linux/kernel/trace
David Howells a94549dd87 lockdown: Lock down tracing and perf kprobes when in confidentiality mode
Disallow the creation of perf and ftrace kprobes when the kernel is
locked down in confidentiality mode by preventing their registration.
This prevents kprobes from being used to access kernel memory to steal
crypto data, but continues to allow the use of kprobes from signed
modules.

Reported-by: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Matthew Garrett <mjg59@google.com>
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Cc: Naveen N. Rao <naveen.n.rao@linux.ibm.com>
Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
Cc: davem@davemloft.net
Cc: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: James Morris <jmorris@namei.org>
2019-08-19 21:54:16 -07:00
..
blktrace.c blkcg: annotate implicit fall through 2019-03-13 14:31:12 -06:00
bpf_trace.c bpf: fix nested bpf tracepoints with per-cpu data 2019-06-15 16:33:35 -07:00
fgraph.c tracing: Fix ftrace_graph_get_ret_stack() to use task and not current 2018-12-22 08:21:03 -05:00
ftrace_internal.h ftrace: Create new ftrace_internal.h header 2018-12-08 20:54:06 -05:00
ftrace.c ftrace/x86: Remove possible deadlock between register_kprobe() and ftrace_run_update_code() 2019-06-28 14:20:25 -04:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile tracing: Add unified dynamic event framework 2018-12-08 20:54:09 -05:00
power-traces.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
preemptirq_delay_test.c tracing: Use trace_clock_local() for looping in preemptirq_delay_test.c 2018-10-17 15:35:33 -04:00
ring_buffer_benchmark.c ring-buffer: Fix mispelling of Calculate 2019-05-08 12:15:12 -04:00
ring_buffer.c The major changes in this tracing update includes: 2019-05-15 16:05:47 -07:00
rpm-traces.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace_benchmark.c rcu: Rename cond_resched_rcu_qs() to cond_resched_tasks_rcu_qs() 2018-05-15 10:27:29 -07:00
trace_benchmark.h tracing: Fix SPDX format headers to use C++ style comments 2018-08-16 19:08:06 -04:00
trace_branch.c x86/uaccess, ftrace: Fix ftrace_likely_update() vs. SMAP 2019-04-03 11:02:24 +02:00
trace_clock.c tracing: Add SPDX License format tags to tracing files 2018-08-16 19:08:06 -04:00
trace_dynevent.c tracing: initialize variable in create_dyn_event() 2019-03-26 08:35:36 -04:00
trace_dynevent.h tracing: Add unified dynamic event framework 2018-12-08 20:54:09 -05:00
trace_entries.h tracing: Change the function format to display function names by perf 2019-02-11 14:53:43 -05:00
trace_event_perf.c tracing/perf: Use strndup_user() instead of buggy open-coded version 2019-02-21 10:35:10 -05:00
trace_events_filter_test.h tracing: Fix SPDX format headers to use C++ style comments 2018-08-16 19:08:06 -04:00
trace_events_filter.c tracing: Avoid memory leak in predicate_parse() 2019-05-28 16:27:58 -04:00
trace_events_hist.c tracing: Add a check_val() check before updating cond_snapshot() track_val 2019-05-21 12:48:07 -04:00
trace_events_trigger.c tracing: Add trace_array parameter to create_event_filter() 2019-04-08 09:22:28 -04:00
trace_events.c tracing: Fix partial reading of trace event's id file 2019-05-08 12:15:12 -04:00
trace_export.c tracing: Add trigger file for trace_markers tracefs/ftrace/print 2018-05-29 08:28:53 -04:00
trace_functions_graph.c tracing: Put a margin between flags and duration for wakeup tracers 2019-02-06 11:56:19 -05:00
trace_functions.c tracing: Update stack trace skipping for ORC unwinder 2018-01-23 15:57:00 -05:00
trace_hwlat.c tracing: Add SPDX License format tags to tracing files 2018-08-16 19:08:06 -04:00
trace_irqsoff.c The biggest change for this release is in the histogram code. 2019-03-11 17:01:32 -07:00
trace_kdb.c tracing: Silence GCC 9 array bounds warning 2019-05-25 23:04:30 -04:00
trace_kprobe_selftest.c selftest/ftrace: Move kprobe selftest function to separate compile unit 2018-07-30 18:41:04 -04:00
trace_kprobe_selftest.h tracing: Fix SPDX format headers to use C++ style comments 2018-08-16 19:08:06 -04:00
trace_kprobe.c lockdown: Lock down tracing and perf kprobes when in confidentiality mode 2019-08-19 21:54:16 -07:00
trace_mmiotrace.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace_nop.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace_output.c tracing: Fix out-of-range read in trace_stack_print() 2019-06-14 16:28:42 -04:00
trace_output.h tracing: Fix SPDX format headers to use C++ style comments 2018-08-16 19:08:06 -04:00
trace_preemptirq.c kprobes: Prohibit probing on hardirq tracers 2019-02-13 08:16:40 +01:00
trace_printk.c tracing: Trivia spelling fix containerof() -> container_of() 2018-09-26 12:21:00 +03:00
trace_probe_tmpl.h tracing: probeevent: Do not accumulate on ret variable 2019-05-08 12:15:11 -04:00
trace_probe.c tracing: Replace kzalloc with kcalloc 2019-05-08 12:15:12 -04:00
trace_probe.h tracing: uprobes: Re-enable $comm support for uprobe events 2019-05-08 12:15:11 -04:00
trace_sched_switch.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace_sched_wakeup.c tracing: Add conditional snapshot 2019-02-20 13:51:06 -05:00
trace_selftest_dynamic.c ftrace: Mark function tracer test functions noinline/noclone 2018-01-23 15:57:29 -05:00
trace_selftest.c function_graph: Have selftest also emulate tr->reset() as it did with tr->init() 2019-04-21 19:46:56 -04:00
trace_seq.c tracing: Add SPDX License format tags to tracing files 2018-08-16 19:08:06 -04:00
trace_stack.c tracing: Remove the last struct stack_trace usage 2019-04-29 12:37:56 +02:00
trace_stat.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
trace_stat.h tracing: Fix SPDX format headers to use C++ style comments 2018-08-16 19:08:06 -04:00
trace_syscalls.c syscalls: Remove start and number from syscall_get_arguments() args 2019-04-05 09:26:43 -04:00
trace_uprobe.c tracing/uprobe: Fix obsolete comment on trace_uprobe_create() 2019-06-14 17:00:36 -04:00
trace.c tracing/snapshot: Resize spare buffer if size changed 2019-06-28 14:58:52 -04:00
trace.h tracing: Silence GCC 9 array bounds warning 2019-05-25 23:04:30 -04:00
tracing_map.c tracing: Add SPDX License format tags to tracing files 2018-08-16 19:08:06 -04:00
tracing_map.h tracing: Fix SPDX format headers to use C++ style comments 2018-08-16 19:08:06 -04:00