[RFC PATCH] kernel/panic: Add TAINT_AUX

[RFC PATCH] kernel/panic: Add TAINT_AUX

[Borislav Petkov]

Hi all,

so this is the gist of a patch which we've been forward-porting in our
kernels for a long time now and it probably would make a good sense to
have such TAINT_AUX flag upstream which can be used by each distro etc,
how they see fit. This way, we won't need to forward-port a distro-only
version indefinitely.

And the "X" mnemonic could also mean eXternal, which would be taint from
a distro or something else but not the upstream kernel.

Thoughts?

---
From: Borislav Petkov <bp@suse.de>

Add an auxiliary taint flag to be used by distros and others. This
obviates the need to forward-port whatever internal solutions people
have in favor of a single flag which they can map arbitrarily to a
definition of their pleasing.

Signed-off-by: Borislav Petkov <bp@suse.de>
---
 include/linux/kernel.h | 3 ++-
 kernel/panic.c         | 2 ++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/include/linux/kernel.h b/include/linux/kernel.h
index bd6d96cf80b1..400512aa58e8 100644
--- a/include/linux/kernel.h
+++ b/include/linux/kernel.h
@@ -520,7 +520,8 @@ extern enum system_states {
 #define TAINT_UNSIGNED_MODULE		13
 #define TAINT_SOFTLOCKUP		14
 #define TAINT_LIVEPATCH			15
-#define TAINT_FLAGS_COUNT		16
+#define TAINT_AUX			16
+#define TAINT_FLAGS_COUNT		17
 
 struct taint_flag {
 	char c_true;	/* character printed when tainted */
diff --git a/kernel/panic.c b/kernel/panic.c
index a58932b41700..46ca774e2dce 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -321,6 +321,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
 	{ 'E', ' ', true },	/* TAINT_UNSIGNED_MODULE */
 	{ 'L', ' ', false },	/* TAINT_SOFTLOCKUP */
 	{ 'K', ' ', true },	/* TAINT_LIVEPATCH */
+	{ 'X', ' ', true },	/* TAINT_AUX */
 };
 
 /**
@@ -342,6 +343,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
  *  'E' - Unsigned module has been loaded.
  *  'L' - A soft lockup has previously occurred.
  *  'K' - Kernel has been live patched.
+ *  'X' - Auxiliary taint, for distros' use.
  *
  *	The string is overwritten by the next call to print_tainted().
  */
-- 
2.13.0


-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.

Re: [RFC PATCH] kernel/panic: Add TAINT_AUX

[Kees Cook]

On Mon, Sep 11, 2017 at 6:45 AM, Borislav Petkov <bp@alien8.de> wrote:
> Hi all,
>
> so this is the gist of a patch which we've been forward-porting in our
> kernels for a long time now and it probably would make a good sense to
> have such TAINT_AUX flag upstream which can be used by each distro etc,
> how they see fit. This way, we won't need to forward-port a distro-only
> version indefinitely.
>
> And the "X" mnemonic could also mean eXternal, which would be taint from
> a distro or something else but not the upstream kernel.
>
> Thoughts?

If I were an end-user looking at my kernel trace that had an "X" flag,
how would I go look up what it actually means? Is "git grep TAINT_AUX"
going to sufficiently answer that question?

How does SUSE use it currently?

-Kees

>
> ---
> From: Borislav Petkov <bp@suse.de>
>
> Add an auxiliary taint flag to be used by distros and others. This
> obviates the need to forward-port whatever internal solutions people
> have in favor of a single flag which they can map arbitrarily to a
> definition of their pleasing.
>
> Signed-off-by: Borislav Petkov <bp@suse.de>
> ---
>  include/linux/kernel.h | 3 ++-
>  kernel/panic.c         | 2 ++
>  2 files changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/include/linux/kernel.h b/include/linux/kernel.h
> index bd6d96cf80b1..400512aa58e8 100644
> --- a/include/linux/kernel.h
> +++ b/include/linux/kernel.h
> @@ -520,7 +520,8 @@ extern enum system_states {
>  #define TAINT_UNSIGNED_MODULE          13
>  #define TAINT_SOFTLOCKUP               14
>  #define TAINT_LIVEPATCH                        15
> -#define TAINT_FLAGS_COUNT              16
> +#define TAINT_AUX                      16
> +#define TAINT_FLAGS_COUNT              17
>
>  struct taint_flag {
>         char c_true;    /* character printed when tainted */
> diff --git a/kernel/panic.c b/kernel/panic.c
> index a58932b41700..46ca774e2dce 100644
> --- a/kernel/panic.c
> +++ b/kernel/panic.c
> @@ -321,6 +321,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
>         { 'E', ' ', true },     /* TAINT_UNSIGNED_MODULE */
>         { 'L', ' ', false },    /* TAINT_SOFTLOCKUP */
>         { 'K', ' ', true },     /* TAINT_LIVEPATCH */
> +       { 'X', ' ', true },     /* TAINT_AUX */
>  };
>
>  /**
> @@ -342,6 +343,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
>   *  'E' - Unsigned module has been loaded.
>   *  'L' - A soft lockup has previously occurred.
>   *  'K' - Kernel has been live patched.
> + *  'X' - Auxiliary taint, for distros' use.
>   *
>   *     The string is overwritten by the next call to print_tainted().
>   */
> --
> 2.13.0
>
>
> --
> Regards/Gruss,
>     Boris.
>
> Good mailing practices for 400: avoid top-posting and trim the reply.



-- 
Kees Cook
Pixel Security

Re: [RFC PATCH] kernel/panic: Add TAINT_AUX

[Borislav Petkov]

On Mon, Sep 11, 2017 at 09:19:16AM -0700, Kees Cook wrote:
> If I were an end-user looking at my kernel trace that had an "X" flag,
> how would I go look up what it actually means? Is "git grep TAINT_AUX"
> going to sufficiently answer that question?

Just like with the other taint letters. I look it up by looking at the
comment over print_tainted(). Unless it is P or M - those I know :-)

> How does SUSE use it currently?

We will use it to mark modules for which we don't provide support. I.e.,
a really eXternal module :-)

Thanks.

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.