From 83cac3c3e3adcba2ef113b2272f467566c903e0b Mon Sep 17 00:00:00 2001
From: Bjorn Neergaard <bjorn.neergaard@docker.com>
Date: Mon, 18 Sep 2023 16:40:03 -0600
Subject: [PATCH] oci/defaults: deny /sys/devices/virtual/powercap

The ability to read these files may offer a power-based sidechannel
attack against any workloads running on the same kernel.

This was originally [CVE-2020-8694][1], which was fixed in
[949dd0104c496fa7c14991a23c03c62e44637e71][2] by restricting read access
to root. However, since many containers run as root, this is not
sufficient for our use case.

While untrusted code should ideally never be run, we can add some
defense in depth here by masking out the device class by default.

[Other mechanisms][3] to access this hardware exist, but they should not
be accessible to a container due to other safeguards in the
kernel/container stack (e.g. capabilities, perf paranoia).

[1]: https://nvd.nist.gov/vuln/detail/CVE-2020-8694
[2]: https://github.com/torvalds/linux/commit/949dd0104c496fa7c14991a23c03c62e44637e71
[3]: https://web.eece.maine.edu/~vweaver/projects/rapl/

Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>
---
 oci/defaults.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/oci/defaults.go b/oci/defaults.go
index 6170401b1f..c3dae8b109 100644
--- a/oci/defaults.go
+++ b/oci/defaults.go
@@ -113,6 +113,7 @@ func DefaultLinuxSpec() specs.Spec {
 				"/proc/sched_debug",
 				"/proc/scsi",
 				"/sys/firmware",
+				"/sys/devices/virtual/powercap",
 			},
 			ReadonlyPaths: []string{
 				"/proc/bus",