tracing: Do not create directories if lockdown is in affect

author: Ben Hutchings <ben@decadent.org.uk> 2019-12-27 20:11:13 +0000
committer: Ben Hutchings <ben@decadent.org.uk> 2019-12-27 20:11:13 +0000
commit: eec8c6ac0814cb8adf99ff6e860af8ed9818e88f (patch)
tree: 60ed1a1da1fcd5d42ff96aea4eba34077d68a7e6
parent: 31e7fa3b98ed6305ee767d89f5010174bdf75387 (diff)
download: kernel_replicant_linux-eec8c6ac0814cb8adf99ff6e860af8ed9818e88f.tar.gz
kernel_replicant_linux-eec8c6ac0814cb8adf99ff6e860af8ed9818e88f.tar.bz2
kernel_replicant_linux-eec8c6ac0814cb8adf99ff6e860af8ed9818e88f.zip
3 files changed, 86 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index d4b4fe4d17c6..5a12955061b6 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -364,6 +364,7 @@ linux (5.4.6-1) UNRELEASED; urgency=medium
   * linux-cpupower: Fix grammar error in package description
   * debian/control: Make library package descriptions more consistent
   * Set ABI to 1
+  * tracing: Do not create directories if lockdown is in affect
 
   [ Aurelien Jarno ]
   * [armhf,arm64] Fix critical trip point on RPI 3.
diff --git a/debian/patches/features/all/lockdown/tracing-Do-not-create-directories-if-lockdown-is-in-.patch b/debian/patches/features/all/lockdown/tracing-Do-not-create-directories-if-lockdown-is-in-.patch
new file mode 100644
index 000000000000..ea827bdde6cd
--- /dev/null
+++ b/debian/patches/features/all/lockdown/tracing-Do-not-create-directories-if-lockdown-is-in-.patch
@@ -0,0 +1,84 @@
+From: "Steven Rostedt (VMware)" <rostedt@goodmis.org>
+Date: Mon, 2 Dec 2019 16:25:27 -0500
+Subject: tracing: Do not create directories if lockdown is in affect
+Origin: https://git.kernel.org/linus/a356646a56857c2e5ad875beec734d7145ecd49a
+
+If lockdown is disabling tracing on boot up, it prevents the tracing files
+from even bering created. But when that happens, there's several places that
+will give a warning that the files were not created as that is usually a
+sign of a bug.
+
+Add in strategic locations where a check is made to see if tracing is
+disabled by lockdown, and if it is, do not go further, and fail silently
+(but print that tracing is disabled by lockdown, without doing a WARN_ON()).
+
+Cc: Matthew Garrett <mjg59@google.com>
+Fixes: 17911ff38aa5 ("tracing: Add locked_down checks to the open calls of files created for tracefs")
+Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
+---
+ kernel/trace/ring_buffer.c |  6 ++++++
+ kernel/trace/trace.c       | 17 +++++++++++++++++
+ 2 files changed, 23 insertions(+)
+
+--- a/kernel/trace/ring_buffer.c
++++ b/kernel/trace/ring_buffer.c
+@@ -11,6 +11,7 @@
+ #include <linux/trace_seq.h>
+ #include <linux/spinlock.h>
+ #include <linux/irq_work.h>
++#include <linux/security.h>
+ #include <linux/uaccess.h>
+ #include <linux/hardirq.h>
+ #include <linux/kthread.h>	/* for self test */
+@@ -5068,6 +5069,11 @@ static __init int test_ringbuffer(void)
+ 	int cpu;
+ 	int ret = 0;
+ 
++	if (security_locked_down(LOCKDOWN_TRACEFS)) {
++		pr_warning("Lockdown is enabled, skipping ring buffer tests\n");
++		return 0;
++	}
++
+ 	pr_info("Running ring buffer tests...\n");
+ 
+ 	buffer = ring_buffer_alloc(RB_TEST_BUFFER_SIZE, RB_FL_OVERWRITE);
+--- a/kernel/trace/trace.c
++++ b/kernel/trace/trace.c
+@@ -1804,6 +1804,12 @@ int __init register_tracer(struct tracer
+ 		return -1;
+ 	}
+ 
++	if (security_locked_down(LOCKDOWN_TRACEFS)) {
++		pr_warning("Can not register tracer %s due to lockdown\n",
++			   type->name);
++		return -EPERM;
++	}
++
+ 	mutex_lock(&trace_types_lock);
+ 
+ 	tracing_selftest_running = true;
+@@ -8639,6 +8645,11 @@ struct dentry *tracing_init_dentry(void)
+ {
+ 	struct trace_array *tr = &global_trace;
+ 
++	if (security_locked_down(LOCKDOWN_TRACEFS)) {
++		pr_warning("Tracing disabled due to lockdown\n");
++		return ERR_PTR(-EPERM);
++	}
++
+ 	/* The top level trace array uses  NULL as parent */
+ 	if (tr->dir)
+ 		return NULL;
+@@ -9081,6 +9092,12 @@ __init static int tracer_alloc_buffers(v
+ 	int ring_buf_size;
+ 	int ret = -ENOMEM;
+ 
++
++	if (security_locked_down(LOCKDOWN_TRACEFS)) {
++		pr_warning("Tracing disabled due to lockdown\n");
++		return -EPERM;
++	}
++
+ 	/*
+ 	 * Make sure we don't accidently add more trace options
+ 	 * than we have bits for.
diff --git a/debian/patches/series b/debian/patches/series
index e9e7ed4eec40..d699dd2c2772 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -89,6 +89,7 @@ bugfix/all/partially-revert-net-socket-implement-64-bit-timestamps.patch
 # Miscellaneous features
 
 # Lockdown missing pieces
+features/all/lockdown/tracing-Do-not-create-directories-if-lockdown-is-in-.patch
 features/all/lockdown/efi-add-an-efi_secure_boot-flag-to-indicate-secure-b.patch
 features/all/lockdown/efi-lock-down-the-kernel-if-booted-in-secure-boot-mo.patch
 features/all/lockdown/add-a-sysrq-option-to-lift-kernel-lockdown.patch
author	Ben Hutchings <ben@decadent.org.uk>	2019-12-27 20:11:13 +0000
committer	Ben Hutchings <ben@decadent.org.uk>	2019-12-27 20:11:13 +0000
commit	eec8c6ac0814cb8adf99ff6e860af8ed9818e88f (patch)
tree	60ed1a1da1fcd5d42ff96aea4eba34077d68a7e6
parent	31e7fa3b98ed6305ee767d89f5010174bdf75387 (diff)
download	kernel_replicant_linux-eec8c6ac0814cb8adf99ff6e860af8ed9818e88f.tar.gz kernel_replicant_linux-eec8c6ac0814cb8adf99ff6e860af8ed9818e88f.tar.bz2 kernel_replicant_linux-eec8c6ac0814cb8adf99ff6e860af8ed9818e88f.zip