[PATCH v1 0/5] Introduce SandBox Mode (SBM)
From: Petr Tesarik
Date: Wed Feb 14 2024 - 06:31:56 EST
From: Petr Tesarik <petr.tesarik1@xxxxxxxxxxxxxxxxxxx>
The ultimate goal of SandBox Mode is to execute native kernel code
in an environment which permits memory access only to predefined
addresses, so potential vulnerabilities cannot be exploited or will
have no impact on the rest of the kernel.
This patch series adds the API and arch-independent infrastructure
of SandBox Mode to the kernel. It runs the target function on a
vmalloc()'ed copy of all input and output data. This alone prevents
some out-of-bounds accesses thanks to guard pages.
Patch 4/5 adds KUnit tests. It is also a good starting point to
understand how SandBox Mode is supposed to be used.
Detailed description of SandBox Mode goals, usage and future plans
can be found in patch 5/5 of this series and is not repeated in
this cover letter.
Petr Tesarik (5):
sbm: SandBox Mode core data types and functions
sbm: sandbox input and output buffers
sbm: call helpers and thunks
sbm: SandBox Mode KUnit test suite
sbm: SandBox Mode documentation
Documentation/security/index.rst | 1 +
Documentation/security/sandbox-mode.rst | 180 ++++++
include/linux/sbm.h | 516 +++++++++++++++++
init/Kconfig | 2 +
kernel/Kconfig.sbm | 43 ++
kernel/Makefile | 2 +
kernel/sbm.c | 133 +++++
kernel/sbm_test.c | 735 ++++++++++++++++++++++++
8 files changed, 1612 insertions(+)
create mode 100644 Documentation/security/sandbox-mode.rst
create mode 100644 include/linux/sbm.h
create mode 100644 kernel/Kconfig.sbm
create mode 100644 kernel/sbm.c
create mode 100644 kernel/sbm_test.c
--
2.34.1