Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-09-20 15:03:04 +00:00
Code Issues Packages Projects Releases Wiki Activity
a80aa93de1
linux/kernel/bpf
History
Chenbo Feng 0fa4fe85f4 bpf: skip unnecessary capability check 
The current check statement in BPF syscall will do a capability check
for CAP_SYS_ADMIN before checking sysctl_unprivileged_bpf_disabled. This
code path will trigger unnecessary security hooks on capability checking
and cause false alarms on unprivileged process trying to get CAP_SYS_ADMIN
access. This can be resolved by simply switch the order of the statement
and CAP_SYS_ADMIN is not required anyway if unprivileged bpf syscall is
allowed.

Signed-off-by: Chenbo Feng <fengc@google.com>
Acked-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-03-20 23:50:39 +01:00
..
arraymap.c bpf: add schedule points in percpu arrays management 2018-02-22 21:27:06 +01:00
bpf_lru_list.c bpf: lru: Lower the PERCPU_NR_SCANS from 16 to 4 2017-04-17 13:55:52 -04:00
bpf_lru_list.h bpf: Only set node->ref = 1 if it has not been set 2017-09-01 09:57:39 -07:00
cgroup.c bpf/cgroup: fix a verification error for a CGROUP_DEVICE type prog 2017-12-19 01:43:29 +01:00
core.c bpf: fix bpf_prog_array_copy_to_user warning from perf event prog query 2018-02-14 08:59:37 -08:00
cpumap.c bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc() 2018-02-14 15:34:27 +01:00
devmap.c bpf: add helper for copying attrs to struct bpf_map 2018-01-14 23:36:29 +01:00
disasm.c bpf: allow for correlation of maps and helpers in dump 2017-12-20 18:09:40 -08:00
disasm.h bpf: annotate bpf_insn_print_t with __printf 2018-01-17 01:15:05 +01:00
hashtab.c bpf: add helper for copying attrs to struct bpf_map 2018-01-14 23:36:29 +01:00
helpers.c bpf: rename ARG_PTR_TO_STACK 2017-01-09 16:56:27 -05:00
inode.c Merge branch 'work.mqueue' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-01-30 18:32:21 -08:00
lpm_trie.c bpf: fix rcu lockdep warning for lpm_trie map_free callback 2018-02-22 21:29:12 +01:00
Makefile bpf: only build sockmap with CONFIG_INET 2018-01-04 19:01:14 +01:00
map_in_map.c bpf: Add syscall lookup support for fd array and htab 2017-06-29 13:13:25 -04:00
map_in_map.h bpf: Add syscall lookup support for fd array and htab 2017-06-29 13:13:25 -04:00
offload.c bpf: offload: report device information about offloaded maps 2018-01-18 22:54:25 +01:00
percpu_freelist.c bpf: fix lockdep splat 2017-11-15 19:46:32 +09:00
percpu_freelist.h bpf: introduce percpu_freelist 2016-03-08 15:28:31 -05:00
sockmap.c bpf: fix sock_map_alloc() error path 2018-02-13 19:19:15 -08:00
stackmap.c bpf: add helper for copying attrs to struct bpf_map 2018-01-14 23:36:29 +01:00
syscall.c bpf: skip unnecessary capability check 2018-03-20 23:50:39 +01:00
tnum.c bpf/verifier: track signed and unsigned min/max values 2017-08-08 17:51:34 -07:00
verifier.c bpf: allow xadd only on aligned memory 2018-02-23 14:33:39 -08:00