xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
00d9f429af039a76a301c1eb7b9e617e9caaf7d2
android_kernel_xiaomi_sm8450/kernel
History
Andrii Nakryiko 00d9f429af bpf: Prevent writable memory-mapping of read-only ringbuf pages 
commit 04ea3086c4d73da7009de1e84962a904139af219 upstream.

Only the very first page of BPF ringbuf that contains consumer position
counter is supposed to be mapped as writeable by user-space. Producer
position is read-only and can be modified only by the kernel code. BPF ringbuf
data pages are read-only as well and are not meant to be modified by
user-code to maintain integrity of per-record headers.

This patch allows to map only consumer position page as writeable and
everything else is restricted to be read-only. remap_vmalloc_range()
internally adds VM_DONTEXPAND, so all the established memory mappings can't be
extended, which prevents any future violations through mremap()'ing.

Fixes: 457f44363a ("bpf: Implement BPF ring buffer and verifier support for it")
Reported-by: Ryota Shiga (Flatt Security)
Reported-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2021-05-14 09:50:46 +02:00
..
bpf
bpf: Prevent writable memory-mapping of read-only ringbuf pages
2021-05-14 09:50:46 +02:00
cgroup
cgroup-v1: add disabled controller check in cgroup1_parse_param()
2021-02-17 11:02:25 +01:00
configs
compiler: remove CONFIG_OPTIMIZE_INLINING entirely
2020-04-07 10:43:42 -07:00
debug
kgdb: fix to kill breakpoints on initmem after boot
2021-03-04 11:38:46 +01:00
dma
swiotlb: respect min_align_mask
2021-05-07 11:04:32 +02:00
entry
x86/entry: Move nmi entry/exit into common code
2021-03-17 17:06:36 +01:00
events
perf: Rework perf_event_exit_event()
2021-05-11 14:47:31 +02:00
gcov
gcov: re-fix clang-11+ support
2021-04-14 08:41:58 +02:00
irq
genirq/matrix: Prevent allocation counter corruption
2021-05-11 14:47:17 +02:00
kcsan
kcsan, debugfs: Move debugfs file creation out of early init
2021-05-11 14:47:33 +02:00
livepatch
kernel/: fix repeated words in comments
2020-10-16 11:11:19 -07:00
locking
locking/qrwlock: Fix ordering in queued_write_lock_slowpath()
2021-04-28 13:40:00 +02:00
power
PM: EM: postpone creating the debugfs dir till fs_initcall
2021-03-30 14:32:04 +02:00
printk
printk: fix deadlock when kernel panic
2021-03-04 11:38:41 +01:00
rcu
rcu: Remove spurious instrumentation_end() in rcu_nmi_enter()
2021-05-14 09:50:22 +02:00
sched
sched/debug: Fix cgroup_path[] serialization
2021-05-14 09:50:28 +02:00
time
posix-timers: Preserve return value in clock_adjtime32()
2021-05-11 14:47:16 +02:00
trace
tracing: Restructure trace_clock_global() to never block
2021-05-11 14:47:40 +02:00
.gitignore
kbuild: update config_data.gz only when the content of .config is changed
2021-05-11 14:47:37 +02:00
acct.c
kernel: acct.c: fix some kernel-doc nits
2020-10-16 11:11:19 -07:00
async.c
treewide: Remove uninitialized_var() usage
2020-07-16 12:35:15 -07:00
audit_fsnotify.c
fsnotify: generalize handle_inode_event()
2020-12-30 11:54:18 +01:00
audit_tree.c
fsnotify: generalize handle_inode_event()
2020-12-30 11:54:18 +01:00
audit_watch.c
fsnotify: generalize handle_inode_event()
2020-12-30 11:54:18 +01:00
audit.c
audit: Remove redundant null check
2020-08-26 09:10:39 -04:00
audit.h
audit: change unnecessary globals into statics
2020-08-17 20:26:58 -04:00
auditfilter.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
auditsc.c
Merge tag 'audit-pr-20200803' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
2020-08-04 14:20:26 -07:00
