summaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorGuillaume Gonnet <ggonnet.linux@gmail.com>2026-01-27 19:02:00 +0300
committerAlexei Starovoitov <ast@kernel.org>2026-01-28 05:39:58 +0300
commitae23bc81ddf7c17b663c4ed1b21e35527b0a7131 (patch)
tree87df7874ee7e8bffa5046113f03f295c266aee13 /include
parent35538dba51b4a64f790aefdc6972772dc36b9826 (diff)
downloadlinux-ae23bc81ddf7c17b663c4ed1b21e35527b0a7131.tar.xz
bpf: Fix tcx/netkit detach permissions when prog fd isn't given
This commit fixes a security issue where BPF_PROG_DETACH on tcx or netkit devices could be executed by any user when no program fd was provided, bypassing permission checks. The fix adds a capability check for CAP_NET_ADMIN or CAP_SYS_ADMIN in this case. Fixes: e420bed02507 ("bpf: Add fd-based tcx multi-prog infra with link support") Signed-off-by: Guillaume Gonnet <ggonnet.linux@gmail.com> Link: https://lore.kernel.org/r/20260127160200.10395-1-ggonnet.linux@gmail.com Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Diffstat (limited to 'include')
-rw-r--r--include/linux/bpf.h5
-rw-r--r--include/linux/bpf_mprog.h10
2 files changed, 15 insertions, 0 deletions
diff --git a/include/linux/bpf.h b/include/linux/bpf.h
index 4427c6e98331..9272a237cced 100644
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@@ -3362,6 +3362,11 @@ static inline void bpf_prog_report_arena_violation(bool write, unsigned long add
}
#endif /* CONFIG_BPF_SYSCALL */
+static inline bool bpf_net_capable(void)
+{
+ return capable(CAP_NET_ADMIN) || capable(CAP_SYS_ADMIN);
+}
+
static __always_inline int
bpf_probe_read_kernel_common(void *dst, u32 size, const void *unsafe_ptr)
{
diff --git a/include/linux/bpf_mprog.h b/include/linux/bpf_mprog.h
index 929225f7b095..0b9f4caeeb0a 100644
--- a/include/linux/bpf_mprog.h
+++ b/include/linux/bpf_mprog.h
@@ -340,4 +340,14 @@ static inline bool bpf_mprog_supported(enum bpf_prog_type type)
return false;
}
}
+
+static inline bool bpf_mprog_detach_empty(enum bpf_prog_type type)
+{
+ switch (type) {
+ case BPF_PROG_TYPE_SCHED_CLS:
+ return bpf_net_capable();
+ default:
+ return false;
+ }
+}
#endif /* __BPF_MPROG_H */
generated by cgit v1.2.3 (git 2.39.0) at 2026-04-27 11:43:17 +0300