From: Jason Gunthorpe <jgg@nvidia.com>
Cc: Andy Gospodarek <andrew.gospodarek@broadcom.com>,
Aron Silverton <aron.silverton@oracle.com>,
Dan Williams <dan.j.williams@intel.com>,
Daniel Vetter <daniel.vetter@ffwll.ch>,
Dave Jiang <dave.jiang@intel.com>,
David Ahern <dsahern@kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Christoph Hellwig <hch@infradead.org>,
Itay Avraham <itayavr@nvidia.com>, Jiri Pirko <jiri@nvidia.com>,
Jonathan Cameron <Jonathan.Cameron@huawei.com>,
Jakub Kicinski <kuba@kernel.org>,
Leonid Bloch <lbloch@nvidia.com>,
Leon Romanovsky <leonro@nvidia.com>,
linux-cxl@vger.kernel.org, linux-rdma@vger.kernel.org,
netdev@vger.kernel.org, Saeed Mahameed <saeedm@nvidia.com>,
"Nelson, Shannon" <shannon.nelson@amd.com>
Subject: [PATCH v5 4/8] taint: Add TAINT_FWCTL
Date: Thu, 27 Feb 2025 20:26:32 -0400 [thread overview]
Message-ID: <4-v5-642aa0c94070+4447f-fwctl_jgg@nvidia.com> (raw)
In-Reply-To: <0-v5-642aa0c94070+4447f-fwctl_jgg@nvidia.com>
Requesting a fwctl scope of access that includes mutating device debug
data will cause the kernel to be tainted. Changing the device operation
through things in the debug scope may cause the device to malfunction in
undefined ways. This should be reflected in the TAINT flags to help any
debuggers understand that something has been done.
Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Reviewed-by: Dave Jiang <dave.jiang@intel.com>
Tested-by: Dave Jiang <dave.jiang@intel.com>
Reviewed-by: Shannon Nelson <shannon.nelson@amd.com>
Tested-by: Shannon Nelson <shannon.nelson@amd.com>
Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
---
Documentation/admin-guide/tainted-kernels.rst | 5 +++++
include/linux/panic.h | 3 ++-
kernel/panic.c | 1 +
tools/debugging/kernel-chktaint | 8 ++++++++
4 files changed, 16 insertions(+), 1 deletion(-)
diff --git a/Documentation/admin-guide/tainted-kernels.rst b/Documentation/admin-guide/tainted-kernels.rst
index 700aa72eecb169..a0cc017e44246f 100644
--- a/Documentation/admin-guide/tainted-kernels.rst
+++ b/Documentation/admin-guide/tainted-kernels.rst
@@ -101,6 +101,7 @@ Bit Log Number Reason that got the kernel tainted
16 _/X 65536 auxiliary taint, defined for and used by distros
17 _/T 131072 kernel was built with the struct randomization plugin
18 _/N 262144 an in-kernel test has been run
+ 19 _/J 524288 userspace used a mutating debug operation in fwctl
=== === ====== ========================================================
Note: The character ``_`` is representing a blank in this table to make reading
@@ -184,3 +185,7 @@ More detailed explanation for tainting
build time.
18) ``N`` if an in-kernel test, such as a KUnit test, has been run.
+
+ 19) ``J`` if userpace opened /dev/fwctl/* and performed a FWTCL_RPC_DEBUG_WRITE
+ to use the devices debugging features. Device debugging features could
+ cause the device to malfunction in undefined ways.
diff --git a/include/linux/panic.h b/include/linux/panic.h
index 54d90b6c5f47bd..2494d51707ef42 100644
--- a/include/linux/panic.h
+++ b/include/linux/panic.h
@@ -74,7 +74,8 @@ static inline void set_arch_panic_timeout(int timeout, int arch_default_timeout)
#define TAINT_AUX 16
#define TAINT_RANDSTRUCT 17
#define TAINT_TEST 18
-#define TAINT_FLAGS_COUNT 19
+#define TAINT_FWCTL 19
+#define TAINT_FLAGS_COUNT 20
#define TAINT_FLAGS_MAX ((1UL << TAINT_FLAGS_COUNT) - 1)
struct taint_flag {
diff --git a/kernel/panic.c b/kernel/panic.c
index d8635d5cecb250..0c55eec9e8744a 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -511,6 +511,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
TAINT_FLAG(AUX, 'X', ' ', true),
TAINT_FLAG(RANDSTRUCT, 'T', ' ', true),
TAINT_FLAG(TEST, 'N', ' ', true),
+ TAINT_FLAG(FWCTL, 'J', ' ', true),
};
#undef TAINT_FLAG
diff --git a/tools/debugging/kernel-chktaint b/tools/debugging/kernel-chktaint
