From patchwork Tue Aug 2 23:27:40 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sargun Dhillon X-Patchwork-Id: 9260483 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 044CC6077C for ; Tue, 2 Aug 2016 23:28:38 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E9C2F284DE for ; Tue, 2 Aug 2016 23:28:37 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id DDA1728518; Tue, 2 Aug 2016 23:28:37 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 68287284DE for ; Tue, 2 Aug 2016 23:28:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755199AbcHBX2g (ORCPT ); Tue, 2 Aug 2016 19:28:36 -0400 Received: from mail-it0-f44.google.com ([209.85.214.44]:38260 "EHLO mail-it0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754773AbcHBX2g (ORCPT ); Tue, 2 Aug 2016 19:28:36 -0400 Received: by mail-it0-f44.google.com with SMTP id j124so218507250ith.1 for ; Tue, 02 Aug 2016 16:27:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sargun.me; s=google; h=date:from:to:subject:message-id:mime-version:content-disposition :user-agent; bh=ZQ3O4Lc2/tMScZGtIDom3MqIBmy6NNTeDL2Lx4xEh8c=; b=bi2Ney1xkjREwcTclJzGwE1h2w9Sx69sNQ1RULFxpBmGfBYkHpRa8sVqZxeRtiOFZ7 Mioo9V2GiUPYjhGIImroWhZLSPXHpJwn8mKJVONdUKjPxESdkdQFLpYrwOZJY8pScq9Z 99eLPBE4NtoYxU9IafMucsfKVWIlbx8WKaMV4= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:subject:message-id:mime-version :content-disposition:user-agent; bh=ZQ3O4Lc2/tMScZGtIDom3MqIBmy6NNTeDL2Lx4xEh8c=; b=Kei3Z23e9Dk9LeWqMCaKqlj9BfV2IaKYu10uQ3/VLUhxrxe20nfLlzj6XUEijZTSKT Z9/EsIZRelntvuRLI2ETllwBnPckLIfu3dyrRKgAsR7TN0RMiuA8Z8t4Tj1hh8Ccm+yI gfz1+zIyAM38yooOPAGKmNVakR9FMJGAwoKHFKLYTWvSx486VgP1z1kLRg+4SMhCVJow z9+L75bO+a5uzzG6BTW6TkCuQUy/B5EMjEANQs3ZfhwVwyRST1OO35sHFj+K/lARRUsQ WYlBdNk/lauTi/hE3Sprmxo7Z2Ynex0VC4aRmu745e6OLVMXBd0P9/bFBh6pBAj/79L+ +BLg== X-Gm-Message-State: AEkoouvt/xrA5Z6Zxw/8+qP2wf1jCUQFZkLkJXMHFY6xsXY4duz9R4BX3LlRfxCDxEHbjQ== X-Received: by 10.36.112.11 with SMTP id f11mr53993368itc.57.1470180461716; Tue, 02 Aug 2016 16:27:41 -0700 (PDT) Received: from ircssh.c.rugged-nimbus-611.internal (55.145.251.23.bc.googleusercontent.com. [23.251.145.55]) by smtp.gmail.com with ESMTPSA id m128sm2343489iom.32.2016.08.02.16.27.41 for (version=TLS1_2 cipher=AES128-SHA bits=128/128); Tue, 02 Aug 2016 16:27:41 -0700 (PDT) Date: Tue, 2 Aug 2016 16:27:40 -0700 From: Sargun Dhillon To: linux-security-module@vger.kernel.org Subject: [RFC 4/4] bpf: Restrict Checmate bpf programs to current kernel ABI Message-ID: <20160802232738.GA25315@ircssh.c.rugged-nimbus-611.internal> MIME-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP At least while this is in testing, I think it makes sense to restrict Checmate to loading programs that have been compiled with the current kernel ABI. We can further stabilize the ABI, and perhaps lift this restriction later. Signed-off-by: Sargun Dhillon --- kernel/bpf/syscall.c | 2 +- samples/bpf/checmate1_kern.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index 228f962..2a37b4d 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -741,7 +741,7 @@ static int bpf_prog_load(union bpf_attr *attr) if (attr->insn_cnt >= BPF_MAXINSNS) return -EINVAL; - if (type == BPF_PROG_TYPE_KPROBE && + if ((type & (BPF_PROG_TYPE_KPROBE | BPF_PROG_TYPE_CHECMATE)) && attr->kern_version != LINUX_VERSION_CODE) return -EINVAL; diff --git a/samples/bpf/checmate1_kern.c b/samples/bpf/checmate1_kern.c index f78b66b..d4ec1fa 100644 --- a/samples/bpf/checmate1_kern.c +++ b/samples/bpf/checmate1_kern.c @@ -3,6 +3,7 @@ #include #include #include "bpf_helpers.h" +#include SEC("checmate") int prog(struct checmate_ctx *ctx) @@ -24,4 +25,4 @@ int prog(struct checmate_ctx *ctx) } char _license[] SEC("license") = "GPL"; - +u32 _version SEC("version") = LINUX_VERSION_CODE;