Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp5076373iob;
        Mon, 9 May 2022 08:09:31 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzsAijQZzR+4BYMZieLI1no3uo9ajhX5G0TRUZaa1V7xCzunDHVZIaWjyW/GKeY7Cg/yaL4
X-Received: by 2002:a17:90b:164f:b0:1dc:199c:56cc with SMTP id il15-20020a17090b164f00b001dc199c56ccmr18641377pjb.177.1652108971436;
        Mon, 09 May 2022 08:09:31 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1652108971; cv=none;
        d=google.com; s=arc-20160816;
        b=ObOMJatFzLlvUs9geHpoarSPZIEhLAoJl9j+egtW2jaGNmxePf4tG8GgSC9h9eA1ej
         upovvPQDZFw9zM/y6RhlEW9y9LfT0yWWof3QXqfvPGhXIYD5KLqPS4xt+YuA+cMA+kFl
         qmOVuTcbiitcKUJVXBnKjKoxXcvN/QERp2Tu//KIeivZk7ikUytkJw0vRe70aGJeHeDy
         GsnMIwV1O9nWC5Lrx/8Sn7MjEli99Lxe2qeBGMcb8fKYS8+LZVrvKdyrgv2FdszVVZk3
         SDg9LwaxPD7DjF/WBoXB9FNOzLSpCpgfMv6I1dQbUtjxo3SA9YLhpVwLVLXAW4sMeaeS
         ac2w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:content-language
         :in-reply-to:mime-version:user-agent:date:message-id:from:references
         :cc:to:subject;
        bh=QzNbMomcAmRGH/+JqRLMAAcLxV4e+nIe3WMgE16vhXs=;
        b=hQgxka8lEPHZmVr3P94z/jghgvfkVEIzazjw7nj78Zfy1/mGOiC60eisg3HgNzPt6X
         t0c4CVu5gkd+ezWgjUdXudpZ+Z+AjCY3lROnt7Y6QKNGJ8awZky16ZVvVzaVH8KDIMSX
         Dbf4b8IrBKcxmcN7IDZo4+MrDvbPDngNrbU+qr07+9omcVwguuWEc0VrnWk/nclPyJIh
         Jlx4J+V4E8y1wjLHRwwR0t3f425BKdbN+Qsj/ctBlfjLD5eKo3u1IpVuOwG61AkcZrZ1
         cAMFseQXBB3FgqXHY3FasjkwW9w5lglVQQmBWbCKbzLsfq+lzUM21lgWJ5yjqTFRLg17
         Ln/g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19])
        by mx.google.com with ESMTPS id h17-20020a170902f55100b0015d1f275e43si14292962plf.368.2022.05.09.08.09.31
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 09 May 2022 08:09:31 -0700 (PDT)
Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19;
Authentication-Results: mx.google.com;
       spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id E8FB38DDEE;
	Mon,  9 May 2022 08:02:50 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S237925AbiEIPGf (ORCPT <rfc822;apple4onegiven@gmail.com>
        + 99 others); Mon, 9 May 2022 11:06:35 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36652 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S238031AbiEIPGT (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 9 May 2022 11:06:19 -0400
Received: from www62.your-server.de (www62.your-server.de [213.133.104.62])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3648A6256;
        Mon,  9 May 2022 08:02:25 -0700 (PDT)
Received: from sslproxy03.your-server.de ([88.198.220.132])
        by www62.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256)
        (Exim 4.92.3)
        (envelope-from <daniel@iogearbox.net>)
        id 1no4tn-0002Zm-I0; Mon, 09 May 2022 17:02:11 +0200
Received: from [85.1.206.226] (helo=linux-2.home)
        by sslproxy03.your-server.de with esmtpsa (TLSv1.3:TLS_AES_256_GCM_SHA384:256)
        (Exim 4.92)
        (envelope-from <daniel@iogearbox.net>)
        id 1no4tn-0003KZ-8p; Mon, 09 May 2022 17:02:11 +0200
Subject: Re: [PATCH bpf-next 2/3] net: sysctl: No need to check CAP_SYS_ADMIN
