ProHoster > Blog > litaba tsa inthanete > Ho ba kotsing ho subsystem ea eBPF e lumellang ts'ebetso ea khoutu boemong ba Linux kernel

Ho ba kotsing ho subsystem ea eBPF e lumellang ts'ebetso ea khoutu boemong ba Linux kernel

Kotsi (CVE-2021-4204) e bonts'itsoe ka har'a sistimi e tlase ea eBPF, e u lumellang hore u tsamaise li-handers ka har'a kernel ea Linux ka mochini o ikhethileng o nang le JIT, o lumellang mosebelisi ea se nang tokelo ea lehae ho fumana monyetla oa ho phahamisa le ho etsa khoutu ea bona Boemo ba kernel ea Linux. Bothata esale bo hlaha ho tloha Linux kernel 5.8 mme e lula e sa lokisoe (ho kenyeletsoa le tokollo ea 5.16). Boemo ba lintlafatso tse hlahisoang ho lokisa bothata kabong bo ka lateloa maqepheng ana: Debian, RHEL, SUSE, Fedora, Ubuntu, Arch. Ho phatlalalitsoe hore ho entsoe ts'ebetso e sebetsang, e reriloeng ho phatlalatsoa ka la 18 Pherekhong (basebelisi le bahlahisi ba fuoe beke ho lokisa bofokoli).

Bofokoli bo bakoa ke netefatso e fosahetseng ea mananeo a eBPF a fetisoang hore a phethoe. Subsystem ea eBPF e fana ka mesebetsi e thusang, ts'ebeliso e nepahetseng ea eona e netefalitsoeng ke netefatso e khethehileng. Mesebetsi e meng e hloka ho fetisa boleng ba PTR_TO_MEM joalo ka khang, 'me ho thibela ho phatloha ho ka bang teng, mohlahlobi o tlameha ho tseba boholo ba mohopolo o amanang le khang. Bakeng sa bpf_ringbuf_submit le bpf_ringbuf_discard mesebetsi, data ka boholo ba memori e fetisitsoeng ha ea tlalehoa ho verifier, e ka sebelisoang ho hlakola libaka tsa memori ho feta moeli oa buffer ha ho etsoa khoutu ea eBPF e entsoeng ka mokhoa o khethehileng.

Ho etsa tlhaselo, mosebelisi o tlameha ho khona ho kenya lenaneo la hae la BPF, mme liphaello tse ngata tsa morao-rao tsa Linux li thibela bokhoni bona ka boiketsetso (ho kenyeletsoa le phihlello e sa lebelloang ea eBPF joale e thibetsoe ka ho sa feleng ho kernel ka boeona, ho qala ka tokollo ea 5.16). Mohlala, ts'oaetso e ka sebelisoa hampe ho tlhophiso ea kamehla ho Ubuntu 20.04 LTS, empa libakeng tsa Ubuntu 22.04-dev, Debian 11, openSUSE 15.3, RHEL 8.5, SUSE 15-SP4 le Fedora 33 e hlaha feela haeba molaoli a behile. the kernel.unprivileged_bpf_disabled parameter ho 0. E le mokhoa oa ho thibela ts'oaetso, o ka thibela ho etsoa ha mananeo a BPF ka basebelisi ba se nang tokelo ka taelo ea "sysctl -w kernel.unprivileged_bpf_disabled=1".

Source: opennet.ru

Eketsa ka tlhaloso