Avoid checking for privileges if there is no need to.

Discussed with: rwatson
svn path=/head/; revision=167151
2007-03-01 20:38:24 +00:00 · 2007-03-01 20:38:24 +00:00 · 3b2eb461e0 · 2020-12-20 02:59:44 +00:00
commit 3b2eb461e0
parent 6f7ca813c4
3 changed files with 19 additions and 14 deletions
--- a/sys/gnu/fs/ext2fs/ext2_vnops.c
+++ b/sys/gnu/fs/ext2fs/ext2_vnops.c
@ -596,7 +596,7 @@ ext2_chown(vp, uid, gid, cred, td)
 	ip->i_gid = gid;
 	ip->i_uid = uid;
 	ip->i_flag |= IN_CHANGE;
-	if (ouid != uid || ogid != gid) {
+	if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) {
 		if (priv_check_cred(cred, PRIV_VFS_CLEARSUGID,
 		    SUSER_ALLOWJAIL) != 0)
 			ip->i_mode &= ~(ISUID | ISGID);
--- a/sys/ufs/ffs/ffs_vnops.c
+++ b/sys/ufs/ffs/ffs_vnops.c
@ -788,11 +788,13 @@ ffs_write(ap)
 	 * we clear the setuid and setgid bits as a precaution against
 	 * tampering.
 	 */
-	if (resid > uio->uio_resid && ap->a_cred && 
-	    priv_check_cred(ap->a_cred, PRIV_VFS_CLEARSUGID,
-	    SUSER_ALLOWJAIL)) {
-		ip->i_mode &= ~(ISUID | ISGID);
-		DIP_SET(ip, i_mode, ip->i_mode);
+	if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid &&
+	    ap->a_cred) {
+		if (priv_check_cred(ap->a_cred, PRIV_VFS_CLEARSUGID,
+		    SUSER_ALLOWJAIL)) {
+			ip->i_mode &= ~(ISUID | ISGID);
+			DIP_SET(ip, i_mode, ip->i_mode);
+		}
 	}
 	if (error) {
 		if (ioflag & IO_UNIT) {
@ -1115,10 +1117,12 @@ ffs_extwrite(struct vnode *vp, struct uio *uio, int ioflag, struct ucred *ucred)
 	 * we clear the setuid and setgid bits as a precaution against
 	 * tampering.
 	 */
-	if (resid > uio->uio_resid && ucred && 
-	    priv_check_cred(ucred, PRIV_VFS_CLEARSUGID, SUSER_ALLOWJAIL)) {
-		ip->i_mode &= ~(ISUID | ISGID);
-		dp->di_mode = ip->i_mode;
+	if ((ip->i_mode & (ISUID | ISGID)) && resid > uio->uio_resid && ucred) {
+		if (priv_check_cred(ap->a_cred, PRIV_VFS_CLEARSUGID,
+		    SUSER_ALLOWJAIL)) {
+			ip->i_mode &= ~(ISUID | ISGID);
+			dp->di_mode = ip->i_mode;
+		}
 	}
 	if (error) {
 		if (ioflag & IO_UNIT) {
--- a/sys/ufs/ufs/ufs_vnops.c
+++ b/sys/ufs/ufs/ufs_vnops.c
@ -786,10 +786,11 @@ ufs_chown(vp, uid, gid, cred, td)
 		panic("ufs_chown: lost quota");
 #endif /* QUOTA */
 	ip->i_flag |= IN_CHANGE;
-	if (priv_check_cred(cred, PRIV_VFS_CLEARSUGID, SUSER_ALLOWJAIL) &&
-	    (ouid != uid || ogid != gid)) {
-		ip->i_mode &= ~(ISUID | ISGID);
-		DIP_SET(ip, i_mode, ip->i_mode);
+	if ((ip->i_mode & (ISUID | ISGID)) && (ouid != uid || ogid != gid)) {
+		if (priv_check_cred(cred, PRIV_VFS_CLEARSUGID, SUSER_ALLOWJAIL)) {
+			ip->i_mode &= ~(ISUID | ISGID);
+			DIP_SET(ip, i_mode, ip->i_mode);
+		}
 	}
 	return (0);
 }