index 279be06332be99..e7da0909d09707 100755
--- a/tools/debugging/kernel-chktaint
+++ b/tools/debugging/kernel-chktaint
@@ -204,6 +204,14 @@ else
echo " * an in-kernel test (such as a KUnit test) has been run (#18)"
fi
+T=`expr $T / 2`
+if [ `expr $T % 2` -eq 0 ]; then
+ addout " "
+else
+ addout "J"
+ echo " * fwctl's mutating debug interface was used (#19)"
+fi
+
echo "For a more detailed explanation of the various taint flags see"
echo " Documentation/admin-guide/tainted-kernels.rst in the Linux kernel sources"
echo " or https://kernel.org/doc/html/latest/admin-guide/tainted-kernels.html"
--
2.43.0
next prev parent reply other threads:[~2025-02-28 0:26 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-28 0:26 [PATCH v5 0/8] Introduce fwctl subystem Jason Gunthorpe
2025-02-28 0:26 ` [PATCH v5 1/8] fwctl: Add basic structure for a class subsystem with a cdev Jason Gunthorpe
2025-02-28 0:26 ` [PATCH v5 2/8] fwctl: Basic ioctl dispatch for the character device Jason Gunthorpe
2025-02-28 0:26 ` [PATCH v5 3/8] fwctl: FWCTL_INFO to return basic information about the device Jason Gunthorpe
2025-02-28 0:26 ` Jason Gunthorpe [this message]
2025-02-28 0:26 ` [PATCH v5 5/8] fwctl: FWCTL_RPC to execute a Remote Procedure Call to device firmware Jason Gunthorpe
2025-02-28 0:26 ` [PATCH v5 6/8] fwctl: Add documentation Jason Gunthorpe
2025-03-15 2:53 ` Bagas Sanjaya
2025-02-28 0:26 ` [PATCH v5 7/8] fwctl/mlx5: Support for communicating with mlx5 fw Jason Gunthorpe
2025-03-02 12:11 ` Leon Romanovsky
2025-03-04 17:50 ` Jason Gunthorpe
2025-02-28 0:26 ` [PATCH v5 8/8] mlx5: Create an auxiliary device for fwctl_mlx5 Jason Gunthorpe
2025-03-02 12:09 ` Leon Romanovsky
2025-03-04 1:53 ` [PATCH v5 0/8] Introduce fwctl subystem Jakub Kicinski
2025-03-04 14:00 ` Jason Gunthorpe
2025-03-04 17:59 ` Saeed Mahameed
2025-03-05 0:42 ` Jakub Kicinski
2025-03-05 13:32 ` Jason Gunthorpe
2025-03-05 13:43 ` Leon Romanovsky
2025-03-05 15:08 ` Jiri Pirko
2025-03-05 15:22 ` Leon Romanovsky
2025-03-05 15:56 ` Jiri Pirko
2025-03-05 18:17 ` David Ahern
2025-03-05 18:28 ` Leon Romanovsky
2025-03-05 20:41 ` Saeed Mahameed
2025-03-05 23:21 ` Jason Gunthorpe
2025-03-06 7:29 ` Leon Romanovsky
2025-03-11 11:23 ` David Ahern
2025-03-11 13:59 ` Leon Romanovsky
2025-03-12 9:31 ` David Ahern
2025-03-12 10:34 ` Stanislav Fomichev
2025-03-14 22:34 ` David Ahern
2025-03-16 7:34 ` Stanislav Fomichev
2025-03-17 12:30 ` Jason Gunthorpe
2025-03-11 14:27 ` Nelson, Shannon
2025-03-13 12:30 ` David Ahern
2025-03-13 12:48 ` Leon Romanovsky
2025-03-13 19:59 ` Nelson, Shannon
2025-03-14 5:37 ` Greg Kroah-Hartman
2025-03-14 18:39 ` Leon Romanovsky
2025-03-14 18:09 ` Jacob Keller
2025-03-17 12:33 ` Jason Gunthorpe
2025-03-17 19:00 ` David Ahern
2025-03-17 20:33 ` Keller, Jacob E
2025-03-18 13:20 ` Greg Kroah-Hartman
2025-03-18 13:25 ` Jason Gunthorpe
2025-03-18 15:39 ` Dave Jiang
2025-03-18 16:06 ` Greg Kroah-Hartman
2025-03-19 5:48 ` Przemek Kitszel
2025-03-19 8:14 ` Leon Romanovsky
2025-03-19 10:46 ` Przemek Kitszel
2025-03-19 11:22 ` Leon Romanovsky
2025-03-19 8:17 ` Leon Romanovsky
2025-03-18 22:07 ` Keller, Jacob E
2025-03-06 2:16 ` Jakub Kicinski
2025-03-20 23:22 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4-v5-642aa0c94070+4447f-fwctl_jgg@nvidia.com \
--to=jgg@nvidia.com \
--cc=Jonathan.Cameron@huawei.com \
--cc=andrew.gospodarek@broadcom.com \
--cc=aron.silverton@oracle.com \
--cc=dan.j.williams@intel.com \
--cc=daniel.vetter@ffwll.ch \
--cc=dave.jiang@intel.com \
--cc=dsahern@kernel.org \
--cc=gregkh@linuxfoundation.org \
--cc=hch@infradead.org \
--cc=itayavr@nvidia.com \
--cc=jiri@nvidia.com \
--cc=kuba@kernel.org \
--cc=lbloch@nvidia.com \
--cc=leonro@nvidia.com \
--cc=linux-cxl@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=saeedm@nvidia.com \
--cc=shannon.nelson@amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox