| /linux/tools/perf/util/ |
| H A D | cap.h | 17 #ifndef CAP_BPF
18 #define CAP_BPF 39 macro
|
| H A D | bpf-filter.c | 634 if (perf_cap__capable(CAP_BPF, &used_root)) in check_bpf_filter_capable()
|
| /linux/tools/testing/selftests/bpf/ |
| H A D | cap_helpers.h | 13 #ifndef CAP_BPF
14 #define CAP_BPF 39 macro
|
| H A D | test_loader.c | 960 1ULL << CAP_PERFMON | 1ULL << CAP_BPF); in drop_capabilities()
|
| H A D | test_verifier.c | 71 1ULL << CAP_BPF)
|
| /linux/tools/bpf/bpftool/ |
| H A D | feature.c | 994 #ifdef CAP_BPF in handle_perms()
995 capability(CAP_BPF), in handle_perms()
1014 #ifdef CAP_BPF in handle_perms()
1015 if (CAP_IS_SUPPORTED(CAP_BPF)) in handle_perms()
1057 #ifdef CAP_BPF in handle_perms()
|
| /linux/tools/testing/selftests/bpf/progs/ |
| H A D | verifier_mtu.c | 10 __caps_unpriv(CAP_BPF|CAP_NET_ADMIN)
|
| H A D | verifier_spill_fill.c | 1250 __caps_unpriv(CAP_BPF) in __caps_unpriv() argument
1268 __caps_unpriv(CAP_BPF) in __caps_unpriv() argument
|
| H A D | verifier_loops1.c | 293 __caps_unpriv(CAP_BPF) in __caps_unpriv() argument
|
| H A D | bpf_misc.h | 171 #define CAP_BPF 39 macro
|
| /linux/include/uapi/linux/ |
| H A D | capability.h | 414 #define CAP_BPF 39 macro
|
| /linux/include/linux/ |
| H A D | capability.h | 197 return capable(CAP_BPF) || capable(CAP_SYS_ADMIN); in bpf_capable()
|
| H A D | filter.h | 1358 if (bpf_jit_harden == 1 && bpf_token_capable(prog->aux->token, CAP_BPF)) in bpf_jit_blinding_enabled()
|
| /linux/kernel/bpf/ |
| H A D | token.c | 146 if (!ns_capable(userns, CAP_BPF)) in bpf_token_create()
|
| H A D | syscall.c | 1275 if (!bpf_token_capable(token, CAP_BPF)) { in map_check_btf()
1455 if (sysctl_unprivileged_bpf_disabled && !bpf_token_capable(token, CAP_BPF)) in map_create()
1491 if (!bpf_token_capable(token, CAP_BPF)) in map_create()
2913 bpf_cap = bpf_token_capable(token, CAP_BPF); in bpf_prog_load()
5493 if (!bpf_token_capable(token, CAP_BPF)) { in bpf_btf_load()
|
| H A D | core.c | 672 !bpf_token_capable(fp->aux->token, CAP_BPF)) in bpf_prog_kallsyms_add()
|
| H A D | helpers.c | 2109 if (!bpf_token_capable(prog->aux->token, CAP_BPF)) in bpf_base_func_proto()
|
| H A D | verifier.c | 25995 env->bpf_capable = is_priv = bpf_token_capable(env->prog->aux->token, CAP_BPF); in bpf_check()
|
| /linux/tools/testing/selftests/bpf/prog_tests/ |
| H A D | unpriv_bpf_disabled.c | 18 #define ALL_CAPS ((2ULL << CAP_BPF) - 1)
|
| H A D | tc_bpf.c | 405 ret = cap_enable_effective(1ULL << CAP_BPF | 1ULL << CAP_NET_ADMIN, &caps); in tc_bpf_non_root()
|
| H A D | token.c | 60 return cap_disable_effective((1ULL << CAP_BPF) | in drop_priv_caps()
|
| /linux/Documentation/admin-guide/sysctl/ |
| H A D | net.rst | 108 CAP_BPF or CAP_SYS_ADMIN in the root user name space.
|
| H A D | kernel.rst | 1657 once disabled, calling ``bpf()`` without ``CAP_SYS_ADMIN`` or ``CAP_BPF``
|
| /linux/net/core/ |
| H A D | filter.c | 8890 if (!bpf_token_capable(prog->aux->token, CAP_BPF)) in cg_skb_is_valid_access()
8902 if (!bpf_token_capable(prog->aux->token, CAP_BPF)) in cg_skb_is_valid_access()
|