Searched hist:"1 d28635abcf1914425d6516e641978011984c58a" (Results 1 – 1 of 1) sorted by relevance
| /linux/kernel/bpf/ |
| H A D | syscall.c | diff 1d28635abcf1914425d6516e641978011984c58a Wed Jun 14 00:35:30 CEST 2023 Andrii Nakryiko <andrii@kernel.org> bpf: Move unprivileged checks into map_create() and bpf_prog_load()
Make each bpf() syscall command a bit more self-contained, making it
easier to further enhance it. We move sysctl_unprivileged_bpf_disabled
handling down to map_create() and bpf_prog_load(), two special commands
in this regard.
Also swap the order of checks, calling bpf_capable() only if
sysctl_unprivileged_bpf_disabled is true, avoiding unnecessary audit
messages.
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Stanislav Fomichev <sdf@google.com>
Link: https://lore.kernel.org/bpf/20230613223533.3689589-2-andrii@kernel.org
|