From: Rusty Russell <rusty@rustcorp.com.au>
To: Jani Nikula <jani.nikula@intel.com>,
linux-kernel@vger.kernel.org, intel-gfx@lists.freedesktop.org
Cc: Jean Delvare <khali@linux-fr.org>,
Andrew Morton <akpm@linux-foundation.org>,
Li Zhong <zhong@linux.vnet.ibm.com>,
Jon Mason <jon.mason@intel.com>,
Daniel Vetter <daniel.vetter@ffwll.ch>,
jani.nikula@intel.com
Subject: Re: [PATCH 0/4] module: add support for unsafe, tainting parameters
Date: Thu, 14 Aug 2014 05:55:05 +0930 [thread overview]
Message-ID: <87wqac87dq.fsf@rustcorp.com.au> (raw)
In-Reply-To: <cover.1407764272.git.jani.nikula@intel.com>
Jani Nikula <jani.nikula@intel.com> writes:
> This is a generic version of Daniel's patch [1] letting us have unsafe
> module parameters (experimental, debugging, testing, etc.) that taint
> the kernel when set. Quoting Daniel,
OK, I think the idea is fine, but we'll probably only want this for
a few types (eg. int and bool). So for the moment I prefer a more
naive approach.
Does this work for you?
Subject: module: add taint_int type
An int parameter which taints the kernel if set; i915 at least wants this.
Based-on-patches-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Based-on-patches-by: Jani Nikula <jani.nikula@intel.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
diff --git a/include/linux/moduleparam.h b/include/linux/moduleparam.h
index 494f99e852da..99ba68206ba4 100644
--- a/include/linux/moduleparam.h
+++ b/include/linux/moduleparam.h
@@ -408,6 +408,10 @@ extern int param_set_bint(const char *val, const struct kernel_param *kp);
#define param_get_bint param_get_int
#define param_check_bint param_check_int
+/* An int, which taints the kernel if set. */
+extern struct kernel_param_ops param_ops_taint_int;
+#define param_check_taint_int param_check_int
+
/**
* module_param_array - a parameter which is an array of some type
* @name: the name of the array variable
diff --git a/kernel/params.c b/kernel/params.c
index 34f527023794..3128218158cf 100644
--- a/kernel/params.c
+++ b/kernel/params.c
@@ -375,6 +375,20 @@ struct kernel_param_ops param_ops_bint = {
};
EXPORT_SYMBOL(param_ops_bint);
+static int param_set_taint_int(const char *val, const struct kernel_param *kp)
+{
+ pr_warn("Setting dangerous option %s - tainting kernel\n", kp->name);
+ add_taint(TAINT_USER, LOCKDEP_STILL_OK);
+
+ return param_set_int(val, kp);
+}
+
+struct kernel_param_ops param_ops_taint_int = {
+ .set = param_set_taint_int,
+ .get = param_get_int,
+};
+EXPORT_SYMBOL(param_ops_taint_int);
+
/* We break the rule and mangle the string. */
static int param_array(const char *name,
const char *val,
WARNING: multiple messages have this Message-ID (diff)
From: Rusty Russell <rusty@rustcorp.com.au>
To: linux-kernel@vger.kernel.org, intel-gfx@lists.freedesktop.org
Cc: Jean Delvare <khali@linux-fr.org>,
Andrew Morton <akpm@linux-foundation.org>,
Li Zhong <zhong@linux.vnet.ibm.com>,
Jon Mason <jon.mason@intel.com>,
Daniel Vetter <daniel.vetter@ffwll.ch>,
jani.nikula@intel.com
Subject: Re: [PATCH 0/4] module: add support for unsafe, tainting parameters
Date: Thu, 14 Aug 2014 05:55:05 +0930 [thread overview]
Message-ID: <87wqac87dq.fsf@rustcorp.com.au> (raw)
In-Reply-To: <cover.1407764272.git.jani.nikula@intel.com>
Jani Nikula <jani.nikula@intel.com> writes:
> This is a generic version of Daniel's patch [1] letting us have unsafe
> module parameters (experimental, debugging, testing, etc.) that taint
> the kernel when set. Quoting Daniel,
OK, I think the idea is fine, but we'll probably only want this for
a few types (eg. int and bool). So for the moment I prefer a more
naive approach.
