From: Luis Chamberlain <mcgrof@kernel.org>
To: Jessica Yu <jeyu@kernel.org>
Cc: akpm@linux-foundation.org, arnd@arndb.de, rostedt@goodmis.org,
mingo@redhat.com, aquini@redhat.com, cai@lca.pw,
dyoung@redhat.com, bhe@redhat.com, peterz@infradead.org,
tglx@linutronix.de, gpiccoli@canonical.com, pmladek@suse.com,
tiwai@suse.de, schlad@suse.de, andriy.shevchenko@linux.intel.com,
keescook@chromium.org, daniel.vetter@ffwll.ch, will@kernel.org,
mchehab+samsung@kernel.org, kvalo@codeaurora.org,
davem@davemloft.net, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 01/15] taint: add module firmware crash taint support
Date: Fri, 22 May 2020 05:17:21 +0000 [thread overview]
Message-ID: <20200522051721.GX11244@42.do-not-panic.com> (raw)
In-Reply-To: <20200519164231.GA27392@linux-8ccs>
On Tue, May 19, 2020 at 06:42:31PM +0200, Jessica Yu wrote:
> +++ Luis Chamberlain [15/05/20 21:28 +0000]:
> > Device driver firmware can crash, and sometimes, this can leave your
> > system in a state which makes the device or subsystem completely
> > useless. Detecting this by inspecting /proc/sys/kernel/tainted instead
> > of scraping some magical words from the kernel log, which is driver
> > specific, is much easier. So instead provide a helper which lets drivers
> > annotate this.
> >
> > Once this happens, scrapers can easily look for modules taint flags
> > for a firmware crash. This will taint both the kernel and respective
> > calling module.
> >
> > The new helper module_firmware_crashed() uses LOCKDEP_STILL_OK as this
> > fact should in no way shape or form affect lockdep. This taint is device
> > driver specific.
> >
> > Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
> > ---
> > Documentation/admin-guide/tainted-kernels.rst | 6 ++++++
> > include/linux/kernel.h | 3 ++-
> > include/linux/module.h | 13 +++++++++++++
> > include/trace/events/module.h | 3 ++-
> > kernel/module.c | 5 +++--
> > kernel/panic.c | 1 +
> > tools/debugging/kernel-chktaint | 7 +++++++
> > 7 files changed, 34 insertions(+), 4 deletions(-)
> >
> > diff --git a/Documentation/admin-guide/tainted-kernels.rst b/Documentation/admin-guide/tainted-kernels.rst
> > index 71e9184a9079..92530f1d60ae 100644
> > --- a/Documentation/admin-guide/tainted-kernels.rst
> > +++ b/Documentation/admin-guide/tainted-kernels.rst
> > @@ -100,6 +100,7 @@ Bit Log Number Reason that got the kernel tainted
> > 15 _/K 32768 kernel has been live patched
> > 16 _/X 65536 auxiliary taint, defined for and used by distros
> > 17 _/T 131072 kernel was built with the struct randomization plugin
> > + 18 _/Q 262144 driver firmware crash annotation
> > === === ====== ========================================================
> >
> > Note: The character ``_`` is representing a blank in this table to make reading
> > @@ -162,3 +163,8 @@ More detailed explanation for tainting
> > produce extremely unusual kernel structure layouts (even performance
> > pathological ones), which is important to know when debugging. Set at
> > build time.
> > +
> > + 18) ``Q`` used by device drivers to annotate that the device driver's firmware
> > + has crashed and the device's operation has been severely affected. The
> > + device may be left in a crippled state, requiring full driver removal /
> > + addition, system reboot, or it is unclear how long recovery will take.
