raspi/linux
1
0
Fork 1
mirror of https://github.com/raspberrypi/linux.git synced 2025-12-26 03:52:41 +00:00
Code Issues Projects Releases Wiki Activity
Files
257f1447d7c245b81e23fa2ee932c737232c29ac
linux/kernel/bpf
History
YiFei Zhu 257f1447d7 bpf: Restrict bpf_sys_bpf to CAP_PERFMON 
[ Upstream commit 14b20b784f ]

The verifier cannot perform sufficient validation of any pointers passed
into bpf_attr and treats them as integers rather than pointers. The helper
will then read from arbitrary pointers passed into it. Restrict the helper
to CAP_PERFMON since the security model in BPF of arbitrary kernel read is
CAP_BPF + CAP_PERFMON.

Fixes: af2ac3e13e ("bpf: Prepare bpf syscall to be used from kernel and user space.")
Signed-off-by: YiFei Zhu <zhuyifei@google.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/20220816205517.682470-1-zhuyifei@google.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-09-08 11:23:57 +02:00
..
preload
bpf: Remove redundant slash
2022-03-07 22:19:32 -08:00
arraymap.c
bpf: Acquire map uref in .init_seq_private for array map iterator
2022-08-25 11:45:14 +02:00
bloom_filter.c
bpf: Compute map_btf_id during build time
2022-04-26 11:35:21 -07:00
bpf_inode_storage.c
bpf: Compute map_btf_id during build time
2022-04-26 11:35:21 -07:00
bpf_iter.c
bpf: Remove redundant assignment to meta.seq in __task_seq_show()
2022-04-11 21:14:34 +02:00
bpf_local_storage.c
bpf: Fix usage of trace RCU in local storage.
2022-04-19 17:55:45 -07:00
bpf_lru_list.c
bpf_lru_list: Read double-checked variable once without lock
2021-02-10 15:54:26 -08:00
bpf_lru_list.h
printk: stop including cache.h from printk.h
2022-05-13 07:20:07 -07:00
bpf_lsm.c
bpf, x86: Attach a cookie to fentry/fexit/fmod_ret/lsm.
2022-05-10 21:58:31 -07:00
bpf_struct_ops_types.h
bpf: Add dummy BPF STRUCT_OPS for test purpose
2021-11-01 14:10:00 -07:00
bpf_struct_ops.c
bpf, x86: Generate trampolines from bpf_tramp_links
2022-05-10 17:50:40 -07:00
bpf_task_storage.c
bpf: Compute map_btf_id during build time
2022-04-26 11:35:21 -07:00
btf.c
bpf: Limit maximum modifier chain length in btf_check_type_tags
2022-06-15 19:32:12 +02:00
cgroup.c
bpf: Fix KASAN use-after-free Read in compute_effective_progs
2022-08-17 15:13:52 +02:00
core.c
bpf, x86: fix freeing of not-finalized bpf_prog_pack
2022-08-17 15:14:48 +02:00
cpumap.c
bpf: Compute map_btf_id during build time
2022-04-26 11:35:21 -07:00
devmap.c
bpf: Compute map_btf_id during build time
2022-04-26 11:35:21 -07:00
disasm.c
bpf: Relicense disassembler as GPL-2.0-only OR BSD-2-Clause
2021-09-02 14:49:23 +02:00
disasm.h
bpf: Relicense disassembler as GPL-2.0-only OR BSD-2-Clause
2021-09-02 14:49:23 +02:00
dispatcher.c
bpf: Remove bpf_image tree
2020-03-13 12:49:52 -07:00
hashtab.c
bpf: Acquire map uref in .init_seq_private for hash map iterator
2022-08-25 11:45:14 +02:00
helpers.c
bpf: Add flags arg to bpf_dynptr_read and bpf_dynptr_write APIs
2022-07-08 10:55:53 +02:00
inode.c
bpf: Convert bpf_preload.ko to use light skeleton.
2022-02-10 23:31:51 +01:00
Kconfig
rcu: Make the TASKS_RCU Kconfig option be selected
2022-04-20 16:52:58 -07:00
link_iter.c
bpf: Add bpf_link iterator
2022-05-10 11:20:45 -07:00
local_storage.c
bpf: Compute map_btf_id during build time
2022-04-26 11:35:21 -07:00
lpm_trie.c
bpf: Compute map_btf_id during build time
2022-04-26 11:35:21 -07:00
Makefile
bpf: Add bpf_link iterator
2022-05-10 11:20:45 -07:00
map_in_map.c
bpf: Allow storing unreferenced kptr in map
2022-04-25 17:31:35 -07:00
map_in_map.h
bpf: Add map_meta_equal map ops
2020-08-28 15:41:30 +02:00
map_iter.c
bpf: Introduce MEM_RDONLY flag
2021-12-18 13:27:41 -08:00
mmap_unlock_work.h
bpf: Introduce helper bpf_find_vma
2021-11-07 11:54:51 -08:00
net_namespace.c
net: Add includes masked by netdevice.h including uapi/bpf.h
2021-12-29 20:03:05 -08:00
offload.c
bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill
2020-02-17 16:53:49 +01:00
percpu_freelist.c
bpf: Use raw_spin_trylock() for pcpu_freelist_push/pop in NMI
2020-10-06 00:04:11 +02:00
percpu_freelist.h
bpf: Use raw_spin_trylock() for pcpu_freelist_push/pop in NMI
2020-10-06 00:04:11 +02:00
prog_iter.c
bpf: Refactor bpf_iter_reg to have separate seq_info member
2020-07-25 20:16:32 -07:00
queue_stack_maps.c
bpf: Compute map_btf_id during build time
2022-04-26 11:35:21 -07:00
reuseport_array.c
bpf: Compute map_btf_id during build time
2022-04-26 11:35:21 -07:00
ringbuf.c
bpf: Dynptr support for ring buffers
2022-05-23 14:31:28 -07:00
stackmap.c
bpf: Compute map_btf_id during build time
2022-04-26 11:35:21 -07:00
syscall.c
bpf: Restrict bpf_sys_bpf to CAP_PERFMON
2022-09-08 11:23:57 +02:00
sysfs_btf.c
bpf: Load and verify kernel module BTFs
2020-11-10 15:25:53 -08:00
task_iter.c
bpf: Remove redundant assignment to meta.seq in __task_seq_show()
2022-04-11 21:14:34 +02:00
tnum.c
bpf, tnums: Provably sound, faster, and more precise algorithm for tnum_mul
2021-06-01 13:34:15 +02:00
trampoline.c
bpf: Fix potential array overflow in bpf_trampoline_get_progs()
2022-05-11 21:24:20 -07:00
verifier.c
bpf: Don't use tnum_range on array range checking for poke descriptors
2022-08-31 17:18:21 +02:00