Only the sys admin has the privilege to account the bpf map memory into root memcg only. Signed-off-by: Yafang Shao <laoar.shao@xxxxxxxxx> --- kernel/bpf/syscall.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index 029f04588b1a..0cca3d7d0d84 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -852,6 +852,9 @@ static int map_create(union bpf_attr *attr) attr->map_extra != 0) return -EINVAL; + if (attr->map_flags & BPF_F_NO_CHARGE && !capable(CAP_SYS_ADMIN)) + return -EPERM; + f_flags = bpf_get_file_flag(attr->map_flags); if (f_flags < 0) return f_flags; -- 2.17.1
