On 11/29/24 9:59 AM, Marco Elver wrote:
With bpf_get_probe_write_proto() no longer printing a message, we can avoid it being a special case with its own permission check. Refactor bpf_tracing_func_proto() similar to bpf_base_func_proto() to have a section conditional on bpf_token_capable(CAP_SYS_ADMIN), where the proto for bpf_probe_write_user() is returned. Finally, remove the unnecessary bpf_get_probe_write_proto(). This simplifies the code, and adding additional CAP_SYS_ADMIN-only helpers in future avoids duplicating the same CAP_SYS_ADMIN check. Suggested-by: Andrii Nakryiko <andrii@xxxxxxxxxx> Signed-off-by: Marco Elver <elver@xxxxxxxxxx> Acked-by: Jiri Olsa <jolsa@xxxxxxxxxx>
Given the abuse that has been done with this helper, my preference is we don't encourage wider use via bpf_token_capable.. but fair enough, as long as it stays behind security_locked_down. Acked-by: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