Does this work for you?
Subject: module: add taint_int type
An int parameter which taints the kernel if set; i915 at least wants this.
Based-on-patches-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Based-on-patches-by: Jani Nikula <jani.nikula@intel.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
diff --git a/include/linux/moduleparam.h b/include/linux/moduleparam.h
index 494f99e852da..99ba68206ba4 100644
--- a/include/linux/moduleparam.h
+++ b/include/linux/moduleparam.h
@@ -408,6 +408,10 @@ extern int param_set_bint(const char *val, const struct kernel_param *kp);
#define param_get_bint param_get_int
#define param_check_bint param_check_int
+/* An int, which taints the kernel if set. */
+extern struct kernel_param_ops param_ops_taint_int;
+#define param_check_taint_int param_check_int
+
/**
* module_param_array - a parameter which is an array of some type
* @name: the name of the array variable
diff --git a/kernel/params.c b/kernel/params.c
index 34f527023794..3128218158cf 100644
--- a/kernel/params.c
+++ b/kernel/params.c
@@ -375,6 +375,20 @@ struct kernel_param_ops param_ops_bint = {
};
EXPORT_SYMBOL(param_ops_bint);
+static int param_set_taint_int(const char *val, const struct kernel_param *kp)
+{
+ pr_warn("Setting dangerous option %s - tainting kernel\n", kp->name);
+ add_taint(TAINT_USER, LOCKDEP_STILL_OK);
+
+ return param_set_int(val, kp);
+}
+
+struct kernel_param_ops param_ops_taint_int = {
+ .set = param_set_taint_int,
+ .get = param_get_int,
+};
+EXPORT_SYMBOL(param_ops_taint_int);
+
/* We break the rule and mangle the string. */
static int param_array(const char *name,
const char *val,
next prev parent reply other threads:[~2014-08-13 20:31 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-11 13:52 [PATCH 0/4] module: add support for unsafe, tainting parameters Jani Nikula
2014-08-11 13:52 ` Jani Nikula
2014-08-11 13:52 ` [PATCH 1/4] module: rename KERNEL_PARAM_FL_NOARG to avoid confusion Jani Nikula
2014-08-11 13:52 ` Jani Nikula
2014-08-11 13:52 ` [PATCH 2/4] module: make it possible to have unsafe, tainting module params Jani Nikula
2014-08-11 13:52 ` Jani Nikula
2014-08-11 13:52 ` [PATCH 3/4] module: add module_param_unsafe and module_param_named_unsafe Jani Nikula
2014-08-11 13:52 ` Jani Nikula
2014-08-11 13:52 ` [PATCH 4/4] drm/i915: taint the kernel if unsafe module parameters are set Jani Nikula
2014-08-11 13:52 ` Jani Nikula
2014-08-13 20:25 ` Rusty Russell [this message]
2014-08-13 20:25 ` [PATCH 0/4] module: add support for unsafe, tainting parameters Rusty Russell
2014-08-14 5:21 ` Daniel Vetter
2014-08-14 5:21 ` Daniel Vetter
2014-08-20 16:12 ` Rusty Russell
2014-08-20 16:12 ` Rusty Russell
2014-08-21 7:00 ` Jani Nikula
2014-08-21 7:00 ` Jani Nikula
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87wqac87dq.fsf@rustcorp.com.au \
--to=rusty@rustcorp.com.au \
--cc=akpm@linux-foundation.org \
--cc=daniel.vetter@ffwll.ch \
--cc=intel-gfx@lists.freedesktop.org \
--cc=jani.nikula@intel.com \
--cc=jon.mason@intel.com \
--cc=khali@linux-fr.org \
--cc=linux-kernel@vger.kernel.org \
--cc=zhong@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.