mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-05-05 08:38:28 -04:00
Code Issues Packages Projects Releases Wiki Activity
1,044,440 Commits 1 Branch 929 Tags
8a03e56b253e9691c90bc52ca199323d71b96204
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Pawan Gupta 8a03e56b25 bpf: Disallow unprivileged bpf by default 
Disabling unprivileged BPF would help prevent unprivileged users from
creating certain conditions required for potential speculative execution
side-channel attacks on unmitigated affected hardware.

A deep dive on such attacks and current mitigations is available here [0].

Sync with what many distros are currently applying already, and disable
unprivileged BPF by default. An admin can enable this at runtime, if
necessary, as described in 08389d8882 ("bpf: Add kconfig knob for
disabling unpriv bpf by default").

  [0] "BPF and Spectre: Mitigating transient execution attacks", Daniel Borkmann, eBPF Summit '21
      https://ebpf.io/summit-2021-slides/eBPF_Summit_2021-Keynote-Daniel_Borkmann-BPF_and_Spectre.pdf

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Link: https://lore.kernel.org/bpf/0ace9ce3f97656d5f62d11093ad7ee81190c3c25.1635535215.git.pawan.kumar.gupta@linux.intel.com
2021-11-01 17:06:47 +01:00
arch
riscv, bpf: Add BPF exception tables
2021-10-28 01:02:44 +02:00
block
Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
2021-09-25 16:05:56 -07:00
certs
certs: Add support for using elliptic curve keys for signing modules
2021-08-23 19:55:42 +03:00
crypto
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
2021-08-30 12:57:10 -07:00
Documentation
docs/bpf: Update documentation for BTF_KIND_DECL_TAG typedef support
2021-10-22 17:04:44 -07:00
drivers
Merge tag 'for-net-next-2021-10-01' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next
2021-10-05 07:41:16 -07:00
fs
Merge tag 'fsverity-for-linus' of git://git.kernel.org/pub/scm/fs/fscrypt/fscrypt
2021-09-28 07:53:53 -07:00
include
bpf: Add bpf_kallsyms_lookup_name helper
2021-10-28 16:30:06 -07:00
init
Merge branch 'work.init' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2021-09-24 10:18:07 -07:00
ipc
ipc: remove memcg accounting for sops objects in do_semtimedop()
2021-09-14 10:22:11 -07:00
kernel
bpf: Disallow unprivileged bpf by default
2021-11-01 17:06:47 +01:00
lib
bpf, tests: Add module parameter test_suite to test_bpf module
2021-10-28 11:41:16 +02:00
LICENSES
LICENSES/dual/CC-BY-4.0: Git rid of "smart quotes"
2021-07-15 06:31:24 -06:00
mm
mm: fix uninitialized use in overcommit_policy_handler
2021-09-24 16:13:35 -07:00
net
bpf: Add bpf_skc_to_unix_sock() helper
2021-10-21 15:11:06 -07:00
samples
samples: seccomp: Use __BYTE_ORDER__
2021-10-25 20:39:42 -07:00
scripts
bpf: Add bpf_skc_to_unix_sock() helper
2021-10-21 15:11:06 -07:00
security
selinux,smack: fix subjective/objective credential use mixups
2021-09-23 12:30:59 -04:00
sound
ALSA: pcsp: Make hrtimer forwarding more robust
2021-09-28 10:58:08 +02:00
tools
selftests/bpf: Fix fclose/pclose mismatch in test_progs
2021-10-29 17:48:43 +02:00
usr
.gitignore: prefix local generated files with a slash
2021-05-02 00:43:35 +09:00
virt
KVM: Remove tlbs_dirty
2021-09-23 11:01:12 -04:00
.clang-format
clang-format: Update with the latest for_each macro list
2021-05-12 23:32:39 +02:00
.cocciconfig
.get_maintainer.ignore
Opt out of scripts/get_maintainer.pl
2019-05-16 10:53:40 -07:00
.gitattributes
.gitattributes: use 'dts' diff driver for dts files
2019-12-04 19:44:11 -08:00
.gitignore
.gitignore: ignore only top-level modules.builtin
2021-05-02 00:43:35 +09:00
.mailmap
mailmap: update email address of Matthias Fuchs and Thomas Körper
2021-08-19 09:39:44 +02:00
COPYING
COPYING: state that all contributions really are covered by this file
2020-02-10 13:32:20 -08:00
CREDITS
MAINTAINERS: move Murali Karicheri to credits
2021-04-29 15:47:30 -07:00
Kbuild
kbuild: rename hostprogs-y/always to hostprogs/always-y
2020-02-04 01:53:07 +09:00
Kconfig
kbuild: ensure full rebuild when the compiler is updated
2020-05-12 13:28:33 +09:00
MAINTAINERS
mips, bpf: Enable eBPF JITs
2021-10-06 12:28:30 -07:00
Makefile
Linux 5.15-rc3
2021-09-26 14:08:19 -07:00
README
Drop all 00-INDEX files from Documentation/
2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.
Description
No description provided
Readme 3.4 GiB
Languages
C 97%
Assembly 1%
Shell 0.6%
Rust 0.5%
Python 0.4%
Other 0.3%