From: Kees Cook <keescook@chromium.org>
To: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Tianyin Xu <tyxu@illinois.edu>,
Tycho Andersen <tycho@tycho.pizza>,
Andy Lutomirski <luto@kernel.org>,
YiFei Zhu <zhuyifei1999@gmail.com>,
"containers@lists.linux.dev" <containers@lists.linux.dev>,
bpf <bpf@vger.kernel.org>, "Zhu, YiFei" <yifeifz2@illinois.edu>,
LSM List <linux-security-module@vger.kernel.org>,
Alexei Starovoitov <ast@kernel.org>,
Andrea Arcangeli <aarcange@redhat.com>,
"Kuo, Hsuan-Chi" <hckuo2@illinois.edu>,
Claudio Canella <claudio.canella@iaik.tugraz.at>,
Daniel Borkmann <daniel@iogearbox.net>,
Daniel Gruss <daniel.gruss@iaik.tugraz.at>,
Dimitrios Skarlatos <dskarlat@cs.cmu.edu>,
Giuseppe Scrivano <gscrivan@redhat.com>,
Hubertus Franke <frankeh@us.ibm.com>,
Jann Horn <jannh@google.com>,
"Jia, Jinghao" <jinghao7@illinois.edu>,
"Torrellas, Josep" <torrella@illinois.edu>,
Sargun Dhillon <sargun@sargun.me>,
Tobin Feldman-Fitzthum <tobin@ibm.com>,
Tom Hromatka <tom.hromatka@oracle.com>,
Will Drewry <wad@chromium.org>
Subject: Re: [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters
Date: Tue, 1 Jun 2021 12:55:10 -0700 [thread overview]
Message-ID: <202106011244.76762C210@keescook> (raw)
In-Reply-To: <20210520085613.gvshk4jffmzggvsm@wittgenstein>
On Thu, May 20, 2021 at 10:56:13AM +0200, Christian Brauner wrote:
> On Thu, May 20, 2021 at 03:16:10AM -0500, Tianyin Xu wrote:
> > On Mon, May 17, 2021 at 10:40 AM Tycho Andersen <tycho@tycho.pizza> wrote:
> > >
> > > On Sun, May 16, 2021 at 03:38:00AM -0500, Tianyin Xu wrote:
> > > > On Sat, May 15, 2021 at 10:49 AM Andy Lutomirski <luto@kernel.org> wrote:
> > > > >
> > > > > On 5/10/21 10:21 PM, YiFei Zhu wrote:
> > > > > > On Mon, May 10, 2021 at 12:47 PM Andy Lutomirski <luto@kernel.org> wrote:
> > > > > >> On Mon, May 10, 2021 at 10:22 AM YiFei Zhu <zhuyifei1999@gmail.com> wrote:
> > > > > >>>
> > > > > >>> From: YiFei Zhu <yifeifz2@illinois.edu>
> > > > > >>>
> > > > > >>> Based on: https://urldefense.com/v3/__https://lists.linux-foundation.org/pipermail/containers/2018-February/038571.html__;!!DZ3fjg!thbAoRgmCeWjlv0qPDndNZW1j6Y2Kl_huVyUffr4wVbISf-aUiULaWHwkKJrNJyo$
> > > > > >>>
> > > > > >>> This patchset enables seccomp filters to be written in eBPF.
Before I dive in, I do want to say that this is very interesting work.
Thanks for working on it, even if we're all so grumpy about accepting
it. :)
> > > > > >>> Supporting eBPF filters has been proposed a few times in the past.
> > > > > >>> The main concerns were (1) use cases and (2) security. We have
> > > > > >>> identified many use cases that can benefit from advanced eBPF
> > > > > >>> filters, such as:
> > > > > >>
> > > > > >> I haven't reviewed this carefully, but I think we need to distinguish
> > > > > >> a few things:
> > > > > >>
> > > > > >> 1. Using the eBPF *language*.
Likely everyone is aware, but I'll point out for anyone new reading this
thread: seccomp uses eBPF under the hood: all the cBPF is transformed to
eBPF at filter attach time. But yes, I get the point: using the _entire_
eBPF language. Though I'd remind folks that seccomp doesn't even use
the entire cBPF language...
> [...] but Andy's point stands that this brings a slew of issues on
> the table that need clear answers. Bringing stateful ebpf features into
> seccomp is a pretty big step and especially around the
> privilege/security model it looks pretty handwavy right now.
This is the blocker as far as I'm concerned: there is no story for
unprivileged eBPF. And even IF there was a story there, I find the rate
of security-related flaws in eBPF to be way too high for a sandboxing
primitive to depend on. There have been around a dozen a year for the
last 4 years:
$ git log --oneline --no-merges --pretty=format:'%as %h %s' \
-i -E \ --all-match --grep '^Fixes:' --grep \
'(over|under)flow|\bleak|escalat|expos(e[ds]?|ure)\b|use[- ]?after[- ]?free' \
-- kernel/bpf/ | cut -d- -f1 | sort | uniq -c
4 2015
4 2016
13 2017
16 2018
18 2019
12 2020
6 2021
I just can't bring myself to accept that level of risk for seccomp. (And
yes, this might be mitigated by blocking the bpf() syscall within a
filter, but then eBPF seccomp would become kind of useless inside a
container launcher, etc etc.)
