diff options
author | Otavio Salvador <otavio@ossystems.com.br> | 2022-05-19 11:02:10 -0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-05-19 11:02:10 -0300 |
commit | b7007e1d615b8d4b71c28ebf790c5164fc4491d5 (patch) | |
tree | 48c35f63dc1101d0d528b5d79c81849b99ca7c6d /init | |
parent | 38955ef654554c94f4d91bafb9ef5c5f41a4c0f6 (diff) | |
parent | 0e61b511dd8474280ba674590daa55f30433b7d4 (diff) |
Merge pull request #565 from philschenker/update-to-5.4.193__update-to-2.3.7__5.4-2.3.x-imx
Update Patchlevel on Branch 5.4-2.3.x-imx from 5.4.161->5.4.193
Diffstat (limited to 'init')
-rw-r--r-- | init/Kconfig | 10 | ||||
-rw-r--r-- | init/main.c | 6 |
2 files changed, 14 insertions, 2 deletions
diff --git a/init/Kconfig b/init/Kconfig index f23e90d9935f..e6216dc2a1d1 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -1609,6 +1609,16 @@ config BPF_JIT_ALWAYS_ON Enables BPF JIT and removes BPF interpreter to avoid speculative execution of BPF instructions by the interpreter +config BPF_UNPRIV_DEFAULT_OFF + bool "Disable unprivileged BPF by default" + depends on BPF_SYSCALL + help + Disables unprivileged BPF by default by setting the corresponding + /proc/sys/kernel/unprivileged_bpf_disabled knob to 2. An admin can + still reenable it by setting it to 0 later on, or permanently + disable it by setting it to 1 (from which no other transition to + 0 is possible anymore). + config USERFAULTFD bool "Enable userfaultfd() system call" depends on MMU diff --git a/init/main.c b/init/main.c index e6a1fb14f308..d292daabd9a2 100644 --- a/init/main.c +++ b/init/main.c @@ -831,7 +831,7 @@ static int __init initcall_blacklist(char *str) } } while (str_entry); - return 0; + return 1; } static bool __init_or_module initcall_blacklisted(initcall_t fn) @@ -1072,7 +1072,9 @@ static noinline void __init kernel_init_freeable(void); bool rodata_enabled __ro_after_init = true; static int __init set_debug_rodata(char *str) { - return strtobool(str, &rodata_enabled); + if (strtobool(str, &rodata_enabled)) + pr_warn("Invalid option string for rodata: '%s'\n", str); + return 1; } __setup("rodata=", set_debug_rodata); #endif |