LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

bpf.2: srcfix: Add a note on check for unprivileged BPF_PROG_TYPE_SOCKET_FILTER programs 

In Linux 4.4, the allowed BPF helper functions that could
be called was governed by a check in sk_filter_func_proto().
Nowadays (Linux 5.6), it is I think governed by the check in
sk_filter_func_proto().

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2020-04-17 11:55:13 +02:00
parent 35732aa7a0
commit f7d706ba9b
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
man2/bpf.2
View File

@ -1132,6 +1132,8 @@ an unprivileged user may create limited programs of type
and associated maps.
However they may not store kernel pointers within
the maps and are presently limited to the following helper functions:
.\" [Linux 5.6] mtk: The list of available functions is, I think, governed
.\" by the check in net/core/filter.c::bpf_base_func_proto().
.IP * 3
get_random
.PD 0