[PATCH net-next 2/4] security: bpf: Add LSM hooks for bpf object related syscall
James Morris
james.l.morris at oracle.com
Thu Oct 12 00:31:34 UTC 2017
On Wed, 4 Oct 2017, Chenbo Feng wrote:
> int bpf_map_new_fd(struct bpf_map *map, int flags)
> {
> + if (security_bpf_map(map, OPEN_FMODE(flags)))
> + return -EPERM;
> +
Don't hardcode -EPERM here, return the actual error from
security_bpf_map().
> + if (security_bpf_prog(prog))
> + return -EPERM;
> +
Same.
> + err = security_bpf(cmd, &attr, size);
> + if (err)
> + return -EPERM;
Same.
- James
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list