From mboxrd@z Thu Jan 1 00:00:00 1970 From: Matthew Garrett Subject: [PATCH V31 21/25] Lock down kprobes when in confidentiality mode Date: Tue, 26 Mar 2019 11:27:37 -0700 Message-ID: <20190326182742.16950-22-matthewgarrett@google.com> References: <20190326182742.16950-1-matthewgarrett@google.com> Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Return-path: In-Reply-To: <20190326182742.16950-1-matthewgarrett@google.com> Sender: linux-kernel-owner@vger.kernel.org To: jmorris@namei.org Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, dhowells@redhat.com, linux-api@vger.kernel.org, luto@kernel.org, Alexei Starovoitov , Matthew Garrett , "Naveen N . Rao" , Anil S Keshavamurthy , davem@davemloft.net, Masami Hiramatsu List-Id: linux-api@vger.kernel.org From: David Howells Disallow the creation of kprobes when the kernel is locked down in confidentiality mode by preventing their registration. This prevents kprobes from being used to access kernel memory to steal crypto data. Reported-by: Alexei Starovoitov Signed-off-by: David Howells Signed-off-by: Matthew Garrett Cc: Naveen N. Rao Cc: Anil S Keshavamurthy Cc: davem@davemloft.net Cc: Masami Hiramatsu --- kernel/kprobes.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/kprobes.c b/kernel/kprobes.c index f4ddfdd2d07e..b9781bd2db8c 100644 --- a/kernel/kprobes.c +++ b/kernel/kprobes.c @@ -1552,6 +1552,9 @@ int register_kprobe(struct kprobe *p) struct module *probed_mod; kprobe_opcode_t *addr; + if (kernel_is_locked_down("Use of kprobes", LOCKDOWN_CONFIDENTIALITY)) + return -EPERM; + /* Adjust probe address from symbol */ addr = kprobe_addr(p); if (IS_ERR(addr)) -- 2.21.0.392.gf8f6787159e-goog