Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
bpf: Add bpf_bprm_opts_set helper
The helper allows modification of certain bits on the linux_binprm
struct starting with the secureexec bit which can be updated using the
BPF_F_BPRM_SECUREEXEC flag.
secureexec can be set by the LSM for privilege gaining executions to set
the AT_SECURE auxv for glibc. When set, the dynamic linker disables the
use of certain environment variables (like LD_PRELOAD).
Signed-off-by: KP Singh <kpsingh@google.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Martin KaFai Lau <kafai@fb.com>
Link: https://lore.kernel.org/bpf/20201117232929.2156341-1-kpsingh@chromium.org
authored by
KP Singh
and committed by
Daniel Borkmann
3f6719c7
cbf398d7
+60
+16
include/uapi/linux/bpf.h
+16
include/uapi/linux/bpf.h
···
3787
3787
* *ARG_PTR_TO_BTF_ID* of type *task_struct*.
3788
3788
* Return
3789
3789
* Pointer to the current task.
3790
+
*
3791
+
* long bpf_bprm_opts_set(struct linux_binprm *bprm, u64 flags)
3792
+
* Description
3793
+
* Set or clear certain options on *bprm*:
3794
+
*
3795
+
* **BPF_F_BPRM_SECUREEXEC** Set the secureexec bit
3796
+
* which sets the **AT_SECURE** auxv for glibc. The bit
3797
+
* is cleared if the flag is not specified.
3798
+
* Return
3799
+
* **-EINVAL** if invalid *flags* are passed, zero otherwise.
3790
3800
*/
3791
3801
#define __BPF_FUNC_MAPPER(FN) \
3792
3802
FN(unspec), \
···
3958
3948
FN(task_storage_get), \
3959
3949
FN(task_storage_delete), \
3960
3950
FN(get_current_task_btf), \
3951
+
FN(bprm_opts_set), \
3961
3952
/* */
3962
3953
3963
3954
/* integer value in 'imm' field of BPF_CALL instruction selects which helper
···
4128
4117
BPF_LWT_ENCAP_SEG6,
4129
4118
BPF_LWT_ENCAP_SEG6_INLINE,
4130
4119
BPF_LWT_ENCAP_IP,
4120
+
};
4121
+
4122
+
/* Flags for bpf_bprm_opts_set helper */
4123
+
enum {
4124
+
BPF_F_BPRM_SECUREEXEC = (1ULL << 0),
4131
4125
};
4132
4126
4133
4127
#define __bpf_md_ptr(type, name) \
+26
kernel/bpf/bpf_lsm.c
+26
kernel/bpf/bpf_lsm.c
···
7
7
#include <linux/filter.h>
8
8
#include <linux/bpf.h>
9
9
#include <linux/btf.h>
10
+
#include <linux/binfmts.h>
10
11
#include <linux/lsm_hooks.h>
11
12
#include <linux/bpf_lsm.h>
12
13
#include <linux/kallsyms.h>
···
52
51
return 0;
53
52
}
54
53
54
+
/* Mask for all the currently supported BPRM option flags */
55
+
#define BPF_F_BRPM_OPTS_MASK BPF_F_BPRM_SECUREEXEC
56
+
57
+
BPF_CALL_2(bpf_bprm_opts_set, struct linux_binprm *, bprm, u64, flags)
58
+
{
59
+
if (flags & ~BPF_F_BRPM_OPTS_MASK)
60
+
return -EINVAL;
61
+
62
+
bprm->secureexec = (flags & BPF_F_BPRM_SECUREEXEC);
63
+
return 0;
64
+
}
65
+
66
+
BTF_ID_LIST_SINGLE(bpf_bprm_opts_set_btf_ids, struct, linux_binprm)
67
+
68
+
const static struct bpf_func_proto bpf_bprm_opts_set_proto = {
69
+
.func = bpf_bprm_opts_set,
70
+
.gpl_only = false,
71
+
.ret_type = RET_INTEGER,
72
+
.arg1_type = ARG_PTR_TO_BTF_ID,
73
+
.arg1_btf_id = &bpf_bprm_opts_set_btf_ids[0],
74
+
.arg2_type = ARG_ANYTHING,
75
+
};
76
+
55
77
static const struct bpf_func_proto *
56
78
bpf_lsm_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
57
79
{
···
95
71
return &bpf_task_storage_get_proto;
96
72
case BPF_FUNC_task_storage_delete:
97
73
return &bpf_task_storage_delete_proto;
74
+
case BPF_FUNC_bprm_opts_set:
75
+
return &bpf_bprm_opts_set_proto;
98
76
default:
99
77
return tracing_prog_func_proto(func_id, prog);
100
78
}
+2
scripts/bpf_helpers_doc.py
+2
scripts/bpf_helpers_doc.py
···
418
418
'struct bpf_tcp_sock',
419
419
'struct bpf_tunnel_key',
420
420
'struct bpf_xfrm_state',
421
+
'struct linux_binprm',
421
422
'struct pt_regs',
422
423
'struct sk_reuseport_md',
423
424
'struct sockaddr',
···
466
465
'struct bpf_tcp_sock',
467
466
'struct bpf_tunnel_key',
468
467
'struct bpf_xfrm_state',
468
+
'struct linux_binprm',
469
469
'struct pt_regs',
470
470
'struct sk_reuseport_md',
471
471
'struct sockaddr',
+16
tools/include/uapi/linux/bpf.h
+16
tools/include/uapi/linux/bpf.h
···
3787
3787
* *ARG_PTR_TO_BTF_ID* of type *task_struct*.
3788
3788
* Return
3789
3789
* Pointer to the current task.
3790
+
*
3791
+
* long bpf_bprm_opts_set(struct linux_binprm *bprm, u64 flags)
3792
+
* Description
3793
+
* Set or clear certain options on *bprm*:
3794
+
*
3795
+
* **BPF_F_BPRM_SECUREEXEC** Set the secureexec bit
3796
+
* which sets the **AT_SECURE** auxv for glibc. The bit
3797
+
* is cleared if the flag is not specified.
3798
+
* Return
3799
+
* **-EINVAL** if invalid *flags* are passed, zero otherwise.
3790
3800
*/
3791
3801
#define __BPF_FUNC_MAPPER(FN) \
3792
3802
FN(unspec), \
···
3958
3948
FN(task_storage_get), \
3959
3949
FN(task_storage_delete), \
3960
3950
FN(get_current_task_btf), \
3951
+
FN(bprm_opts_set), \
3961
3952
/* */
3962
3953
3963
3954
/* integer value in 'imm' field of BPF_CALL instruction selects which helper
···
4128
4117
BPF_LWT_ENCAP_SEG6,
4129
4118
BPF_LWT_ENCAP_SEG6_INLINE,
4130
4119
BPF_LWT_ENCAP_IP,
4120
+
};
4121
+
4122
+
/* Flags for bpf_bprm_opts_set helper */
4123
+
enum {
4124
+
BPF_F_BPRM_SECUREEXEC = (1ULL << 0),
4131
4125
};
4132
4126
4133
4127
#define __bpf_md_ptr(type, name) \