| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200508140415.GC367616@optiplex-lnx>
Date: Fri, 8 May 2020 10:04:15 -0400
From: Rafael Aquini <aquini@...hat.com>
To: Luis Chamberlain <mcgrof@...nel.org>
Cc: jeyu@...nel.org, akpm@...ux-foundation.org, arnd@...db.de,
rostedt@...dmis.org, mingo@...hat.com, cai@....pw,
dyoung@...hat.com, bhe@...hat.com, peterz@...radead.org,
tglx@...utronix.de, gpiccoli@...onical.com, pmladek@...e.com,
tiwai@...e.de, schlad@...e.de, andriy.shevchenko@...ux.intel.com,
keescook@...omium.org, daniel.vetter@...ll.ch, will@...nel.org,
mchehab+samsung@...nel.org, kvalo@...eaurora.org,
davem@...emloft.net, linux-kernel@...r.kernel.org
Subject: Re: [RFC] taint: add module firmware crash taint support
On Fri, May 08, 2020 at 02:14:38AM +0000, Luis Chamberlain wrote:
> Device driver firmware can crash, and sometimes, this can leave your
> system in a state which makes the device or subsystem completely
> useless. Detecting this by inspecting /proc/sys/kernel/tainted instead
> of scraping some magical words from the kernel log, which is driver
> specific, is much easier. So instead provide a helper which lets drivers
> annotate this.
>
> Once this happens, scrapers can easily scrape modules taint flags.
> This will taint both the kernel and respective calling module.
>
> The new helper module_firmware_crashed() uses LOCKDEP_STILL_OK as
> this fact should in no way shape or form affect lockdep. This taint
> is device driver specific.
>
> Signed-off-by: Luis Chamberlain <mcgrof@...nel.org>
> ---
>
> Below is the full diff stat of manual inspection throughout the kernel
> when this happens. My methodology is to just scrape for "crash" and
> then study the driver a bit to see if indeed it seems like that the
> firmware crashes there. In *many* cases there is even infrastructure
> for this, so this is sometimes clearly obvious. Some other times it
> required a bit of deciphering.
>
> The diff stat below is what I have so far, however the patch below
> only includes the drivers that start with Q, as they were a source of
> inspiration for this, and to make this RFC easier to read.
>
> If this seems sensible, I can follow up with the kernel helper first,
> and then tackle each subsystem independently.
>
> I purposely skipped review of remoteproc and virtualization. That should
> require its own separate careful review and considerations.
>
...
> diff --git a/include/linux/kernel.h b/include/linux/kernel.h
> index 04a5885cec1b..19e1541c82c7 100644
> --- a/include/linux/kernel.h
> +++ b/include/linux/kernel.h
> @@ -601,7 +601,8 @@ extern enum system_states {
> #define TAINT_LIVEPATCH 15
> #define TAINT_AUX 16
> #define TAINT_RANDSTRUCT 17
> -#define TAINT_FLAGS_COUNT 18
> +#define TAINT_FIRMWARE_CRASH 18
> +#define TAINT_FLAGS_COUNT 19
>
As others have already mentioned (and I guess it was your idea too)
it would be nicer to split the changes into a set.
We also will need to update Documentation/admin-guide/tainted-kernels.rst
to reflect the inclusion of this new flag.
-- Rafael
Powered by blists - more mailing lists