| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2101885775982b2b6310298ae96a3278@paul-moore.com> Date: Mon, 10 Mar 2025 12:31:34 -0400 From: Paul Moore <paul@...l-moore.com> To: Blaise Boscaccy <bboscaccy@...ux.microsoft.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, John Fastabend <john.fastabend@...il.com>, Andrii Nakryiko <andrii@...nel.org>, Martin KaFai Lau <martin.lau@...ux.dev>, Eduard Zingerman <eddyz87@...il.com>, Song Liu <song@...nel.org>, Yonghong Song <yonghong.song@...ux.dev>, KP Singh <kpsingh@...nel.org>, Stanislav Fomichev <sdf@...ichev.me>, Hao Luo <haoluo@...gle.com>, Jiri Olsa <jolsa@...nel.org>, Stephen Smalley <stephen.smalley.work@...il.com>, Ondrej Mosnacek <omosnace@...hat.com>, Mykola Lysenko <mykolal@...com>, Shuah Khan <shuah@...nel.org>, Kumar Kartikeya Dwivedi <memxor@...il.com>, Matt Bobrowski <mattbobrowski@...gle.com>, Xu Kuohai <xukuohai@...wei.com>, linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org, bpf@...r.kernel.org, selinux@...r.kernel.org, linux-kselftest@...r.kernel.org Subject: Re: [PATCH v6 1/2] security: Propagate caller information in bpf hooks On Mar 7, 2025 Blaise Boscaccy <bboscaccy@...ux.microsoft.com> wrote: > > Certain bpf syscall subcommands are available for usage from both > userspace and the kernel. LSM modules or eBPF gatekeeper programs may > need to take a different course of action depending on whether or not > a BPF syscall originated from the kernel or userspace. > > Additionally, some of the bpf_attr struct fields contain pointers to > arbitrary memory. Currently the functionality to determine whether or > not a pointer refers to kernel memory or userspace memory is exposed > to the bpf verifier, but that information is missing from various LSM > hooks. > > Here we augment the LSM hooks to provide this data, by simply passing > a boolean flag indicating whether or not the call originated in the > kernel, in any hook that contains a bpf_attr struct that corresponds > to a subcommand that may be called from the kernel. > > Signed-off-by: Blaise Boscaccy <bboscaccy@...ux.microsoft.com> > Acked-by: Song Liu <song@...nel.org> > Acked-by: Paul Moore <paul@...l-moore.com> > --- > include/linux/lsm_hook_defs.h | 6 +++--- > include/linux/security.h | 12 ++++++------ > kernel/bpf/syscall.c | 10 +++++----- > security/security.c | 15 +++++++++------ > security/selinux/hooks.c | 6 +++--- > tools/testing/selftests/bpf/progs/rcu_read_lock.c | 3 ++- > .../selftests/bpf/progs/test_cgroup1_hierarchy.c | 4 ++-- > .../selftests/bpf/progs/test_kfunc_dynptr_param.c | 6 +++--- > .../testing/selftests/bpf/progs/test_lookup_key.c | 2 +- > .../selftests/bpf/progs/test_ptr_untrusted.c | 2 +- > .../selftests/bpf/progs/test_task_under_cgroup.c | 2 +- > .../selftests/bpf/progs/test_verify_pkcs7_sig.c | 2 +- > 12 files changed, 37 insertions(+), 33 deletions(-) This still looks good to me (ACK already present), are the BPF folks still on track to merge this into their tree? It would be good to get this into linux-next sooner rather than later if we want to send this up to Linus during the next merge window. -- paul-moore.com
Powered by blists - more mailing lists