From: Petr Tesarik <petr.tesarik1@xxxxxxxxxxxxxxxxxxx> [ For people newly added to Cc, this RFC is a reply to subsystem maintainers who asked for a real-world demonstration of how SandBox Mode could be used in practice. SandBox Mode itself was proposed in these two series (generic and x86): * https://lore.kernel.org/lkml/20240214113516.2307-1-petrtesarik@xxxxxxxxxxxxxxx/T/ * https://lore.kernel.org/lkml/20240214113035.2117-1-petrtesarik@xxxxxxxxxxxxxxx/T/ ] This patch series provides an example of running existing kernel code in a sandbox. It also adds some fixes and infrastructure to the base series. If you only want to see how the conversion itself might look like, skip straight to patch 5/5. Patches 1 and 2 amend the base patch series. Patches 3 and 4 are ported from my earlier proof of concept and adapted to work without adding too much other code. I am sending a complete WIP patch series so you can actually build and run the code. Disclaimer: This code is not ready for submission. It is incomplete and may contain bugs. It is provided here for the sole purpose of demonstrating how existing kernel code would be modified to run in a sandbox. PATCH 1/5 is a bug fix discovered after sending patch series v1. PATCH 2/5 allows to map a buffer into the sandbox at its kernel address. PATCH 3/5 is required to intercept calls to pre-selected kernel functions. PATCH 4/5 implements dynamic allocation in sandbox mode. PATCH 5/5 demonstrates how to convert existing kernel code to use SBM. Petr Tesarik (5): sbm: x86: fix SBM error entry path sbm: enhance buffer mapping API sbm: x86: infrastructure to fix up sandbox faults sbm: fix up calls to dynamic memory allocators apparmor: parse profiles in sandbox mode arch/x86/entry/entry_64.S | 10 ++- arch/x86/kernel/sbm/call_64.S | 20 +++++ arch/x86/kernel/sbm/core.c | 161 +++++++++++++++++++++++++++++++++- arch/x86/kernel/vmlinux.lds.S | 9 ++ include/linux/sbm.h | 77 ++++++++++++++++ kernel/sbm.c | 34 +++++++ mm/slab_common.c | 3 +- mm/slub.c | 17 ++-- mm/vmalloc.c | 11 +-- security/apparmor/crypto.c | 7 +- security/apparmor/policy.c | 29 ++++-- security/apparmor/secid.c | 3 +- 12 files changed, 352 insertions(+), 29 deletions(-) -- 2.34.1
