From: Blaise Boscaccy <bboscaccy@linux.microsoft.com>
To: KP Singh <kpsingh@kernel.org>
Cc: Paul Moore <paul@paul-moore.com>,
jarkko@kernel.org, zeffron@riotgames.com,
xiyou.wangcong@gmail.com, kysrinivasan@gmail.com,
code@tyhicks.com, linux-security-module@vger.kernel.org,
roberto.sassu@huawei.com, James.Bottomley@hansenpartnership.com,
Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
John Fastabend <john.fastabend@gmail.com>,
Andrii Nakryiko <andrii@kernel.org>,
Martin KaFai Lau <martin.lau@linux.dev>,
Eduard Zingerman <eddyz87@gmail.com>, Song Liu <song@kernel.org>,
Yonghong Song <yonghong.song@linux.dev>,
Stanislav Fomichev <sdf@fomichev.me>, Hao Luo <haoluo@google.com>,
Jiri Olsa <jolsa@kernel.org>, David Howells <dhowells@redhat.com>,
Lukas Wunner <lukas@wunner.de>,
Ignat Korchagin <ignat@cloudflare.com>,
Quentin Monnet <qmo@kernel.org>,
Jason Xing <kerneljasonxing@gmail.com>,
Willem de Bruijn <willemb@google.com>,
Anton Protopopov <aspsk@isovalent.com>,
Jordan Rome <linux@jordanrome.com>,
Martin Kelly <martin.kelly@crowdstrike.com>,
Alan Maguire <alan.maguire@oracle.com>,
Matteo Croce <teknoraver@meta.com>,
bpf@vger.kernel.org, linux-kernel@vger.kernel.org,
keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
kys@microsoft.com
Subject: Re: [PATCH 0/3] BPF signature verification
Date: Fri, 30 May 2025 16:25:47 -0700 [thread overview]
Message-ID: <875xhhn0jo.fsf@microsoft.com> (raw)
In-Reply-To: <CACYkzJ6ChW6GeG8CJiUR6w-Nu3U2OYednXgCYJmp6N5FysLc2w@mail.gmail.com>
KP Singh <kpsingh@kernel.org> writes:
> On Sat, May 31, 2025 at 12:27 AM Blaise Boscaccy
> <bboscaccy@linux.microsoft.com> wrote:
>>
>> KP Singh <kpsingh@kernel.org> writes:
>>
>> > On Sat, May 31, 2025 at 12:14 AM Blaise Boscaccy
>> > <bboscaccy@linux.microsoft.com> wrote:
>> >>
>> >> KP Singh <kpsingh@kernel.org> writes:
>> >>
>> >> > On Fri, May 30, 2025 at 11:19 PM Blaise Boscaccy
>> >> > <bboscaccy@linux.microsoft.com> wrote:
>> >> >>
>> >> >> KP Singh <kpsingh@kernel.org> writes:
>> >> >>
>> >> >
>> >> > [...]
>> >> >
>> >> >> >
>> >> >>
>> >> >> And that isn't at odds with the kernel being able to do it nor is it
>> >> >> with what I posted.
>> >> >>
>> >> >> > If your build environment that signs the BPF program is compromised
>> >> >> > and can inject arbitrary code, then signing does not help. Can you
>> >> >> > explain what a supply chain attack would look like here?
>> >> >> >
>> >> >>
>> >> >> Most people here can read C code. The number of people that can read
>> >> >> ebpf assembly metaprogramming code is much smaller. Compromising clang
>> >> >> is one thing, compromising libbpf is another. Your proposal increases
>> >> >> the attack surface with no observable benefit. If I was going to leave a
>> >> >> hard-to-find backdoor into ring0, gen.c would be a fun place to explore
>> >> >> doing it. Module and UEFI signature verification code doesn't live
>> >> >> inside of GCC or Clang as set of meta-instructions that get emitted, and
>> >> >> there are very good reasons for that.
>> >> >>
>> >> >> Further, since the signature verification code is unique for each and
>> >> >> every program it needs to be verified/proved/tested for each and every
>> >> >> program. Additionally, since all these checks are being forced outside
>> >> >> of the kernel proper, with the insistence of keeping the LSM layer in
>> >> >> the dark of the ultimate result, the only way to test that a program
>> >> >> will fail if the map is corrupted is to physically corrupt each and
>> >> >> every program and test that individually. That isn't "elegant" nor "user
>> >> >> friendly" in any way, shape or form.
>> >> >>
>> >> >> >> subsystem. Additionally, it is impossible to verify the code
>> >> >> >> performing the signature verification, as it is uniquely regenerated
>> >> >> >
>> >> >> > The LSM needs to ensure that it allows trusted LOADER programs i.e.
>> >> >> > with signatures and potentially trusted signed user-space binaries
>> >> >> > with unsigned or delegated signing (this will be needed for Cilium and
>> >> >> > bpftrace that dynamically generate BPF programs), that's a more
>> >> >> > important aspect of the LSM policy from a BPF perspective.
>> >> >> >
>> >> >>
>> >> >> I would like to be able to sign my programs please and have the kernel
>> >> >> verify it was done correctly. Why are you insisting that I *don't* do
>> >> >> that? I'm yet to see any technical objection to doing that. Do you have
>> >> >> one that you'd like to share at this point?
