| 1 |
On Fri, Jan 5, 2018 at 8:39 AM, Nikos Chantziaras <realnc@×××××.com> wrote: |
| 2 |
|
| 3 |
> On 04/01/18 18:18, Rich Freeman wrote: |
| 4 |
> |
| 5 |
>> For variant 1 the only known vulnerability is BPF which probably |
| 6 |
>> next to nobody uses |
| 7 |
>> |
| 8 |
> |
| 9 |
> I had to enable various BPF settings in the kernel because systemd |
| 10 |
> wouldn't shut up about it. It prints warning messages during boot that the |
| 11 |
> system doesn't support BPF. After enabling it, systemd was happy and |
| 12 |
> stopped barking at me. |
| 13 |
> |
| 14 |
> |
| 15 |
The vulnerability specifically mentions EBPF and JIT so I'd say its |
| 16 |
CONFIG_HAVE_EBPF_JIT, but there's also CONFIG_BPF_JIT. |
| 17 |
|
| 18 |
I notice EBPF_JIT is =y in my .config, grepping the sysctl -a output for |
| 19 |
bpf only returns; |
| 20 |
kernel.unprivileged_bpf_disabled = 0 |
| 21 |
And |
| 22 |
https://github.com/linuxkit/linuxkit/commit/720fb219cea1fea99c2bba1d01f771eb43b2000b |
| 23 |
"On 4.9.x and 4.14.x kernels ebpf verifier bugs allow ebpf programs to |
| 24 |
access (read/write) random memory. Setting |
| 25 |
kernel.unprivileged_bpf_disabled=1 mitigates this somewhat until it is |
| 26 |
fixed upstream." |
Archives