backtracetest.c
treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()
2020-07-30 11:15:58 -07:00
bounds.c
capability.c
LSM: Signal to SafeSetID when setting group IDs
2020-10-13 09:17:34 -07:00
compat.c
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
configs.c
context_tracking.c
context_tracking: Ensure that the critical path cannot be instrumented
2020-06-11 15:14:36 +02:00
cpu_pm.c
notifier: Fix broken error handling pattern
2020-09-01 09:58:03 +02:00
cpu.c
kernel/cpu: add arch override for clear_tasks_mm_cpumask() mm handling
2020-11-27 00:10:39 +11:00
crash_core.c
kdump: append kernel build-id string to VMCOREINFO
2020-08-12 10:58:01 -07:00
crash_dump.c
crash_dump: Remove no longer used saved_max_pfn
2020-04-15 11:21:54 +02:00
cred.c
exec: Teach prepare_exec_creds how exec treats uids & gids
2020-05-20 14:44:21 -05:00
delayacct.c
dma.c
exec_domain.c
exit.c
kernel/io_uring: cancel io_uring before task works
2021-01-30 13:55:18 +01:00
extable.c
kernel/extable.c: use address-of operator on section symbols
2020-04-07 10:43:42 -07:00
fail_function.c
fail_function: Remove a redundant mutex unlock
2020-11-19 11:58:16 -08:00
fork.c
mm/fork: clear PASID for new mm
2021-03-30 14:31:52 +02:00
freezer.c
Revert "kernel: freezer should treat PF_IO_WORKER like PF_KTHREAD for freezing"
2021-04-07 15:00:14 +02:00
futex.c
futex: Do not apply time namespace adjustment on FUTEX_LOCK_PI
2021-05-11 14:47:37 +02:00
gen_kheaders.sh
kbuild: add variables for compression tools
2020-06-06 23:42:01 +09:00
groups.c
LSM: Signal to SafeSetID when setting group IDs
2020-10-13 09:17:34 -07:00
hung_task.c
kernel/hung_task.c: make type annotations consistent
2020-11-02 12:14:19 -08:00
iomem.c
irq_work.c
irq_work, smp: Allow irq_work on call_single_queue
2020-05-28 10:54:15 +02:00
jump_label.c
static_call: Fix static_call_update() sanity check
2021-03-25 09:04:18 +01:00
kallsyms.c
treewide: Convert macro and uses of __section(foo) to __section("foo")
2020-10-25 14:51:49 -07:00
kcmp.c
exec: Transform exec_update_mutex into a rw_semaphore
2021-01-09 13:46:24 +01:00
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c
kcov: make some symbols static
2020-08-12 10:58:02 -07:00
kexec_core.c
kernel: kexec: remove the lock operation of system_transition_mutex
2021-02-03 23:28:37 +01:00
kexec_elf.c
kexec_file.c
ima: Free IMA measurement buffer after kexec syscall
2021-03-04 11:37:50 +01:00
kexec_internal.h
kexec.c
LSM: Introduce kernel_post_load_data() hook
2020-10-05 13:37:03 +02:00
kheaders.c
kmod.c
kmod: remove redundant "be an" in the comment
2020-08-12 10:58:01 -07:00
kprobes.c
kprobes: Fix to delay the kprobes jump optimization
2021-03-04 11:38:35 +01:00
ksysfs.c
kthread.c
kthread: Extract KTHREAD_IS_PER_CPU
2021-02-07 15:37:17 +01:00
latencytop.c
sysctl: pass kernel pointers to ->proc_handler
2020-04-27 02:07:40 -04:00
Makefile
kbuild: update config_data.gz only when the content of .config is changed
2021-05-11 14:47:37 +02:00
module_signature.c
module: harden ELF info handling
2021-03-25 09:04:11 +01:00
module_signing.c
module: harden ELF info handling
2021-03-25 09:04:11 +01:00
module-internal.h
module.c
module: harden ELF info handling
2021-03-25 09:04:11 +01:00
notifier.c
notifier: Fix broken error handling pattern
2020-09-01 09:58:03 +02:00
nsproxy.c
nsproxy: support CLONE_NEWTIME with setns()
2020-07-08 11:14:22 +02:00
padata.c
padata: fix possible padata_works_lock deadlock
2020-09-04 17:51:55 +10:00
panic.c
panic: don't dump stack twice on warn
2020-11-14 11:26:04 -08:00
