Message ID | 20230613223533.3689589-1-andrii@kernel.org (mailing list archive) |
---|---|
Headers | show |
Series | Clean up BPF permissions checks | expand |
On 06/13, Andrii Nakryiko wrote: > This patch set contains a few refactorings to BPF map and BPF program creation > permissions checks, which were originally part of BPF token patch set ([0]), > but are logically completely independent and useful in their own right. > > [0] https://patchwork.kernel.org/project/netdevbpf/list/?series=755113&state=* > > Andrii Nakryiko (4): > bpf: move unprivileged checks into map_create() and bpf_prog_load() > bpf: inline map creation logic in map_create() function > bpf: centralize permissions checks for all BPF map types > bpf: keep BPF_PROG_LOAD permission checks clear of validations > > kernel/bpf/bloom_filter.c | 3 - > kernel/bpf/bpf_local_storage.c | 3 - > kernel/bpf/bpf_struct_ops.c | 3 - > kernel/bpf/cpumap.c | 4 - > kernel/bpf/devmap.c | 3 - > kernel/bpf/hashtab.c | 6 - > kernel/bpf/lpm_trie.c | 3 - > kernel/bpf/queue_stack_maps.c | 4 - > kernel/bpf/reuseport_array.c | 3 - > kernel/bpf/stackmap.c | 3 - > kernel/bpf/syscall.c | 155 +++++++++++------- > net/core/sock_map.c | 4 - > net/xdp/xskmap.c | 4 - > .../bpf/prog_tests/unpriv_bpf_disabled.c | 6 +- > 14 files changed, 102 insertions(+), 102 deletions(-) > > -- > 2.34.1 > Since I took a look at this as part of the original series, and these are really non-controversial changes, feel free to use: Acked-by: Stanislav Fomichev <sdf@google.com>
Hello: This series was applied to bpf/bpf-next.git (master) by Daniel Borkmann <daniel@iogearbox.net>: On Tue, 13 Jun 2023 15:35:29 -0700 you wrote: > This patch set contains a few refactorings to BPF map and BPF program creation > permissions checks, which were originally part of BPF token patch set ([0]), > but are logically completely independent and useful in their own right. > > [0] https://patchwork.kernel.org/project/netdevbpf/list/?series=755113&state=* > > Andrii Nakryiko (4): > bpf: move unprivileged checks into map_create() and bpf_prog_load() > bpf: inline map creation logic in map_create() function > bpf: centralize permissions checks for all BPF map types > bpf: keep BPF_PROG_LOAD permission checks clear of validations > > [...] Here is the summary with links: - [bpf-next,1/4] bpf: move unprivileged checks into map_create() and bpf_prog_load() https://git.kernel.org/bpf/bpf-next/c/1d28635abcf1 - [bpf-next,2/4] bpf: inline map creation logic in map_create() function https://git.kernel.org/bpf/bpf-next/c/22db41226b67 - [bpf-next,3/4] bpf: centralize permissions checks for all BPF map types https://git.kernel.org/bpf/bpf-next/c/6c3eba1c5e28 - [bpf-next,4/4] bpf: keep BPF_PROG_LOAD permission checks clear of validations https://git.kernel.org/bpf/bpf-next/c/7f6719f7a866 You are awesome, thank you!