Merge remote-tracking branch 'torvalds/master' into perf/core

To pick up fixes, since perf/urgent is already upstream. Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
author: Arnaldo Carvalho de Melo <acme@redhat.com> 2021-06-22 13:56:50 -0300
committer: Arnaldo Carvalho de Melo <acme@redhat.com> 2021-06-22 13:56:50 -0300
commit: ce09673636f9581d2e2e24af785c463c030a1fd8 (patch)
tree: 5d696220bd70dcad7cc0809cf6e3225b4953bf05 /kernel/bpf/helpers.c
parent: 45237f9898fce54a8cc6d40f7455291e0e6c4277 (diff)
parent: a96bfed64c8986d6404e553f18203cae1f5ac7e6 (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c
index 73443498d88f..a2f1f15ce432 100644
--- a/kernel/bpf/helpers.c
+++ b/kernel/bpf/helpers.c
@@ -14,6 +14,7 @@
 #include <linux/jiffies.h>
 #include <linux/pid_namespace.h>
 #include <linux/proc_ns.h>
+#include <linux/security.h>
 
 #include "../../lib/kstrtox.h"
 
@@ -1069,11 +1070,13 @@ bpf_base_func_proto(enum bpf_func_id func_id)
 	case BPF_FUNC_probe_read_user:
 		return &bpf_probe_read_user_proto;
 	case BPF_FUNC_probe_read_kernel:
-		return &bpf_probe_read_kernel_proto;
+		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
+		       NULL : &bpf_probe_read_kernel_proto;
 	case BPF_FUNC_probe_read_user_str:
 		return &bpf_probe_read_user_str_proto;
 	case BPF_FUNC_probe_read_kernel_str:
-		return &bpf_probe_read_kernel_str_proto;
+		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
+		       NULL : &bpf_probe_read_kernel_str_proto;
 	case BPF_FUNC_snprintf_btf:
 		return &bpf_snprintf_btf_proto;
 	case BPF_FUNC_snprintf:
author	Arnaldo Carvalho de Melo <acme@redhat.com>	2021-06-22 13:56:50 -0300
committer	Arnaldo Carvalho de Melo <acme@redhat.com>	2021-06-22 13:56:50 -0300
commit	ce09673636f9581d2e2e24af785c463c030a1fd8 (patch)
tree	5d696220bd70dcad7cc0809cf6e3225b4953bf05 /kernel/bpf/helpers.c
parent	45237f9898fce54a8cc6d40f7455291e0e6c4277 (diff)
parent	a96bfed64c8986d6404e553f18203cae1f5ac7e6 (diff)