Re: [PATCH V31 22/25] bpf: Restrict bpf when kernel lockdown is in... | linux-security-module

[PATCH V31 00/25] Add support for kernel lockdown · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 01/25] Add the ability to lock down access to the running kernel image · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 02/25] Enforce module signatures if the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 03/25] Restrict /dev/{mem,kmem,port} when the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 05/25] Copy secure_boot flag in boot params across kexec reboot · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 06/25] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · Matthew Garrett <hidden> · 2019-03-26
Re: [PATCH V31 06/25] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · Dave Young <hidden> · 2019-06-21
Re: [PATCH V31 06/25] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · Matthew Garrett <hidden> · 2019-06-21
Re: [PATCH V31 06/25] kexec_file: split KEXEC_VERIFY_SIG into KEXEC_SIG and KEXEC_SIG_FORCE · Matthew Garrett <hidden> · 2019-06-21
[PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
Re: [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down · Dave Young <hidden> · 2019-06-21
Re: [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down · Matthew Garrett <hidden> · 2019-06-21
Re: [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down · Dave Young <hidden> · 2019-06-24
Re: [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down · Matthew Garrett <hidden> · 2019-06-24
Re: [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-24
Re: [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down · Matthew Garrett <hidden> · 2019-06-25
Re: [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down · Mimi Zohar <zohar@linux.ibm.com> · 2019-06-25
Re: [PATCH V31 07/25] kexec_file: Restrict at runtime if the kernel is locked down · Dave Young <hidden> · 2019-06-25
[PATCH V31 09/25] uswsusp: Disable when the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 11/25] x86: Lock down IO port access when the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
Re: [PATCH V31 11/25] x86: Lock down IO port access when the kernel is locked down · Andy Lutomirski <luto@kernel.org> · 2019-03-26
[PATCH V31 12/25] x86/msr: Restrict MSR access when the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 14/25] acpi: Ignore acpi_rsdp kernel param when the kernel has been locked down · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 16/25] Prohibit PCMCIA CIS storage when the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 17/25] Lock down TIOCSSERIAL · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 18/25] Lock down module params that specify hardware parameters (eg. ioport) · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 20/25] Lock down /proc/kcore · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 22/25] bpf: Restrict bpf when kernel lockdown is in confidentiality mode · Matthew Garrett <hidden> · 2019-03-26
Re: [PATCH V31 22/25] bpf: Restrict bpf when kernel lockdown is in confidentiality mode · Andy Lutomirski <luto@kernel.org> · 2019-03-26
[PATCH V31 23/25] Lock down perf when in confidentiality mode · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 24/25] lockdown: Print current->comm in restriction messages · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Andy Lutomirski <luto@kernel.org> · 2019-03-26
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Greg KH <gregkh@linuxfoundation.org> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Andy Lutomirski <luto@kernel.org> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Greg KH <gregkh@linuxfoundation.org> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Andy Lutomirski <luto@amacapital.net> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Greg KH <gregkh@linuxfoundation.org> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · James Morris <jmorris@namei.org> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Andy Lutomirski <luto@kernel.org> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Matthew Garrett <hidden> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Greg KH <gregkh@linuxfoundation.org> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Greg KH <gregkh@linuxfoundation.org> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Greg KH <gregkh@linuxfoundation.org> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Matthew Garrett <hidden> · 2019-03-27
Re: [PATCH V31 25/25] debugfs: Disable open() when kernel is locked down · Greg KH <gregkh@linuxfoundation.org> · 2019-03-27
[PATCH V31 21/25] Lock down kprobes when in confidentiality mode · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 19/25] x86/mmiotrace: Lock down the testmmiotrace module · Matthew Garrett <hidden> · 2019-03-26
Re: [PATCH V31 19/25] x86/mmiotrace: Lock down the testmmiotrace module · Steven Rostedt <rostedt@goodmis.org> · 2019-03-27
Re: [PATCH V31 19/25] x86/mmiotrace: Lock down the testmmiotrace module · Matthew Garrett <hidden> · 2019-03-27
[PATCH V31 15/25] acpi: Disable ACPI table override if the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 13/25] ACPI: Limit access to custom_method when the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 10/25] PCI: Lock down BAR access when the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
Re: [PATCH V31 10/25] PCI: Lock down BAR access when the kernel is locked down · Andy Lutomirski <luto@kernel.org> · 2019-03-26
Re: [PATCH V31 10/25] PCI: Lock down BAR access when the kernel is locked down · Alex Williamson <hidden> · 2019-03-26
[PATCH V31 08/25] hibernate: Disable when the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26
[PATCH V31 04/25] kexec_load: Disable at runtime if the kernel is locked down · Matthew Garrett <hidden> · 2019-03-26

Re: [PATCH V31 22/25] bpf: Restrict bpf when kernel lockdown is in confidentiality mode

From: Andy Lutomirski <luto@kernel.org>
Date: 2019-03-26 19:21:40
Also in: linux-api, lkml, netdev

On Tue, Mar 26, 2019 at 11:28 AM Matthew Garrett
[off-list ref] wrote:

From: David Howells <dhowells@redhat.com>

There are some bpf functions can be used to read kernel memory:
bpf_probe_read, bpf_probe_write_user and bpf_trace_printk.  These allow
private keys in kernel memory (e.g. the hibernation image signing key) to
be read by an eBPF program and kernel memory to be altered without
restriction. Disable them if the kernel has been locked down in
confidentiality mode.

:)

This is yet another reason to get the new improved bpf_probe_user_read
stuff landed!

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help