Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp684850yba; Wed, 3 Apr 2019 17:35:55 -0700 (PDT) X-Google-Smtp-Source: APXvYqwVura31eVTNIg+0i6GoR6Ue2gaOV26Rxezg5Q9iuduQq+YeOnbEHtE1JaL/3tdSDLTd+6b X-Received: by 2002:a63:e045:: with SMTP id n5mr2779561pgj.230.1554338154619; Wed, 03 Apr 2019 17:35:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554338154; cv=none; d=google.com; s=arc-20160816; b=DKdsr10k3TVduppsOgmMWVR1E+8KwDtJQYtA7mTc7H7CphTvut9EOZZkvFQPwU01A4 wgiN1GJadq+ZmEq4yOnJUBPDt1G2W8QNscUy3gP8ABlTPL9L1RMk5OtF3avXaMPSjG5W GI2/bhwE2hlfajRNpi02YVtWSud94sl3elYT4GV4k36+UBoJ69MBrex99eM7v55azeCW JZ0pgz7+iEV8lqZfPyfcloyPnu8Z/6WGzv5DJqeQTzrVfZxSrKEwUe4+nfuysVhkwbZG NK+akhOKgDmo5YGA4B0LNNbv8QQjzfw06p/zLbdB3BBbhN+yLru++22/Lcv/stxed6GK OuMg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=J18ALo3LueGVhn7lBcFJjxgV6Duc6Nrvg9c6IUw3gFk=; b=m7sLzLmTX/Fb7vF26ohq+8dx6/Ycon1kNZrBzXh8KUUSwnY7uncdw2F7+ycYE8r61q dgTBpdA/m6s4wcKMSIH+ecaJCWH2sEoD42apLSEmzwKba42tn5tfUicVidvPaSVMi+9p dDqskElt+B4Gdl2Y1QU/a7PrBj0lmti9foN3ywXZ+ereWHqpYF4KbVASofW20DYap5Fo g9A0sOdFpOkmDoiaiCQ8PrmCW2D16vkDhPBSmRaLlQ6jCwS6CX5S5ba/y9xtx6hcLJkD f44XztuOePZOFoGTKEpxvJbEeEvoPkrJze4f9E8YGaSSZIRe6JgUOAW6gz32x43Hv5oP 5X4g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=f4X9nbNH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a63si16187253pfb.267.2019.04.03.17.35.39; Wed, 03 Apr 2019 17:35:54 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=f4X9nbNH; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728723AbfDDAed (ORCPT + 99 others); Wed, 3 Apr 2019 20:34:33 -0400 Received: from mail-pl1-f202.google.com ([209.85.214.202]:53907 "EHLO mail-pl1-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728483AbfDDAdt (ORCPT ); Wed, 3 Apr 2019 20:33:49 -0400 Received: by mail-pl1-f202.google.com with SMTP id 102so605697plb.20 for ; Wed, 03 Apr 2019 17:33:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=J18ALo3LueGVhn7lBcFJjxgV6Duc6Nrvg9c6IUw3gFk=; b=f4X9nbNHfY4KPoiY2rsTDeZzZS0xVYDSJh48T/INc5xcxO6l06XtPToGB5Yf4apcsF QO9MOn/GG22R7EaKsFZ5VoOMO2fyeDZ2nLv5NFyTUIcChYQg+eLUp5gALnVlBXrYfTQp RPpFDlg7gyi/RfbU/aUNdvCAMzBbq4Ux9qoL8qcq3qckUGaWWU5ehr//0EPmpZuM51fH rEXxgeXSu9SkJgqz7FnM2j66Vm7PfIenJp7rjiBnINO41wb0GMcbfQdm+vCGGxCVXqra UAy733GzeE5eTRjvF98IFUyGNKiT5Sa5nKXo2vH8rdjB/GkvJoZbfYLJS/M4g3VQ751b SkEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=J18ALo3LueGVhn7lBcFJjxgV6Duc6Nrvg9c6IUw3gFk=; b=GcsHVW9dk3M1Refn56zCkqtriBdgTaYeO0shG0Txz7W7+bP7XoxoBIidElPRHDl+bS jtxQUnpUpDHHB/dpUPBJu2a88DP+GNf1wQ3JA0WU6QeB11wYAOiOKgt05ZyvRUuUnQ5F P9sdFjchorfKOXHFJ7myPB0FemVr2k4wvuS6B3o3IJTq+Jlx2JuTvrLNo1oT0BtaZ4ot sRuOcQZdyljXoFDT1gC5FxR9Pb9g7dbOApmaA03qG2dQBZnN48dM5TaS+Hu1N9g4ZhQK yFy4baTfl67zViMDoptpjAmJq7c5+ooThZ8eHZdkphVcRrS+URhhJcUUkvAnHS51vAgo jEOg== X-Gm-Message-State: APjAAAU0GM5SnjyWYq4Q+WMR1eKnr+H/pJkY5Q85nkJoGdciVfaI87Yn r9l0AmSeaoOa+PcOgRTJfwabTe2A/HM3gQHgwJgXTg== X-Received: by 2002:a65:6483:: with SMTP id e3mr60177pgv.12.1554338028850; Wed, 03 Apr 2019 17:33:48 -0700 (PDT) Date: Wed, 3 Apr 2019 17:32:43 -0700 In-Reply-To: <20190404003249.14356-1-matthewgarrett@google.com> Message-Id: <20190404003249.14356-22-matthewgarrett@google.com> Mime-Version: 1.0 References: <20190404003249.14356-1-matthewgarrett@google.com> X-Mailer: git-send-email 2.21.0.392.gf8f6787159e-goog Subject: [PATCH V32 21/27] Lock down tracing and perf kprobes when in confidentiality mode From: Matthew Garrett To: jmorris@namei.org Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, dhowells@redhat.com, linux-api@vger.kernel.org, luto@kernel.org, Alexei Starovoitov , Matthew Garrett , "Naveen N . Rao" , Anil S Keshavamurthy , davem@davemloft.net, Masami Hiramatsu Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: David Howells Disallow the creation of perf and ftrace kprobes when the kernel is locked down in confidentiality mode by preventing their registration. This prevents kprobes from being used to access kernel memory to steal crypto data, but continues to allow the use of kprobes from signed modules. Reported-by: Alexei Starovoitov Signed-off-by: David Howells Signed-off-by: Matthew Garrett Cc: Naveen N. Rao Cc: Anil S Keshavamurthy Cc: davem@davemloft.net Cc: Masami Hiramatsu --- kernel/trace/trace_kprobe.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/trace/trace_kprobe.c b/kernel/trace/trace_kprobe.c index d5fb09ebba8b..5c70acd80344 100644 --- a/kernel/trace/trace_kprobe.c +++ b/kernel/trace/trace_kprobe.c @@ -420,6 +420,9 @@ static int __register_trace_kprobe(struct trace_kprobe *tk) { int i, ret; + if (kernel_is_locked_down("Use of kprobes", LOCKDOWN_CONFIDENTIALITY)) + return -EPERM; + if (trace_probe_is_registered(&tk->tp)) return -EINVAL; -- 2.21.0.392.gf8f6787159e-goog