On Monday, March 09, 2015 09:35:46 PM Mateusz Guzik wrote: > Can be used to determine whether two given sets have the same > capabilities. > > Signed-off-by: Mateusz Guzik <[email protected]> > --- > include/linux/capability.h | 10 ++++++++++ > 1 file changed, 10 insertions(+) > > diff --git a/include/linux/capability.h b/include/linux/capability.h > index af9f0b9..2fcf941 100644 > --- a/include/linux/capability.h > +++ b/include/linux/capability.h > @@ -155,6 +155,16 @@ static inline int cap_isclear(const kernel_cap_t a) > return 1; > } > > +static inline int cap_isequal(const kernel_cap_t a, const kernel_cap_t b) > +{ > + unsigned __capi; > + CAP_FOR_EACH_U32(__capi) { > + if (a.cap[__capi] != b.cap[__capi]) > + return 0; > + } > + return 1; > +}
I realize it is currently only a two pass loop so probably not that big of a deal, but couldn't you accomplish the same with a memcmp()? I suppose the above implementation might be faster than those architectures which use the generic memcmp() implementation, but I wonder if the arch-specific memcmp() implementations would be faster. Also, what is the main motivation for this patchset? Do you have a workload that is being hit hard by prepare_creds()? -- paul moore security @ redhat -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
