On Fri, Mar 26, 2021 at 9:07 AM Lorenz Bauer <lmb@xxxxxxxxxxxxxx> wrote: > > As for bpf_link, refuse creating a non-O_RDWR fd. Since program fds > currently don't allow modifications this is a precaution, not a > straight up bug fix. > > Signed-off-by: Lorenz Bauer <lmb@xxxxxxxxxxxxxx> > --- > kernel/bpf/inode.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/bpf/inode.c b/kernel/bpf/inode.c > index dc56237d6960..d2de2abec35b 100644 > --- a/kernel/bpf/inode.c > +++ b/kernel/bpf/inode.c > @@ -543,7 +543,7 @@ int bpf_obj_get_user(const char __user *pathname, int flags) > return PTR_ERR(raw); For both patches, shall we do the check before bpf_obj_do_get(), which is a few lines above? Thanks, Song > > if (type == BPF_TYPE_PROG) > - ret = bpf_prog_new_fd(raw); > + ret = (f_flags != O_RDWR) ? -EINVAL : bpf_prog_new_fd(raw); > else if (type == BPF_TYPE_MAP) > ret = bpf_map_new_fd(raw, f_flags); > else if (type == BPF_TYPE_LINK) > -- > 2.27.0 >
