Skip to content

Commit 236334a

Browse files
laoaranakryiko
authored andcommitted
bpf: Avoid unnecessary audit log for CPU security mitigations
Check cpu_mitigations_off() first to avoid calling capable() if it is off. This can avoid unnecessary audit log. Fixes: bc5bc30 ("bpf: Inherit system settings for CPU security mitigations") Suggested-by: Andrii Nakryiko <andrii.nakryiko@gmail.com> Signed-off-by: Yafang Shao <laoar.shao@gmail.com> Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Link: https://lore.kernel.org/bpf/CAEf4Bza6UVUWqcWQ-66weZ-nMDr+TFU3Mtq=dumZFD-pSqU7Ow@mail.gmail.com/ Link: https://lore.kernel.org/bpf/20231013083916.4199-1-laoar.shao@gmail.com
1 parent d2dc885 commit 236334a

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

include/linux/bpf.h

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2164,12 +2164,12 @@ static inline bool bpf_allow_uninit_stack(void)
21642164

21652165
static inline bool bpf_bypass_spec_v1(void)
21662166
{
2167-
return perfmon_capable() || cpu_mitigations_off();
2167+
return cpu_mitigations_off() || perfmon_capable();
21682168
}
21692169

21702170
static inline bool bpf_bypass_spec_v4(void)
21712171
{
2172-
return perfmon_capable() || cpu_mitigations_off();
2172+
return cpu_mitigations_off() || perfmon_capable();
21732173
}
21742174

21752175
int bpf_map_new_fd(struct bpf_map *map, int flags);

0 commit comments

Comments
 (0)