| Message ID | 3bb110117c983f781f545e69ce35d4fcdd0c543b.1565040372.git.luto@kernel.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | bpf: A bit of progress toward unprivileged use | expand |
diff --git a/kernel/bpf/inode.c b/kernel/bpf/inode.c index cb07736b33ae..14304609003a 100644 --- a/kernel/bpf/inode.c +++ b/kernel/bpf/inode.c @@ -394,10 +394,6 @@ static int bpf_obj_do_pin(const struct filename *pathname, void *raw, mode = S_IFREG | ((S_IRUSR | S_IWUSR) & ~current_umask()); - ret = security_path_mknod(&path, dentry, mode, 0); - if (ret) - goto out; - dir = d_inode(path.dentry); if (dir->i_op != &bpf_dir_iops) { ret = -EPERM;
security_path_mknod() seems excessive for pinning an object -- pinning an object is effectively just creating a file. It's also redundant, as vfs_mkobj() calls security_inode_create() by itself. This isn't strictly required -- mknod(path, S_IFREG, unused) works to create regular files, but bpf is currently the only user in the kernel outside of mknod() itself that uses it to create regular (i.e. S_IFREG) files. Signed-off-by: Andy Lutomirski <luto@kernel.org> --- kernel/bpf/inode.c | 4 ---- 1 file changed, 4 deletions(-)