mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-07 13:43:51 +00:00
bpf: Disallow unprivileged bpf by default
Disabling unprivileged BPF would help prevent unprivileged users from
creating certain conditions required for potential speculative execution
side-channel attacks on unmitigated affected hardware.
A deep dive on such attacks and current mitigations is available here [0].
Sync with what many distros are currently applying already, and disable
unprivileged BPF by default. An admin can enable this at runtime, if
necessary, as described in 08389d8882
("bpf: Add kconfig knob for
disabling unpriv bpf by default").
[0] "BPF and Spectre: Mitigating transient execution attacks", Daniel Borkmann, eBPF Summit '21
https://ebpf.io/summit-2021-slides/eBPF_Summit_2021-Keynote-Daniel_Borkmann-BPF_and_Spectre.pdf
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Mark Rutland <mark.rutland@arm.com>
Link: https://lore.kernel.org/bpf/0ace9ce3f97656d5f62d11093ad7ee81190c3c25.1635535215.git.pawan.kumar.gupta@linux.intel.com
This commit is contained in:
parent
f48ad69097
commit
8a03e56b25
@ -64,6 +64,7 @@ config BPF_JIT_DEFAULT_ON
|
|||||||
|
|
||||||
config BPF_UNPRIV_DEFAULT_OFF
|
config BPF_UNPRIV_DEFAULT_OFF
|
||||||
bool "Disable unprivileged BPF by default"
|
bool "Disable unprivileged BPF by default"
|
||||||
|
default y
|
||||||
depends on BPF_SYSCALL
|
depends on BPF_SYSCALL
|
||||||
help
|
help
|
||||||
Disables unprivileged BPF by default by setting the corresponding
|
Disables unprivileged BPF by default by setting the corresponding
|
||||||
@ -72,6 +73,12 @@ config BPF_UNPRIV_DEFAULT_OFF
|
|||||||
disable it by setting it to 1 (from which no other transition to
|
disable it by setting it to 1 (from which no other transition to
|
||||||
0 is possible anymore).
|
0 is possible anymore).
|
||||||
|
|
||||||
|
Unprivileged BPF could be used to exploit certain potential
|
||||||
|
speculative execution side-channel vulnerabilities on unmitigated
|
||||||
|
affected hardware.
|
||||||
|
|
||||||
|
If you are unsure how to answer this question, answer Y.
|
||||||
|
|
||||||
source "kernel/bpf/preload/Kconfig"
|
source "kernel/bpf/preload/Kconfig"
|
||||||
|
|
||||||
config BPF_LSM
|
config BPF_LSM
|
||||||
|
Loading…
Reference in New Issue
Block a user