> > diff --git a/include/linux/kernel.h b/include/linux/kernel.h
> > index 04a5885cec1b..19e1541c82c7 100644
> > --- a/include/linux/kernel.h
> > +++ b/include/linux/kernel.h
> > @@ -601,7 +601,8 @@ extern enum system_states {
> > #define TAINT_LIVEPATCH 15
> > #define TAINT_AUX 16
> > #define TAINT_RANDSTRUCT 17
> > -#define TAINT_FLAGS_COUNT 18
> > +#define TAINT_FIRMWARE_CRASH 18
> > +#define TAINT_FLAGS_COUNT 19
> >
> > struct taint_flag {
> > char c_true; /* character printed when tainted */
> > diff --git a/include/linux/module.h b/include/linux/module.h
> > index 2c2e988bcf10..221200078180 100644
> > --- a/include/linux/module.h
> > +++ b/include/linux/module.h
> > @@ -697,6 +697,14 @@ static inline bool is_livepatch_module(struct module *mod)
> > bool is_module_sig_enforced(void);
> > void set_module_sig_enforced(void);
> >
> > +void add_taint_module(struct module *mod, unsigned flag,
> > + enum lockdep_ok lockdep_ok);
> > +
> > +static inline void module_firmware_crashed(void)
> > +{
> > + add_taint_module(THIS_MODULE, TAINT_FIRMWARE_CRASH, LOCKDEP_STILL_OK);
> > +}
>
> Just a nit: I think module_firmware_crashed() is a confusing name - it
> doesn't really tell me what it's doing, and it's not really related to
> the rest of the module_* symbols, which mostly have to do with module
> loader/module specifics. Especially since a driver can be built-in, too.
> How about taint_firmware_crashed() or something similar?
Sure.
> Also, I think we might crash in add_taint_module() if a driver is
> built into the kernel, because THIS_MODULE will be null and there is
> no null pointer check in add_taint_module(). We could unify the
> CONFIG_MODULES and !CONFIG_MODULES stubs and either add an `if (mod)`
> check in add_taint_module() or add an #ifdef MODULE check in the stub
> itself to call add_taint() or add_taint_module() as appropriate. Hope
> that makes sense.
I had to do something a bit different but I think you'll agree with it.
Will include it in my next iteration.
Luis
next prev parent reply other threads:[~2020-05-22 5:17 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-15 21:28 [PATCH v2 00/15] net: taint when the device driver firmware crashes Luis Chamberlain
2020-05-15 21:28 ` [PATCH v2 01/15] taint: add module firmware crash taint support Luis Chamberlain
2020-05-16 4:03 ` Rafael Aquini
2020-05-19 16:42 ` Jessica Yu
2020-05-22 5:17 ` Luis Chamberlain [this message]
2020-05-15 21:28 ` [PATCH v2 02/15] ethernet/839: use new module_firmware_crashed() Luis Chamberlain
2020-05-16 4:04 ` Rafael Aquini
2020-05-15 21:28 ` [PATCH v2 03/15] bnx2x: " Luis Chamberlain
2020-05-16 4:05 ` Rafael Aquini
2020-05-15 21:28 ` [PATCH v2 04/15] bnxt: " Luis Chamberlain
2020-05-16 4:06 ` Rafael Aquini
2020-05-16 5:14 ` Vasundhara Volam
2020-05-15 21:28 ` [PATCH v2 05/15] bna: " Luis Chamberlain
2020-05-16 4:07 ` Rafael Aquini
2020-05-15 21:28 ` [PATCH v2 06/15] liquidio: " Luis Chamberlain
2020-05-16 4:07 ` Rafael Aquini
2020-05-15 21:28 ` [PATCH v2 07/15] cxgb4: " Luis Chamberlain
2020-05-16 4:09 ` Rafael Aquini
2020-05-15 21:28 ` [PATCH v2 08/15] ehea: " Luis Chamberlain
2020-05-16 4:09 ` Rafael Aquini