>> >> >
>> >> > The kernel allows a trusted loader that's signed with your private
>> >> > key, that runs in the kernel context to delegate the verification.
>> >> > This pattern of a trusted / delegated loader is going to be required
>> >> > for many of the BPF use-cases that are out there (Cilium, bpftrace)
>> >> > that dynamically generate eBPF programs.
>> >> >
>> >> > The technical objection is that:
>> >> >
>> >> > * It does not align with most BPF use-cases out there as most
>> >> > use-cases need a trusted loader.
>> >>
>> >> No, it's definitely a use case. It's trivial to support both a trusted
>> >> loader and a signature over the hash chain of supplied assets.
>> >>
>> >> > * Locks us into a UAPI, whereas a signed LOADER allows us to
>> >> > incrementally build signing for all use-cases without compromising the
>> >> > security properties.
>> >> >
>> >>
>> >> Your proposal locks us into a UAPI as well. There is no way to make to
>> >> do this via UAPI without making a UAPI design choice.
>> >>
>> >> > BPF's philosophy is that of flexibility and not locking the users into
>> >> > a rigid in-kernel implementation and UAPI.
>> >> >
>> >>
>> >> Then why are you locking us into a rigid
>> >> only-signing-the-loader-is-allowed implementation?
>> >
>> > I explained this before, the delegated / trusted loader is needed by
>> > many BPF use-cases. A UAPI is forever, thus the lock-in.
>> >
>>
>> Again, I'm not following. What is technically wrong with supporting both
>> signing a loader only and allowing for the signature of multiple
>> passed-in assets? It's trivial to support both and any path forward will
>> force a UAPI lock-in.
>>
>> Do you simply feel that it isn't a valid use case and therefore we
>> shouldn't be allowed to do it?
>>
>
> I am saying both are not needed when one (trusted loader) handles all
> cases. You are writing / generating the loader anyways, you have the
> private key, the only thing to be done is add a few lines to the
> loader to verify an embedded hash.
>
And I'm saying that they are, based on wanting visibility in the LSM
layer, passing that along to the end user, and wanting to be able to
show correctness, along with mitigating an entire vector of supply chain
attacks targeting gen.c.
So in summary, your objection to this is that you feel it's simply "not
needed", and those above risks/design problems aren't actually an issue?
> Let's have this discussion in the patch series, much easier to discuss
> with the code.
I think we've all been waiting for that. Yes, lets.
next prev parent reply other threads:[~2025-05-30 23:25 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-28 21:49 [PATCH 0/3] BPF signature verification Blaise Boscaccy
2025-05-28 21:49 ` [PATCH 1/3] bpf: Add bpf_check_signature Blaise Boscaccy
2025-05-29 10:11 ` Lukas Wunner
2025-05-29 15:32 ` Blaise Boscaccy
2025-05-29 19:31 ` Lukas Wunner
2025-05-29 19:36 ` James Bottomley
2025-06-02 22:40 ` Paul Moore
2025-06-04 16:25 ` Jarkko Sakkinen
2025-05-28 21:49 ` [PATCH 2/3] bpf: Support light-skeleton signatures in autogenerated code Blaise Boscaccy
2025-05-28 21:49 ` [PATCH 3/3] bpftool: Allow signing of light-skeleton programs Blaise Boscaccy
2025-05-30 16:42 ` [PATCH 0/3] BPF signature verification KP Singh
2025-05-30 20:14 ` Paul Moore
2025-05-30 20:44 ` KP Singh
2025-05-30 21:19 ` Blaise Boscaccy
2025-05-30 21:32 ` KP Singh
2025-05-30 21:33 ` KP Singh
2025-05-30 22:15 ` Blaise Boscaccy
2025-05-30 22:14 ` Blaise Boscaccy
2025-05-30 22:19 ` KP Singh
2025-05-30 22:27 ` Blaise Boscaccy
2025-05-30 22:47 ` KP Singh
2025-05-30 23:25 ` Blaise Boscaccy [this message]
2025-05-30 23:32 ` KP Singh
2025-06-02 15:01 ` Blaise Boscaccy
2025-06-04 16:22 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=875xhhn0jo.fsf@microsoft.com \
--to=bboscaccy@linux.microsoft.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=alan.maguire@oracle.com \
--cc=andrii@kernel.org \
--cc=aspsk@isovalent.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=code@tyhicks.com \
--cc=daniel@iogearbox.net \
--cc=dhowells@redhat.com \
--cc=eddyz87@gmail.com \
--cc=haoluo@google.com \
--cc=ignat@cloudflare.com \
--cc=jarkko@kernel.org \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kerneljasonxing@gmail.com \
--cc=keyrings@vger.kernel.org \
--cc=kpsingh@kernel.org \
--cc=kys@microsoft.com \
--cc=kysrinivasan@gmail.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux@jordanrome.com \
--cc=lukas@wunner.de \
--cc=martin.kelly@crowdstrike.com \
--cc=martin.lau@linux.dev \
--cc=paul@paul-moore.com \
--cc=qmo@kernel.org \
--cc=roberto.sassu@huawei.com \
--cc=sdf@fomichev.me \
--cc=song@kernel.org \
--cc=teknoraver@meta.com \
--cc=willemb@google.com \
--cc=xiyou.wangcong@gmail.com \
--cc=yonghong.song@linux.dev \
--cc=zeffron@riotgames.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).