[Bug 1868626] Re: Allow BPF tracing under lockdown

[Thadeu Lima de Souza Cascardo]

ubuntu@eoan:~$ uname -r
5.3.0-46-generic
ubuntu@eoan:~$ grep -i lockdown /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-5.3.0-46-generic 
root=PARTUUID=486ca49b-7073-4f42-84a9-c3724b219786 ro console=tty1 
console=ttyS0 lockdown
ubuntu@eoan:~$ dmesg | grep -i lockdown
[    0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.3.0-46-generic 
root=PARTUUID=486ca49b-7073-4f42-84a9-c3724b219786 ro console=tty1 
console=ttyS0 lockdown
[    0.000000] Kernel is locked down from command line; see man 
kernel_lockdown.7
[    0.019403] Kernel command line: BOOT_IMAGE=/boot/vmlinuz-5.3.0-46-generic 
root=PARTUUID=486ca49b-7073-4f42-84a9-c3724b219786 ro console=tty1 
console=ttyS0 lockdown
[    1.389113] Lockdown: swapper/0: Hibernation is restricted; see man 
kernel_lockdown.7
ubuntu@eoan:~$ sudo bpftrace -e 'tracepoint:syscalls:sys_enter_openat { 
printf("filename: [%s]; flags: [%d]\n", str(args->filename), args->flags); }'
Attaching 1 probe...
filename: [/proc/interrupts]; flags: [0]
filename: [/proc/stat]; flags: [0]
^C

ubuntu@eoan:~$ sudo bpftrace  -e 'kprobe:do_nanosleep { printf("PID %d 
sleeping\n", pid); }'
Attaching 1 probe...
PID 509 sleeping
PID 509 sleeping
^C

ubuntu@eoan:~$


** Tags removed: verification-needed-eoan
** Tags added: verification-done-eoan

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1868626

Title:
  Allow BPF tracing under lockdown

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1868626/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs