From mboxrd@z Thu Jan  1 00:00:00 1970
From: Mateusz Guzik <mguzik@redhat.com>
Subject: [PATCH 0/2] avoid prepare_creds in faccessat when possible
Date: Mon,  9 Mar 2015 21:35:45 +0100
Message-ID: <1425933347-6080-1-git-send-email-mguzik@redhat.com>
Cc: Paul Moore <pmoore@redhat.com>, Eric Paris <eparis@redhat.com>,
	linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux-security-module@vger.kernel.org
To: Alexander Viro <viro@zeniv.linux.org.uk>,
	Serge Hallyn <serge.hallyn@canonical.com>
Return-path: <linux-security-module-owner@vger.kernel.org>
Sender: linux-security-module-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

Sometimes faccessat needs to modify current thread's credentials, but
calls prepare_creds unconditionally.

However, typically resulting credentials are identical to original ones
and in that case newcredentials are unnecessary. We can detect this before
allocating anything.

This patch series adds a helper which allows comparing capability sets and
modifies faccessat to use it.

Mateusz Guzik (2):
  CAPABILITIES: add cap_isequal helper
  fs: avoid unnecessary prepare_creds in faccessat

 fs/open.c                  | 53 ++++++++++++++++++++++++++++++----------------
 include/linux/capability.h | 10 +++++++++
 2 files changed, 45 insertions(+), 18 deletions(-)

-- 
1.8.3.1