From patchwork Thu Aug  4 07:12:29 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Sargun Dhillon <sargun@sargun.me>
X-Patchwork-Id: 9262805
Return-Path: <linux-security-module-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	45BD560839
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Thu,  4 Aug 2016 07:13:28 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 33AAC280F4
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Thu,  4 Aug 2016 07:13:28 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 27C4E28308; Thu,  4 Aug 2016 07:13:28 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id AB815280F4
	for <patchwork-linux-security-module@patchwork.kernel.org>;
	Thu,  4 Aug 2016 07:13:27 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S932168AbcHDHMf (ORCPT
	<rfc822;patchwork-linux-security-module@patchwork.kernel.org>);
	Thu, 4 Aug 2016 03:12:35 -0400
Received: from mail-it0-f48.google.com ([209.85.214.48]:33366 "EHLO
	mail-it0-f48.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S932101AbcHDHMb (ORCPT
	<rfc822;linux-security-module@vger.kernel.org>);
	Thu, 4 Aug 2016 03:12:31 -0400
Received: by mail-it0-f48.google.com with SMTP id f6so736649ith.0
	for <linux-security-module@vger.kernel.org>;
	Thu, 04 Aug 2016 00:12:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sargun.me; s=google;
	h=date:from:to:cc:subject:message-id:mime-version:content-disposition
	:user-agent; bh=0sVkfHwiO4BSv1y5/mR1oMe51eYk/8sU9gjX0BTihbE=;
	b=jFTgpkZz7wXN7a24VGW61Zb7bmIry+E5RjvMry/jrtMhX3EbVxy9JDlAmVHT202BGe
	pqNO58fz8NniTjt89INQkJV21oPgejPjZz0NAk/4GMKO+gSMinmWY7mHnvm4UdzWhfNN
	QgtcdIScAq7RbakYvwtvAYCu0Bzbj5Q4xzXEM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version
	:content-disposition:user-agent;
	bh=0sVkfHwiO4BSv1y5/mR1oMe51eYk/8sU9gjX0BTihbE=;
	b=NygSdcshOEgBuc+gq/X7wsY1sVh1p5csKgzH4ImNmfe2V1BpwQlOnrKTDwAUyS5RwC
	FE/EwG7MRLijVA9ePUKEB443dgATBidpykcwX0fMZkn6WbV2EpvRRa9AtyImONqpE3Pk
	WLeZf2TGRWyXD4MiQCOLToB1ZDBPqnf1eY/W17+tK5kbOXXJRdMhL5dijjvm/KE+qS2F
	rK0LjrCid+eKiWECPbJP/BgMOu3Ef6D1rQ9ggoupabXpyjrOEF88Aok8suvc8sf91pO4
	vGDU5FtP2GWs/G+Ea4CeufaUcI+BjERdFp5Iq5p/1A3Vj/CtU2wQAdnUXc73UH1+EpdW
	0zSg==
X-Gm-Message-State: 
 AEkoouvpdpVcsctZnQuL1NRVbKNhujGFO6EeFf7TCzFkzbRX5uVPmimLVYRLFDcNnKxv9w==
X-Received: by 10.36.58.8 with SMTP id m8mr30334257itm.95.1470294751233;
	Thu, 04 Aug 2016 00:12:31 -0700 (PDT)
Received: from ircssh.c.rugged-nimbus-611.internal
	(55.145.251.23.bc.googleusercontent.com. [23.251.145.55])
	by smtp.gmail.com with ESMTPSA id
	65sm1052709itl.16.2016.08.04.00.12.30
	(version=TLS1_2 cipher=AES128-SHA bits=128/128);
	Thu, 04 Aug 2016 00:12:30 -0700 (PDT)
Date: Thu, 4 Aug 2016 00:12:29 -0700
From: Sargun Dhillon <sargun@sargun.me>
To: linux-kernel@vger.kernel.org
Cc: alexei.starovoitov@gmail.com, daniel@iogearbox.net,
	linux-security-module@vger.kernel.org, netdev@vger.kernel.org
Subject: [RFC 4/4] bpf: Restrict Checmate bpf programs to current kernel ABI
Message-ID: <20160804071227.GA19135@ircssh.c.rugged-nimbus-611.internal>
MIME-Version: 1.0
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: owner-linux-security-module@vger.kernel.org
Precedence: bulk
List-ID: <linux-security-module.vger.kernel.org>
X-Virus-Scanned: ClamAV using ClamSMTP

I think it makes sense to restrict Checmate to loading programs that have been 
compiled with the current kernel ABI. We can further stabilize the ABI, and 
perhaps lift this restriction later.

Signed-off-by: Sargun Dhillon <sargun@sargun.me>
---
 kernel/bpf/syscall.c         | 2 +-
 samples/bpf/checmate1_kern.c | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index 228f962..2a37b4d 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -741,7 +741,7 @@ static int bpf_prog_load(union bpf_attr *attr)
 	if (attr->insn_cnt >= BPF_MAXINSNS)
 		return -EINVAL;
 
-	if (type == BPF_PROG_TYPE_KPROBE &&
+	if ((type & (BPF_PROG_TYPE_KPROBE | BPF_PROG_TYPE_CHECMATE)) &&
 	    attr->kern_version != LINUX_VERSION_CODE)
 		return -EINVAL;
 
diff --git a/samples/bpf/checmate1_kern.c b/samples/bpf/checmate1_kern.c
index f78b66b..d4ec1fa 100644
--- a/samples/bpf/checmate1_kern.c
+++ b/samples/bpf/checmate1_kern.c
@@ -3,6 +3,7 @@
 #include <linux/in.h>
 #include <linux/checmate.h>
 #include "bpf_helpers.h"
+#include <linux/version.h>
 
 SEC("checmate")
 int prog(struct checmate_ctx *ctx)
@@ -24,4 +25,4 @@ int prog(struct checmate_ctx *ctx)
 }
 
 char _license[] SEC("license") = "GPL";
-
+u32 _version SEC("version") = LINUX_VERSION_CODE;