mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2025-01-26 13:59:27 +07:00
03e54f100d
* Load/attach a BPF program that hooks to file_mprotect (int) and bprm_committed_creds (void). * Perform an action that triggers the hook. * Verify if the audit event was received using the shared global variables for the process executed. * Verify if the mprotect returns a -EPERM. Signed-off-by: KP Singh <kpsingh@google.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Reviewed-by: Brendan Jackman <jackmanb@google.com> Reviewed-by: Florent Revest <revest@google.com> Reviewed-by: Thomas Garnier <thgarnie@google.com> Reviewed-by: James Morris <jamorris@linux.microsoft.com> Acked-by: Andrii Nakryiko <andriin@fb.com> Link: https://lore.kernel.org/bpf/20200329004356.27286-8-kpsingh@chromium.org
40 lines
789 B
Plaintext
40 lines
789 B
Plaintext
CONFIG_BPF=y
|
|
CONFIG_BPF_SYSCALL=y
|
|
CONFIG_NET_CLS_BPF=m
|
|
CONFIG_BPF_EVENTS=y
|
|
CONFIG_TEST_BPF=m
|
|
CONFIG_CGROUP_BPF=y
|
|
CONFIG_NETDEVSIM=m
|
|
CONFIG_NET_CLS_ACT=y
|
|
CONFIG_NET_SCHED=y
|
|
CONFIG_NET_SCH_INGRESS=y
|
|
CONFIG_NET_IPIP=y
|
|
CONFIG_IPV6=y
|
|
CONFIG_NET_IPGRE_DEMUX=y
|
|
CONFIG_NET_IPGRE=y
|
|
CONFIG_IPV6_GRE=y
|
|
CONFIG_CRYPTO_USER_API_HASH=m
|
|
CONFIG_CRYPTO_HMAC=m
|
|
CONFIG_CRYPTO_SHA256=m
|
|
CONFIG_VXLAN=y
|
|
CONFIG_GENEVE=y
|
|
CONFIG_NET_CLS_FLOWER=m
|
|
CONFIG_LWTUNNEL=y
|
|
CONFIG_BPF_STREAM_PARSER=y
|
|
CONFIG_XDP_SOCKETS=y
|
|
CONFIG_FTRACE_SYSCALLS=y
|
|
CONFIG_IPV6_TUNNEL=y
|
|
CONFIG_IPV6_GRE=y
|
|
CONFIG_NET_FOU=m
|
|
CONFIG_NET_FOU_IP_TUNNELS=y
|
|
CONFIG_IPV6_FOU=m
|
|
CONFIG_IPV6_FOU_TUNNEL=m
|
|
CONFIG_MPLS=y
|
|
CONFIG_NET_MPLS_GSO=m
|
|
CONFIG_MPLS_ROUTING=m
|
|
CONFIG_MPLS_IPTUNNEL=m
|
|
CONFIG_IPV6_SIT=m
|
|
CONFIG_BPF_JIT=y
|
|
CONFIG_BPF_LSM=y
|
|
CONFIG_SECURITY=y
|