projects
/
linux-block.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
d2dc885
)
bpf: Avoid unnecessary audit log for CPU security mitigations
author
Yafang Shao
<laoar.shao@gmail.com>
Fri, 13 Oct 2023 08:39:16 +0000
(08:39 +0000)
committer
Andrii Nakryiko
<andrii@kernel.org>
Fri, 13 Oct 2023 19:33:21 +0000
(12:33 -0700)
Check cpu_mitigations_off() first to avoid calling capable() if it is off.
This can avoid unnecessary audit log.
Fixes:
bc5bc309db45
("bpf: Inherit system settings for CPU security mitigations")
Suggested-by: Andrii Nakryiko <andrii.nakryiko@gmail.com>
Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link:
https://lore.kernel.org/bpf/CAEf4Bza6UVUWqcWQ-66weZ-nMDr+TFU3Mtq=dumZFD-pSqU7Ow@mail.gmail.com/
Link:
https://lore.kernel.org/bpf/20231013083916.4199-1-laoar.shao@gmail.com
include/linux/bpf.h
patch
|
blob
|
blame
|
history
diff --git
a/include/linux/bpf.h
b/include/linux/bpf.h
index 61bde4520f5cf0e2dd690a37f0741f40d581d5f2..f0891ba24cb1c8203c38a694e4c5f087cf42a69d 100644
(file)
--- a/
include/linux/bpf.h
+++ b/
include/linux/bpf.h
@@
-2164,12
+2164,12
@@
static inline bool bpf_allow_uninit_stack(void)
static inline bool bpf_bypass_spec_v1(void)
{
- return
perfmon_capable() || cpu_mitigations_off
();
+ return
cpu_mitigations_off() || perfmon_capable
();
}
static inline bool bpf_bypass_spec_v4(void)
{
- return
perfmon_capable() || cpu_mitigations_off
();
+ return
cpu_mitigations_off() || perfmon_capable
();
}
int bpf_map_new_fd(struct bpf_map *map, int flags);