From mboxrd@z Thu Jan 1 00:00:00 1970 From: Chenbo Feng Subject: bpf stable request Date: Mon, 26 Mar 2018 16:52:22 -0700 Message-ID: <360670e8-e80c-eb56-8892-cfa8ff54235a@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org, Lorenzo Colitti , Joel Fernandes To: Daniel Borkmann Return-path: Received: from mail-pl0-f45.google.com ([209.85.160.45]:43943 "EHLO mail-pl0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751132AbeCZXwY (ORCPT ); Mon, 26 Mar 2018 19:52:24 -0400 Received: by mail-pl0-f45.google.com with SMTP id f23-v6so12965588plr.10 for ; Mon, 26 Mar 2018 16:52:24 -0700 (PDT) Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: 0fa4fe85f4724fff89b09741c437cbee9cf8b008 bpf: skip unnecessary capability check This patch fixes the false alarms from security system such as selinux when doing the capability check. The problem exists since the sysctl_unprivileged_bpf_disabled is added in linux 4.4. So I suggest to backport this patch to all LTS stable branches starting from linux-4.4-y.