On Thu, Jul 18, 2019 at 12:45 PM Matthew Garrett <[email protected]> wrote: > bpf_read() and bpf_read_str() could potentially be abused to (eg) allow > private keys in kernel memory to be leaked. Disable them if the kernel > has been locked down in confidentiality mode. > > Suggested-by: Alexei Starovoitov <[email protected]> > Signed-off-by: Matthew Garrett <[email protected]> > cc: [email protected] > cc: Chun-Yi Lee <[email protected]> > cc: Alexei Starovoitov <[email protected]> > Cc: Daniel Borkmann <[email protected]>
Any further feedback on this?
