Re: [RFC PATCH] kernel/panic: Add TAINT_AUX

From: Kees Cook <keescook@chromium.org>
To: Borislav Petkov <bp@alien8.de>
Cc: lkml <linux-kernel@vger.kernel.org>, Jessica Yu <jeyu@redhat.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Jiri Slaby <jslaby@suse.cz>, Jiri Olsa <jolsa@kernel.org>,
	Michal Marek <mmarek@suse.cz>, Jiri Kosina <jkosina@suse.cz>,
	Takashi Iwai <tiwai@suse.de>, Petr Mladek <pmladek@suse.com>,
	Jeff Mahoney <jeffm@suse.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	x86-ml <x86@kernel.org>
Subject: Re: [RFC PATCH] kernel/panic: Add TAINT_AUX
Date: Mon, 11 Sep 2017 09:19:16 -0700	[thread overview]
Message-ID: <CAGXu5jJx3AF7XB1hb+8vPCHJReYeRsumdFSUCLLOmiR3LrG4Ow@mail.gmail.com> (raw)
In-Reply-To: <20170911134533.dp5mtyku5bongx4c@pd.tnic>

On Mon, Sep 11, 2017 at 6:45 AM, Borislav Petkov <bp@alien8.de> wrote:
> Hi all,
>
> so this is the gist of a patch which we've been forward-porting in our
> kernels for a long time now and it probably would make a good sense to
> have such TAINT_AUX flag upstream which can be used by each distro etc,
> how they see fit. This way, we won't need to forward-port a distro-only
> version indefinitely.
>
> And the "X" mnemonic could also mean eXternal, which would be taint from
> a distro or something else but not the upstream kernel.
>
> Thoughts?

If I were an end-user looking at my kernel trace that had an "X" flag,
how would I go look up what it actually means? Is "git grep TAINT_AUX"
going to sufficiently answer that question?

How does SUSE use it currently?

-Kees

>
> ---
> From: Borislav Petkov <bp@suse.de>
>
> Add an auxiliary taint flag to be used by distros and others. This
> obviates the need to forward-port whatever internal solutions people
> have in favor of a single flag which they can map arbitrarily to a
> definition of their pleasing.
>
> Signed-off-by: Borislav Petkov <bp@suse.de>
> ---
>  include/linux/kernel.h | 3 ++-
>  kernel/panic.c         | 2 ++
>  2 files changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/include/linux/kernel.h b/include/linux/kernel.h
> index bd6d96cf80b1..400512aa58e8 100644
> --- a/include/linux/kernel.h
> +++ b/include/linux/kernel.h
> @@ -520,7 +520,8 @@ extern enum system_states {
>  #define TAINT_UNSIGNED_MODULE          13
>  #define TAINT_SOFTLOCKUP               14
>  #define TAINT_LIVEPATCH                        15
> -#define TAINT_FLAGS_COUNT              16
> +#define TAINT_AUX                      16
> +#define TAINT_FLAGS_COUNT              17
>
>  struct taint_flag {
>         char c_true;    /* character printed when tainted */
> diff --git a/kernel/panic.c b/kernel/panic.c
> index a58932b41700..46ca774e2dce 100644
> --- a/kernel/panic.c
> +++ b/kernel/panic.c
> @@ -321,6 +321,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
>         { 'E', ' ', true },     /* TAINT_UNSIGNED_MODULE */
>         { 'L', ' ', false },    /* TAINT_SOFTLOCKUP */
>         { 'K', ' ', true },     /* TAINT_LIVEPATCH */
> +       { 'X', ' ', true },     /* TAINT_AUX */
>  };
>
>  /**
> @@ -342,6 +343,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
>   *  'E' - Unsigned module has been loaded.
>   *  'L' - A soft lockup has previously occurred.
>   *  'K' - Kernel has been live patched.
> + *  'X' - Auxiliary taint, for distros' use.
>   *
>   *     The string is overwritten by the next call to print_tainted().
>   */
> --
> 2.13.0
>
>
> --
> Regards/Gruss,
>     Boris.
>
> Good mailing practices for 400: avoid top-posting and trim the reply.

-- 
Kees Cook
Pixel Security