From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id F3914C43219 for ; Fri, 13 May 2022 15:36:35 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1382109AbiEMPgd (ORCPT ); Fri, 13 May 2022 11:36:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45942 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1382165AbiEMPgH (ORCPT ); Fri, 13 May 2022 11:36:07 -0400 Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AE620101C4; Fri, 13 May 2022 08:36:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20210309; h=Sender:In-Reply-To:Content-Type: MIME-Version:References:Message-ID:Subject:Cc:To:From:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=IzQ9owkt8YiZe1369EAKIafa5obLJ/EHaGRPb2JnnbM=; b=W2k6pVD2XZSvc+QSfttXCU/bUD OZCk9dzOVnxPbkF5YIhtpIhTheDdhQUleH6hDnDLx9Ig0n6tIwR3KOXNS3eLATawiWFy+mnSZJABk gBjQDYDw+zLRY1ZDBj5Dfck9IA37sYMald2vTwgkjYJ+C4smFN5ixIUT08bXygbb+oXOWROBQYrV5 zYIuXn/hjLqPR7x1rMm5x4aFhrlNkkewDUsE7XciDZx2jZW5FzIJngcsRNChagJLibuWAgIWzbtKo Vx4YYrtA19tWfw0zJtsZsEU1tIOmp91enosDVjJcCHW8SFRiNc0Go+WQBd7vCJ18DykDvYplLiaQO 2xW34pKQ==; Received: from mcgrof by bombadil.infradead.org with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1npXKY-00Giv4-Jd; Fri, 13 May 2022 15:35:50 +0000 Date: Fri, 13 May 2022 08:35:50 -0700 From: Luis Chamberlain To: David Gow Cc: Brendan Higgins , Andy Shevchenko , Jonathan Corbet , Andrew Morton , Kees Cook , Shuah Khan , Greg KH , "Guilherme G . Piccoli" , Sebastian Reichel , John Ogness , Joe Fradley , Daniel Latypov , kunit-dev@googlegroups.com, linux-kselftest@vger.kernel.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, Jani Nikula , Lucas De Marchi , Aaron Tomlin , linux-fsdevel@vger.kernel.org, linux-block@vger.kernel.org Subject: Re: [PATCH v3 1/3] panic: Taint kernel if tests are run Message-ID: References: <20220429043913.626647-1-davidgow@google.com> <20220513083212.3537869-1-davidgow@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220513083212.3537869-1-davidgow@google.com> Sender: Luis Chamberlain Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org On Fri, May 13, 2022 at 04:32:11PM +0800, David Gow wrote: > Most in-kernel tests (such as KUnit tests) are not supposed to run on > production systems: they may do deliberately illegal things to trigger > errors, and have security implications (for example, KUnit assertions > will often deliberately leak kernel addresses). > > Add a new taint type, TAINT_TEST to signal that a test has been run. > This will be printed as 'N' (originally for kuNit, as every other > sensible letter was taken.) > > This should discourage people from running these tests on production > systems, and to make it easier to tell if tests have been run > accidentally (by loading the wrong configuration, etc.) > > Signed-off-by: David Gow > --- > > Updated this to handle the most common case of selftest modules, in > addition to KUnit tests. There's room for other tests or test frameworks > to use this as well, either with a call to add_taint() from within the > kernel, or by writing to /proc/sys/kernel/tainted. > > The 'N' character for the taint is even less useful now that it's no > longer short for kuNit, but all the letters in TEST are taken. :-( > > Changes since v2: > https://lore.kernel.org/linux-kselftest/20220430030019.803481-1-davidgow@google.com/ > - Rename TAINT_KUNIT -> TAINT_TEST. > - Split into separate patches for adding the taint, and triggering it. > - Taint on a kselftest_module being loaded (patch 3/3) > > Changes since v1: > https://lore.kernel.org/linux-kselftest/20220429043913.626647-1-davidgow@google.com/ > - Make the taint per-module, to handle the case when tests are in > (longer lasting) modules. (Thanks Greg KH). > > Note that this still has checkpatch.pl warnings around bracket > placement, which are intentional as part of matching the surrounding > code. > > --- > Documentation/admin-guide/tainted-kernels.rst | 1 + > include/linux/panic.h | 3 ++- > kernel/panic.c | 1 + > 3 files changed, 4 insertions(+), 1 deletion(-) > > diff --git a/Documentation/admin-guide/tainted-kernels.rst b/Documentation/admin-guide/tainted-kernels.rst > index ceeed7b0798d..546f3071940d 100644 > --- a/Documentation/admin-guide/tainted-kernels.rst > +++ b/Documentation/admin-guide/tainted-kernels.rst > @@ -100,6 +100,7 @@ Bit Log Number Reason that got the kernel tainted > 15 _/K 32768 kernel has been live patched > 16 _/X 65536 auxiliary taint, defined for and used by distros > 17 _/T 131072 kernel was built with the struct randomization plugin > + 18 _/N 262144 an in-kernel test (such as a KUnit test) has been run I think mentioning just kunit fuzzes its interpretation here. Best to keep that out. Other than that: Acked-by: Luis Chamberlain Luis