lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160724040139.GA2025@ircssh.c.rugged-nimbus-611.internal>
Date:	Sat, 23 Jul 2016 21:01:39 -0700
From:	Sargun Dhillon <sargun@...gun.me>
To:	linux-kernel@...r.kernel.org, netdev@...r.kernel.org
Cc:	alexei.starovoitov@...il.com
Subject: Relax kern_version constraints on bpf kprobes?

In kernel/bpf/syscall.c we restrict programs loading bpf kprobe programs so 
attr.kern_version must be exactly equal to what the user is running at the 
moment. This makes a lot of sense because kprobes can touch lots of
unstable bits of the kernel ABI. 

Unfortunately, this makes it really difficult to ship binary bpf programs
for debugging, and most customers don't want to go through all the steps
of preparing for compilation and installation of bpf programs for their 
specific kernel that was shipped by their vendor. 

This is especially problematic when the probe is touching only stable ABIs
(syscalls), or alternatively is just logging performance events. I realize
that we can change this section pretty easily by reading the version at
load time and modifying it, but it's kind of a pain.

For programs that we know are safe, is there a mechanism by which we can
bypass this check, and tell the loader that we know what we're doing
since these programs are only accessible to CAP_SYS_ADMIN?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