On Sat, Jan 30, 2021 at 12:35:10AM +0530, Sai Prakash Ranjan wrote:
> Here the idea is to protect such important information from all users
> including root users since root privileges does not have to mean full
> control over the kernel [1] and root compromise does not have to be
> the end of the world.
And yet, your thing lacks:
> +config EXCLUDE_KERNEL_HW_ITRACE
> + bool "Exclude kernel mode hardware assisted instruction tracing"
> + depends on PERF_EVENTS
depends on SECURITY_LOCKDOWN
or whatever the appropriate symbol is.
> + help
> + Exclude kernel mode instruction tracing by hardware tracing
> + family such as ARM Coresight ETM, Intel PT and so on.
> +
> + This option allows to disable kernel mode instruction tracing
> + offered by hardware assisted tracing for all users(including root)
> + especially for production systems where only userspace tracing might
> + be preferred for security reasons.
Also, colour me unconvinced, pretty much all kernel level PMU usage
can be employed to side-channel / infer crypto keys, why focus on
ITRACE over others?
