diff mbox series

[v2] bpf: lirc program type should not require SYS_CAP_ADMIN

Message ID ZD0ArKpwnDBJZsrE@gofer.mess.org
State Accepted
Commit 69a8c792cd9518071dc801bb110e0f2210d9f958
Headers show
Series [v2] bpf: lirc program type should not require SYS_CAP_ADMIN | expand

Commit Message

Sean Young April 17, 2023, 8:17 a.m. UTC 
Make it possible to load lirc program type with just CAP_BPF. There is
nothing exceptional about lirc programs that means they require
SYS_CAP_ADMIN.

In order to attach or detach a lirc program type you need permission to
open /dev/lirc0; if you have permission to do that, you can alter all
sorts of lirc receiving options. Changing the IR protocol decoder is no
different.

Right now on a typical distribution /dev/lirc devices are only
read/write by root. Ideally we would make them group read/write like
other devices so that local users can use them without becoming root.

Signed-off-by: Sean Young <sean@mess.org>
---
 kernel/bpf/syscall.c | 1 -
 1 file changed, 1 deletion(-)

v2: improved commit message

Comments

patchwork-bot+netdevbpf@kernel.org April 17, 2023, 8:30 p.m. UTC | #1 
Hello:

This patch was applied to bpf/bpf-next.git (master)
by Alexei Starovoitov <ast@kernel.org>:

On Mon, 17 Apr 2023 09:17:48 +0100 you wrote:
> Make it possible to load lirc program type with just CAP_BPF. There is
> nothing exceptional about lirc programs that means they require
> SYS_CAP_ADMIN.
> 
> In order to attach or detach a lirc program type you need permission to
> open /dev/lirc0; if you have permission to do that, you can alter all
> sorts of lirc receiving options. Changing the IR protocol decoder is no
> different.
> 
> [...]

Here is the summary with links:
  - [v2] bpf: lirc program type should not require SYS_CAP_ADMIN
    https://git.kernel.org/bpf/bpf-next/c/69a8c792cd95

You are awesome, thank you!
diff mbox series

Patch

diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index 6d575505f89c..822ebc742a6a 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -2463,7 +2463,6 @@  static bool is_net_admin_prog_type(enum bpf_prog_type prog_type)
 	case BPF_PROG_TYPE_LWT_SEG6LOCAL:
 	case BPF_PROG_TYPE_SK_SKB:
 	case BPF_PROG_TYPE_SK_MSG:
-	case BPF_PROG_TYPE_LIRC_MODE2:
 	case BPF_PROG_TYPE_FLOW_DISSECTOR:
 	case BPF_PROG_TYPE_CGROUP_DEVICE:
 	case BPF_PROG_TYPE_CGROUP_SOCK: