Searched hist:"1 d28635abcf1914425d6516e641978011984c58a" (Results 1 – 1 of 1) sorted by relevance
/linux/kernel/bpf/ |
H A D | syscall.c | diff 1d28635abcf1914425d6516e641978011984c58a Wed Jun 14 00:35:30 CEST 2023 Andrii Nakryiko <andrii@kernel.org> bpf: Move unprivileged checks into map_create() and bpf_prog_load()
Make each bpf() syscall command a bit more self-contained, making it easier to further enhance it. We move sysctl_unprivileged_bpf_disabled handling down to map_create() and bpf_prog_load(), two special commands in this regard.
Also swap the order of checks, calling bpf_capable() only if sysctl_unprivileged_bpf_disabled is true, avoiding unnecessary audit messages.
Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Stanislav Fomichev <sdf@google.com> Link: https://lore.kernel.org/bpf/20230613223533.3689589-2-andrii@kernel.org
|