Received: by 10.213.65.68 with SMTP id h4csp2940525imn; Mon, 2 Apr 2018 17:38:42 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+bo3RQqPH4/1hqS9+ZnqjtpypoVdSMfw0nLdzzV4fKepSXpi31E0tSivIGmQFlduehMfLI X-Received: by 2002:a17:902:8c8e:: with SMTP id t14-v6mr11852828plo.206.1522715922102; Mon, 02 Apr 2018 17:38:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522715922; cv=none; d=google.com; s=arc-20160816; b=gGf7gjrww5vDiL60rRC+1PXV6wNj/VTnwFu+kKxUe7t2m4Vwqq7dIeBwOC6Rv557lI j5HRiSZmnFkIvZ4+UYUBM2daPXzP1jdCo+FSa6ziAbKllYUuPWlsNxDEsYWPiIzIqsRp KfmPOdHdJgs4UbRXkEnELO8ThCtjmnK1+9YWhwEJGTXI/YVIs+qj/jFA8pAI6ZmedgiA JVY+IOBLCTlvY7S29KnEK7w39lesrNlKYXwP6I3KUtxT+9TeK8AIe1qzufGbV7m67SnP tF1dBO5M/Qg8CXpiueUDO7Qfe3m2/1SEX8Ip721LOQIt4x5WmoxH0xndnKjeO0E1t/o/ bPDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dmarc-filter :arc-authentication-results; bh=1Lx+GO0yRKOjgsHxtgebUWKAniMfK/TUei460DYLWKs=; b=p0RwBKf3bVFGLNa9CHsKfOv7mAhdgGJv94i82/wILKsKZ16Trg9Hxkir1DC0sctROk tD+8T71r/XyEkmd6zg7mRhziKE/ysRsybc6Hg/v/Uf71gs5nG0Qe1U60eJ5yPDQPPPjB HihNKTZH0hlE+3cQqHLNQsCq1Zw9p+elOVayxGu57YlClBQAi9Ym48t/Zh/MoiypadHE W8e7boGj/EIPGXbHxHDrCrBuowHOgdKaLg6CzFb40QJYA/WjZuCINN2Tt/VjGK62GOFu BEZkh6P6RU0x0DoUh60VfPUFKtLhc7g+nENPBqcD/Ld5wZb+8y+x5v8PE1FUZP17ypln OyzQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s3-v6si1403491plb.418.2018.04.02.17.38.27; Mon, 02 Apr 2018 17:38:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754708AbeDCAhS (ORCPT + 99 others); Mon, 2 Apr 2018 20:37:18 -0400 Received: from mail.kernel.org ([198.145.29.99]:47562 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754662AbeDCAhQ (ORCPT ); Mon, 2 Apr 2018 20:37:16 -0400 Received: from [192.168.0.217] (c-71-202-137-17.hsd1.ca.comcast.net [71.202.137.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 277A42178F; Tue, 3 Apr 2018 00:37:15 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 277A42178F Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=luto@kernel.org Subject: Re: [GIT PULL] Kernel lockdown for secure boot To: James Morris , David Howells Cc: gnomes@lxorguk.ukuu.org.uk, Linus Torvalds , mjg59@google.com, gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org, jforbes@redhat.com, linux-man@vger.kernel.org, jlee@suse.com, linux-security-module@vger.kernel.org, Linux API , Kees Cook References: <4136.1522452584@warthog.procyon.org.uk> From: Andy Lutomirski Message-ID: <186aeb7e-1225-4bb8-3ff5-863a1cde86de@kernel.org> Date: Mon, 2 Apr 2018 17:37:14 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 03/30/2018 05:46 PM, James Morris wrote: > On Sat, 31 Mar 2018, David Howells wrote: > >> Date: Thu, 26 Oct 2017 17:37:38 +0100 >> >> Hi James, >> >> Can you pull this patchset into security/next please? It has been in >> linux-next since the beginning of March. >> >> It adds kernel lockdown support for EFI secure boot. > > Applied to > git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git > next-lockdown and next-testing > > Are there any known coverage gaps now? > > > This is an attempt at a review. I'm replying here because I can't find the actual relevant patch emails. Cover letter: > Here's a set of patches to institute a "locked-down mode" in the > kernel and to trigger that mode if the kernel is booted in secure-boot > mode or through the command line. I think this is seriously problematic in that it's not well defined. It sounds like "locked-down mode" means "make me feel good about something". For the rest of this review, I'm going to pretend that you actually want two features: "try-prevent-root-from-corrupting-the-kernel" and "try-to-prevent-root-from-reading-kernel-memory". Also, there should be a justification that allows normal people (i.e. those who are not involved in the UEFI signing process) to understand *why* this should have anything to do with UEFI. I can very easily see why it would make sense for a UEFI authenticated variable to tell the kernel to enable one or both of these modes or for there to be an authenticated mechanism for the bootloader to tell the kernel to enable it. I do *not* see why the mere act of using Secure Boot should have this effect. In particular, UEFI Secure Boot should *not* enable "try-to-prevent-root-from-reading-kernel-memory", which means that, unless you actually implement the split, you should drop a bunch of the patches. In fact, I think the kernel should try to get away from the idea that UEFI Secure Boot should imply annoying restrictions. It's really annoying and it's never been clear to me that it has a benefit. "Restrict /dev/{mem,kmem,port} when the kernel is locked down": this should probably split into one restriction for read and one for write. "Lock down /proc/kcore": should only apply to "try-to-prevent-root-from-reading-kernel-memory" "Lock down kprobes": ditto "bpf: Restrict kernel image access functions when the kernel is locked down": This patch just sucks in general. At the very least, it should only apply to "bpf: Restrict kernel image access functions when the kernel is locked down". But you should probably just force all eBPF users through the unprivileged path when locked down instead, since eBPF is really quite useful even with the stricter verification mode. "Lock down perf": how about preventing using perf on the kernel when "try-to-prevent-root-from-reading-kernel-memory" is set and not restricting it otherwise? "debugfs: Restrict debugfs when the kernel is locked down": The logic is IMO nutty. Why the 0444 restriction? I see no reason that reading a 0644 file should be treated any differently from reading a 0444 file. Regardless, I think you should prevent writing or reading depending on lockdown mode and add an API so that individual debugfs files can override this. "efi: Lock down the kernel if booted in secure boot mode": you have a stray change in fs/debugfs/inode.c in here. Also, as above, I really dislike this patch. "lockdown: Print current->comm in restriction messages": Shouldn't this be folded in with whatever patch added that code in the first place?