From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id BD7DA15800A for ; Fri, 4 Aug 2023 00:27:12 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id F32E32BC016; Fri, 4 Aug 2023 00:27:11 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id D9AFC2BC016 for ; Fri, 4 Aug 2023 00:27:11 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id BB7B9340E0F for ; Fri, 4 Aug 2023 00:27:10 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 428D1B8B for ; Fri, 4 Aug 2023 00:27:09 +0000 (UTC) From: "Mike Gilbert" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Gilbert" Message-ID: <1691108787.143e5fd3b50fa7085c9c4eb66c103e3c6d1b64c7.floppym@gentoo> Subject: [gentoo-commits] proj/sandbox:stable-2.x commit in: libsandbox/ X-VCS-Repository: proj/sandbox X-VCS-Files: libsandbox/libsandbox.c X-VCS-Directories: libsandbox/ X-VCS-Committer: floppym X-VCS-Committer-Name: Mike Gilbert X-VCS-Revision: 143e5fd3b50fa7085c9c4eb66c103e3c6d1b64c7 X-VCS-Branch: stable-2.x Date: Fri, 4 Aug 2023 00:27:09 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 5c0d3b3a-1367-458a-a9c0-3f9f61819a2e X-Archives-Hash: 14c344a76a186f12385afe4e29290a11 commit: 143e5fd3b50fa7085c9c4eb66c103e3c6d1b64c7 Author: Mike Gilbert gentoo org> AuthorDate: Mon Jul 17 14:55:27 2023 +0000 Commit: Mike Gilbert gentoo org> CommitDate: Fri Aug 4 00:26:27 2023 +0000 URL: https://gitweb.gentoo.org/proj/sandbox.git/commit/?id=143e5fd3 libsandbox: skip checking access() without W_OK or R_OK mode If access/faccessat is called with F_OK or X_OK in the mode argument, there is no need to check the path. Bug: https://bugs.gentoo.org/910273 Signed-off-by: Mike Gilbert gentoo.org> (cherry picked from commit 8d6a4839ebd909903691e4a71d6a94b3809adc82) libsandbox/libsandbox.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/libsandbox/libsandbox.c b/libsandbox/libsandbox.c index e5f6d38..08b85ce 100644 --- a/libsandbox/libsandbox.c +++ b/libsandbox/libsandbox.c @@ -1095,8 +1095,11 @@ bool before_syscall_access(int dirfd, int sb_nr, const char *func, const char *f const char *ext_func; if (flags & W_OK) sb_nr = SB_NR_ACCESS_WR, ext_func = "access_wr"; - else + else if (flags & R_OK) sb_nr = SB_NR_ACCESS_RD, ext_func = "access_rd"; + else + /* Must be F_OK or X_OK; we do not need to check either. */ + return true; return before_syscall(dirfd, sb_nr, ext_func, file, flags); }