leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity
e547ff3f80
linux/kernel/bpf
History
Chenbo Feng e547ff3f80 bpf: relax inode permission check for retrieving bpf program 
For iptable module to load a bpf program from a pinned location, it
only retrieve a loaded program and cannot change the program content so
requiring a write permission for it might not be necessary.
Also when adding or removing an unrelated iptable rule, it might need to
flush and reload the xt_bpf related rules as well and triggers the inode
permission check. It might be better to remove the write premission
check for the inode so we won't need to grant write access to all the
processes that flush and restore iptables rules.

Signed-off-by: Chenbo Feng <fengc@google.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2019-05-16 11:31:49 -07:00
..
arraymap.c bpf: allow for key-less BTF in array map 2019-04-09 17:05:46 -07:00
bpf_lru_list.c bpf: lru: Lower the PERCPU_NR_SCANS from 16 to 4 2017-04-17 13:55:52 -04:00
bpf_lru_list.h bpf: Only set node->ref = 1 if it has not been set 2017-09-01 09:57:39 -07:00
btf.c bpf: allow for key-less BTF in array map 2019-04-09 17:05:46 -07:00
cgroup.c bpf: add map helper functions push, pop, peek in more BPF programs 2019-04-16 10:24:02 +02:00
core.c bpf: fix out of bounds backwards jmps due to dead code removal 2019-05-10 18:49:27 -07:00
cpumap.c bpf: cpumap memory prefetchw optimizations for struct page 2019-04-17 19:09:25 -07:00
devmap.c bpf: devmap: fix use-after-free Read in __dev_map_entry_free 2019-05-14 01:25:49 +02:00
disasm.c bpf: implement lookup-free direct value access for maps 2019-04-09 17:05:46 -07:00
disasm.h bpf: Remove struct bpf_verifier_env argument from print_bpf_insn 2018-03-23 17:38:57 +01:00
hashtab.c bpf, lru: avoid messing with eviction heuristics upon syscall lookup 2019-05-14 10:47:29 -07:00
helpers.c bpf: Introduce bpf_strtol and bpf_strtoul helpers 2019-04-12 13:54:59 -07:00
inode.c bpf: relax inode permission check for retrieving bpf program 2019-05-16 11:31:49 -07:00
local_storage.c bpf: add program side {rd, wr}only support for maps 2019-04-09 17:05:46 -07:00
lpm_trie.c bpf: add program side {rd, wr}only support for maps 2019-04-09 17:05:46 -07:00
Makefile bpf: add queue and stack maps 2018-10-19 13:24:31 -07:00
map_in_map.c bpf: set inner_map_meta->spin_lock_off correctly 2019-02-27 17:03:13 -08:00
map_in_map.h bpf: Add syscall lookup support for fd array and htab 2017-06-29 13:13:25 -04:00
offload.c bpf: offload: add priv field for drivers 2019-02-12 17:07:09 +01:00
percpu_freelist.c bpf: fix lockdep false positive in percpu_freelist 2019-01-31 23:18:21 +01:00
percpu_freelist.h bpf: fix lockdep false positive in percpu_freelist 2019-01-31 23:18:21 +01:00
queue_stack_maps.c bpf: add program side {rd, wr}only support for maps 2019-04-09 17:05:46 -07:00
reuseport_array.c bpf: Introduce BPF_MAP_TYPE_REUSEPORT_SOCKARRAY 2018-08-11 01:58:46 +02:00
stackmap.c bpf: fix lockdep false positive in stackmap 2019-02-11 16:36:24 +01:00
syscall.c bpf: add map_lookup_elem_sys_only for lookups from syscall side 2019-05-14 10:47:29 -07:00
tnum.c bpf/verifier: improve register value range tracking with ARSH 2018-04-29 08:45:53 -07:00
verifier.c bpf: fix undefined behavior in narrow load handling 2019-05-13 02:05:50 +02:00
xskmap.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-10-19 11:03:06 -07:00