Avoid checking for privileges if there is no need to.

Discussed with: rwatson
author: pjd <pjd@FreeBSD.org> 2007-03-01 20:38:24 +0000
committer: pjd <pjd@FreeBSD.org> 2007-03-01 20:38:24 +0000
commit: 9558665f1e9f1f9706571aaa461046ce5b51544e (patch)
tree: 63f80dc58e09bd7368c1fc36f80e0a5cb3f09a2b /sys/ufs
parent: 62de975b4dd173f6b7bf54718b6fab2809bec4fb (diff)
download: FreeBSD-src-9558665f1e9f1f9706571aaa461046ce5b51544e.zip
FreeBSD-src-9558665f1e9f1f9706571aaa461046ce5b51544e.tar.gz
2 files changed, 18 insertions, 13 deletions
diff --git a/sys/ufs/ffs/ffs_vnops.c b/sys/ufs/ffs/ffs_vnops.c
index 0e323f7..2a6ce6b 100644
--- a/sys/ufs/ffs/ffs_vnops.c
+++ b/sys/ufs/ffs/ffs_vnops.c
@@ -788,11 +788,13 @@ ffs_write(ap)
 	 * we clear the setuid and setgid bits as a precaution against
 	 * tampering.
 	 */
-	if (resid > uio->uio_resid && ap->a_cred && 
-	    priv_check_cred(ap->a_cred, PRIV_VFS_CLEARSUGID,
-	    SUSER_ALLOWJAIL)) {
-		ip->i_mode &= ~(ISUID | ISGID);
-		DIP_SET(ip, i_mode, ip->i_mode);
+	if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid &&
+	    ap->a_cred) {
+		if (priv_check_cred(ap->a_cred, PRIV_VFS_CLEARSUGID,
+		    SUSER_ALLOWJAIL)) {
+			ip->i_mode &= ~(ISUID | ISGID);
+			DIP_SET(ip, i_mode, ip->i_mode);
+		}
 	}
 	if (error) {
 		if (ioflag & IO_UNIT) {
@@ -1115,10 +1117,12 @@ ffs_extwrite(struct vnode *vp, struct uio *uio, int ioflag, struct ucred *ucred)
 	 * we clear the setuid and setgid bits as a precaution against
 	 * tampering.
 	 */
-	if (resid > uio->uio_resid && ucred && 
-	    priv_check_cred(ucred, PRIV_VFS_CLEARSUGID, SUSER_ALLOWJAIL)) {
-		ip->i_mode &= ~(ISUID | ISGID);
-		dp->di_mode = ip->i_mode;
+	if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid && ucred) {
+		if (priv_check_cred(ap->a_cred, PRIV_VFS_CLEARSUGID,
+		    SUSER_ALLOWJAIL)) {
+			ip->i_mode &= ~(ISUID | ISGID);
+			dp->di_mode = ip->i_mode;
+		}
 	}
 	if (error) {
 		if (ioflag & IO_UNIT) {
diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c
index 3c74f79..8ea9ab9 100644
--- a/sys/ufs/ufs/ufs_vnops.c
+++ b/sys/ufs/ufs/ufs_vnops.c
@@ -786,10 +786,11 @@ good:
 		panic("ufs_chown: lost quota");
 #endif /* QUOTA */
 	ip->i_flag |= IN_CHANGE;
-	if (priv_check_cred(cred, PRIV_VFS_CLEARSUGID, SUSER_ALLOWJAIL) &&
-	    (ouid != uid || ogid != gid)) {
-		ip->i_mode &= ~(ISUID | ISGID);
-		DIP_SET(ip, i_mode, ip->i_mode);
+	if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) {
+		if (priv_check_cred(cred, PRIV_VFS_CLEARSUGID, SUSER_ALLOWJAIL)) {
+			ip->i_mode &= ~(ISUID | ISGID);
+			DIP_SET(ip, i_mode, ip->i_mode);
+		}
 	}
 	return (0);
 }
author	pjd <pjd@FreeBSD.org>	2007-03-01 20:38:24 +0000
committer	pjd <pjd@FreeBSD.org>	2007-03-01 20:38:24 +0000
commit	9558665f1e9f1f9706571aaa461046ce5b51544e (patch)
tree	63f80dc58e09bd7368c1fc36f80e0a5cb3f09a2b /sys/ufs
parent	62de975b4dd173f6b7bf54718b6fab2809bec4fb (diff)
download	FreeBSD-src-9558665f1e9f1f9706571aaa461046ce5b51544e.zip FreeBSD-src-9558665f1e9f1f9706571aaa461046ce5b51544e.tar.gz