Received: by 2002:ac0:aed5:0:0:0:0:0 with SMTP id t21csp41928imb; Thu, 28 Feb 2019 15:22:34 -0800 (PST) X-Google-Smtp-Source: APXvYqzZarcpMTB2ueqcESbbBgawDw0WkiVBzyIioQNaBPdITDhLu4E+wod+wOSTr3k3JTtW7IpR X-Received: by 2002:a17:902:9a09:: with SMTP id v9mr1979054plp.225.1551396154796; Thu, 28 Feb 2019 15:22:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551396154; cv=none; d=google.com; s=arc-20160816; b=FaUflIgifYnnv1FQ24xrezTnaXJMrj1qZR7biKGJhdyKpPWCCYOE6MX4owE0ijtvnw G10eMgRyKlhCM7QTNDTKINwBo1yOLJKJbNskFqcnxx3QF73tWWxZ5c/3P2yB+ahcP+yO kMslEHNCjFLnYMB5UCbF96XK+nYf66TopvDfAfx0/eZ/n7/8mlVFHRszSdCLAtAJBhZX 19v98dtDryKYhC+X4NewDnmz5+XdOlU/LZsyQjD3yO670ywT8SSMAc2fS4y0IfeD4RJ3 3Crrbwf3gH1dpH8G0muNIfgDX2w9JdykcHVWW3m4kNlv+nrT8dsZRb3ZfWVtx/hJ/ZSG gcYw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=JIwaSFIgIpUk1i3h4qdR8xZajEtDlWkjNkGrpJU0gjI=; b=m2TSc4xsXPkx5bi7r0EshwMJ0CBc6f/Z+7lCtD7227PIad4l3RSX5+Ueem72tSCKPK RfRX6c5irgnkZc3FVoQNWrF5kBOZaszlkZ+khuv5nqrNSLydr8O2IIOMPut8TyZ8TCwe g8/+9/bPG6QlmHy3Lnd6kWTR0zUK4sEYIPdRY6y1uTAg6Xl6D+IyUsTBB3lCEPbMZA1u /3fxpnfLT71Z+Ss+vPREP38xSThzz05+SGlg5felBwxXUHLhlq4AM/ky2INF+4/aA98b TEzQs9LvpMDL5XIhERz4GOwccM1b7BuCCDX/7VQBVl2n2AFL0vWGCJmcZdbDqIicku44 nZfA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=pnhNMoj3; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k3si7232698pfb.100.2019.02.28.15.22.18; Thu, 28 Feb 2019 15:22:34 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=pnhNMoj3; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388163AbfB1XNI (ORCPT + 99 others); Thu, 28 Feb 2019 18:13:08 -0500 Received: from mail-oi1-f201.google.com ([209.85.167.201]:42519 "EHLO mail-oi1-f201.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388128AbfB1XNE (ORCPT ); Thu, 28 Feb 2019 18:13:04 -0500 Received: by mail-oi1-f201.google.com with SMTP id j205so9747438oih.9 for ; Thu, 28 Feb 2019 15:13:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=JIwaSFIgIpUk1i3h4qdR8xZajEtDlWkjNkGrpJU0gjI=; b=pnhNMoj3vEwEZFQ80G+9zkZNjLXJb/86amfRx9ym9v/+3EvPEut4iVIgscYdJFc90A m1w294KRxnq5r8gj97JIKxU8ZiLkOhVJ+LOPc1fd5QYFG6kBaWFAzWtKXVwW/Hcr2YO9 J9VFWbp5K1QXuhedJNxRRssZWy5rpc5C2jFMdB7Ush+pn9Fr+onFXwGStQLqZWQa7J6L dqXhrvzgWTvII4B1PXZ7eDgVj0KLKO8Bs4KPuhGuvYQ3Iw9T5L4ghAkGdJypAihkcdfm Pb8S9wc8LVS8ofuhm0G15AUrOGnogvi0xzmLh6CA+WGqMZj7p+NBNgzDatgZy5pqTbvl 8uMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=JIwaSFIgIpUk1i3h4qdR8xZajEtDlWkjNkGrpJU0gjI=; b=d1wMdgdCP8bebS3h2IaBn2fB0MTxovVJO/vbthpRRnO4pjhYJQhnMhGV9sLWVIBSEn Pw41lzhC61fix9RN2DWZhJlOMRKrLBhdES1chRYNOCsOflFfkYFe6a3Gdrtd0y5EDyRJ uDyCsz1OiBhKXL14j5tsztIkbqsJeotw6boKyIFzfTI2f5ven1Ud4E5K/g2nu3F1TPVq gc4SbzyDUjwgpis2dXgqQVjqbZTs5lulN3mOm2PxKtt2+wdwevzZqfUDtwtQBxSxKOp7 eCLiZsCnOtW2aoWaSdzeXpPqxyZsn4PyLMUYClFsOzExrYYa/16bM1uO8N4I60dCcs84 ygHQ== X-Gm-Message-State: APjAAAVo8/WInVM8F4IpcbvnsesXgKfX6qKlWMzvDAz/J9M7Wm1T2Xo4 Llp6HSjdRuhT4O+Xd/KXKmWyC4J92cGWhphcRmOuDg== X-Received: by 2002:a05:6830:8b:: with SMTP id a11mr1298882oto.33.1551395584234; Thu, 28 Feb 2019 15:13:04 -0800 (PST) Date: Thu, 28 Feb 2019 15:11:59 -0800 In-Reply-To: <20190228231203.212359-1-matthewgarrett@google.com> Message-Id: <20190228231203.212359-23-matthewgarrett@google.com> Mime-Version: 1.0 References: <20190228231203.212359-1-matthewgarrett@google.com> X-Mailer: git-send-email 2.21.0.352.gf09ad66450-goog Subject: [PATCH 23/27] Lock down kprobes From: Matthew Garrett To: jmorris@namei.org Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, dhowells@redhat.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: David Howells Disallow the creation of kprobes when the kernel is locked down by preventing their registration. This prevents kprobes from being used to access kernel memory, either to make modifications or to steal crypto data. Reported-by: Alexei Starovoitov Signed-off-by: David Howells --- kernel/kprobes.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/kprobes.c b/kernel/kprobes.c index f4ddfdd2d07e..6f66cca8e2c6 100644 --- a/kernel/kprobes.c +++ b/kernel/kprobes.c @@ -1552,6 +1552,9 @@ int register_kprobe(struct kprobe *p) struct module *probed_mod; kprobe_opcode_t *addr; + if (kernel_is_locked_down("Use of kprobes")) + return -EPERM; + /* Adjust probe address from symbol */ addr = kprobe_addr(p); if (IS_ERR(addr)) -- 2.21.0.352.gf09ad66450-goog