From: Rusty Russell <rusty@rustcorp.com.au>
To: "Frank Ch. Eigler" <fche@redhat.com>
Cc: Dave Jones <davej@redhat.com>, Josh Boyer <jwboyer@redhat.com>,
dhowells@redhat.com, linux-kernel@vger.kernel.org,
peterz@infradead.org, mingo@redhat.com,
Len Brown <lenb@kernel.org>, "Rafael J. Wysocki" <rjw@sisk.pl>,
linux-acpi@vger.kernel.org
Subject: Re: [PATCH] MODSIGN: Add TAINT_NOKEY_MODULE
Date: Mon, 21 Jan 2013 12:20:08 +1030 [thread overview]
Message-ID: <87a9s3wbhr.fsf@rustcorp.com.au> (raw)
In-Reply-To: <20130121001939.GB25509@redhat.com>
"Frank Ch. Eigler" <fche@redhat.com> writes:
> Hi -
>
>> [...]
>> - add_taint(TAINT_DIE);
>> + add_taint(TAINT_DIE, LOCKDEP_NOW_UNRELIABLE);
>> [...]
>
> If "UNRELIABLE" a good way to describe it - not DANGEROUS or
> COUNTERPRODUCTIVE or something, then maybe lockdep *can* produce
> reasonable results following such a taint. If the results are merely
> suspect, could lockdep reports include the taint report, but otherwise
> keep working?
git blame is your friend here:
commit 2c16e9c888985761511bd1905b00fb271169c3c0
Author: Arjan van de Ven <arjan@linux.intel.com>
Date: Mon Jul 10 04:45:42 2006 -0700
[PATCH] lockdep: disable lock debugging when kernel state becomes untrusted
Disable lockdep debugging in two situations where the integrity of the
kernel no longer is guaranteed: when oopsing and when hitting a
tainting-condition. The goal is to not get weird lockdep traces that don't
make sense or are otherwise undebuggable, to not waste time.
Lockdep assumes that the previous state it knows about is valid to operate,
which is why lockdep turns itself off after the first violation it reports,
after that point it can no longer make that assumption.
A kernel oops means that the integrity of the kernel compromised; in
addition anything lockdep would report is of lesser importance than the
oops.
All the tainting conditions are of similar integrity-violating nature and
also make debugging/diagnosing more difficult.
Signed-off-by: Arjan van de Ven <arjan@linux.intel.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Cheers,
Rusty.
next prev parent reply other threads:[~2013-01-21 1:53 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-04 19:12 [PATCH] MODSIGN: Don't taint unless signature enforcing is enabled Josh Boyer
2013-01-07 1:09 ` Rusty Russell
2013-01-07 14:58 ` Josh Boyer
2013-01-15 19:09 ` [PATCH] MODSIGN: Add TAINT_NOKEY_MODULE Josh Boyer
2013-01-16 3:34 ` Rusty Russell
2013-01-16 13:21 ` Josh Boyer
2013-01-16 19:37 ` Josh Boyer
2013-01-17 0:57 ` Rusty Russell
2013-01-17 15:02 ` Dave Jones
[not found] ` <8738xvxv55.fsf@rustcorp.com.au>
2013-01-21 0:19 ` Frank Ch. Eigler
2013-01-21 1:50 ` Rusty Russell [this message]
2013-01-21 0:46 ` Rafael J. Wysocki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87a9s3wbhr.fsf@rustcorp.com.au \
--to=rusty@rustcorp.com.au \
--cc=davej@redhat.com \
--cc=dhowells@redhat.com \
--cc=fche@redhat.com \
--cc=jwboyer@redhat.com \
--cc=lenb@kernel.org \
--cc=linux-acpi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
--cc=rjw@sisk.pl \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox