Re: [PATCH net-next 2/4] security: bpf: Add LSM hooks for bpf object related syscall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, 4 Oct 2017, Chenbo Feng wrote:

>  int bpf_map_new_fd(struct bpf_map *map, int flags)
>  {
> +	if (security_bpf_map(map, OPEN_FMODE(flags)))
> +		return -EPERM;
> +

Don't hardcode -EPERM here, return the actual error from 
security_bpf_map().

> +	if (security_bpf_prog(prog))
> +		return -EPERM;
> +

Same.

> +	err = security_bpf(cmd, &attr, size);
> +	if (err)
> +		return -EPERM;

Same.


- James
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux