On Wed, Jan 15, 2020 at 06:13:29PM +0100, KP Singh wrote: > From: KP Singh <kpsingh@xxxxxxxxxx> > > JITed BPF programs are used by the BPF LSM as dynamically allocated > security hooks. arch_bpf_prepare_trampoline handles the > arch_bpf_prepare_trampoline generates code to handle conversion of the > signature of the hook to the BPF context and allows the BPF program to > be called directly as a C function. > > The following permissions are required to attach a program to a hook: > > - CAP_SYS_ADMIN to load the program > - CAP_MAC_ADMIN to attach it (i.e. to update the security policy) You forgot to list "GPL-compatible license" here :) Anyway, looks good to me: Reviewed-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
