Re: [PATCH v2] kernel: add panic_on_taint

From: Luis Chamberlain <mcgrof@kernel.org>
To: Rafael Aquini <aquini@redhat.com>
Cc: Tso Ted <tytso@mit.edu>, Adrian Bunk <bunk@kernel.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Laura Abbott <labbott@redhat.com>, Jeff Mahoney <jeffm@suse.com>,
	Jiri Kosina <jikos@kernel.org>, Jessica Yu <jeyu@suse.de>,
	Takashi Iwai <tiwai@suse.de>, Ann Davis <AnDavis@suse.com>,
	Richard Palethorpe <rpalethorpe@suse.de>,
	linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org,
	kexec@lists.infradead.org, linux-fsdevel@vger.kernel.org,
	dyoung@redhat.com, bhe@redhat.com, corbet@lwn.net,
	keescook@chromium.org, akpm@linux-foundation.org, cai@lca.pw,
	rdunlap@infradead.org
Subject: Re: [PATCH v2] kernel: add panic_on_taint
Date: Thu, 7 May 2020 22:25:58 +0000	[thread overview]
Message-ID: <20200507222558.GA11244@42.do-not-panic.com> (raw)
In-Reply-To: <20200507220606.GK205881@optiplex-lnx>

On Thu, May 07, 2020 at 06:06:06PM -0400, Rafael Aquini wrote:
> On Thu, May 07, 2020 at 08:33:40PM +0000, Luis Chamberlain wrote:
> > I *think* that a cmdline route to enable this would likely remove the
> > need for the kernel config for this. But even with Vlastimil's work
> > merged, I think we'd want yet-another value to enable / disable this
> > feature. Do we need yet-another-taint flag to tell us that this feature
> > was enabled?
> >
> 
> I guess it makes sense to get rid of the sysctl interface for
> proc_on_taint, and only keep it as a cmdline option. 

That would be easier to support and k3eps this simple.

> But the real issue seems to be, regardless we go with a cmdline-only option
> or not, the ability of proc_taint() to set any arbitrary taint flag 
> other than just marking the kernel with TAINT_USER. 

I think we would have no other option but to add a new TAINT flag so
that we know that the taint flag was modified by a user. Perhaps just
re-using TAINT_USER when proc_taint() would suffice.

  Luis