Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp4545202img; Tue, 26 Mar 2019 11:30:37 -0700 (PDT) X-Google-Smtp-Source: APXvYqxoiyvIXFaysI/eR3vdyDwTAjN/COeIhYM8fvgxB0FJoglOoSyp1hsM91ut7qxmrCjqgTuc X-Received: by 2002:a63:525f:: with SMTP id s31mr29219259pgl.172.1553625037743; Tue, 26 Mar 2019 11:30:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553625037; cv=none; d=google.com; s=arc-20160816; b=e0MteN5jXp3ICb06x71SNgCoPgNcHnO3fm/PIPymZmjMAVORjMwd14BP+VtfRIfaKo POhJ/8H/Ad8Zaua/J2lZnLZQOh+mA3LLTR3O00tm7andUf+E68JARkfd9swAtFkRmDjv +Jp84RkDZNh99O87Ki7LPbaq8nmGFqWh2a5uURt9/k8jmXMwrAn69OMuzYNvRklTIf1t ca3IS1dwr/bVAsf4IjT3BuybNz8+u1nC5ufJpTpCQxkzDM8MGlpRKQcx5OprIfmu4GVP 6p681yUqqpm/AzpWd88MEii9qiG758uJ5GmfE1qeNtcojHKk/kzlAydn8LnqIajVO4hL HJ7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=Ma5wFY8S+zLWiDtQQwXloQOufb4HtIW6yNfW58R46nU=; b=eWNEBRrKkT20khrXQ9qTeeyNZGO0DWxQEZdgPO4GDKHNpZcQtlYWn8OrVBAYbt6CZY 84W6AMUutW6ZUlWPock2jBXHDzDh2kjU93ZAUKZBqFmodOWu6W8DbA20OiPO0p8QWzha EdpLMksPonZWLcU6jQ/wNb1wgjZ+r8UWSAwUGODf9Ke2E+Kgk33UeYpHM+VtDgQ9KCl7 WMomGASs/us75ZIOUc3qfo1KCBHOtExt3+R1bb6sM14AyS1k5ovRxWg30EA8x+z3FEXY zgF49nTb4fmJ32FVswE5ejJIlFdT8S9I42MyGgryRs4o7ip1pc7ToM5bj5Szh+D7nW/a T4ew== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=wN0OIU1H; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id r25si16010886pfd.91.2019.03.26.11.30.22; Tue, 26 Mar 2019 11:30:37 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=wN0OIU1H; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732834AbfCZS3U (ORCPT + 99 others); Tue, 26 Mar 2019 14:29:20 -0400 Received: from mail-qt1-f201.google.com ([209.85.160.201]:42134 "EHLO mail-qt1-f201.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732832AbfCZS2t (ORCPT ); Tue, 26 Mar 2019 14:28:49 -0400 Received: by mail-qt1-f201.google.com with SMTP id n10so14436801qtk.9 for ; Tue, 26 Mar 2019 11:28:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=Ma5wFY8S+zLWiDtQQwXloQOufb4HtIW6yNfW58R46nU=; b=wN0OIU1HzFEnoV/MZj6PHWhTJfdiTInfVQklLLV38xbLMNs2qONKeSBC8YID/jggEH t/1BopOkbJq1ePdwJ+QdFX7IctHJCxejZ3vf2jLDkjb3qnbZWMwH8eR/WUCB8Q5Th/Ez 4lrlGF72lQ48rIq//y3d2kcNqTVMHtToNl/cbQCf2DzfZZG+EjUqxiX4YFqpg71sB+3K 4F64WWZw8uoy6mXFzkzm4yC/FjOfp8xhXFADBtx6zsC84pABkQC1Oh53fW8hNhMTWWqZ fpvmV869hLUznUiw3l7GE6Wlbk40rS3dJJXRhoC6YMJHivTGDpfIWVe8mY/XJ/XO+/57 VC6A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Ma5wFY8S+zLWiDtQQwXloQOufb4HtIW6yNfW58R46nU=; b=FMy9oOuO7Yz7ozP1WtRPze+vjgakknPVbj7jbCFhVosQRKZE4V8gvUeRUTLrGZAFpc vGBe8DOY2ZgRfrBW1R0ssiyCClbehI3uCux47U1++xoN2a1u4CDpcYPnOzexYncVqOHq WUdV4QTXbKIShLHWcRrpNd8JO+VPJ8avRMUQhLDq1/Bye6yf4JYX2WsqtPC4j9ALJafb yNtSFaKvTqhm9JTW37qcT/M+2RWgTa62FF37TkO0lGENtK1L0bvqsATGiD02MY4Ec2SD SLxJiNekU6ozt2+Ztdxk8opFNDpGhVeRx0s14bHgktkc3yzluxYBCdlh6tawMlCECcCH LWSw== X-Gm-Message-State: APjAAAVeG+601BCe9knikjPSlMWWDY+OHyLQ2VxZj4bnpvYBNc9jomnf mAokys1jBZ0q2yWKql/1pfR6SmYOORKkd9eyClDgeQ== X-Received: by 2002:a05:620a:153b:: with SMTP id n27mr23767904qkk.343.1553624927797; Tue, 26 Mar 2019 11:28:47 -0700 (PDT) Date: Tue, 26 Mar 2019 11:27:37 -0700 In-Reply-To: <20190326182742.16950-1-matthewgarrett@google.com> Message-Id: <20190326182742.16950-22-matthewgarrett@google.com> Mime-Version: 1.0 References: <20190326182742.16950-1-matthewgarrett@google.com> X-Mailer: git-send-email 2.21.0.392.gf8f6787159e-goog Subject: [PATCH V31 21/25] Lock down kprobes when in confidentiality mode From: Matthew Garrett To: jmorris@namei.org Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, dhowells@redhat.com, linux-api@vger.kernel.org, luto@kernel.org, Alexei Starovoitov , Matthew Garrett , "Naveen N . Rao" , Anil S Keshavamurthy , davem@davemloft.net, Masami Hiramatsu Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: David Howells Disallow the creation of kprobes when the kernel is locked down in confidentiality mode by preventing their registration. This prevents kprobes from being used to access kernel memory to steal crypto data. Reported-by: Alexei Starovoitov Signed-off-by: David Howells Signed-off-by: Matthew Garrett Cc: Naveen N. Rao Cc: Anil S Keshavamurthy Cc: davem@davemloft.net Cc: Masami Hiramatsu --- kernel/kprobes.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/kprobes.c b/kernel/kprobes.c index f4ddfdd2d07e..b9781bd2db8c 100644 --- a/kernel/kprobes.c +++ b/kernel/kprobes.c @@ -1552,6 +1552,9 @@ int register_kprobe(struct kprobe *p) struct module *probed_mod; kprobe_opcode_t *addr; + if (kernel_is_locked_down("Use of kprobes", LOCKDOWN_CONFIDENTIALITY)) + return -EPERM; + /* Adjust probe address from symbol */ addr = kprobe_addr(p); if (IS_ERR(addr)) -- 2.21.0.392.gf8f6787159e-goog