From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Sun, 15 Aug 2021 11:42:39 +0000 (+0200)
Subject: drop bpf-add-_kernel-suffix-to-internal-lockdown_bpf_read.patch
X-Git-Tag: v5.10.59~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=dff7141f88070e94b35503640dc24098c8cb7ebe;p=thirdparty%2Fkernel%2Fstable-queue.git

drop bpf-add-_kernel-suffix-to-internal-lockdown_bpf_read.patch
---

diff --git a/queue-5.10/bpf-add-_kernel-suffix-to-internal-lockdown_bpf_read.patch b/queue-5.10/bpf-add-_kernel-suffix-to-internal-lockdown_bpf_read.patch
deleted file mode 100644
index 05ebbac96aa..00000000000
--- a/queue-5.10/bpf-add-_kernel-suffix-to-internal-lockdown_bpf_read.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From 71330842ff93ae67a066c1fa68d75672527312fa Mon Sep 17 00:00:00 2001
-From: Daniel Borkmann <daniel@iogearbox.net>
-Date: Mon, 9 Aug 2021 21:45:32 +0200
-Subject: bpf: Add _kernel suffix to internal lockdown_bpf_read
-
-From: Daniel Borkmann <daniel@iogearbox.net>
-
-commit 71330842ff93ae67a066c1fa68d75672527312fa upstream.
-
-Rename LOCKDOWN_BPF_READ into LOCKDOWN_BPF_READ_KERNEL so we have naming
-more consistent with a LOCKDOWN_BPF_WRITE_USER option that we are adding.
-
-Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-Acked-by: Andrii Nakryiko <andrii@kernel.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- include/linux/security.h |    2 +-
- kernel/bpf/helpers.c     |    4 ++--
- kernel/trace/bpf_trace.c |    8 ++++----
- security/security.c      |    2 +-
- 4 files changed, 8 insertions(+), 8 deletions(-)
-
---- a/include/linux/security.h
-+++ b/include/linux/security.h
-@@ -123,7 +123,7 @@ enum lockdown_reason {
- 	LOCKDOWN_INTEGRITY_MAX,
- 	LOCKDOWN_KCORE,
- 	LOCKDOWN_KPROBES,
--	LOCKDOWN_BPF_READ,
-+	LOCKDOWN_BPF_READ_KERNEL,
- 	LOCKDOWN_PERF,
- 	LOCKDOWN_TRACEFS,
- 	LOCKDOWN_XMON_RW,
---- a/kernel/bpf/helpers.c
-+++ b/kernel/bpf/helpers.c
-@@ -729,12 +729,12 @@ bpf_base_func_proto(enum bpf_func_id fun
- 	case BPF_FUNC_probe_read_user:
- 		return &bpf_probe_read_user_proto;
- 	case BPF_FUNC_probe_read_kernel:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_kernel_proto;
- 	case BPF_FUNC_probe_read_user_str:
- 		return &bpf_probe_read_user_str_proto;
- 	case BPF_FUNC_probe_read_kernel_str:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_kernel_str_proto;
- 	case BPF_FUNC_snprintf_btf:
- 		return &bpf_snprintf_btf_proto;
---- a/kernel/trace/bpf_trace.c
-+++ b/kernel/trace/bpf_trace.c
-@@ -1281,19 +1281,19 @@ bpf_tracing_func_proto(enum bpf_func_id
- 	case BPF_FUNC_probe_read_user:
- 		return &bpf_probe_read_user_proto;
- 	case BPF_FUNC_probe_read_kernel:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_kernel_proto;
- 	case BPF_FUNC_probe_read_user_str:
- 		return &bpf_probe_read_user_str_proto;
- 	case BPF_FUNC_probe_read_kernel_str:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_kernel_str_proto;
- #ifdef CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
- 	case BPF_FUNC_probe_read:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_compat_proto;
- 	case BPF_FUNC_probe_read_str:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_compat_str_proto;
- #endif
- #ifdef CONFIG_CGROUPS
---- a/security/security.c
-+++ b/security/security.c
-@@ -61,7 +61,7 @@ const char *const lockdown_reasons[LOCKD
- 	[LOCKDOWN_INTEGRITY_MAX] = "integrity",
- 	[LOCKDOWN_KCORE] = "/proc/kcore access",
- 	[LOCKDOWN_KPROBES] = "use of kprobes",
--	[LOCKDOWN_BPF_READ] = "use of bpf to read kernel RAM",
-+	[LOCKDOWN_BPF_READ_KERNEL] = "use of bpf to read kernel RAM",
- 	[LOCKDOWN_PERF] = "unsafe use of perf",
- 	[LOCKDOWN_TRACEFS] = "use of tracefs",
- 	[LOCKDOWN_XMON_RW] = "xmon read and write access",
diff --git a/queue-5.10/series b/queue-5.10/series
index 9e810941f04..fad816afed8 100644
--- a/queue-5.10/series
+++ b/queue-5.10/series
@@ -1,7 +1,6 @@
 kvm-svm-fix-off-by-one-indexing-when-nullifying-last.patch
 tee-correct-inappropriate-usage-of-tee_shm_dma_buf-f.patch
 firmware-tee_bnxt-release-tee-shm-session-and-contex.patch
-bpf-add-_kernel-suffix-to-internal-lockdown_bpf_read.patch
 bpf-add-lockdown-check-for-probe_write_user-helper.patch
 revert-selftests-resctrl-use-resctrl-info-for-feature-detection.patch
 mm-make-zone_to_nid-and-zone_set_nid-available-for-discontigmem.patch
diff --git a/queue-5.13/bpf-add-_kernel-suffix-to-internal-lockdown_bpf_read.patch b/queue-5.13/bpf-add-_kernel-suffix-to-internal-lockdown_bpf_read.patch
deleted file mode 100644
index 486c9e6a683..00000000000
--- a/queue-5.13/bpf-add-_kernel-suffix-to-internal-lockdown_bpf_read.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From 71330842ff93ae67a066c1fa68d75672527312fa Mon Sep 17 00:00:00 2001
-From: Daniel Borkmann <daniel@iogearbox.net>
-Date: Mon, 9 Aug 2021 21:45:32 +0200
-Subject: bpf: Add _kernel suffix to internal lockdown_bpf_read
-
-From: Daniel Borkmann <daniel@iogearbox.net>
-
-commit 71330842ff93ae67a066c1fa68d75672527312fa upstream.
