diff options
author | David Howells <dhowells@redhat.com> | 2019-08-19 17:17:58 -0700 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2019-08-19 21:54:16 -0700 |
commit | a94549dd87f5ea4ca50fee493df08a2dc6256b53 (patch) | |
tree | 37a2c9cbe4da7ed515a8009e49672a3853b48c67 /security/lockdown | |
parent | 02e935bf5b34edcc4cb0dc532dd0e1a1bfb33b51 (diff) | |
download | lwn-a94549dd87f5ea4ca50fee493df08a2dc6256b53.tar.gz lwn-a94549dd87f5ea4ca50fee493df08a2dc6256b53.zip |
lockdown: Lock down tracing and perf kprobes when in confidentiality mode
Disallow the creation of perf and ftrace kprobes when the kernel is
locked down in confidentiality mode by preventing their registration.
This prevents kprobes from being used to access kernel memory to steal
crypto data, but continues to allow the use of kprobes from signed
modules.
Reported-by: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Matthew Garrett <mjg59@google.com>
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: Naveen N. Rao <naveen.n.rao@linux.ibm.com>
Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
Cc: davem@davemloft.net
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/lockdown')
-rw-r--r-- | security/lockdown/lockdown.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/security/lockdown/lockdown.c b/security/lockdown/lockdown.c index 403b30357f75..27b2cf51e443 100644 --- a/security/lockdown/lockdown.c +++ b/security/lockdown/lockdown.c @@ -32,6 +32,7 @@ static char *lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1] = { [LOCKDOWN_MMIOTRACE] = "unsafe mmio", [LOCKDOWN_INTEGRITY_MAX] = "integrity", [LOCKDOWN_KCORE] = "/proc/kcore access", + [LOCKDOWN_KPROBES] = "use of kprobes", [LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality", }; |