| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250321164537.16719-1-bboscaccy@linux.microsoft.com> Date: Fri, 21 Mar 2025 09:45:02 -0700 From: Blaise Boscaccy <bboscaccy@...ux.microsoft.com> To: Jonathan Corbet <corbet@....net>, David Howells <dhowells@...hat.com>, Herbert Xu <herbert@...dor.apana.org.au>, "David S. Miller" <davem@...emloft.net>, Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, Masahiro Yamada <masahiroy@...nel.org>, Nathan Chancellor <nathan@...nel.org>, Nicolas Schier <nicolas@...sle.eu>, Shuah Khan <shuah@...nel.org>, Mickaël Salaün <mic@...ikod.net>, Günther Noack <gnoack@...gle.com>, Nick Desaulniers <nick.desaulniers+lkml@...il.com>, Bill Wendling <morbo@...gle.com>, Justin Stitt <justinstitt@...gle.com>, Blaise Boscaccy <bboscaccy@...ux.microsoft.com>, Jarkko Sakkinen <jarkko@...nel.org>, Jan Stancek <jstancek@...hat.com>, Neal Gompa <neal@...pa.dev>, linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org, keyrings@...r.kernel.org, linux-crypto@...r.kernel.org, linux-security-module@...r.kernel.org, linux-kbuild@...r.kernel.org, linux-kselftest@...r.kernel.org, bpf@...r.kernel.org, llvm@...ts.linux.dev, nkapron@...gle.com, teknoraver@...a.com, roberto.sassu@...wei.com, xiyou.wangcong@...il.com Subject: [RFC PATCH security-next 0/4] Introducing Hornet LSM This patch series introduces the Hornet LSM. Hornet takes a simple approach to light-skeleton-based eBPF signature verification. Signature data can be easily generated for the binary data that is generated via bpftool gen -L. This signature can be appended to a skeleton executable via scripts/sign-ebpf. Hornet checks the signature against a binary buffer containing the lskel instructions that the loader maps use. Maps are frozen to prevent TOCTOU bugs where a sufficiently privileged user could rewrite map data between the calls to BPF_PROG_LOAD and BPF_PROG_RUN. Additionally, both sparse-array-based and fd_array_cnt-based map fd arrays are supported for signature verification. Blaise Boscaccy (4): security: Hornet LSM hornet: Introduce sign-ebpf hornet: Add an example lskel data extactor script selftests/hornet: Add a selftest for the hornet LSM Documentation/admin-guide/LSM/Hornet.rst | 51 +++ crypto/asymmetric_keys/pkcs7_verify.c | 10 + include/linux/kernel_read_file.h | 1 + include/linux/verification.h | 1 + include/uapi/linux/lsm.h | 1 + scripts/Makefile | 1 + scripts/hornet/Makefile | 5 + scripts/hornet/extract-skel.sh | 29 ++ scripts/hornet/sign-ebpf.c | 420 +++++++++++++++++++ security/Kconfig | 3 +- security/Makefile | 1 + security/hornet/Kconfig | 11 + security/hornet/Makefile | 4 + security/hornet/hornet_lsm.c | 239 +++++++++++ tools/testing/selftests/Makefile | 1 + tools/testing/selftests/hornet/Makefile | 51 +++ tools/testing/selftests/hornet/loader.c | 21 + tools/testing/selftests/hornet/trivial.bpf.c | 33 ++ 18 files changed, 882 insertions(+), 1 deletion(-) create mode 100644 Documentation/admin-guide/LSM/Hornet.rst create mode 100644 scripts/hornet/Makefile create mode 100755 scripts/hornet/extract-skel.sh create mode 100644 scripts/hornet/sign-ebpf.c create mode 100644 security/hornet/Kconfig create mode 100644 security/hornet/Makefile create mode 100644 security/hornet/hornet_lsm.c create mode 100644 tools/testing/selftests/hornet/Makefile create mode 100644 tools/testing/selftests/hornet/loader.c create mode 100644 tools/testing/selftests/hornet/trivial.bpf.c -- 2.48.1
Powered by blists - more mailing lists