params.c
params: Replace zero-length array with flexible-array member
2020-10-29 17:22:59 -05:00
pid_namespace.c
kernel/: fix repeated words in comments
2020-10-16 11:11:19 -07:00
pid.c
exec: Transform exec_update_mutex into a rw_semaphore
2021-01-09 13:46:24 +01:00
profile.c
ptrace.c
ptrace: Set PF_SUPERPRIV when checking capability
2020-11-17 12:53:22 -08:00
range.c
kernel.h: split out min()/max() et al. helpers
2020-10-16 11:11:19 -07:00
reboot.c
reboot: fix overflow parsing reboot cpu number
2020-11-14 11:26:03 -08:00
regset.c
regset: kill ->get()
2020-07-27 14:31:12 -04:00
relay.c
kernel/relay.c: drop unneeded initialization
2020-10-16 11:11:22 -07:00
resource.c
kernel/resource: make iomem_resource implicit in release_mem_region_adjustable()
2020-10-16 11:11:18 -07:00
rseq.c
scftorture.c
scftorture: Add cond_resched() to test loop
2020-08-24 18:38:38 -07:00
scs.c
mm: memcontrol: account kernel stack per node
2020-08-07 11:33:25 -07:00
seccomp.c
seccomp: Add missing return in non-void function
2021-03-04 11:38:32 +01:00
signal.c
ptrace: fix task_join_group_stop() for the case when current is traced
2020-11-02 12:14:19 -08:00
smp.c
smp: Process pending softirqs in flush_smp_call_function_from_idle()
2021-03-04 11:37:51 +01:00
smpboot.c
kthread: Extract KTHREAD_IS_PER_CPU
2021-02-07 15:37:17 +01:00
smpboot.h
softirq.c
softirq: Add debug check to __raise_softirq_irqoff()
2020-09-16 15:18:56 +02:00
stackleak.c
stackleak: let stack_erasing_sysctl take a kernel pointer buffer
2020-09-19 13:13:39 -07:00
stacktrace.c
stacktrace: Remove reliable argument from arch_stack_walk() callback
2020-09-18 14:24:16 +01:00
static_call.c
static_call: Align static_call_is_init() patching condition
2021-04-07 15:00:06 +02:00
stop_machine.c
stop_machine, rcu: Mark functions as notrace
2020-10-26 12:12:27 +01:00
sys_ni.c
mm/madvise: introduce process_madvise() syscall: an external memory hinting API
2020-10-18 09:27:10 -07:00
sys.c
kernel/sys.c: fix prototype of prctl_get_tid_address()
2020-10-25 11:44:16 -07:00
sysctl-test.c
sysctl.c
sysctl.c: fix underflow value setting risk in vm_table
2021-03-17 17:06:25 +01:00
task_work.c
task_work: cleanup notification modes
2020-10-17 15:05:30 -06:00
taskstats.c
taskstats: move specifying netlink policy back to ops
2020-10-02 19:11:12 -07:00
test_kprobes.c
torture.c
torture: Dump ftrace at shutdown only if requested
2020-06-29 12:01:45 -07:00
tracepoint.c
tracepoint: Do not fail unregistering a probe due to memory failure
2021-03-04 11:38:03 +01:00
tsacct.c
ucount.c
ucount: Make sure ucounts in /proc/sys/user don't regress again
2020-04-07 21:51:27 +02:00
uid16.c
uid16.h
umh.c
usermodehelper: reset umask to default before executing user process
2020-10-06 10:31:52 -07:00
up.c
user_namespace.c
capabilities: require CAP_SETFCAP to map uid 0
2021-05-07 11:04:31 +02:00
user-return-notifier.c
user.c
user.c: make uidhash_table static
2020-06-04 19:06:24 -07:00
usermode_driver.c
bpf: Fix umd memory leak in copy_process()
2021-03-30 14:32:03 +02:00
utsname_sysctl.c
sysctl: pass kernel pointers to ->proc_handler
2020-04-27 02:07:40 -04:00
utsname.c
nsproxy: add struct nsset
2020-05-09 13:57:12 +02:00
watch_queue.c
watch_queue: Limit the number of watches a user can hold
2020-08-17 09:39:18 -07:00
watchdog_hld.c
watchdog.c
kernel/watchdog: fix watchdog_allowed_mask not used warning
2020-11-14 11:26:03 -08:00
workqueue_internal.h
workqueue.c
workqueue: Move the position of debug_work_activate() in __queue_work()
2021-04-14 08:42:10 +02:00