Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp20060093rwd;
        Wed, 28 Jun 2023 19:20:59 -0700 (PDT)
X-Google-Smtp-Source: ACHHUZ6AhOhQXnLoZv0iFOPkPzKCq3QljQTN9L1UMz8ZnLsJG82P0yk4brPApfGGWlgj+K4l6Xha
X-Received: by 2002:a17:902:d302:b0:1b8:28f4:f259 with SMTP id b2-20020a170902d30200b001b828f4f259mr4286871plc.69.1688005259718;
        Wed, 28 Jun 2023 19:20:59 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1688005259; cv=none;
        d=google.com; s=arc-20160816;
        b=CBIhyuR9NULPsfT77mAjjzXtt7ETOI1oc1o5TQQeQoTIE0Uk8DDnsOqMTQmZXxi+Yi
         2VUTvqqvGq6HaFGQUSpqWIia21c6K7f7rIu8nZ/cQzMHfVo0Uskj58jImJEIdit9A0DZ
         BCQqd6K9/lJjZ+v8H5YRgIpKX91zuo9SV3YoDeQHXm7f2xd8xOpPHrobnOkHpuUvzXaq
         Akpifp2khxNipzjDiqLVm/AVWOFEw6JuZafSSQNCmK2KchoZ2Rib3/BrUOAS3tfk1myY
         B5pHjAle65HYMtMkQzxw9FhvbWxc92BEx5DJDEJiWEN5KdmqY6QOhAkNNkCczNGG5i/n
         W50g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:in-reply-to:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date;
        bh=LrrICl5djO/9pFdl8MaYpSYU2Au6c+aXR9Pj/2pbB+M=;
        fh=VIhROK1MayYRHkSBgoh7jaJ/bXtkSNRpITt2t7XasHU=;
        b=ef63urt9GDf9umkfZJHJYRD+NZslGPuXggsIP6TGixjhxFoHrjJCEYesdCK0ne04Px
         H2wtC5aaH/xw0elTurkRaidWr6ioHJnC9u8Dz6YT9FP6cF6Qo9Bi/AJ8B7EtyEG7ZzJt
         HXCUJlEVLU4yjge7q1GJ0pp6oXa0pSjuwWbGkuojDi4VSejVVEnWAv4ZtryyUV6d4BHh
         ZEAmjIxZdu1rs6YWofd39/jxF/mhZiEs+aHZ/7hwYs4SDl+75kq0nangMaACIPtJh5Ff
         2hNiL9YrCKXM9rJaBAVBSHpLpZpNYucxwcgnNVYsnZGVTdt3GzV75C+ALbgpjGrsoVH3
         gQFw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id y1-20020a17090322c100b001b3d27ca12fsi10482445plg.207.2023.06.28.19.20.46;
        Wed, 28 Jun 2023 19:20:59 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231925AbjF2CKH (ORCPT <rfc822;aklobs10@gmail.com> + 99 others);
        Wed, 28 Jun 2023 22:10:07 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49698 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231789AbjF2CKF (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 28 Jun 2023 22:10:05 -0400
Received: from mail.hallyn.com (mail.hallyn.com [178.63.66.53])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4E8B71FEB;
        Wed, 28 Jun 2023 19:10:02 -0700 (PDT)
Received: by mail.hallyn.com (Postfix, from userid 1001)
        id 479A1579; Wed, 28 Jun 2023 21:10:00 -0500 (CDT)
Date:   Wed, 28 Jun 2023 21:10:00 -0500
From:   "Serge E. Hallyn" <serge@hallyn.com>
To:     Roberto Sassu <roberto.sassu@huaweicloud.com>
Cc:     Oleg Nesterov <oleg@redhat.com>, Paul Moore <paul@paul-moore.com>,
        James Morris <jmorris@namei.org>,
        "Serge E. Hallyn" <serge@hallyn.com>,
        Stephen Smalley <stephen.smalley.work@gmail.com>,
        Eric Paris <eparis@parisplace.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Mimi Zohar <zohar@linux.ibm.com>,
        Kees Cook <keescook@chromium.org>,
        Casey Schaufler <casey@schaufler-ca.com>,
        David Howells <dhowells@redhat.com>,
        LuisChamberlain <mcgrof@kernel.org>,
        Eric Biederman <ebiederm@xmission.com>,
        Petr Tesarik <petrtesarik@huaweicloud.com>,
        Christoph Hellwig <hch@infradead.org>,
        Petr Mladek <pmladek@suse.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Tejun Heo <tj@kernel.org>, linux-mm@kvack.org,
        linux-security-module@vger.kernel.org,
        linux-kernel@vger.kernel.org, keyrings@vger.kernel.org,
        linux-integrity@vger.kernel.org, linux-hardening@vger.kernel.org
Subject: Re: [QUESTION] Full user space process isolation?
Message-ID: <20230629021000.GA368825@mail.hallyn.com>
References: <eb31920bd00e2c921b0aa6ebed8745cb0130b0e1.camel@huaweicloud.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <eb31920bd00e2c921b0aa6ebed8745cb0130b0e1.camel@huaweicloud.com>
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_PASS,
        SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no
        version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Jun 22, 2023 at 04:42:37PM +0200, Roberto Sassu wrote:
> Hi everyone
> 
> I briefly discussed this topic at LSS NA 2023, but I wanted to have an
> opinion from a broader audience.
> 
> 
> In short:
> 
> I wanted to execute some kernel workloads in a fully isolated user
> space process, started from a binary statically linked with klibc,
> connected to the kernel only through a pipe.
> 
> I also wanted that, for the root user, tampering with that process is
> as hard as if the same code runs in kernel space.
> 
> I would use the fully isolated process to parse and convert unsupported
> data formats to a supported one, after the kernel verified the

Can you give some examples here of supported and unsupported data
formats?  ext2 is supported, but we sadly don't trust the sb parser
to read a an ext2fs coming from unknown source.  So I'm not quite
clear what problem you're trying to solve.

> authenticity of the original format (that already exists and cannot
> change).
> 
> Preventing tampering of the process ensures that the conversion goes as
> expected. Also, the integrity of the binary needs to be verified.
> 
> 
> List of wished data formats:
> 
> PGP: verify the authenticity of RPM/DEB/... headers
> RPM/DEB/... headers: extract reference file checksums for
>                     (kernel-based) file integrity check (e.g. with IMA)
> 
> 
> Alternative #1:
> 
> Write the parsers to run in kernel space. That was rejected due to
> security and scalability concerns. If that changed, please let me know.
> 
> 
> Alternative #2:
> 
> Linux distributions could provide what the kernel supports. However,
> from personal experience, the effort seems orders of magnitude higher
> than just writing a tiny component to support the original format. And
> there is no guarantee that all Linux distributions will do it.
> 
> 
> Full process isolation could be achieved in this way:
> 
> process -> outside: set seccomp strict profile at process creation
>                     so that the process can only read/write/close the
>                     pipe and exit, no other system calls are allowed
> 
> outside -> process: deny ptrace/kill with the process as target
> 
> Anything else?
> 
> 
> The only risk I see is that a new feature allowing to interact with
> another process is added to the kernel, without the ptrace permission
> being asked.
> 
> With the restrictions above, can we say that the code inside the
> process is as safe (against tampering) to execute as if it runs in
> kernel space?
> 
> Thanks
> 
> Roberto