 for bpf_jit_*
To:     Tiezhu Yang <yangtiezhu@loongson.cn>, davem@davemloft.net,
        Jakub Kicinski <kuba@kernel.org>,
        Paolo Abeni <pabeni@redhat.com>,
        Alexei Starovoitov <ast@kernel.org>,
        Andrii Nakryiko <andrii@kernel.org>
Cc:     netdev@vger.kernel.org, bpf@vger.kernel.org,
        linux-kernel@vger.kernel.org
References: <1652079475-16684-1-git-send-email-yangtiezhu@loongson.cn>
 <1652079475-16684-3-git-send-email-yangtiezhu@loongson.cn>
From:   Daniel Borkmann <daniel@iogearbox.net>
Message-ID: <9b5fadfb-7d43-7341-deeb-756885042a25@iogearbox.net>
Date:   Mon, 9 May 2022 17:02:10 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.7.2
MIME-Version: 1.0
In-Reply-To: <1652079475-16684-3-git-send-email-yangtiezhu@loongson.cn>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Authenticated-Sender: daniel@iogearbox.net
X-Virus-Scanned: Clear (ClamAV 0.103.5/26536/Mon May  9 10:04:57 2022)
X-Spam-Status: No, score=-3.0 required=5.0 tests=BAYES_00,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,NICE_REPLY_A,
	RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=unavailable
	autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 5/9/22 8:57 AM, Tiezhu Yang wrote:
> The mode of the following procnames are defined as 0644, 0600, 0600
> and 0600 respectively in net_core_table[], normal user can not write
> them, so no need to check CAP_SYS_ADMIN in the related proc_handler
> function, just remove the checks.
> 
> /proc/sys/net/core/bpf_jit_enable
> /proc/sys/net/core/bpf_jit_harden
> /proc/sys/net/core/bpf_jit_kallsyms
> /proc/sys/net/core/bpf_jit_limit
> 
> Signed-off-by: Tiezhu Yang <yangtiezhu@loongson.cn>

I don't think we can make this assumption - there are various other (non-BPF)
sysctl handlers in the tree doing similar check to prevent from userns' based
CAP_SYS_ADMIN.

> ---
>   net/core/sysctl_net_core.c | 9 ---------
>   1 file changed, 9 deletions(-)
> 
> diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
> index cf00dd7..059352b 100644
> --- a/net/core/sysctl_net_core.c
> +++ b/net/core/sysctl_net_core.c
> @@ -268,9 +268,6 @@ static int proc_dointvec_minmax_bpf_enable(struct ctl_table *table, int write,
>   	int ret, jit_enable = *(int *)table->data;
>   	struct ctl_table tmp = *table;
>   
> -	if (write && !capable(CAP_SYS_ADMIN))
> -		return -EPERM;
> -
>   	tmp.data = &jit_enable;
>   	ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
>   	if (write && !ret) {
> @@ -291,9 +288,6 @@ static int
>   proc_dointvec_minmax_bpf_restricted(struct ctl_table *table, int write,
>   				    void *buffer, size_t *lenp, loff_t *ppos)
>   {
> -	if (!capable(CAP_SYS_ADMIN))
> -		return -EPERM;
> -
>   	return proc_dointvec_minmax(table, write, buffer, lenp, ppos);
>   }
>   # endif /* CONFIG_HAVE_EBPF_JIT */
> @@ -302,9 +296,6 @@ static int
>   proc_dolongvec_minmax_bpf_restricted(struct ctl_table *table, int write,
>   				     void *buffer, size_t *lenp, loff_t *ppos)
>   {
> -	if (!capable(CAP_SYS_ADMIN))
> -		return -EPERM;
> -
>   	return proc_doulongvec_minmax(table, write, buffer, lenp, ppos);
>   }
>   #endif
>