iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/kernel/bpf
History
Andrii Nakryiko 1d28635abc bpf: Move unprivileged checks into map_create() and bpf_prog_load() 
Make each bpf() syscall command a bit more self-contained, making it
easier to further enhance it. We move sysctl_unprivileged_bpf_disabled
handling down to map_create() and bpf_prog_load(), two special commands
in this regard.

Also swap the order of checks, calling bpf_capable() only if
sysctl_unprivileged_bpf_disabled is true, avoiding unnecessary audit
messages.

Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Stanislav Fomichev <sdf@google.com>
Link: https://lore.kernel.org/bpf/20230613223533.3689589-2-andrii@kernel.org
2023-06-19 14:04:04 +02:00
..
preload
bpf: Replace all non-returning strlcpy with strscpy
2023-05-31 13:04:20 +02:00
arraymap.c
bpf: return long from bpf_map_ops funcs
2023-03-22 15:11:30 -07:00
bloom_filter.c
bpf: compute hashes in bloom filter similar to hashmap
2023-04-02 08:44:49 -07:00
bpf_cgrp_storage.c
bpf: Teach verifier that certain helpers accept NULL pointer.
2023-04-04 16:57:16 -07:00
bpf_inode_storage.c
Networking changes for 6.4.
2023-04-26 16:07:23 -07:00
bpf_iter.c
bpf: implement numbers iterator
2023-03-08 16:19:51 -08:00
bpf_local_storage.c
bpf: Handle NULL in bpf_local_storage_free.
2023-04-12 10:27:50 -07:00
bpf_lru_list.c
bpf: Address KCSAN report on bpf_lru_list
2023-05-12 12:01:03 -07:00
bpf_lru_list.h
bpf: Address KCSAN report on bpf_lru_list
2023-05-12 12:01:03 -07:00
bpf_lsm.c
bpf: Fix the kernel crash caused by bpf_setsockopt().
2023-01-26 23:26:40 -08:00
bpf_struct_ops_types.h
bpf: Add dummy BPF STRUCT_OPS for test purpose
2021-11-01 14:10:00 -07:00
bpf_struct_ops.c
bpf: Check IS_ERR for the bpf_map_get() return value
2023-03-24 12:40:47 -07:00
bpf_task_storage.c
bpf: Teach verifier that certain helpers accept NULL pointer.
2023-04-04 16:57:16 -07:00
btf.c
bpf: Silence a warning in btf_type_id_size()
2023-05-30 14:34:46 -07:00
cgroup_iter.c
cgroup: bpf: use cgroup_lock()/cgroup_unlock() wrappers
2023-03-17 12:07:13 -10:00
cgroup.c
bpf-next-for-netdev
2023-05-16 19:50:05 -07:00
core.c
bpf: Hide unused bpf_patch_call_args
2023-06-12 19:00:08 +02:00
cpumap.c
bpf: return long from bpf_map_ops funcs
2023-03-22 15:11:30 -07:00
cpumask.c
bpf: Replace bpf_cpumask_any* with bpf_cpumask_any_distribute*
2023-06-12 15:09:11 -07:00
devmap.c
bpf: return long from bpf_map_ops funcs
2023-03-22 15:11:30 -07:00
disasm.c
bpf: Relicense disassembler as GPL-2.0-only OR BSD-2-Clause
2021-09-02 14:49:23 +02:00
disasm.h
bpf: Relicense disassembler as GPL-2.0-only OR BSD-2-Clause
2021-09-02 14:49:23 +02:00
dispatcher.c
bpf: Synchronize dispatcher update with bpf_dispatcher_xdp_func
2022-12-14 12:02:14 -08:00
hashtab.c
bpf: fix a memory leak in the LRU and LRU_PERCPU hash maps
2023-05-22 10:26:39 -07:00
helpers.c
bpf: Make bpf_refcount_acquire fallible for non-owning refs
2023-06-05 13:17:20 -07:00
inode.c
bpf: Support O_PATH FDs in BPF_OBJ_PIN and BPF_OBJ_GET commands
2023-05-23 23:31:42 +02:00
Kconfig
rcu: Make the TASKS_RCU Kconfig option be selected
2022-04-20 16:52:58 -07:00
link_iter.c
bpf: Add bpf_link iterator
2022-05-10 11:20:45 -07:00
local_storage.c
cgroup changes for v6.4-rc1
2023-04-29 10:05:22 -07:00
log.c
bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log
2023-05-16 22:34:50 -07:00
lpm_trie.c
bpf: return long from bpf_map_ops funcs
2023-03-22 15:11:30 -07:00
Makefile
bpf: Split off basic BPF verifier log into separate file
2023-04-11 18:05:42 +02:00
map_in_map.c
bpf: Remove btf_field_offs, use btf_record's fields instead
2023-04-15 17:36:49 -07:00
map_in_map.h
bpf: Add map_meta_equal map ops
2020-08-28 15:41:30 +02:00
map_iter.c
bpf: Introduce MEM_RDONLY flag
2021-12-18 13:27:41 -08:00
memalloc.c
bpf: Factor out a common helper free_all()
2023-06-06 13:40:07 -07:00
mmap_unlock_work.h
bpf: Introduce helper bpf_find_vma
2021-11-07 11:54:51 -08:00
net_namespace.c
net: Add includes masked by netdevice.h including uapi/bpf.h
2021-12-29 20:03:05 -08:00
offload.c
bpf: netdev: init the offload table earlier
2023-05-15 07:07:41 -07:00
percpu_freelist.c
bpf: Initialize same number of free nodes for each pcpu_freelist
2022-11-11 12:05:14 -08:00
percpu_freelist.h
bpf: Use raw_spin_trylock() for pcpu_freelist_push/pop in NMI
2020-10-06 00:04:11 +02:00
prog_iter.c
bpf: Refactor bpf_iter_reg to have separate seq_info member
2020-07-25 20:16:32 -07:00
queue_stack_maps.c
bpf: return long from bpf_map_ops funcs
2023-03-22 15:11:30 -07:00
reuseport_array.c
bpf: return long from bpf_map_ops funcs
2023-03-22 15:11:30 -07:00
ringbuf.c
bpf: return long from bpf_map_ops funcs
2023-03-22 15:11:30 -07:00
stackmap.c
bpf: return long from bpf_map_ops funcs
2023-03-22 15:11:30 -07:00
syscall.c
bpf: Move unprivileged checks into map_create() and bpf_prog_load()
2023-06-19 14:04:04 +02:00
sysfs_btf.c
bpf: Load and verify kernel module BTFs
2020-11-10 15:25:53 -08:00
task_iter.c
bpf: keep a reference to the mm, in case the task is dead.
2022-12-28 14:11:48 -08:00
tnum.c
bpf, tnums: Provably sound, faster, and more precise algorithm for tnum_mul
2021-06-01 13:34:15 +02:00
trampoline.c
bpf: Fix memleak due to fentry attach failure
2023-05-15 23:41:59 +02:00
verifier.c
bpf: Verify scalar ids mapping in regsafe() using check_ids()
2023-06-13 15:15:08 -07:00