Matthew Garrett <matthewgarr...@google.com> wrote: > From: David Howells <dhowe...@redhat.com> > > bpf_read() and bpf_read_str() could potentially be abused to (eg) allow > private keys in kernel memory to be leaked. Disable them if the kernel > has been locked down in confidentiality mode. > > Suggested-by: Alexei Starovoitov <alexei.starovoi...@gmail.com> > Signed-off-by: Matthew Garrett <mj...@google.com> > Reviewed-by: Kees Cook <keesc...@chromium.org> > cc: net...@vger.kernel.org > cc: Chun-Yi Lee <j...@suse.com> > cc: Alexei Starovoitov <alexei.starovoi...@gmail.com> > Cc: Daniel Borkmann <dan...@iogearbox.net> > Signed-off-by: James Morris <jmor...@namei.org>
Signed-off-by: David Howells <dhowe...@redhat.com>