lockdown: Lock down tracing and perf kprobes when in confidentiality mode

Disallow the creation of perf and ftrace kprobes when the kernel is locked down in confidentiality mode by preventing their registration. This prevents kprobes from being used to access kernel memory to steal crypto data, but continues to allow the use of kprobes from signed modules. Reported-by: Alexei Starovoitov <alexei.starovoitov@gmail.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Matthew Garrett <mjg59@google.com> Acked-by: Masami Hiramatsu <mhiramat@kernel.org> Reviewed-by: Kees Cook <keescook@chromium.org> Cc: Naveen N. Rao <naveen.n.rao@linux.ibm.com> Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com> Cc: davem@davemloft.net Cc: Masami Hiramatsu <mhiramat@kernel.org> Signed-off-by: James Morris <jmorris@namei.org>
author: David Howells <dhowells@redhat.com> 2019-08-19 17:17:58 -0700
committer: James Morris <jmorris@namei.org> 2019-08-19 21:54:16 -0700
commit: a94549dd87f5ea4ca50fee493df08a2dc6256b53 (patch)
tree: 37a2c9cbe4da7ed515a8009e49672a3853b48c67 /security
parent: 02e935bf5b34edcc4cb0dc532dd0e1a1bfb33b51 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c
index 403b30357f75..27b2cf51e443 100644
--- a/security/lockdown/lockdown.c
+++ b/security/lockdown/lockdown.c
@@ -32,6 +32,7 @@ static char *lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1] = {
 	[LOCKDOWN_MMIOTRACE] = "unsafe mmio",
 	[LOCKDOWN_INTEGRITY_MAX] = "integrity",
 	[LOCKDOWN_KCORE] = "/proc/kcore access",
+	[LOCKDOWN_KPROBES] = "use of kprobes",
 	[LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality",
 };
author	David Howells <dhowells@redhat.com>	2019-08-19 17:17:58 -0700
committer	James Morris <jmorris@namei.org>	2019-08-19 21:54:16 -0700
commit	a94549dd87f5ea4ca50fee493df08a2dc6256b53 (patch)
tree	37a2c9cbe4da7ed515a8009e49672a3853b48c67 /security
parent	02e935bf5b34edcc4cb0dc532dd0e1a1bfb33b51 (diff)