diff options
author | Andrii Nakryiko <andrii@kernel.org> | 2023-05-25 00:54:19 +0200 |
---|---|---|
committer | Alexei Starovoitov <ast@kernel.org> | 2023-05-25 19:08:20 +0200 |
commit | c4c84f6fb2c4dc4c0f5fd927b3c3d3fd28b7030e (patch) | |
tree | 302fba4fa72060b2ba3e8b4911cf9bcf48eac435 /kernel | |
parent | Merge branch 'libbpf: capability for resizing datasec maps' (diff) | |
download | linux-c4c84f6fb2c4dc4c0f5fd927b3c3d3fd28b7030e.tar.xz linux-c4c84f6fb2c4dc4c0f5fd927b3c3d3fd28b7030e.zip |
bpf: drop unnecessary bpf_capable() check in BPF_MAP_FREEZE command
Seems like that extra bpf_capable() check in BPF_MAP_FREEZE handler was
unintentionally left when we switched to a model that all BPF map
operations should be allowed regardless of CAP_BPF (or any other
capabilities), as long as process got BPF map FD somehow.
This patch replaces bpf_capable() check in BPF_MAP_FREEZE handler with
writeable access check, given conceptually freezing the map is modifying
it: map becomes unmodifiable for subsequent updates.
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/r/20230524225421.1587859-2-andrii@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/bpf/syscall.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index c7f6807215e6..c9a201e4c457 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -1931,6 +1931,11 @@ static int map_freeze(const union bpf_attr *attr) return -ENOTSUPP; } + if (!(map_get_sys_perms(map, f) & FMODE_CAN_WRITE)) { + err = -EPERM; + goto err_put; + } + mutex_lock(&map->freeze_mutex); if (bpf_map_write_active(map)) { err = -EBUSY; @@ -1940,10 +1945,6 @@ static int map_freeze(const union bpf_attr *attr) err = -EBUSY; goto err_put; } - if (!bpf_capable()) { - err = -EPERM; - goto err_put; - } WRITE_ONCE(map->frozen, true); err_put: |