| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 May 2022 08:35:50 -0700
From: Luis Chamberlain <mcgrof@...nel.org>
To: David Gow <davidgow@...gle.com>
Cc: Brendan Higgins <brendanhiggins@...gle.com>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Jonathan Corbet <corbet@....net>,
Andrew Morton <akpm@...ux-foundation.org>,
Kees Cook <keescook@...omium.org>,
Shuah Khan <skhan@...uxfoundation.org>,
Greg KH <gregkh@...uxfoundation.org>,
"Guilherme G . Piccoli" <gpiccoli@...lia.com>,
Sebastian Reichel <sre@...nel.org>,
John Ogness <john.ogness@...utronix.de>,
Joe Fradley <joefradley@...gle.com>,
Daniel Latypov <dlatypov@...gle.com>,
kunit-dev@...glegroups.com, linux-kselftest@...r.kernel.org,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
Jani Nikula <jani.nikula@...ux.intel.com>,
Lucas De Marchi <lucas.demarchi@...el.com>,
Aaron Tomlin <atomlin@...hat.com>,
linux-fsdevel@...r.kernel.org, linux-block@...r.kernel.org
Subject: Re: [PATCH v3 1/3] panic: Taint kernel if tests are run
On Fri, May 13, 2022 at 04:32:11PM +0800, David Gow wrote:
> Most in-kernel tests (such as KUnit tests) are not supposed to run on
> production systems: they may do deliberately illegal things to trigger
> errors, and have security implications (for example, KUnit assertions
> will often deliberately leak kernel addresses).
>
> Add a new taint type, TAINT_TEST to signal that a test has been run.
> This will be printed as 'N' (originally for kuNit, as every other
> sensible letter was taken.)
>
> This should discourage people from running these tests on production
> systems, and to make it easier to tell if tests have been run
> accidentally (by loading the wrong configuration, etc.)
>
> Signed-off-by: David Gow <davidgow@...gle.com>
> ---
>
> Updated this to handle the most common case of selftest modules, in
> addition to KUnit tests. There's room for other tests or test frameworks
> to use this as well, either with a call to add_taint() from within the
> kernel, or by writing to /proc/sys/kernel/tainted.
>
> The 'N' character for the taint is even less useful now that it's no
> longer short for kuNit, but all the letters in TEST are taken. :-(
>
> Changes since v2:
> https://lore.kernel.org/linux-kselftest/20220430030019.803481-1-davidgow@google.com/
> - Rename TAINT_KUNIT -> TAINT_TEST.
> - Split into separate patches for adding the taint, and triggering it.
> - Taint on a kselftest_module being loaded (patch 3/3)
>
> Changes since v1:
> https://lore.kernel.org/linux-kselftest/20220429043913.626647-1-davidgow@google.com/
> - Make the taint per-module, to handle the case when tests are in
> (longer lasting) modules. (Thanks Greg KH).
>
> Note that this still has checkpatch.pl warnings around bracket
> placement, which are intentional as part of matching the surrounding
> code.
>
> ---
> Documentation/admin-guide/tainted-kernels.rst | 1 +
> include/linux/panic.h | 3 ++-
> kernel/panic.c | 1 +
> 3 files changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/Documentation/admin-guide/tainted-kernels.rst b/Documentation/admin-guide/tainted-kernels.rst
> index ceeed7b0798d..546f3071940d 100644
> --- a/Documentation/admin-guide/tainted-kernels.rst
> +++ b/Documentation/admin-guide/tainted-kernels.rst
> @@ -100,6 +100,7 @@ Bit Log Number Reason that got the kernel tainted
> 15 _/K 32768 kernel has been live patched
> 16 _/X 65536 auxiliary taint, defined for and used by distros
> 17 _/T 131072 kernel was built with the struct randomization plugin
> + 18 _/N 262144 an in-kernel test (such as a KUnit test) has been run
I think mentioning just kunit fuzzes its interpretation here.
Best to keep that out.
Other than that:
Acked-by: Luis Chamberlain <mcgrof@...nel.org>
Luis
Powered by blists - more mailing lists