github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-07 14:04:54 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
2d939f16c3
linux/include
History
Sami Tolvanen 788bbf4f26 ANDROID: bpf: validate bpf_func when BPF_JIT is enabled with CFI 
With CONFIG_BPF_JIT, the kernel makes indirect calls to dynamically
generated code, which the compile-time Control-Flow Integrity (CFI)
checking cannot validate. This change adds basic sanity checking to
ensure we are jumping to a valid location, which narrows down the
attack surface on the stored pointer.

In addition, this change adds a weak arch_bpf_jit_check_func function,
which architectures that implement BPF JIT can override to perform
additional validation, such as verifying that the pointer points to
the correct memory region.

Bug: 145210207
Change-Id: I1a90c70cdcef25673a870d3c4f2586a829c0d32e
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
2019-11-26 13:27:46 -08:00
..
acpi cpufreq: Use per-policy frequency QoS 2019-10-21 02:05:21 +02:00
asm-generic ANDROID: add support for Clang's Control Flow Integrity (CFI) 2019-11-26 13:27:46 -08:00
clocksource
crypto Merge branch 'next-integrity' of git://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity 2019-09-27 19:37:27 -07:00
drm ANDROID: drivers: gpu: drm: add support to batch commands 2019-11-19 14:33:07 -08:00
dt-bindings Main MIPS changes for v5.4: 2019-09-22 09:30:30 -07:00
keys
kvm
linux ANDROID: bpf: validate bpf_func when BPF_JIT is enabled with CFI 2019-11-26 13:27:46 -08:00
math-emu
media ANDROID: media: increase video max frame number 2019-10-29 18:11:34 +00:00
misc
net Linux 5.4 2019-11-25 09:57:21 +01:00
pcmcia
ras
rdma RDMA/uverbs: Prevent potential underflow 2019-10-22 15:05:36 -03:00
scsi FROMGIT: scsi: core: allow auto suspend override by low-level driver 2019-11-04 16:52:37 +00:00
soc Char/Misc driver patches for 5.4-rc1 2019-09-18 11:14:31 -07:00
sound ANDROID: SoC: core: Introduce macro SOC_SINGLE_MULTI_EXT 2019-11-20 18:04:34 +00:00
target
trace Linux 5.4-rc8 2019-11-18 08:31:11 +01:00
uapi Linux 5.4-rc8 2019-11-18 08:31:11 +01:00
vdso
video
xen xen: fixes and cleanups for 5.4-rc2 2019-10-04 11:13:09 -07:00
Kbuild - New Drivers 2019-09-23 19:37:49 -07:00