Gitlab 现已全面支持 git over ssh 与 git over https。通过 HTTPS 访问请配置带有 read_repository / write_repository 权限的 Personal access token。通过 SSH 端口访问请使用 22 端口或 13389 端口。如果使用CAS注册了账户但不知道密码，可以自行至设置中更改；如有其他问题，请发邮件至 service@cra.moe 寻求协助。

Commit 60b58afc authored Dec 14, 2017 by Alexei Starovoitov Committed by Daniel Borkmann Dec 17, 2017

bpf: fix net.core.bpf_jit_enable race



global bpf_jit_enable variable is tested multiple times in JITs,
blinding and verifier core. The malicious root can try to toggle
it while loading the programs. This race condition was accounted
for and there should be no issues, but it's safer to avoid
this race condition.

Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

parent 1ea47e01

arch/arm/net/bpf_jit_32.c

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -1824,7 +1824,7 @@ struct bpf_prog bpf_int_jit_compile(struct bpf_prog prog)
	/* If BPF JIT was not enabled then we must fall back to		/* If BPF JIT was not enabled then we must fall back to
	* the interpreter.		* the interpreter.
	*/		*/
	if (!bpf_jit_enable)		if (!prog->jit_requested)
	return orig_prog;		return orig_prog;

	/* If constant blinding was enabled and we failed during blinding		/* If constant blinding was enabled and we failed during blinding

arch/arm64/net/bpf_jit_comp.c

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -844,7 +844,7 @@ struct bpf_prog bpf_int_jit_compile(struct bpf_prog prog)
	int image_size;		int image_size;
	u8 *image_ptr;		u8 *image_ptr;

	if (!bpf_jit_enable)		if (!prog->jit_requested)
	return orig_prog;		return orig_prog;

	tmp = bpf_jit_blind_constants(prog);		tmp = bpf_jit_blind_constants(prog);

arch/mips/net/ebpf_jit.c

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -1869,7 +1869,7 @@ struct bpf_prog bpf_int_jit_compile(struct bpf_prog prog)
	unsigned int image_size;		unsigned int image_size;
	u8 *image_ptr;		u8 *image_ptr;

	if (!bpf_jit_enable \|\| !cpu_has_mips64r2)		if (!prog->jit_requested \|\| !cpu_has_mips64r2)
	return prog;		return prog;

	tmp = bpf_jit_blind_constants(prog);		tmp = bpf_jit_blind_constants(prog);

arch/powerpc/net/bpf_jit_comp64.c

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -993,7 +993,7 @@ struct bpf_prog bpf_int_jit_compile(struct bpf_prog fp)
	struct bpf_prog *tmp_fp;		struct bpf_prog *tmp_fp;
	bool bpf_blinded = false;		bool bpf_blinded = false;

	if (!bpf_jit_enable)		if (!fp->jit_requested)
	return org_fp;		return org_fp;

	tmp_fp = bpf_jit_blind_constants(org_fp);		tmp_fp = bpf_jit_blind_constants(org_fp);

arch/s390/net/bpf_jit_comp.c

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -1300,7 +1300,7 @@ struct bpf_prog bpf_int_jit_compile(struct bpf_prog fp)
	struct bpf_jit jit;		struct bpf_jit jit;
	int pass;		int pass;

	if (!bpf_jit_enable)		if (!fp->jit_requested)
	return orig_fp;		return orig_fp;

	tmp = bpf_jit_blind_constants(fp);		tmp = bpf_jit_blind_constants(fp);

CRA Git | Maintained and supported by SUSTech CRA and CCSE