From 36bac2dcba7ee77d80900af6ddba347242ffe7a5 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Fri, 19 Aug 2022 16:45:08 +0200
Subject: [PATCH] basic/user-util: avoid filesystem access check

The check of u==UID_NOBODY is just a register comparison, but
synthesize_nobody() requires a system call, so let's invert the order in the
condition. Since most calls into this module are not for nobody, we should
save one syscall in the common case.
---
 src/basic/user-util.c | 21 +++++++++------------
 1 file changed, 9 insertions(+), 12 deletions(-)

diff --git a/src/basic/user-util.c b/src/basic/user-util.c
index 37ccb667b27..e705f703ead 100644
--- a/src/basic/user-util.c
+++ b/src/basic/user-util.c
@@ -196,8 +196,8 @@ static int synthesize_user_creds(
                 return 0;
         }
 
-        if (synthesize_nobody() &&
-            STR_IN_SET(*username, NOBODY_USER_NAME, "65534")) {
+        if (STR_IN_SET(*username, NOBODY_USER_NAME, "65534") &&
+            synthesize_nobody()) {
                 *username = NOBODY_USER_NAME;
 
                 if (uid)
@@ -341,8 +341,8 @@ int get_group_creds(const char **groupname, gid_t *gid, UserCredsFlags flags) {
                 return 0;
         }
 
-        if (synthesize_nobody() &&
-            STR_IN_SET(*groupname, NOBODY_GROUP_NAME, "65534")) {
+        if (STR_IN_SET(*groupname, NOBODY_GROUP_NAME, "65534") &&
+            synthesize_nobody()) {
                 *groupname = NOBODY_GROUP_NAME;
 
                 if (gid)
@@ -388,8 +388,7 @@ char* uid_to_name(uid_t uid) {
         /* Shortcut things to avoid NSS lookups */
         if (uid == 0)
                 return strdup("root");
-        if (synthesize_nobody() &&
-            uid == UID_NOBODY)
+        if (uid == UID_NOBODY && synthesize_nobody())
                 return strdup(NOBODY_USER_NAME);
 
         if (uid_is_valid(uid)) {
@@ -432,8 +431,7 @@ char* gid_to_name(gid_t gid) {
 
         if (gid == 0)
                 return strdup("root");
-        if (synthesize_nobody() &&
-            gid == GID_NOBODY)
+        if (gid == GID_NOBODY && synthesize_nobody())
                 return strdup(NOBODY_GROUP_NAME);
 
         if (gid_is_valid(gid)) {
@@ -600,8 +598,8 @@ int get_home_dir(char **_h) {
                 *_h = h;
                 return 0;
         }
-        if (synthesize_nobody() &&
-            u == UID_NOBODY) {
+
+        if (u == UID_NOBODY && synthesize_nobody()) {
                 h = strdup("/");
                 if (!h)
                         return -ENOMEM;
@@ -657,8 +655,7 @@ int get_shell(char **_s) {
                 *_s = s;
                 return 0;
         }
-        if (synthesize_nobody() &&
-            u == UID_NOBODY) {
+        if (u == UID_NOBODY && synthesize_nobody()) {
                 s = strdup(NOLOGIN);
                 if (!s)
                         return -ENOMEM;
-- 
2.47.3