-
-Rename LOCKDOWN_BPF_READ into LOCKDOWN_BPF_READ_KERNEL so we have naming
-more consistent with a LOCKDOWN_BPF_WRITE_USER option that we are adding.
-
-Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
-Acked-by: Andrii Nakryiko <andrii@kernel.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- include/linux/security.h |    2 +-
- kernel/bpf/helpers.c     |    4 ++--
- kernel/trace/bpf_trace.c |    8 ++++----
- security/security.c      |    2 +-
- 4 files changed, 8 insertions(+), 8 deletions(-)
-
---- a/include/linux/security.h
-+++ b/include/linux/security.h
-@@ -123,7 +123,7 @@ enum lockdown_reason {
- 	LOCKDOWN_INTEGRITY_MAX,
- 	LOCKDOWN_KCORE,
- 	LOCKDOWN_KPROBES,
--	LOCKDOWN_BPF_READ,
-+	LOCKDOWN_BPF_READ_KERNEL,
- 	LOCKDOWN_PERF,
- 	LOCKDOWN_TRACEFS,
- 	LOCKDOWN_XMON_RW,
---- a/kernel/bpf/helpers.c
-+++ b/kernel/bpf/helpers.c
-@@ -1070,12 +1070,12 @@ bpf_base_func_proto(enum bpf_func_id fun
- 	case BPF_FUNC_probe_read_user:
- 		return &bpf_probe_read_user_proto;
- 	case BPF_FUNC_probe_read_kernel:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_kernel_proto;
- 	case BPF_FUNC_probe_read_user_str:
- 		return &bpf_probe_read_user_str_proto;
- 	case BPF_FUNC_probe_read_kernel_str:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_kernel_str_proto;
- 	case BPF_FUNC_snprintf_btf:
- 		return &bpf_snprintf_btf_proto;
---- a/kernel/trace/bpf_trace.c
-+++ b/kernel/trace/bpf_trace.c
-@@ -999,19 +999,19 @@ bpf_tracing_func_proto(enum bpf_func_id
- 	case BPF_FUNC_probe_read_user:
- 		return &bpf_probe_read_user_proto;
- 	case BPF_FUNC_probe_read_kernel:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_kernel_proto;
- 	case BPF_FUNC_probe_read_user_str:
- 		return &bpf_probe_read_user_str_proto;
- 	case BPF_FUNC_probe_read_kernel_str:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_kernel_str_proto;
- #ifdef CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
- 	case BPF_FUNC_probe_read:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_compat_proto;
- 	case BPF_FUNC_probe_read_str:
--		return security_locked_down(LOCKDOWN_BPF_READ) < 0 ?
-+		return security_locked_down(LOCKDOWN_BPF_READ_KERNEL) < 0 ?
- 		       NULL : &bpf_probe_read_compat_str_proto;
- #endif
- #ifdef CONFIG_CGROUPS
---- a/security/security.c
-+++ b/security/security.c
-@@ -61,7 +61,7 @@ const char *const lockdown_reasons[LOCKD
- 	[LOCKDOWN_INTEGRITY_MAX] = "integrity",
- 	[LOCKDOWN_KCORE] = "/proc/kcore access",
- 	[LOCKDOWN_KPROBES] = "use of kprobes",
--	[LOCKDOWN_BPF_READ] = "use of bpf to read kernel RAM",
-+	[LOCKDOWN_BPF_READ_KERNEL] = "use of bpf to read kernel RAM",
- 	[LOCKDOWN_PERF] = "unsafe use of perf",
- 	[LOCKDOWN_TRACEFS] = "use of tracefs",
- 	[LOCKDOWN_XMON_RW] = "xmon read and write access",
diff --git a/queue-5.13/series b/queue-5.13/series
index 0dfc4133e3a..f408126ff69 100644
--- a/queue-5.13/series
+++ b/queue-5.13/series
@@ -1,5 +1,4 @@
 firmware-tee_bnxt-release-tee-shm-session-and-contex.patch
-bpf-add-_kernel-suffix-to-internal-lockdown_bpf_read.patch
 bpf-add-lockdown-check-for-probe_write_user-helper.patch
 alsa-pcm-fix-mmap-breakage-without-explicit-buffer-setup.patch
 alsa-hda-realtek-fix-mute-micmute-leds-for-hp-probook-650-g8-notebook-pc.patch