linux/drivers/media
Alexei Starovoitov 2c78ee898d bpf: Implement CAP_BPF
Implement permissions as stated in uapi/linux/capability.h
In order to do that the verifier allow_ptr_leaks flag is split
into four flags and they are set as:
  env->allow_ptr_leaks = bpf_allow_ptr_leaks();
  env->bypass_spec_v1 = bpf_bypass_spec_v1();
  env->bypass_spec_v4 = bpf_bypass_spec_v4();
  env->bpf_capable = bpf_capable();

The first three currently equivalent to perfmon_capable(), since leaking kernel
pointers and reading kernel memory via side channel attacks is roughly
equivalent to reading kernel memory with cap_perfmon.

'bpf_capable' enables bounded loops, precision tracking, bpf to bpf calls and
other verifier features. 'allow_ptr_leaks' enable ptr leaks, ptr conversions,
subtraction of pointers. 'bypass_spec_v1' disables speculative analysis in the
verifier, run time mitigations in bpf array, and enables indirect variable
access in bpf programs. 'bypass_spec_v4' disables emission of sanitation code
by the verifier.

That means that the networking BPF program loaded with CAP_BPF + CAP_NET_ADMIN
will have speculative checks done by the verifier and other spectre mitigation
applied. Such networking BPF program will not be able to leak kernel pointers
and will not be able to access arbitrary kernel memory.

Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20200513230355.7858-3-alexei.starovoitov@gmail.com
2020-05-15 17:29:41 +02:00
..
cec media: cec-notifier: make cec_notifier_get_conn() static 2020-03-20 09:02:45 +01:00
common media: siano: Use scnprintf() for avoiding potential buffer overflow 2020-03-20 16:28:07 +01:00
dvb-core media: dvb-core: dvbdev: convert to use i2c_new_client_device() 2020-01-09 15:57:46 +01:00
dvb-frontends media: tda10071: fix unsigned sign extension overflow 2020-03-12 09:46:45 +01:00
firewire media: firewire: Make structure fdtv_ca constant 2019-08-21 18:39:55 -03:00
i2c media: i2c: video-i2c: fix build errors due to 'imply hwmon' 2020-03-24 17:11:27 +01:00
mc media: mc-entity.c: use WARN_ON, validate link pads 2020-02-24 17:21:58 +01:00
mmc treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
pci Power management updates for 5.7-rc1 2020-03-30 15:05:01 -07:00
platform Power management updates for 5.7-rc1 2020-03-30 15:05:01 -07:00
radio media: Fix Kconfig indentation 2020-02-24 15:19:38 +01:00
rc bpf: Implement CAP_BPF 2020-05-15 17:29:41 +02:00
spi media: spi: gs1662: Use new structure for SPI transfer delays 2020-03-05 22:46:25 +01:00
tuners media: tuners: Use the correct style for SPDX License Identifier 2019-10-24 18:57:55 -03:00
usb media: xirlink_cit: add missing descriptor sanity checks 2020-03-12 17:27:07 +01:00
v4l2-core media: v4l: Add 14-bit raw greyscale pixel format 2020-03-20 09:00:56 +01:00
Kconfig media: Fix Kconfig indentation 2020-02-24 15:19:38 +01:00
Makefile media: move drivers/media/media-* to drivers/media/mc/mc-* 2019-05-28 12:15:46 -04:00