From cperon@staff.seccuris.com  Thu Apr  1 07:57:27 2004
Return-Path: <cperon@staff.seccuris.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7C29716A4CE
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  1 Apr 2004 07:57:27 -0800 (PST)
Received: from staff.seccuris.com (staff.seccuris.com [204.112.0.40])
	by mx1.FreeBSD.org (Postfix) with SMTP id E431E43D31
	for <FreeBSD-gnats-submit@freebsd.org>; Thu,  1 Apr 2004 07:57:26 -0800 (PST)
	(envelope-from cperon@staff.seccuris.com)
Received: (qmail 82079 invoked by uid 1006); 1 Apr 2004 15:57:26 -0000
Message-Id: <20040401155726.82078.qmail@staff.seccuris.com>
Date: 1 Apr 2004 15:57:26 -0000
From: Christian S.J.Peron <maneo@bsdpro.com>
Reply-To: Christian S.J.Peron <maneo@bsdpro.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [patch] Minimize CPU cycles used by ls(1) when processing ACLs
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         65042
>Category:       bin
>Synopsis:       [patch] Minimize CPU cycles used by ls(1) when processing ACLs
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    rwatson
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Apr 01 08:00:35 PST 2004
>Closed-Date:    Sat Apr 03 09:12:35 PST 2004
>Last-Modified:  Sat Apr 03 09:12:35 PST 2004
>Originator:     Christian S.J. Peron
>Release:        FreeBSD 5.2.1-RELEASE-p3 i386
>Organization:
>Environment:
System: FreeBSD dev 5.2.1-RELEASE-p3 FreeBSD 5.2.1-RELEASE-p3 #5: Tue Mar 23 00:19:58 GMT 2004     cperon@dev:/usr/src/sys/i386/compile/XOR  i386 

	
>Description:
	Currently ls(1) will iterate through every ACL associated with a
	file when it determines whether or not the file has implemented
	extended ACLs.

	In reality with access ACLs, (being an extension of
	regular file permissions) the loop could terminate once it detects
	greater than 3 ACLs for the file.

	This makes the loop O(4) rather than O(n).
 
>How-To-Repeat:
	N/A
>Fix:
--- bin/ls/print.c.bak	Thu Apr  1 15:09:14 2004
+++ bin/ls/print.c	Thu Apr  1 15:20:16 2004
@@ -694,11 +694,16 @@
 	*haveacls = 1;
 	if ((facl = acl_get_file(name, ACL_TYPE_ACCESS)) != NULL) {
 		if (acl_get_entry(facl, ACL_FIRST_ENTRY, &ae) == 1) {
-			entries = 0;
-			do
-				entries++;
-			while (acl_get_entry(facl, ACL_NEXT_ENTRY, &ae) == 1);
-			if (entries != 3)
+			entries = 1;
+			while (acl_get_entry(facl, ACL_NEXT_ENTRY, &ae) == 1) 
+				if (entries++ > 3)
+					break;
+			/*
+			 * POSIX.1e requires that ACLs of type ACL_TYPE_ACCESS
+			 * must have at least three entries owner, group and other.
+			 * So anything with more than 3 ACLs looks interesting to us.
+			 */
+			if (entries > 3)
 				buf[10] = '+';
 		}
 		acl_free(facl);
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->rwatson 
Responsible-Changed-By: kris 
Responsible-Changed-When: Fri Apr 2 21:06:20 PST 2004 
Responsible-Changed-Why:  
rwatson likes ACLs 

http://www.freebsd.org/cgi/query-pr.cgi?pr=65042 
State-Changed-From-To: open->closed 
State-Changed-By: bmilekic 
State-Changed-When: Sat Apr 3 09:12:08 PST 2004 
State-Changed-Why:  
I took care of this too. Committed slightly modified patch. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=65042 
>Unformatted:
