rpms / kernel

Clone
Source Code
GIT

Blame 0001-bpf-set-unprivileged_bpf_disabled-to-1-by-default-ad.patch

26 Label_NFS f10 f11 f12 f12-user-myoung-xendom0 f13 f13-2.6.33-master f13-user-steved-pnfs-13 f14 f14-user-kyle-bz664206 f14-user-kyle-f14-2.6.37 f14-user-lkundrak-vaio-brightness-645937 f14-user-steved-pnfs-f14 f15 f15-2.6.39 f15-30-going-on-40 f15-user-steved-pnfs-f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f25-pf f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 main oneoffs private-jcm-arm-nosmp-kallsyms private-jcm-arm-nosmp-kallsyms-f17 private-nhorman-sgx-v15 rawhide rhbz_1205083 stabilization talos user/steved/f19-lnfs-v3.8 user/steved/f19-lnfs-v3.8-rc7
  1.   45d4c5a623b7a0f6aeb373f4760dd0ce4d841942
  2.   0001-bpf-set-unprivileged_bpf_disabled-to-1-by-default-ad.patch
Blob History Raw
1f73373 
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
Jeremy Cline d1b6f8c 
From: Eugene Syromiatnikov <esyr@redhat.com>
Jeremy Cline d1b6f8c 
Date: Thu, 14 Jun 2018 16:36:02 -0400
Jeremy Cline d1b6f8c 
Subject: [PATCH] bpf: set unprivileged_bpf_disabled to 1 by default, add a
Jeremy Cline d1b6f8c 
 boot parameter
Jeremy Cline d1b6f8c
Jeremy Cline d1b6f8c 
Message-id: <133022c6c389ca16060bd20ef69199de0800200b.1528991396.git.esyr@redhat.com>
Jeremy Cline d1b6f8c 
Patchwork-id: 8250
Jeremy Cline d1b6f8c 
O-Subject: [kernel team] [RHEL8 PATCH v4 2/5] [bpf] bpf: set unprivileged_bpf_disabled to 1 by default, add a boot parameter
Jeremy Cline d1b6f8c 
Bugzilla: 1561171
Jeremy Cline d1b6f8c 
RH-Acked-by: Jiri Benc <jbenc@redhat.com>
Jeremy Cline d1b6f8c 
RH-Acked-by: Jesper Dangaard Brouer <brouer@redhat.com>
Jeremy Cline d1b6f8c
Jeremy Cline d1b6f8c 
This patch sets kernel.unprivileged_bpf_disabled sysctl knob to 1
Jeremy Cline d1b6f8c 
by default, and provides an ability (in a form of a boot-time parameter)
Jeremy Cline d1b6f8c 
to reset it to 0, as it is impossible to do so in runtime.  Since
Jeremy Cline d1b6f8c 
unprivileged BPF is considered unsupported, it also taints the kernel.
Jeremy Cline d1b6f8c
Jeremy Cline d1b6f8c 
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1561171
Jeremy Cline d1b6f8c 
Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=16716594
Jeremy Cline d1b6f8c 
Upstream: RHEL only.  The patch (in a more generic form) has been
Jeremy Cline d1b6f8c 
          proposed upstream[1] and subsequently rejected.
Jeremy Cline d1b6f8c
Jeremy Cline d1b6f8c 
[1] https://lkml.org/lkml/2018/5/21/344
Jeremy Cline d1b6f8c
Jeremy Cline d1b6f8c 
Upstream Status: RHEL only
Jeremy Cline d1b6f8c 
Signed-off-by: Eugene Syromiatnikov <esyr@redhat.com>
Jeremy Cline d1b6f8c 
Signed-off-by: Herton R. Krzesinski <herton@redhat.com>
Jeremy Cline d1b6f8c 
---
Jeremy Cline d1b6f8c 
 .../admin-guide/kernel-parameters.txt         |  8 +++++++
Jeremy Cline d1b6f8c 
 include/linux/kernel.h                        |  2 +-
Jeremy Cline d1b6f8c 
 kernel/bpf/syscall.c                          | 21 ++++++++++++++++++-
Jeremy Cline d1b6f8c 
 kernel/panic.c                                |  2 +-
Jeremy Cline d1b6f8c 
 4 files changed, 30 insertions(+), 3 deletions(-)
Jeremy Cline d1b6f8c
Jeremy Cline d1b6f8c 
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
427e0b0 
index a1068742a6df..aba9439caec9 100644
Jeremy Cline d1b6f8c 
--- a/Documentation/admin-guide/kernel-parameters.txt
Jeremy Cline d1b6f8c 
+++ b/Documentation/admin-guide/kernel-parameters.txt
427e0b0 
@@ -5370,6 +5370,14 @@
Jeremy Cline d1b6f8c 
 	unknown_nmi_panic
Jeremy Cline d1b6f8c 
 			[X86] Cause panic on unknown NMI.
d176dfc
Jeremy Cline d1b6f8c 
+	unprivileged_bpf_disabled=
Jeremy Cline d1b6f8c 
+			Format: { "0" | "1" }
Jeremy Cline d1b6f8c 
+			Sets the initial value of
Jeremy Cline d1b6f8c 
+			kernel.unprivileged_bpf_disabled sysctl knob.
Jeremy Cline d1b6f8c 
+			0 - unprivileged bpf() syscall access is enabled.
Jeremy Cline d1b6f8c 
