shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-06 19:08:57 +09:00
Code Issues Packages Projects Releases Wiki Activity

ANDROID: GKI: continue to allow eBPF unprivileged programs to run

Browse Source 
The 5.16-rc1 kernel has changed the default to disable eBPF unprivileged
programs to run because of Intel's broken hardware which allows for
speculation leaks to happen very easily on those platforms.  This is not
an issue on the majority of Android systems, and the Android networking
functionality relies on this feature, so specifically disable the
configuration option so that things continue to work properly.

Disabling a disable configuration option, ugh...

Fixes: 8a03e56b25 ("bpf: Disallow unprivileged bpf by default")
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Change-Id: Ifd055add42ec1e8360c3d7823ae12567513dba19
This commit is contained in:
Greg Kroah-Hartman
2021-11-10 09:44:08 +01:00
parent 73658a3e41
commit 5f4d4e1245
2 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
arch/arm64/configs/gki_defconfig
View File

@@ -5,6 +5,7 @@ CONFIG_HIGH_RES_TIMERS=y
CONFIG_BPF_SYSCALL=y
CONFIG_BPF_JIT=y
CONFIG_BPF_JIT_ALWAYS_ON=y
# CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set
CONFIG_PREEMPT_BEHAVIOUR=y
CONFIG_IRQ_TIME_ACCOUNTING=y
CONFIG_TASKSTATS=y

1
arch/x86/configs/gki_defconfig
View File

@@ -7,6 +7,7 @@ CONFIG_HIGH_RES_TIMERS=y
CONFIG_BPF_SYSCALL=y
CONFIG_BPF_JIT=y
CONFIG_BPF_JIT_ALWAYS_ON=y
# CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set
CONFIG_PREEMPT_BEHAVIOUR=y
CONFIG_IRQ_TIME_ACCOUNTING=y
CONFIG_TASKSTATS=y