forge/linux-uconsole
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
linux-uconsole/kernel/bpf
History
Kees Cook b80e052c3a bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() 
commit 6396026045 upstream.

When evaluating access control over kallsyms visibility, credentials at
open() time need to be used, not the "current" creds (though in BPF's
case, this has likely always been the same). Plumb access to associated
file->f_cred down through bpf_dump_raw_ok() and its callers now that
kallsysm_show_value() has been refactored to take struct cred.

Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: bpf@vger.kernel.org
Cc: stable@vger.kernel.org
Fixes: 7105e828c0 ("bpf: allow for correlation of maps and helpers in dump")
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-07-16 08:17:27 +02:00
..
arraymap.c bpf: decouple btf from seq bpf fs dump and enable more maps 2018-08-13 00:52:45 +02:00
bpf_lru_list.c bpf: lru: Lower the PERCPU_NR_SCANS from 16 to 4 2017-04-17 13:55:52 -04:00
bpf_lru_list.h bpf: Only set node->ref = 1 if it has not been set 2017-09-01 09:57:39 -07:00
btf.c bpf: Explicitly memset some bpf info structures declared on the stack 2020-04-02 15:28:23 +02:00
cgroup.c bpf: introduce update_effective_progs() 2018-08-07 14:29:55 +02:00
core.c bpf: fix bpf_jit_limit knob for PAGE_SIZE >= 64K 2019-07-10 09:53:47 +02:00
cpumap.c cpumap: Avoid warning when CONFIG_DEBUG_PER_CPU_MAPS is enabled 2020-05-02 17:25:53 +02:00
devmap.c bpf: devmap: fix wrong interface selection in notifier_call 2019-12-01 09:17:01 +01:00
disasm.c bpf: Remove struct bpf_verifier_env argument from print_bpf_insn 2018-03-23 17:38:57 +01:00
disasm.h bpf: Remove struct bpf_verifier_env argument from print_bpf_insn 2018-03-23 17:38:57 +01:00
hashtab.c bpf, lru: avoid messing with eviction heuristics upon syscall lookup 2019-05-25 18:23:48 +02:00
helpers.c bpf: introduce the bpf_get_local_storage() helper function 2018-08-03 00:47:32 +02:00
inode.c bpf: map_seq_next should always increase position index 2020-02-24 08:34:51 +01:00
local_storage.c bpf: allocate local storage buffers using GFP_ATOMIC 2018-12-17 09:24:33 +01:00
lpm_trie.c bpf: lpm_trie: check left child of last leftmost node for NULL 2019-07-03 13:14:48 +02:00
Makefile bpf: silence warning messages in core 2019-07-26 09:14:06 +02:00
map_in_map.c bpf: fix inner map masking to prevent oob under speculation 2019-01-31 08:14:41 +01:00
map_in_map.h bpf: Add syscall lookup support for fd array and htab 2017-06-29 13:13:25 -04:00
offload.c bpf, offload: Replace bitwise AND by logical AND in bpf_prog_offload_info_fill 2020-02-28 16:38:59 +01:00
percpu_freelist.c bpf: fix lockdep false positive in percpu_freelist 2019-03-13 14:02:36 -07:00
percpu_freelist.h bpf: fix lockdep false positive in percpu_freelist 2019-03-13 14:02:36 -07:00
reuseport_array.c bpf: Introduce BPF_MAP_TYPE_REUSEPORT_SOCKARRAY 2018-08-11 01:58:46 +02:00
sockmap.c bpf: sockmap, fix transition through disconnect without close 2018-09-22 02:46:41 +02:00
stackmap.c bpf/stackmap: Fix deadlock with rq_lock in bpf_get_stack() 2019-12-31 16:35:20 +01:00
syscall.c bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() 2020-07-16 08:17:27 +02:00
tnum.c bpf: Fix incorrect verifier simulation of ARSH under ALU32 2020-01-23 08:21:32 +01:00
verifier.c bpf: fix buggy r0 retval refinement for tracing helpers 2020-04-23 10:30:24 +02:00
xskmap.c xsk: do not call synchronize_net() under RCU read lock 2018-10-11 10:19:01 +02:00