Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / 64db4c7f4c1dde23d47b60f887000e28f82b268f
commit64db4c7f4c1dde23d47b60f887000e28f82b268f[log] [tgz]
authorKirill Tkhai <ktkhai@virtuozzo.com>Tue May 02 20:11:52 2017 +0300
committerEric W. Biederman <ebiederm@xmission.com>Thu Jul 20 07:46:06 2017 -0500
treee7f344fb2015e7c138fc1d05804da2969c205be9
parenta2b426267c56773201f968fdb5eda6ab9ae94e34 [diff]
security: Use user_namespace::level to avoid redundant iterations in cap_capable()

When ns->level is not larger then cred->user_ns->level,
then ns can't be cred->user_ns's descendant, and
there is no a sense to search in parents.

So, break the cycle earlier and skip needless iterations.

v2: Change comment on suggested by Andy Lutomirski.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
1 file changed
tree: e7f344fb2015e7c138fc1d05804da2969c205be9
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README