From patchwork Tue Mar 24 09:59:02 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thadeu Lima de Souza Cascardo X-Patchwork-Id: 1260541 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.ubuntu.com (client-ip=91.189.94.19; helo=huckleberry.canonical.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=canonical.com Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 48mmtW2ynDz9sNg; Tue, 24 Mar 2020 20:59:15 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.86_2) (envelope-from ) id 1jGgL2-00059P-2o; Tue, 24 Mar 2020 09:59:12 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jGgKz-00058i-GJ for kernel-team@lists.ubuntu.com; Tue, 24 Mar 2020 09:59:09 +0000 Received: from 201-43-83-214.dsl.telesp.net.br ([201.43.83.214] helo=localhost.localdomain) by youngberry.canonical.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1jGgKy-0006rZ-PD for kernel-team@lists.ubuntu.com; Tue, 24 Mar 2020 09:59:09 +0000 From: Thadeu Lima de Souza Cascardo To: kernel-team@lists.ubuntu.com Subject: [SRU Eoan 1/2] Revert "UBUNTU: SAUCE: (efi-lockdown) Lock down kprobes" Date: Tue, 24 Mar 2020 06:59:02 -0300 Message-Id: <20200324095903.5406-2-cascardo@canonical.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200324095903.5406-1-cascardo@canonical.com> References: <20200324095903.5406-1-cascardo@canonical.com> X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/1868626 This reverts commit 98147fbaa80ad04b6d2d90d80d7bc116d5930a5b. Upstream lockdown support locks down kprobes only above the integrity level. As we are moving to an integrity level on secure boot on Focal, and there is no kprobes lockdown on Bionic too, this makes Eoan behave like those two releases. Signed-off-by: Thadeu Lima de Souza Cascardo --- kernel/kprobes.c | 3 --- 1 file changed, 3 deletions(-) diff --git a/kernel/kprobes.c b/kernel/kprobes.c index 2cce4b714e3f..ebe8315a756a 100644 --- a/kernel/kprobes.c +++ b/kernel/kprobes.c @@ -1557,9 +1557,6 @@ int register_kprobe(struct kprobe *p) struct module *probed_mod; kprobe_opcode_t *addr; - if (kernel_is_locked_down("Use of kprobes")) - return -EPERM; - /* Adjust probe address from symbol */ addr = kprobe_addr(p); if (IS_ERR(addr))