BPF_PSEUDO_BTF_ID resolves a BTF id for a kernel symbol into a concrete
kernel address before the main verifier pass. A raw ldimm64 using this
pseudo source can currently reach kallsyms resolution without CAP_BPF,
and verbose verifier logging can print the rewritten immediate.
Require CAP_BPF before pseudo-BTF ksym materialization and add focused
verifier selftests for both the no-CAP rejection and the CAP_BPF-allowed
case.
Fixes: 4976b718c3551 ("bpf: Introduce pseudo_btf_id")
Signed-off-by: Nuoqi Gui <[email protected]>
---
Nuoqi Gui (2):
bpf: Require CAP_BPF for pseudo-BTF ksym loads
selftests/bpf: Cover pseudo-BTF ksym load capability
kernel/bpf/verifier.c | 5 ++++
.../testing/selftests/bpf/progs/verifier_unpriv.c | 32 ++++++++++++++++++++++
2 files changed, 37 insertions(+)
---
base-commit: a3847994b4d20c0701ccc54fe110920ea78e73dc
change-id: 20260619-f01-13-pseudo-btf-id-cap-bpf-585f98eac268
Best regards,
--
Nuoqi Gui <[email protected]>
