diff options
| author | Andrii Nakryiko <andrii@kernel.org> | 2023-06-13 15:35:32 -0700 |
|---|---|---|
| committer | Daniel Borkmann <daniel@iogearbox.net> | 2023-06-19 14:04:04 +0200 |
| commit | 6c3eba1c5e283fd2bb1c076dbfcb47f569c3bfde (patch) | |
| tree | 529142270bc25c37d2a49fc15ab078ed9996fb6f /kernel/bpf/cpumap.c | |
| parent | 22db41226b679768df8f0a4ff5de8e58f625f45b (diff) | |
| download | linux-stable-6c3eba1c5e283fd2bb1c076dbfcb47f569c3bfde.tar.gz linux-stable-6c3eba1c5e283fd2bb1c076dbfcb47f569c3bfde.tar.bz2 linux-stable-6c3eba1c5e283fd2bb1c076dbfcb47f569c3bfde.zip | |
bpf: Centralize permissions checks for all BPF map types
This allows to do more centralized decisions later on, and generally
makes it very explicit which maps are privileged and which are not
(e.g., LRU_HASH and LRU_PERCPU_HASH, which are privileged HASH variants,
as opposed to unprivileged HASH and HASH_PERCPU; now this is explicit
and easy to verify).
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Stanislav Fomichev <sdf@google.com>
Link: https://lore.kernel.org/bpf/20230613223533.3689589-4-andrii@kernel.org
Diffstat (limited to 'kernel/bpf/cpumap.c')
| -rw-r--r-- | kernel/bpf/cpumap.c | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/kernel/bpf/cpumap.c b/kernel/bpf/cpumap.c index 8ec18faa74ac..8a33e8747a0e 100644 --- a/kernel/bpf/cpumap.c +++ b/kernel/bpf/cpumap.c @@ -28,7 +28,6 @@ #include <linux/sched.h> #include <linux/workqueue.h> #include <linux/kthread.h> -#include <linux/capability.h> #include <trace/events/xdp.h> #include <linux/btf_ids.h> @@ -89,9 +88,6 @@ static struct bpf_map *cpu_map_alloc(union bpf_attr *attr) u32 value_size = attr->value_size; struct bpf_cpu_map *cmap; - if (!bpf_capable()) - return ERR_PTR(-EPERM); - /* check sanity of attributes */ if (attr->max_entries == 0 || attr->key_size != 4 || (value_size != offsetofend(struct bpf_cpumap_val, qsize) && |