-Kees
--
Kees Cook
next prev parent reply other threads:[~2021-06-01 19:55 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-10 17:22 [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters YiFei Zhu
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 01/12] seccomp: Move no_new_privs check to after prepare_filter YiFei Zhu
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 02/12] bpf, seccomp: Add eBPF filter capabilities YiFei Zhu
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 03/12] seccomp, ptrace: Add a mechanism to retrieve attached eBPF seccomp filters YiFei Zhu
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 04/12] libbpf: recognize section "seccomp" YiFei Zhu
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 05/12] samples/bpf: Add eBPF seccomp sample programs YiFei Zhu
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 06/12] lsm: New hook seccomp_extended YiFei Zhu
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 07/12] bpf/verifier: allow restricting direct map access YiFei Zhu
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 08/12] seccomp-ebpf: restrict filter to almost cBPF if LSM request such YiFei Zhu
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 09/12] yama: (concept) restrict seccomp-eBPF with ptrace_scope YiFei Zhu
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 10/12] seccomp-ebpf: Add ability to read user memory YiFei Zhu
2021-05-11 2:04 ` Alexei Starovoitov
2021-05-11 7:14 ` YiFei Zhu
2021-05-12 22:36 ` Alexei Starovoitov
2021-05-13 5:26 ` YiFei Zhu
2021-05-13 14:53 ` Andy Lutomirski
2021-05-13 17:12 ` YiFei Zhu
2021-05-13 17:15 ` Andy Lutomirski
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 11/12] bpf/verifier: support NULL-able ptr to BTF ID as helper argument YiFei Zhu
2021-05-10 17:22 ` [RFC PATCH bpf-next seccomp 12/12] seccomp-ebpf: support task storage from BPF-LSM, defaulting to group leader YiFei Zhu
2021-05-11 1:58 ` Alexei Starovoitov
2021-05-11 5:44 ` YiFei Zhu
2021-05-12 21:56 ` Alexei Starovoitov
2021-05-10 17:47 ` [RFC PATCH bpf-next seccomp 00/12] eBPF seccomp filters Andy Lutomirski
2021-05-11 5:21 ` YiFei Zhu
2021-05-15 15:49 ` Andy Lutomirski
2021-05-20 9:05 ` Christian Brauner
[not found] ` <fffbea8189794a8da539f6082af3de8e@DM5PR11MB1692.namprd11.prod.outlook.com>
2021-05-16 8:38 ` Tianyin Xu
2021-05-17 15:40 ` Tycho Andersen
2021-05-17 17:07 ` Sargun Dhillon
[not found] ` <108b4b9c2daa4123805d2b92cf51374b@DM5PR11MB1692.namprd11.prod.outlook.com>
2021-05-20 8:16 ` Tianyin Xu
2021-05-20 8:56 ` Christian Brauner
2021-05-20 9:37 ` Christian Brauner
2021-06-01 19:55 ` Kees Cook [this message]
2021-06-09 6:32 ` Jinghao Jia
2021-06-09 6:27 ` Jinghao Jia
[not found] ` <00fe481c572d486289bc88780f48e88f@DM5PR11MB1692.namprd11.prod.outlook.com>
2021-05-20 22:13 ` Tianyin Xu
[not found] ` <eae2a0e5038b41c4af87edcb3d4cdc13@DM5PR11MB1692.namprd11.prod.outlook.com>
2021-05-20 8:22 ` Tianyin Xu
2021-05-24 18:55 ` Sargun Dhillon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202106011244.76762C210@keescook \
--to=keescook@chromium.org \
--cc=aarcange@redhat.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=christian.brauner@ubuntu.com \
--cc=claudio.canella@iaik.tugraz.at \
--cc=containers@lists.linux.dev \
--cc=daniel.gruss@iaik.tugraz.at \
--cc=daniel@iogearbox.net \
--cc=dskarlat@cs.cmu.edu \
--cc=frankeh@us.ibm.com \
--cc=gscrivan@redhat.com \
--cc=hckuo2@illinois.edu \
--cc=jannh@google.com \
--cc=jinghao7@illinois.edu \
--cc=linux-security-module@vger.kernel.org \
--cc=luto@kernel.org \
--cc=sargun@sargun.me \
--cc=tobin@ibm.com \
--cc=tom.hromatka@oracle.com \
--cc=torrella@illinois.edu \
--cc=tycho@tycho.pizza \
--cc=tyxu@illinois.edu \
--cc=wad@chromium.org \
--cc=yifeifz2@illinois.edu \
--cc=zhuyifei1999@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).