diff options
| author | David S. Miller <davem@davemloft.net> | 2021-06-07 13:01:52 -0700 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2021-06-07 13:01:52 -0700 |
| commit | 126285651b7f95282a0afe3a1b0221419b31d989 (patch) | |
| tree | e5d547255814a5ed55b6b74be3155464598b39f2 /kernel/bpf | |
| parent | 9977d6f56bacc9784654be4d0f4d27b368f57f5b (diff) | |
| parent | 3822d0670c9d4342794d73e0d0e615322b40438e (diff) | |
| download | linux-126285651b7f95282a0afe3a1b0221419b31d989.tar.bz2 | |
Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net
Bug fixes overlapping feature additions and refactoring, mostly.
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'kernel/bpf')
| -rw-r--r-- | kernel/bpf/helpers.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c index 73443498d88f..a2f1f15ce432 100644 --- a/kernel/bpf/helpers.c +++ b/kernel/bpf/helpers.c @@ -14,6 +14,7 @@ #include <linux/jiffies.h> #include <linux/pid_namespace.h> #include <linux/proc_ns.h> +#include <linux/security.h> #include "../../lib/kstrtox.h" @@ -1069,11 +1070,13 @@ bpf_base_func_proto(enum bpf_func_id func_id) case BPF_FUNC_probe_read_user: return &bpf_probe_read_user_proto; case BPF_FUNC_probe_read_kernel: - return &bpf_probe_read_kernel_proto; + return security_locked_down(LOCKDOWN_BPF_READ) < 0 ? + NULL : &bpf_probe_read_kernel_proto; case BPF_FUNC_probe_read_user_str: return &bpf_probe_read_user_str_proto; case BPF_FUNC_probe_read_kernel_str: - return &bpf_probe_read_kernel_str_proto; + return security_locked_down(LOCKDOWN_BPF_READ) < 0 ? + NULL : &bpf_probe_read_kernel_str_proto; case BPF_FUNC_snprintf_btf: return &bpf_snprintf_btf_proto; case BPF_FUNC_snprintf: |