As of systemd v243rc1 I have been noticing bpf prog_load and prog_run access checks for systemd --user instances (only if secure boot is disabled) I suspect that this is for IPAddressAllow/Deny= functionality. So i tried it out and I was not allowed to use the above due to lack of root-access. Then i read this: https://lore.kernel.org/linux-security-module/4F52274A-CD70-4261-A255-2C4A7E818141@xxxxxx/T/#t My question is: Is it expected that BPF prog_load and prog_run is checked when an *unprivileged* process, i suppose, tries to load and run bpf progs? Are prog_load and prog_run unprivileged operations? -- Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02 https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02 Dominick Grift
Attachment:
signature.asc
Description: PGP signature
