kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
Minimal supplement to upstream Kernel Self Protection Project changes. Features already provided by SELinux + Yama and archs other than multiarch arm64 / x86_64 aren't in scope. Only tags have stable history. Shared IRC channel with KSPP: irc.libera.chat #linux-hardening
754349 commits 8 branches 1594 tags 3.2 GiB
C 97.7%
Assembly 1.2%
Shell 0.4%
Makefile 0.3%
Python 0.2%
Other 0.1%
Find a file
Sandipan Das dbecd73884 bpf: get kernel symbol addresses via syscall 
This adds new two new fields to struct bpf_prog_info. For
multi-function programs, these fields can be used to pass
a list of kernel symbol addresses for all functions in a
given program to userspace using the bpf system call with
the BPF_OBJ_GET_INFO_BY_FD command.

When bpf_jit_kallsyms is enabled, we can get the address
of the corresponding kernel symbol for a callee function
and resolve the symbol's name. The address is determined
by adding the value of the call instruction's imm field
to __bpf_call_base. This offset gets assigned to the imm
field by the verifier.

For some architectures, such as powerpc64, the imm field
is not large enough to hold this offset.

We resolve this by:

[1] Assigning the subprog id to the imm field of a call
    instruction in the verifier instead of the offset of
    the callee's symbol's address from __bpf_call_base.

[2] Determining the address of a callee's corresponding
    symbol by using the imm field as an index for the
    list of kernel symbol addresses now available from
    the program info.

Suggested-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Sandipan Das <sandipan@linux.vnet.ibm.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-05-24 09:20:49 +02:00
arch bpf: powerpc64: add JIT support for multi-function programs 2018-05-24 09:20:49 +02:00
block blk-mq: fix sysfs inflight counter 2018-04-26 09:02:01 -06:00
certs certs/blacklist_nohashes.c: fix const confusion in certs blacklist 2018-02-21 15:35:43 -08:00
crypto crypto: drbg - set freed buffers to NULL 2018-04-21 00:57:00 +08:00
Documentation Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2018-05-16 22:47:11 -04:00
drivers nfp: bpf: support arithmetic indirect right shift (BPF_ARSH | BPF_X) 2018-05-18 21:35:55 +02:00
firmware kbuild: remove all dummy assignments to obj- 2017-11-18 11:46:06 +09:00
fs vmcore: append device dumps to vmcore as elf notes 2018-05-14 13:46:04 -04:00
include bpf: get kernel symbol addresses via syscall 2018-05-24 09:20:49 +02:00
init Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2018-05-16 22:47:11 -04:00
ipc ipc/shm: fix use-after-free of shm file via remap_file_pages() 2018-04-13 17:10:27 -07:00
kernel bpf: get kernel symbol addresses via syscall 2018-05-24 09:20:49 +02:00
lib Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2018-05-07 23:35:08 -04:00
LICENSES LICENSES: Add MPL-1.1 license 2018-01-06 10:59:44 -07:00
mm mmap: introduce sane default mmap limits 2018-05-11 09:52:01 -07:00
net bpf: Add mtu checking to FIB forwarding helper 2018-05-22 10:51:09 +02:00
samples samples/bpf: adapt xdpsock to the new uapi 2018-05-22 10:25:06 +02:00
scripts bpf: change eBPF helper doc parsing script to allow for smaller indent 2018-05-17 17:34:43 +02:00
security net: initial AF_XDP skeleton 2018-05-03 15:55:23 -07:00
sound ALSA: pcm: Check PCM state at xfern compat ioctl 2018-05-02 08:54:54 +02:00
tools tools/lib/libbpf.c: fix string format to allow build on arm32 2018-05-23 20:18:00 +02:00
usr kbuild: rename built-in.o to built-in.a 2018-03-26 02:01:19 +09:00
virt KVM/arm fixes for 4.17, take #2 2018-05-05 23:05:31 +02:00
.clang-format clang-format: add configuration file 2018-04-11 10:28:35 -07:00
.cocciconfig
.get_maintainer.ignore
.gitattributes .gitattributes: set git diff driver for C source code files 2016-10-07 18:46:30 -07:00
.gitignore Kbuild updates for v4.17 (2nd) 2018-04-15 17:21:30 -07:00
.mailmap Merge candidates for 4.17 merge window 2018-04-06 17:35:43 -07:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS MAINTAINERS/CREDITS: Drop METAG ARCHITECTURE 2018-03-05 16:34:24 +00:00
Kbuild Kbuild updates for v4.15 2017-11-17 17:45:29 -08:00
Kconfig License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
MAINTAINERS MAINTAINERS: Add entry for Microsemi Ethernet switches 2018-05-15 16:41:15 -04:00
Makefile Linux 4.17-rc4 2018-05-06 16:57:38 -10:00
README Docs: Added a pointer to the formatted docs to README 2018-03-21 09:02:53 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.
See Documentation/00-INDEX for a list of what is contained in each file.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.