Re: [PATCH 20/24] bpf: Restrict kernel image access functions when the kernel is locked down

From: joeyli
Date: Wed Apr 12 2017 - 10:58:03 EST


Hi David,

First, thanks for your help to send out this series.

On Wed, Apr 05, 2017 at 09:17:25PM +0100, David Howells wrote:
> From: Chun-Yi Lee <jlee@xxxxxxxx>
>
> There are some bpf functions can be used to read kernel memory:
> bpf_probe_read, bpf_probe_write_user and bpf_trace_printk. These allow
> private keys in kernel memory (e.g. the hibernation image signing key) to
> be read by an eBPF program. Prohibit those functions when the kernel is
> locked down.
>
> Signed-off-by: Chun-Yi Lee <jlee@xxxxxxxx>
> Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
> cc: netdev@xxxxxxxxxxxxxxx

This patch is used with hibernation signature verification. I suggest
that we can remove this patch from your series because we just lock
down the hibernation function until hibernation verification get
accepted.

On the other hand, we are trying to enhance the bpf verifier to
prevent bpf print reads specific memory addresses that have sensitive
data.

Thanks a lot!
Joey Lee