linux.git - Clone of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

diff options

author	Andrii Nakryiko <andrii@kernel.org>	2023-06-13 15:35:30 -0700
committer	Daniel Borkmann <daniel@iogearbox.net>	2023-06-19 14:04:04 +0200
commit	1d28635abcf1914425d6516e641978011984c58a (patch)
tree	61f1f7064c102c9d9d493f61484e9405845b213b /kernel/bpf/queue_stack_maps.c
parent	ab5d47bd41b1db82c295b0e751e2b822b43a4b5a (diff)
download	linux-1d28635abcf1914425d6516e641978011984c58a.tar.gz linux-1d28635abcf1914425d6516e641978011984c58a.tar.bz2 linux-1d28635abcf1914425d6516e641978011984c58a.zip

bpf: Move unprivileged checks into map_create() and bpf_prog_load()

Make each bpf() syscall command a bit more self-contained, making it easier to further enhance it. We move sysctl_unprivileged_bpf_disabled handling down to map_create() and bpf_prog_load(), two special commands in this regard. Also swap the order of checks, calling bpf_capable() only if sysctl_unprivileged_bpf_disabled is true, avoiding unnecessary audit messages. Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Stanislav Fomichev <sdf@google.com> Link: https://lore.kernel.org/bpf/20230613223533.3689589-2-andrii@kernel.org

Diffstat (limited to 'kernel/bpf/queue_stack_maps.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: