
 
-	override_cred = prepare_creds();
-	if (!override_cred)
-		return -ENOMEM;
-
-	override_cred->fsuid = override_cred->uid;
-	override_cred->fsgid = override_cred->gid;
-
 	if (!issecure(SECURE_NO_SETUID_FIXUP)) {
 		/* Clear the capabilities if we switch to a non-root user */
-		kuid_t root_uid = make_kuid(override_cred->user_ns, 0);
-		if (!uid_eq(override_cred->uid, root_uid))
-			cap_clear(override_cred->cap_effective);
-		else
-			override_cred->cap_effective =
-				override_cred->cap_permitted;
+		kuid_t root_uid = make_kuid(old_cred->user_ns, 0);
+		if (!uid_eq(old_cred->uid, root_uid)) {
+			if (!cap_isclear(old_cred->cap_effective)) {
+				cap_clear(cap_effective);
+				modify_cap_effective = 1;
+			}
+		} else {
+			if (!cap_isequal(old_cred->cap_effective,
+				old_cred->cap_permitted)) {
+				cap_effective = old_cred->cap_permitted;
+				modify_cap_effective = 1;
+			}
+		}
 	}
 
-	old_cred = override_creds(override_cred);
+	if (!uid_eq(old_cred->fsuid, old_cred->uid) ||
+	    !gid_eq(old_cred->fsgid, old_cred->gid) ||
+	    modify_cap_effective) {
+		override_cred = prepare_creds();
+		if (!override_cred)
+			return -ENOMEM;
+
+		override_cred->fsuid = override_cred->uid;
+		override_cred->fsgid = override_cred->gid;
+		if (modify_cap_effective)
+			override_cred->cap_effective = cap_effective;
+
+		override_creds(override_cred);
+	}
 retry:
 	res = user_path_at(dfd, filename, lookup_flags, &path);
 	if (res)
@@ -399,8 +414,10 @@ out_path_release:
 		goto retry;
 	}
 out:
-	revert_creds(old_cred);
-	put_cred(override_cred);
+	if (override_cred) {
+		revert_creds(old_cred);
+		put_cred(override_cred);
+	}
 	return res;
 }