summaryrefslogtreecommitdiff
path: root/sys-kernel/cairn-sources/files/5.10.7/hardened-patches/0094-disable-unprivileged-eBPF-access-by-default.patch
diff options
context:
space:
mode:
Diffstat (limited to 'sys-kernel/cairn-sources/files/5.10.7/hardened-patches/0094-disable-unprivileged-eBPF-access-by-default.patch')
-rw-r--r--sys-kernel/cairn-sources/files/5.10.7/hardened-patches/0094-disable-unprivileged-eBPF-access-by-default.patch25
1 files changed, 25 insertions, 0 deletions
diff --git a/sys-kernel/cairn-sources/files/5.10.7/hardened-patches/0094-disable-unprivileged-eBPF-access-by-default.patch b/sys-kernel/cairn-sources/files/5.10.7/hardened-patches/0094-disable-unprivileged-eBPF-access-by-default.patch
new file mode 100644
index 000000000000..8030349651c0
--- /dev/null
+++ b/sys-kernel/cairn-sources/files/5.10.7/hardened-patches/0094-disable-unprivileged-eBPF-access-by-default.patch
@@ -0,0 +1,25 @@
+From 58818be47b1fa792496a0d1ca0541a16063cd5df Mon Sep 17 00:00:00 2001
+From: Levente Polyak <levente@leventepolyak.net>
+Date: Mon, 7 May 2018 20:37:07 +0200
+Subject: [PATCH 094/113] disable unprivileged eBPF access by default
+
+---
+ kernel/bpf/syscall.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
+index 8f50c9c19f1b..a54c05624647 100644
+--- a/kernel/bpf/syscall.c
++++ b/kernel/bpf/syscall.c
+@@ -50,7 +50,7 @@ static DEFINE_SPINLOCK(map_idr_lock);
+ static DEFINE_IDR(link_idr);
+ static DEFINE_SPINLOCK(link_idr_lock);
+
+-int sysctl_unprivileged_bpf_disabled __read_mostly;
++int sysctl_unprivileged_bpf_disabled __read_mostly = 1;
+
+ static const struct bpf_map_ops * const bpf_map_types[] = {
+ #define BPF_PROG_TYPE(_id, _name, prog_ctx_type, kern_ctx_type)
+--
+2.30.0
+
generated by cgit v1.3.1 (git 2.54.0) at 2026-06-01 13:35:46 +0000