bpf: Print a warning only if writing to unprivileged_bpf_disabled.

Only print the warning message if you are writing to
"/proc/sys/kernel/unprivileged_bpf_disabled".

The kernel may print an annoying warning when you read
"/proc/sys/kernel/unprivileged_bpf_disabled" saying

  WARNING: Unprivileged eBPF is enabled with eIBRS on, data leaks possible
  via Spectre v2 BHB attacks!

However, this message is only meaningful when the feature is
disabled or enabled.

Signed-off-by: Kui-Feng Lee <kuifeng@meta.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Yonghong Song <yhs@fb.com>
Link: https://lore.kernel.org/bpf/20230502181418.308479-1-kuifeng@meta.com
This commit is contained in:
Kui-Feng Lee 2023-05-02 11:14:18 -07:00 коммит произвёл Andrii Nakryiko
Родитель bf6882aebd
Коммит fedf99200a
1 изменённых файлов: 2 добавлений и 1 удалений

Просмотреть файл

@ -5380,7 +5380,8 @@ static int bpf_unpriv_handler(struct ctl_table *table, int write,
*(int *)table->data = unpriv_enable;
}
unpriv_ebpf_notify(unpriv_enable);
if (write)
unpriv_ebpf_notify(unpriv_enable);
return ret;
}