rpms/kernel
9
2
Fork 4
Code Issues Pull Requests Releases Activity
f7a3bf6547
kernel/0001-bpf-set-unprivileged_bpf_disabled-to-1-by-default-ad.patch
Justin M. Forbes f7a3bf6547 kernel-5.9.0-0.rc0.20200813gitdc06fe51d26e.1 
* Thu Aug 13 2020 Fedora Kernel Team <kernel-team@fedoraproject.org> [5.9.0-0.rc0.20200813gitdc06fe51d26e.1]
- dc06fe51d26e rebase
- More mismatches ("Justin M. Forbes")
- Fedora config change due to deps ("Justin M. Forbes")
- CONFIG_SND_SOC_MAX98390 is now selected by SND_SOC_INTEL_DA7219_MAX98357A_GENERIC ("Justin M. Forbes")
- Config change required for build part 2 ("Justin M. Forbes")
- Config change required for build ("Justin M. Forbes")
- Fedora config update ("Justin M. Forbes")
- Revert "Merge branch 'make_configs_fix' into 'os-build'" (Justin Forbes)
- redhat/configs/process_configs.sh: Remove *.config.orig files (Prarit Bhargava)
- redhat/configs/process_configs.sh: Add process_configs_known_broken flag (Prarit Bhargava)
- redhat/Makefile: Fix '*-configs' targets (Prarit Bhargava)
- Updated changelog for the release based on v5.8 (Fedora Kernel Team)
- Add ability to sync upstream through Makefile (Don Zickus)
- Add master merge check (Don Zickus)
- Replace hardcoded values 'os-build' and project id with variables (Don Zickus)
- gitattributes: Remove unnecesary export restrictions (Prarit Bhargava)
- redhat/Makefile.common: Fix MARKER (Prarit Bhargava)
Resolves: rhbz#

Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
2020-08-13 12:44:32 -05:00

123 lines
4.5 KiB
Diff
Raw Blame History

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Eugene Syromiatnikov <esyr@redhat.com>
Date: Thu, 14 Jun 2018 16:36:02 -0400
Subject: [PATCH] bpf: set unprivileged_bpf_disabled to 1 by default, add a
boot parameter
Message-id: <133022c6c389ca16060bd20ef69199de0800200b.1528991396.git.esyr@redhat.com>
Patchwork-id: 8250
O-Subject: [kernel team] [RHEL8 PATCH v4 2/5] [bpf] bpf: set unprivileged_bpf_disabled to 1 by default, add a boot parameter
Bugzilla: 1561171
RH-Acked-by: Jiri Benc <jbenc@redhat.com>
RH-Acked-by: Jesper Dangaard Brouer <brouer@redhat.com>
This patch sets kernel.unprivileged_bpf_disabled sysctl knob to 1
by default, and provides an ability (in a form of a boot-time parameter)
to reset it to 0, as it is impossible to do so in runtime. Since
unprivileged BPF is considered unsupported, it also taints the kernel.
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1561171
Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=16716594
Upstream: RHEL only. The patch (in a more generic form) has been
proposed upstream[1] and subsequently rejected.
[1] https://lkml.org/lkml/2018/5/21/344
Upstream Status: RHEL only
Signed-off-by: Eugene Syromiatnikov <esyr@redhat.com>
Signed-off-by: Herton R. Krzesinski <herton@redhat.com>
---
.../admin-guide/kernel-parameters.txt | 8 +++++++
include/linux/kernel.h | 2 +-
kernel/bpf/syscall.c | 21 ++++++++++++++++++-
kernel/panic.c | 2 +-
4 files changed, 30 insertions(+), 3 deletions(-)
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 98ea67f27809..352afb16f424 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -5373,6 +5373,14 @@
unknown_nmi_panic
[X86] Cause panic on unknown NMI.
+ unprivileged_bpf_disabled=
+ Format: { "0" | "1" }
+ Sets the initial value of
+ kernel.unprivileged_bpf_disabled sysctl knob.
+ 0 - unprivileged bpf() syscall access is enabled.
+ 1 - unprivileged bpf() syscall access is disabled.
+ Default value is 1.
+
usbcore.authorized_default=
[USB] Default USB device authorization:
(default -1 = authorized except for wireless USB,
diff --git a/include/linux/kernel.h b/include/linux/kernel.h
index 8d3eaa27b082..c93ba7fc65da 100644
--- a/include/linux/kernel.h
+++ b/include/linux/kernel.h
@@ -617,7 +617,7 @@ extern enum system_states {
#define TAINT_RESERVED28 28
#define TAINT_RESERVED29 29
#define TAINT_RESERVED30 30
-#define TAINT_RESERVED31 31
+#define TAINT_UNPRIVILEGED_BPF 31
/* End of Red Hat-specific taint flags */
#define TAINT_FLAGS_COUNT 32
#define TAINT_FLAGS_MAX ((1UL << TAINT_FLAGS_COUNT) - 1)
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index 2f343ce15747..f7e570292afe 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -24,6 +24,7 @@
#include <linux/ctype.h>
#include <linux/nospec.h>
#include <linux/audit.h>
+#include <linux/init.h>
#include <uapi/linux/btf.h>
#include <linux/pgtable.h>
#include <linux/bpf_lsm.h>
@@ -48,7 +49,25 @@ static DEFINE_SPINLOCK(map_idr_lock);
static DEFINE_IDR(link_idr);
static DEFINE_SPINLOCK(link_idr_lock);
-int sysctl_unprivileged_bpf_disabled __read_mostly;
+/* RHEL-only: default to 1 */
+int sysctl_unprivileged_bpf_disabled __read_mostly = 1;
+
+static int __init unprivileged_bpf_setup(char *str)
+{
+ unsigned long disabled;
+ if (!kstrtoul(str, 0, &disabled))
+ sysctl_unprivileged_bpf_disabled = !!disabled;
+
+ if (!sysctl_unprivileged_bpf_disabled) {
+ pr_warn("Unprivileged BPF has been enabled "
+ "(unprivileged_bpf_disabled=0 has been supplied "
+ "in boot parameters), tainting the kernel");
+ add_taint(TAINT_UNPRIVILEGED_BPF, LOCKDEP_STILL_OK);
+ }
+
+ return 1;
+}
+__setup("unprivileged_bpf_disabled=", unprivileged_bpf_setup);
static const struct bpf_map_ops * const bpf_map_types[] = {
#define BPF_PROG_TYPE(_id, _name, prog_ctx_type, kern_ctx_type)
diff --git a/kernel/panic.c b/kernel/panic.c
index fe1d3decf61c..2c483bec82d6 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -399,7 +399,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
[ TAINT_RESERVED28 ] = { '?', '-', false },
[ TAINT_RESERVED29 ] = { '?', '-', false },
[ TAINT_RESERVED30 ] = { '?', '-', false },
- [ TAINT_RESERVED31 ] = { '?', '-', false },
+ [ TAINT_UNPRIVILEGED_BPF ] = { 'u', ' ', false },
};
/**
--
2.26.2
Reference in New Issue View Git Blame Copy Permalink