Re: [PATCH net-next v1 7/7] bpf: Always test unprivileged programs

From: Daniel Borkmann
Date: Mon Feb 06 2017 - 10:44:08 EST

Next message: Larry Finger: "Re: rtlwifi: rtl8192c_common: "BUG: KASAN: slab-out-of-bounds""
Previous message: Wei Yang: "[PATCH] mm/page_alloc: return 0 in case this node has no page within the zone"
In reply to: MickaÃl SalaÃn: "[PATCH net-next v1 7/7] bpf: Always test unprivileged programs"
Next in thread: Alexei Starovoitov: "Re: [PATCH net-next v1 7/7] bpf: Always test unprivileged programs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 02/06/2017 12:14 AM, MickaÃl SalaÃn wrote:

If selftests are run as root, then execute the unprivileged checks as
well. This switch from 240 to 364 tests.

The test numbers are suffixed with "/u" when executed as unprivileged or
with "/p" when executed as privileged.

The geteuid() check is replaced with a capability check.

Handling capabilities require the libcap dependency.

Signed-off-by: MickaÃl SalaÃn <mic@xxxxxxxxxxx>
Cc: Alexei Starovoitov <ast@xxxxxx>
Cc: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
Cc: Shuah Khan <shuah@xxxxxxxxxx>

Very useful! Could probably also go as stand-alone to net-next,
but how you prefer.

Acked-by: Daniel Borkmann <daniel@xxxxxxxxxxxxx>

Next message: Larry Finger: "Re: rtlwifi: rtl8192c_common: "BUG: KASAN: slab-out-of-bounds""
Previous message: Wei Yang: "[PATCH] mm/page_alloc: return 0 in case this node has no page within the zone"
In reply to: MickaÃl SalaÃn: "[PATCH net-next v1 7/7] bpf: Always test unprivileged programs"
Next in thread: Alexei Starovoitov: "Re: [PATCH net-next v1 7/7] bpf: Always test unprivileged programs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]