| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 8 Jul 2022 12:48:47 +0800
From: David Gow <davidgow@...gle.com>
To: Brendan Higgins <brendanhiggins@...gle.com>,
Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
Jonathan Corbet <corbet@....net>,
Andrew Morton <akpm@...ux-foundation.org>,
Kees Cook <keescook@...omium.org>,
Shuah Khan <skhan@...uxfoundation.org>,
Greg KH <gregkh@...uxfoundation.org>,
Luis Chamberlain <mcgrof@...nel.org>,
Masahiro Yamada <masahiroy@...nel.org>,
Nathan Chancellor <nathan@...nel.org>
Cc: David Gow <davidgow@...gle.com>,
"Guilherme G . Piccoli" <gpiccoli@...lia.com>,
Sebastian Reichel <sre@...nel.org>,
John Ogness <john.ogness@...utronix.de>,
Joe Fradley <joefradley@...gle.com>,
Daniel Latypov <dlatypov@...gle.com>,
kunit-dev@...glegroups.com, linux-kselftest@...r.kernel.org,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
Jani Nikula <jani.nikula@...ux.intel.com>,
Lucas De Marchi <lucas.demarchi@...el.com>,
Aaron Tomlin <atomlin@...hat.com>,
linux-fsdevel@...r.kernel.org, linux-block@...r.kernel.org,
Michal Marek <michal.lkml@...kovi.net>,
Nick Desaulniers <ndesaulniers@...gle.com>,
linux-kbuild@...r.kernel.org
Subject: [PATCH v6 4/4] selftest: Taint kernel when test module loaded
Make any kselftest test module (using the kselftest_module framework)
taint the kernel with TAINT_TEST on module load.
Also mark the module as a test module using MODULE_INFO(test, "Y") so
that other tools can tell this is a test module. We can't rely solely
on this, though, as these test modules are also often built-in.
Finally, update the kselftest documentation to mention that the kernel
should be tainted, and how to do so manually (as below).
Note that several selftests use kernel modules which are not based on
the kselftest_module framework, and so will not automatically taint the
kernel.
This can be done in two ways:
- Moving the module to the tools/testing directory. All modules under
this directory will taint the kernel.
- Adding the 'test' module property with:
MODULE_INFO(test, "Y")
Similarly, selftests which do not load modules into the kernel generally
should not taint the kernel (or possibly should only do so on failure),
as it's assumed that testing from user-space should be safe. Regardless,
they can write to /proc/sys/kernel/tainted if required.
Reviewed-by: Luis Chamberlain <mcgrof@...nel.org>
Acked-by: Brendan Higgins <brendanhiggins@...gle.com>
Signed-off-by: David Gow <davidgow@...gle.com>
---
Changes since v5:
https://lore.kernel.org/linux-kselftest/20220702040959.3232874-4-davidgow@google.com/
- Add Brendan's Acked-by tag.
Changes since v4:
https://lore.kernel.org/lkml/20220513083212.3537869-3-davidgow@google.com/
- Actually use the new TAINT_TEST name, instead of TAINT_KUNIT
(Thanks, kernel-test-robot)
- Document how to use this (or MODULE_INFO()) to taint the kernel.
(Thanks, Luis)
- Also add MODULE_INFO(test, "Y") to embed the fact that this is a
test module into the .ko
- Nothing depends on it now, but it should allow us to tell this is
a test module without executing it in the future.
No changes since v3:
https://lore.kernel.org/lkml/20220513083212.3537869-3-davidgow@google.com/
---
Documentation/dev-tools/kselftest.rst | 9 +++++++++
tools/testing/selftests/kselftest_module.h | 4 ++++
2 files changed, 13 insertions(+)
diff --git a/Documentation/dev-tools/kselftest.rst b/Documentation/dev-tools/kselftest.rst
index a833ecf12fbc..1096a9833550 100644
--- a/Documentation/dev-tools/kselftest.rst
+++ b/Documentation/dev-tools/kselftest.rst
@@ -250,6 +250,14 @@ assist writing kernel modules that are for use with kselftest:
- ``tools/testing/selftests/kselftest_module.h``
- ``tools/testing/selftests/kselftest/module.sh``
+Note that test modules should taint the kernel with TAINT_TEST. This will
+happen automatically for modules which are in the ``tools/testing/``
+directory, or for modules which use the ``kselftest_module.h`` header above.
+Otherwise, you'll need to add ``MODULE_INFO(test, "Y")`` to your module
+source. selftests which do not load modules typically should not taint the
+kernel, but in cases where a non-test module is loaded, TEST_TAINT can be
+applied from userspace by writing to ``/proc/sys/kernel/tainted``.
+
How to use
----------
@@ -308,6 +316,7 @@ A bare bones test module might look like this:
KSTM_MODULE_LOADERS(test_foo);
MODULE_AUTHOR("John Developer <jd@...man.org>");
MODULE_LICENSE("GPL");
+ MODULE_INFO(test, "Y");
Example test script
-------------------
diff --git a/tools/testing/selftests/kselftest_module.h b/tools/testing/selftests/kselftest_module.h
index e2ea41de3f35..63cd7487373f 100644
--- a/tools/testing/selftests/kselftest_module.h
+++ b/tools/testing/selftests/kselftest_module.h
@@ -3,6 +3,7 @@
#define __KSELFTEST_MODULE_H
#include <linux/module.h>
+#include <linux/panic.h>
/*
* Test framework for writing test modules to be loaded by kselftest.
@@ -41,6 +42,7 @@ static inline int kstm_report(unsigned int total_tests, unsigned int failed_test
static int __init __module##_init(void) \
{ \
pr_info("loaded.\n"); \
+ add_taint(TAINT_TEST, LOCKDEP_STILL_OK); \
selftest(); \
return kstm_report(total_tests, failed_tests, skipped_tests); \
} \
@@ -51,4 +53,6 @@ static void __exit __module##_exit(void) \
module_init(__module##_init); \
module_exit(__module##_exit)
+MODULE_INFO(test, "Y");
+
#endif /* __KSELFTEST_MODULE_H */
--
2.37.0.rc0.161.g10f37bed90-goog
Powered by blists - more mailing lists