| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <482.1508453314@warthog.procyon.org.uk>
Date: Thu, 19 Oct 2017 23:48:34 +0100
From: David Howells <dhowells@...hat.com>
To: Alexei Starovoitov <alexei.starovoitov@...il.com>
Cc: jlee@...e.com, dhowells@...hat.com,
linux-security-module@...r.kernel.org, gnomes@...rguk.ukuu.org.uk,
linux-efi@...r.kernel.org, gregkh@...uxfoundation.org,
linux-kernel@...r.kernel.org, jforbes@...hat.com,
Daniel Borkmann <daniel@...earbox.net>,
"David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org
Subject: Re: [PATCH 18/27] bpf: Restrict kernel image access functions when the kernel is locked down
Alexei Starovoitov <alexei.starovoitov@...il.com> wrote:
> > @@ -65,6 +65,11 @@ BPF_CALL_3(bpf_probe_read, void *, dst, u32, size, const void *, unsafe_ptr)
> > {
> > int ret;
> >
> > + if (kernel_is_locked_down("BPF")) {
> > + memset(dst, 0, size);
> > + return -EPERM;
> > + }
>
> That doesn't help the lockdown purpose.
> If you don't trust the root the only way to prevent bpf read
> memory is to disable the whole thing.
> Have a single check in sys_bpf() to disallow everything if kernel_is_locked_down()
> and don't add overhead to critical path like bpf_probe_read().
TBH, I've no idea how bpf does anything, so I can't say whether this is
better, overkill or insufficient.
David
Powered by blists - more mailing lists