2020-05-15 21:28 ` [PATCH v2 09/15] qed: " Luis Chamberlain
2020-05-16 4:10 ` Rafael Aquini
2020-05-15 21:28 ` [PATCH v2 10/15] soc: qcom: ipa: " Luis Chamberlain
2020-05-16 4:10 ` Rafael Aquini
2020-05-19 22:34 ` Alex Elder
2020-05-22 5:28 ` Luis Chamberlain
2020-05-22 20:52 ` Alex Elder
2020-05-22 21:53 ` Luis Chamberlain
2020-05-15 21:28 ` [PATCH v2 11/15] wimax/i2400m: " Luis Chamberlain
2020-05-16 4:11 ` Rafael Aquini
2020-05-15 21:28 ` [PATCH v2 12/15] ath10k: " Luis Chamberlain
2020-05-16 4:11 ` Rafael Aquini
2020-05-16 13:24 ` Johannes Berg
2020-05-16 13:50 ` Johannes Berg
2020-05-18 16:56 ` Luis Chamberlain
2020-05-19 1:23 ` Brian Norris
2020-05-19 14:02 ` Luis Chamberlain
2020-05-20 0:47 ` Brian Norris
2020-05-20 5:37 ` Emmanuel Grumbach
2020-05-20 8:32 ` Andy Shevchenko
2020-05-21 19:01 ` Brian Norris
2020-05-22 5:12 ` Emmanuel Grumbach
2020-05-22 5:23 ` Luis Chamberlain
2020-05-18 16:51 ` Luis Chamberlain
2020-05-18 16:58 ` Ben Greear
2020-05-18 17:09 ` Luis Chamberlain
2020-05-18 17:15 ` Ben Greear
2020-05-18 17:18 ` Luis Chamberlain
2020-05-18 18:06 ` Steve deRosier
2020-05-18 19:09 ` Luis Chamberlain
2020-05-18 19:25 ` Johannes Berg
2020-05-18 19:59 ` Luis Chamberlain
2020-05-18 20:07 ` Johannes Berg
2020-05-18 21:18 ` Luis Chamberlain
2020-05-18 20:28 ` Jakub Kicinski
2020-05-18 20:29 ` Johannes Berg
2020-05-18 20:35 ` Jakub Kicinski
2020-05-18 20:41 ` Johannes Berg
2020-05-18 20:46 ` Jakub Kicinski
2020-05-18 21:22 ` Luis Chamberlain
2020-05-18 22:16 ` Jakub Kicinski
2020-05-19 1:05 ` Luis Chamberlain
2020-05-19 21:15 ` [RFC 1/2] devlink: add simple fw crash helpers Jakub Kicinski
2020-05-22 5:20 ` Luis Chamberlain
2020-05-22 17:17 ` Jakub Kicinski
2020-05-22 20:46 ` Johannes Berg
2020-05-22 21:51 ` Luis Chamberlain
2020-05-22 23:23 ` Steve deRosier
2020-05-22 23:44 ` Luis Chamberlain
2020-05-25 9:07 ` Andy Shevchenko
2020-05-25 17:08 ` Ben Greear
2020-05-25 20:57 ` Jakub Kicinski
2020-07-30 13:56 ` Johannes Berg
2020-05-22 21:49 ` Luis Chamberlain
2020-05-19 21:15 ` [RFC 2/2] i2400m: use devlink health reporter Jakub Kicinski
2020-05-15 21:28 ` [PATCH v2 13/15] ath6kl: use new module_firmware_crashed() Luis Chamberlain
2020-05-16 4:12 ` Rafael Aquini
2020-05-15 21:28 ` [PATCH v2 14/15] brcm80211: " Luis Chamberlain
2020-05-16 4:13 ` Rafael Aquini
2020-05-15 21:28 ` [PATCH v2 15/15] mwl8k: " Luis Chamberlain
2020-05-16 4:13 ` Rafael Aquini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200522051721.GX11244@42.do-not-panic.com \
--to=mcgrof@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=andriy.shevchenko@linux.intel.com \
--cc=aquini@redhat.com \
--cc=arnd@arndb.de \
--cc=bhe@redhat.com \
--cc=cai@lca.pw \
--cc=daniel.vetter@ffwll.ch \
--cc=davem@davemloft.net \
--cc=dyoung@redhat.com \
--cc=gpiccoli@canonical.com \
--cc=jeyu@kernel.org \
--cc=keescook@chromium.org \
--cc=kvalo@codeaurora.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mchehab+samsung@kernel.org \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=pmladek@suse.com \
--cc=rostedt@goodmis.org \
--cc=schlad@suse.de \
--cc=tglx@linutronix.de \
--cc=tiwai@suse.de \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).