From: Alexei Starovoitov <ast@plumgrid.com>
Date: Tue, 16 Jun 2015 03:49:24 +0000 (-0700)
Subject: bpf: disallow bpf tc programs access current->pid,uid
X-Git-Tag: v4.2-rc1~130^2~55
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=89d256bb69f2596c3a31ac51466eac9e1791c388;p=profile%2Fcommon%2Fplatform%2Fkernel%2Flinux-artik7.git

bpf: disallow bpf tc programs access current->pid,uid

Accessing current->pid/uid from cls_bpf may lead to misleading results and
should not be used when TC classifiers need accurate information about pid/uid.

Signed-off-by: Alexei Starovoitov <ast@plumgrid.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

diff --git a/net/core/filter.c b/net/core/filter.c
index 65ff107..be3098f 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -1461,12 +1461,6 @@ tc_cls_act_func_proto(enum bpf_func_id func_id)
 		return &bpf_l4_csum_replace_proto;
 	case BPF_FUNC_clone_redirect:
 		return &bpf_clone_redirect_proto;
-	case BPF_FUNC_get_current_pid_tgid:
-		return &bpf_get_current_pid_tgid_proto;
-	case BPF_FUNC_get_current_uid_gid:
-		return &bpf_get_current_uid_gid_proto;
-	case BPF_FUNC_get_current_comm:
-		return &bpf_get_current_comm_proto;
 	default:
 		return sk_filter_func_proto(func_id);
 	}