Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp262754yba;
        Mon, 1 Apr 2019 06:05:15 -0700 (PDT)
X-Google-Smtp-Source: APXvYqx8ErdhLWE4xUFDEU4FqnvJkYqkDJ2Za9bx7+g5anSCSB1KpE3RL8hkwcJbTx8VsZCxk963
X-Received: by 2002:a63:cc0c:: with SMTP id x12mr58286508pgf.336.1554123915526;
        Mon, 01 Apr 2019 06:05:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1554123915; cv=none;
        d=google.com; s=arc-20160816;
        b=o9F4BvX+rO8eNwOm760W8+gnAYiP5WylVHqsqzrgdfXfVFtFpjrc0TtlMBIC90xLBF
         muPAFYsdWnrJMiahrcC9zq2f09pWOgDggmY1N9EmOJouhWNDdZAzI0rlVAPHpfnVbW9/
         oy3NXsLyS1eMnqsOhcbxoiW/xkjV4UwX1/xRTQC1hl5fK33mqHRiCWEJmP2RQS8LPRHu
         fjCdXaODWfJUZPBoi7i3GnXjMiIRRQkCZ0MpMw+iS5rmB9BZZiEZ4UM+MMMHVkR/06uH
         8qt4DOsWFZAAzICC0Sj68vQXPgdKEfzq7biUcXqdxewc95eVWB4+0bnFBjqkOXyUpoMM
         h88Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=BMLljtwQDe2xsrzCKzGTbPJwP3wkEuPmXRyOp8VeZuE=;
        b=NcIQ3i2KEQoitTWKaGwoGdxeKgkds/zb7chZo72lmtMsqlgYZGCTucHEjlRIl5aug+
         tf9qxg1/i42pzSgJV0hKetG35WhHhuFCsYQXYoCvLr0Zs3DHxKnXGdUgtjZR/MSPQ77Y
         n0nYTvc6qD6scd1uNoOC8Wws45Lph8zieCzOX0GKkdcJBHUmFfT/Wdt9YJNsQ7jAzjNw
         8mQbILTTt/e3/yZLIn5lbWM/eQ6X4D3z7KD4MFob7pnk0YH4iivDWidO6OqhOl8P+muR
         a15hQ7pL88LG87W/K6+7cYrykt9nBHl6snvGrxGsIHvis7I/zI4/jWWYnlpWgeCDsHyv
         Qlgw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m72si9019600pfj.279.2019.04.01.06.04.59;
        Mon, 01 Apr 2019 06:05:15 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727042AbfDANEN (ORCPT <rfc822;radocaj.bane@gmail.com>
        + 99 others); Mon, 1 Apr 2019 09:04:13 -0400
Received: from verein.lst.de ([213.95.11.211]:44167 "EHLO newverein.lst.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726473AbfDANEM (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 1 Apr 2019 09:04:12 -0400
Received: by newverein.lst.de (Postfix, from userid 2005)
        id E87F268AFE; Mon,  1 Apr 2019 15:04:01 +0200 (CEST)
Date:   Mon, 1 Apr 2019 15:04:01 +0200
From:   Torsten Duwe <duwe@lst.de>
To:     Johannes Thumshirn <jthumshirn@suse.de>
Cc:     Linux Kernel Mailinglist <linux-kernel@vger.kernel.org>,
        Linux FSDEVEL Mailinglist <linux-fsdevel@vger.kernel.org>
Subject: Re: [PATCH] fs/open: Fix most outstanding security bugs
Message-ID: <20190401130401.GC16764@lst.de>
References: <20190401090113.22946-1-jthumshirn@suse.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20190401090113.22946-1-jthumshirn@suse.de>
User-Agent: Mutt/1.5.17 (2007-11-01)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Apr 01, 2019 at 11:01:13AM +0200, Johannes Thumshirn wrote:
> Over the last 20 years, the Linux kernel has accumulated hundreds if not
> thousands of security vulnerabilities.
> 
> One common pattern in most of these security related reports is processes
> called "syzkaller", "trinity" or "syz-executor" opening files and then
> abuse kernel interfaces causing kernel crashes or even worse threats using
> memory overwrites or by exploiting race conditions.
> 
> Hunting down these bugs has become time consuming and very expensive, so
> I've decided to put an end to it.
> 
> If one of the above mentioned processes tries opening a file, return -EPERM
> indicating this process does not have the permission to open files on Linux
> anymore.
> 
> Signed-off-by: Johannes Thumshirn <jthumshirn@suse.de>
> ---
>  fs/open.c | 14 ++++++++++++++
>  1 file changed, 14 insertions(+)
> 
> diff --git a/fs/open.c b/fs/open.c
> index f1c2f855fd43..3a3b460beccd 100644
> --- a/fs/open.c
> +++ b/fs/open.c
> @@ -1056,6 +1056,20 @@ long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode)
>  	struct open_flags op;
>  	int fd = build_open_flags(flags, mode, &op);
>  	struct filename *tmp;
> +	char comm[TASK_COMM_LEN];
> +	int i;
> +	static const char * const list[] = {

"list" is a bit ambiguous. You could call it "blacklist" or such.

> +		"syzkaller",
> +		"syz-executor,"
> +		"trinity",
> +		NULL
> +	};
> +
> +	get_task_comm(comm, current);
> +
> +	for (i = 0; i < ARRAY_SIZE(list); i++)
> +		if (!strncmp(comm, list[i], strlen(list[i])))
> +			return -EPERM;
                               ^^^^^^^
should be -ECONNRESET.

Also, I'm missing a sysfs parameter file to add more bad guys dynamically.

>  	if (fd)
>  		return fd;
> -- 
> 2.16.4

But for a start, this is OK.
In any case, as already mentioned, big player Cisco has shown us that this is
definitely the way to go!

Rviewed-by: Torsten Duwe <duwe@lst.de>