git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Guillaume Gonnet <ggonnet.linux@gmail.com>
	Tue, 27 Jan 2026 16:02:00 +0000 (17:02 +0100)
committer	Alexei Starovoitov <ast@kernel.org>
	Wed, 28 Jan 2026 02:39:58 +0000 (18:39 -0800)
commit	ae23bc81ddf7c17b663c4ed1b21e35527b0a7131
tree	87df7874ee7e8bffa5046113f03f295c266aee13	tree
parent	35538dba51b4a64f790aefdc6972772dc36b9826	commit \| diff

bpf: Fix tcx/netkit detach permissions when prog fd isn't given

This commit fixes a security issue where BPF_PROG_DETACH on tcx or
netkit devices could be executed by any user when no program fd was
provided, bypassing permission checks. The fix adds a capability
check for CAP_NET_ADMIN or CAP_SYS_ADMIN in this case.

Fixes: e420bed02507 ("bpf: Add fd-based tcx multi-prog infra with link support")
Signed-off-by: Guillaume Gonnet <ggonnet.linux@gmail.com>
Link: https://lore.kernel.org/r/20260127160200.10395-1-ggonnet.linux@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

include/linux/bpf.h		diff \| blob \| blame \| history
include/linux/bpf_mprog.h		diff \| blob \| blame \| history
kernel/bpf/syscall.c		diff \| blob \| blame \| history