Fix efi-lockdown.patch for upstream BPF change

Commit 0fa4fe85f472 ("bpf: skip unnecessary capability check") switched
the if statement around.

Signed-off-by: Jeremy Cline <jeremy@jcline.org>
This commit is contained in:
Jeremy Cline 2018-03-23 09:27:44 -04:00
parent 0ff2afdbe0
commit a253e4dfca
No known key found for this signature in database
GPG Key ID: 9223308FA9B246DB

View File

@ -1846,7 +1846,7 @@ index e24aa3241387..3ea87a004771 100644
--- a/kernel/bpf/syscall.c --- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c
@@ -1848,6 +1848,9 @@ SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, siz @@ -1848,6 +1848,9 @@ SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, siz
if (!capable(CAP_SYS_ADMIN) && sysctl_unprivileged_bpf_disabled) if (sysctl_unprivileged_bpf_disabled && !capable(CAP_SYS_ADMIN))
return -EPERM; return -EPERM;
+ if (kernel_is_locked_down("BPF")) + if (kernel_is_locked_down("BPF"))