Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp3663906img; Mon, 25 Mar 2019 15:13:33 -0700 (PDT) X-Google-Smtp-Source: APXvYqyg/cqtMR8LC9mvc/uyX9Ryw6v8/y5jxF4GyqvPGFHVuD51yP1UDMuZ992yNfGcE+cok/If X-Received: by 2002:a63:2158:: with SMTP id s24mr17245104pgm.156.1553552013108; Mon, 25 Mar 2019 15:13:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553552013; cv=none; d=google.com; s=arc-20160816; b=khmv1JfXhFHrbyKQ/EqEfxB3v0yvH/t2N8v++iPu95tCnzbDnLpb4m9LKPyovSSCY0 HzPJwZzAla3BOsq1RVMXc3f9TYWQMDPKjr9AbgsmMxtCwuk5H9Km8sTaw6b4IkvK7oKg RYc5Le4qm+qhrSgG/RAjPtRmOwpIlSOzBxItouPOqmrmrOlKMbIcHrNpZdT7JZ06K7Fv yoS2JhWW907wo5T0Drfz/9HK4xSQJgzo2lwHT3cy6OsLEmn/dWjkNW5swANRFuuYelWd 2Dh07vLQIXdXN6wfLV/aThXZn/pA4rXU5nAYpTINhOpC4suipAdLWhGmh8xpxh2UKDFD PPpg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=naZ0ixtXEBG7XGPLPxcUPIELDdBmoCPAXKyiyaNTZ5I=; b=UGrgLBFB8/1BWrLjPEpgF8M8IIgdgpeULFTvhGUTvnH+kjM9NOY7/IxSaalwUH3gLu mOuiwOy3+NjkDUb+tarXR8xNVPIsAWu2QliOhtBy6npa2Zt7VI3BNwUlIhBLUI2ANST/ rwDlaacdUmn6TE1GyZYExH5rb2Rxif9PUUv1M6uKlP6ImkUJMH0aNRVxfkCCBpeyTY0L Mu6vS1fPi+3phlyeat+nB/P+49M3ZVC7dx7uQMoqmo+A00rYMsW/E2plZbdaWmxdqvzr PZRqr0HQIDEL41k83LFKAKXSxu4eaHuqCwSm9FrOsaCa0kC1TWRF93FTx0IGC3bvsOXb 47mw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NIjTDHQH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u9si14690324pls.34.2019.03.25.15.13.18; Mon, 25 Mar 2019 15:13:33 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=NIjTDHQH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731219AbfCYWLi (ORCPT + 99 others); Mon, 25 Mar 2019 18:11:38 -0400 Received: from mail-pf1-f202.google.com ([209.85.210.202]:50934 "EHLO mail-pf1-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731170AbfCYWK4 (ORCPT ); Mon, 25 Mar 2019 18:10:56 -0400 Received: by mail-pf1-f202.google.com with SMTP id a3so6399650pfi.17 for ; Mon, 25 Mar 2019 15:10:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=naZ0ixtXEBG7XGPLPxcUPIELDdBmoCPAXKyiyaNTZ5I=; b=NIjTDHQHLWbBplFeWWC4DRIWlFLcDZNTxuEyxwPxtXI2qmNuqY428e8JBIwylotaIw ylsTVVH9P/FOzh/oECPMhER8ShKqU/Oojusg3kQ0yTKZnOETHhFv3numCvnwKRdjEnGD ldQasPDsT2jf2buPy6NZeoNpKrdxyERByjj79L1/dagfSJO7099lgFWB8X/duR41w9UC iYrE2xAAl5rfRQt3+WS9KdIY0YSiZXF000HvMH83kygW9yVJ8uW4A5jbuDyM8MR7A0ev 0Lu2sJVrtiBY5OhVpkRQdMIEt56Yv5en0v8UGiq/8udcfKdFC1gxhJxBVvzxDVDZnGAp ox6g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=naZ0ixtXEBG7XGPLPxcUPIELDdBmoCPAXKyiyaNTZ5I=; b=BhWlJj0z/kf87si1+gXHxcTMJ/m9Da2dSQET1H4ZjFeMINnQc07oxI0vmFuGG5Xsot LqIIZGUKh4bIfOyV4hFKdrhxZVoRToZZAXKxWzTo6HiXjGt/x9qhO2iEEMIbCfWxZheD nH8YRAPx5H50RlpOBu65Ut6C9hQnlXnDxtxwyXXD+A620tW11pfFRro3kWF8k+fpADTg +TKwPyi0wHac3ORUed6bKygwBv61xXFtNPosYQti1ixJKF37k7juMaLlcZoFWK6TNfZR Qp3cQ9Qx3pYkxdwe2gnMxVg62yka5JQDsxehSJ4g/05KzBpYUPFNFDbhlOQLaDg99QYY mcUQ== X-Gm-Message-State: APjAAAX0+BivR/NsPeAc0j9oV/hy0Q5WdL+lpIoikC6DJIwvUoqNZiVm 3VNK70VZxxqULkFMo7SZkjdqitpxgw1wgwW2knMSEA== X-Received: by 2002:a63:470a:: with SMTP id u10mr26134869pga.17.1553551855675; Mon, 25 Mar 2019 15:10:55 -0700 (PDT) Date: Mon, 25 Mar 2019 15:09:49 -0700 In-Reply-To: <20190325220954.29054-1-matthewgarrett@google.com> Message-Id: <20190325220954.29054-23-matthewgarrett@google.com> Mime-Version: 1.0 References: <20190325220954.29054-1-matthewgarrett@google.com> X-Mailer: git-send-email 2.21.0.392.gf8f6787159e-goog Subject: [PATCH 22/27] Lock down kprobes From: Matthew Garrett To: jmorris@namei.org Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, dhowells@redhat.com, Alexei Starovoitov , Matthew Garrett , "Naveen N . Rao" , Anil S Keshavamurthy , davem@davemloft.net, Masami Hiramatsu Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: David Howells Disallow the creation of kprobes when the kernel is locked down by preventing their registration. This prevents kprobes from being used to access kernel memory, either to make modifications or to steal crypto data. Reported-by: Alexei Starovoitov Signed-off-by: David Howells Signed-off-by: Matthew Garrett Cc: Naveen N. Rao Cc: Anil S Keshavamurthy Cc: davem@davemloft.net Cc: Masami Hiramatsu --- kernel/kprobes.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/kprobes.c b/kernel/kprobes.c index f4ddfdd2d07e..6f66cca8e2c6 100644 --- a/kernel/kprobes.c +++ b/kernel/kprobes.c @@ -1552,6 +1552,9 @@ int register_kprobe(struct kprobe *p) struct module *probed_mod; kprobe_opcode_t *addr; + if (kernel_is_locked_down("Use of kprobes")) + return -EPERM; + /* Adjust probe address from symbol */ addr = kprobe_addr(p); if (IS_ERR(addr)) -- 2.21.0.392.gf8f6787159e-goog