OpenCloudOS-Kernel/Documentation
Yauheni Kaliuta bfeb7e399b bpf: Use bpf_capable() instead of CAP_SYS_ADMIN for blinding decision
The full CAP_SYS_ADMIN requirement for blinding looks too strict nowadays.
These days given unprivileged BPF is disabled by default, the main users
for constant blinding coming from unprivileged in particular via cBPF -> eBPF
migration (e.g. old-style socket filters).

Signed-off-by: Yauheni Kaliuta <ykaliuta@redhat.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20220831090655.156434-1-ykaliuta@redhat.com
Link: https://lore.kernel.org/bpf/20220905090149.61221-1-ykaliuta@redhat.com
2022-09-16 22:11:57 +02:00
..
ABI Documentation/ABI: Mention retbleed vulnerability info file for sysfs 2022-08-25 15:55:02 +02:00
PCI Fix of heap data and clang warnings, support for a new Intel NTB device, 2022-08-13 14:00:45 -07:00
RCU rcu/context-tracking: Remove unused and/or unecessary middle functions 2022-07-05 13:33:00 -07:00
accounting
admin-guide bpf: Use bpf_capable() instead of CAP_SYS_ADMIN for blinding decision 2022-09-16 22:11:57 +02:00
arc
arm SPDX changes for 6.0-rc1 2022-08-04 12:12:54 -07:00
arm64 arm64: errata: add detection for AMEVCNTR01 incrementing incorrectly 2022-08-23 11:06:48 +01:00
block null_blk: add module parameters for 4 options 2022-08-02 17:14:50 -06:00
bpf Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2022-08-17 20:29:36 -07:00
cdrom
core-api Bitmap patches for v6.0-rc1 2022-08-07 17:52:35 -07:00
cpu-freq
crypto
dev-tools - The usual batches of cleanups from Baoquan He, Muchun Song, Miaohe 2022-08-05 16:32:45 -07:00
devicetree dt-bindings: net: altera: tse: add an optional pcs register range 2022-09-05 10:16:53 +01:00
doc-guide
driver-api cxl for 6.0 2022-08-10 11:07:26 -07:00
fault-injection SUNRPC: Fix server-side fault injection documentation 2022-07-29 20:08:56 -04:00
fb
features Xtensa updates for v5.20 2022-08-04 15:35:58 -07:00
filesystems f2fs-for-6.0 2022-08-08 11:18:31 -07:00
firmware-guide Documentation: ACPI: EINJ: Fix obsolete example 2022-07-21 17:05:42 +02:00
firmware_class
fpga
gpu Merge tag 'amd-drm-next-5.20-2022-07-26' of https://gitlab.freedesktop.org/agd5f/linux into drm-next 2022-07-27 09:33:45 +10:00
hid
hwmon This was a moderately busy cycle for documentation, but nothing all that 2022-08-02 19:24:24 -07:00
i2c docs: i2c: i2c-sysfs: fix hyperlinks 2022-08-11 23:25:05 +02:00
ia64
iio
images
infiniband
input
isdn
kbuild asm goto: eradicate CC_HAS_ASM_GOTO 2022-08-21 10:06:28 -07:00
kernel-hacking docs: process: remove outdated submitting-drivers.rst 2022-07-14 15:03:57 -06:00
leds
litmus-tests
livepatch doc: module: update file references 2022-07-01 14:50:01 -07:00
locking
loongarch docs/LoongArch: Add I14 description 2022-08-12 13:10:11 +08:00
m68k video: fbdev: atari: Fix inverse handling 2022-07-18 07:56:17 +02:00
maintainer
mhi
mips
misc-devices
mm Documentation/mm: add details about kmap_local_page() and preemption 2022-08-08 18:06:46 -07:00
netlabel
networking net: phy: Add 1000BASE-KX interface mode 2022-09-05 14:30:42 +01:00
nios2
nvdimm
openrisc
parisc
pcmcia
peci
power Merge branches 'pm-devfreq', 'pm-qos', 'pm-tools' and 'pm-docs' 2022-07-29 19:46:00 +02:00
powerpc docs: powerpc: add elf_hwcaps to table of contents 2022-07-28 16:19:47 +10:00
process sound updates for 6.0-rc1 2022-08-06 10:19:51 -07:00
riscv
s390 s390/docs: fix warnings for vfio_ap driver doc 2022-07-22 13:54:07 +02:00
scheduler
scsi SCSI misc on 20220804 2022-08-04 19:47:37 -07:00
security Documentation: siphash: Fix typo in the name of offsetofend macro 2022-07-13 14:01:22 -06:00
sh
sound ASoC: Merge up fixes 2022-07-11 15:51:01 +01:00
sparc
sphinx docs: kerneldoc-preamble: Test xeCJK.sty before loading 2022-08-18 11:27:55 -06:00
sphinx-static
spi
staging
target
timers
tools rtla: Fix tracer name 2022-08-10 11:43:59 -04:00
trace Tracing updates for 5.20 / 6.0 2022-08-05 09:41:12 -07:00
translations docs/ja_JP/SubmittingPatches: Remove reference to submitting-drivers.rst 2022-08-19 07:54:08 -06:00
usb usb: gadget: f_mass_storage: forced_eject attribute 2022-07-14 16:06:42 +02:00
userspace-api netlink: add support for ext_ack missing attributes 2022-08-30 12:20:43 +02:00
virt KVM: x86/MMU: properly format KVM_CAP_VM_DISABLE_NX_HUGE_PAGES capability table 2022-08-11 02:35:37 -04:00
w1
watchdog watchdog/pseries-wdt: initial support for H_WATCHDOG-based watchdog timers 2022-07-20 21:57:39 +10:00
x86 dma-mapping updates 2022-08-06 10:56:45 -07:00
xtensa
.gitignore
Changes
CodingStyle
Kconfig
Makefile
SubmittingPatches
arch.rst
asm-annotations.rst
atomic_bitops.txt wait_on_bit: add an acquire memory barrier 2022-08-26 09:30:25 -07:00
atomic_t.txt
conf.py docs/conf.py: add function attribute '__fix_address' to conf.py 2022-08-26 16:47:13 -06:00
docutils.conf
dontdiff
index.rst
memory-barriers.txt