+			1 - unprivileged bpf() syscall access is disabled.
Jeremy Cline d1b6f8c 
+			Default value is 1.
Jeremy Cline d1b6f8c 
+
Jeremy Cline d1b6f8c 
 	usbcore.authorized_default=
Jeremy Cline d1b6f8c 
 			[USB] Default USB device authorization:
Jeremy Cline d1b6f8c 
 			(default -1 = authorized except for wireless USB,
Jeremy Cline d1b6f8c 
diff --git a/include/linux/kernel.h b/include/linux/kernel.h
b41e8da 
index f14f238dc36a..156d1e44d9f7 100644
Jeremy Cline d1b6f8c 
--- a/include/linux/kernel.h
Jeremy Cline d1b6f8c 
+++ b/include/linux/kernel.h
f7a3bf6 
@@ -617,7 +617,7 @@ extern enum system_states {
Jeremy Cline d1b6f8c 
 #define TAINT_RESERVED28		28
Jeremy Cline d1b6f8c 
 #define TAINT_RESERVED29		29
Jeremy Cline d1b6f8c 
 #define TAINT_RESERVED30		30
Jeremy Cline d1b6f8c 
-#define TAINT_RESERVED31		31
Jeremy Cline d1b6f8c 
+#define TAINT_UNPRIVILEGED_BPF		31
Jeremy Cline d1b6f8c 
 /* End of Red Hat-specific taint flags */
Jeremy Cline d1b6f8c 
 #define TAINT_FLAGS_COUNT		32
fb49733 
 #define TAINT_FLAGS_MAX			((1UL << TAINT_FLAGS_COUNT) - 1)
Jeremy Cline d1b6f8c 
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
45d4c5a 
index b999e7ff2583..5e5ac50d9137 100644
Jeremy Cline d1b6f8c 
--- a/kernel/bpf/syscall.c
Jeremy Cline d1b6f8c 
+++ b/kernel/bpf/syscall.c
Jeremy Cline d1b6f8c 
@@ -24,6 +24,7 @@
Jeremy Cline d1b6f8c 
 #include <linux/ctype.h>
Jeremy Cline d1b6f8c 
 #include <linux/nospec.h>
Jeremy Cline d1b6f8c 
 #include <linux/audit.h>
Jeremy Cline d1b6f8c 
+#include <linux/init.h>
Jeremy Cline d1b6f8c 
 #include <uapi/linux/btf.h>
fb49733 
 #include <linux/pgtable.h>
Jeremy Cline d1b6f8c 
 #include <linux/bpf_lsm.h>
728cc6e 
@@ -48,7 +49,25 @@ static DEFINE_SPINLOCK(map_idr_lock);
728cc6e 
 static DEFINE_IDR(link_idr);
728cc6e 
 static DEFINE_SPINLOCK(link_idr_lock);
d176dfc
Jeremy Cline d1b6f8c 
-int sysctl_unprivileged_bpf_disabled __read_mostly;
Jeremy Cline d1b6f8c 
+/* RHEL-only: default to 1 */
Jeremy Cline d1b6f8c 
+int sysctl_unprivileged_bpf_disabled __read_mostly = 1;
Jeremy Cline d1b6f8c 
+
Jeremy Cline d1b6f8c 
+static int __init unprivileged_bpf_setup(char *str)
Jeremy Cline d1b6f8c 
+{
Jeremy Cline d1b6f8c 
+	unsigned long disabled;
Jeremy Cline d1b6f8c 
+	if (!kstrtoul(str, 0, &disabled))
Jeremy Cline d1b6f8c 
+		sysctl_unprivileged_bpf_disabled = !!disabled;
Jeremy Cline d1b6f8c 
+
Jeremy Cline d1b6f8c 
+	if (!sysctl_unprivileged_bpf_disabled) {
Jeremy Cline d1b6f8c 
+		pr_warn("Unprivileged BPF has been enabled "
Jeremy Cline d1b6f8c 
+			"(unprivileged_bpf_disabled=0 has been supplied "
Jeremy Cline d1b6f8c 
+			"in boot parameters), tainting the kernel");
Jeremy Cline d1b6f8c 
+		add_taint(TAINT_UNPRIVILEGED_BPF, LOCKDEP_STILL_OK);
Jeremy Cline d1b6f8c 
+	}
Jeremy Cline d1b6f8c 
+
Jeremy Cline d1b6f8c 
+	return 1;
Jeremy Cline d1b6f8c 
+}
Jeremy Cline d1b6f8c 
+__setup("unprivileged_bpf_disabled=", unprivileged_bpf_setup);
d176dfc
Jeremy Cline d1b6f8c 
 static const struct bpf_map_ops * const bpf_map_types[] = {
Jeremy Cline d1b6f8c 
 #define BPF_PROG_TYPE(_id, _name, prog_ctx_type, kern_ctx_type)
Jeremy Cline d1b6f8c 
diff --git a/kernel/panic.c b/kernel/panic.c
f7a3bf6 
index fe1d3decf61c..2c483bec82d6 100644
Jeremy Cline d1b6f8c 
--- a/kernel/panic.c
Jeremy Cline d1b6f8c 
+++ b/kernel/panic.c
fb49733 
@@ -399,7 +399,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
Jeremy Cline d1b6f8c 
 	[ TAINT_RESERVED28 ]		= { '?', '-', false },
Jeremy Cline d1b6f8c 
 	[ TAINT_RESERVED29 ]		= { '?', '-', false },
Jeremy Cline d1b6f8c 
 	[ TAINT_RESERVED30 ]		= { '?', '-', false },
Jeremy Cline d1b6f8c 
-	[ TAINT_RESERVED31 ]		= { '?', '-', false },
Jeremy Cline d1b6f8c 
+	[ TAINT_UNPRIVILEGED_BPF ]	= { 'u', ' ', false },
Jeremy Cline d1b6f8c 
 };
d176dfc
Jeremy Cline d1b6f8c 
 /**
Jeremy Cline d1b6f8c 
--
d176dfc 
2.26.2
Jeremy Cline d1b6f8c
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.