Christoph Hellwig <hch@xxxxxx> [Tue, 2020-04-21 10:17 -0700]: > Except for a few of the networking hooks called from modular ipv4 or > ipv6 code, all of hooks are just called from guaranteed to be built-in > code. > > Signed-off-by: Christoph Hellwig <hch@xxxxxx> I checked it as well it see same thing: - __cgroup_bpf_check_dev_permission is called in security/device_cgroup.c under CONFIG_CGROUP_DEVICE; - __cgroup_bpf_run_filter_sysctl is called in fs/proc/proc_sysctl.c under CONFIG_PROC_SYSCTL; - __cgroup_bpf_run_filter_[gs]etsockopt is called in net/socket.c under CONFIG_NET; All three configs are bool-s so LGTM. Acked-by: Andrey Ignatov <rdna@xxxxxx> -- Andrey Ignatov
