[v5,0/2] Restrict xmon when kernel is locked down

Message ID	20190828034613.14750-1-cmr@informatik.wtf (mailing list archive)
Headers	show Return-Path: <SRS0=h0tN=WY=lists.openwall.com=kernel-hardening-return-16806-patchwork-kernel-hardening=patchwork.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 792062080F Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm Precedence: bulk From: "Christopher M. Riedl" <cmr@informatik.wtf> To: linuxppc-dev@ozlabs.org, kernel-hardening@lists.openwall.com Cc: ajd@linux.ibm.com Subject: [PATCH v5 0/2] Restrict xmon when kernel is locked down Date: Tue, 27 Aug 2019 22:46:11 -0500 Message-Id: <20190828034613.14750-1-cmr@informatik.wtf> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	Restrict xmon when kernel is locked down \| expand [v5,0/2] Restrict xmon when kernel is locked down [v5,1/2] powerpc/xmon: Allow listing and clearing breakpoints in read-only mode [v5,2/2] powerpc/xmon: Restrict when kernel is locked down

Message ID

20190828034613.14750-1-cmr@informatik.wtf (mailing list archive)

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 792062080F
Mailing-List: contact kernel-hardening-help@lists.openwall.com; run by ezmlm
Precedence: bulk
From: "Christopher M. Riedl" <cmr@informatik.wtf>
To: linuxppc-dev@ozlabs.org,
	kernel-hardening@lists.openwall.com
Cc: ajd@linux.ibm.com
Subject: [PATCH v5 0/2] Restrict xmon when kernel is locked down
Date: Tue, 27 Aug 2019 22:46:11 -0500
Message-Id: <20190828034613.14750-1-cmr@informatik.wtf>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

Restrict xmon when kernel is locked down | expand

Message

Christopher M. Riedl Aug. 28, 2019, 3:46 a.m. UTC

Xmon should be either fully or partially disabled depending on the
kernel lockdown state.

Put xmon into read-only mode for lockdown=integrity and completely
disable xmon when lockdown=confidentiality. Since this can occur
dynamically, there may be pre-existing, active breakpoints in xmon when
transitioning into read-only mode. These breakpoints will still trigger,
so allow them to be listed, but not cleared or altered, using xmon.

Changes since v4:
 - Move lockdown state checks into xmon_core
 - Allow clearing of breakpoints in xmon read-only mode
 - Test simple scenarios (combinations of xmon and lockdown cmdline
   options, setting breakpoints and changing lockdown state, etc) in
   QEMU and on an actual POWER8 VM
 - Rebase onto security/next-lockdown
   b602614a81078bf29c82b2671bb96a63488f68d6

Changes since v3:
 - Allow active breakpoints to be shown/listed in read-only mode

Changes since v2:
 - Rebased onto v36 of https://patchwork.kernel.org/cover/11049461/
   (based on: f632a8170a6b667ee4e3f552087588f0fe13c4bb)
 - Do not clear existing breakpoints when transitioning from
   lockdown=none to lockdown=integrity
 - Remove line continuation and dangling quote (confuses checkpatch.pl)
   from the xmon command help/usage string

Christopher M. Riedl (2):
  powerpc/xmon: Allow listing active breakpoints in read-only mode
  powerpc/xmon: Restrict when kernel is locked down

 arch/powerpc/xmon/xmon.c     | 104 +++++++++++++++++++++++++++--------
 include/linux/security.h     |   2 +
 security/lockdown/lockdown.c |   2 +
 3 files changed, 86 insertions(+), 22 deletions(-)