Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp1088525yba; Tue, 2 Apr 2019 01:56:22 -0700 (PDT) X-Google-Smtp-Source: APXvYqwoT/sfbsm3vcVIShIw8KjGy8sSl1cOlyiKVxcN2LeHmJ5XdLsf/wMPHT6iYEFlsgcCwjdH X-Received: by 2002:a17:902:7b96:: with SMTP id w22mr34694891pll.28.1554195381969; Tue, 02 Apr 2019 01:56:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554195381; cv=none; d=google.com; s=arc-20160816; b=X5tIob5iAQWaXjW08vGI762IQ99c+TXVQhcK01WoFWD2Su+T5LW8Fo/qT6ueSG1lzO 2ftG4JjvumP2Y86nwEpYRHbm8xf6SvK1QzFFu+cqaQwS+URxgzx7nNLkf2ItxxqZxE/y MMxAv3PFHKJwNZQ8DNWaOnwEPH1k+FSpNd01ibYrxygUKEngwkK1K+eKjuVuT13kHB3N 1y5QfmWBfYjEhmKndJguLUCzv3+2kF9LkMuV7eqB9FJLtx36/Jfj2JD28mbGxfiW+RLh oxMxbhNRhT1qEuB93SsYW4O3cy1EOreiPcqdia5zBV6llWiSnPNwo4zAtGPS0K/X0Ha1 VVbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=PVEGLlWovn6wLP/uzzqU+6oVkAwCS5DJFeb8xv1GsVs=; b=NAGAQt4UNj7Tu0wTH0DiJuATK3T7+OFhttj7SMexaDbycxGuN1/S/SDWnisPYPpBYm sVQ9QK2/X7GO1ZP+PKqAc9DaIkpYOj5gpTgqHSnkBI0r9z8+lk6vmWM0CK+OkT9Jt6RF n0OPMukm5x1Sp+l2sB2sYriRr4bRl55axIrm0eNxKvxkZsWyTSuX3SpNNCYd0QFnCBF3 5ZkRKBdp26bdarCOE+drVX75CN6ccmTd+qTKI7tjowHeBtH/FWbLIuG+sLpeQDCRlieM ul0VfzsjxumHNMexb/pDgw5slcZ7e7pP1a7H3dom/FLJqqFRS1heRYthumBQ2S4qPfYW vj+g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=dbwpqKRU; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c32si10644486pgl.510.2019.04.02.01.56.04; Tue, 02 Apr 2019 01:56:21 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=dbwpqKRU; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729109AbfDBH5E (ORCPT + 99 others); Tue, 2 Apr 2019 03:57:04 -0400 Received: from mail.kernel.org ([198.145.29.99]:40134 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725884AbfDBH5E (ORCPT ); Tue, 2 Apr 2019 03:57:04 -0400 Received: from linux-8ccs (p5B164D93.dip0.t-ipconnect.de [91.22.77.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 087C12084C; Tue, 2 Apr 2019 07:57:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1554191823; bh=7CsuqOxBUp+sMWLNwY10YbIwykEgB//qVcOXW/OisX8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=dbwpqKRUS6itY6oY0YGKgcX4DpzExeKO9MuwnSm2WWn8CQho6EAp6h+URYGN7QYrW OgkguRw9LI+Em4KpU3+TJbuQ31C8fM1EE2e6spjuEpet5GmtLHFDwVaYue5/xEJl6/ 8u7CIVbYBhIV2DxEIo2yA3XAl53KHTBRxgc02xUo= Date: Tue, 2 Apr 2019 09:56:58 +0200 From: Jessica Yu To: Johannes Thumshirn Cc: Linux Kernel Mailinglist , Linux FSDEVEL Mailinglist Subject: Re: [PATCH] fs/open: Fix most outstanding security bugs Message-ID: <20190402075657.GA14882@linux-8ccs> References: <20190401090113.22946-1-jthumshirn@suse.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <20190401090113.22946-1-jthumshirn@suse.de> X-OS: Linux linux-8ccs 5.1.0-rc1-lp150.12.28-default+ x86_64 User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org +++ Johannes Thumshirn [01/04/19 11:01 +0200]: >Over the last 20 years, the Linux kernel has accumulated hundreds if not >thousands of security vulnerabilities. > >One common pattern in most of these security related reports is processes >called "syzkaller", "trinity" or "syz-executor" opening files and then >abuse kernel interfaces causing kernel crashes or even worse threats using >memory overwrites or by exploiting race conditions. > >Hunting down these bugs has become time consuming and very expensive, so >I've decided to put an end to it. > >If one of the above mentioned processes tries opening a file, return -EPERM >indicating this process does not have the permission to open files on Linux >anymore. > >Signed-off-by: Johannes Thumshirn Acked-by: Jessica Yu :-) >--- > fs/open.c | 14 ++++++++++++++ > 1 file changed, 14 insertions(+) > >diff --git a/fs/open.c b/fs/open.c >index f1c2f855fd43..3a3b460beccd 100644 >--- a/fs/open.c >+++ b/fs/open.c >@@ -1056,6 +1056,20 @@ long do_sys_open(int dfd, const char __user *filename, int flags, umode_t mode) > struct open_flags op; > int fd = build_open_flags(flags, mode, &op); > struct filename *tmp; >+ char comm[TASK_COMM_LEN]; >+ int i; >+ static const char * const list[] = { >+ "syzkaller", >+ "syz-executor," >+ "trinity", >+ NULL >+ }; >+ >+ get_task_comm(comm, current); >+ >+ for (i = 0; i < ARRAY_SIZE(list); i++) >+ if (!strncmp(comm, list[i], strlen(list[i]))) >+ return -EPERM; > > if (fd) > return fd; >-- >2.16.4 >