[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y3vSQo85ofkfD/L8@zn.tnic>
Date: Mon, 21 Nov 2022 20:32:18 +0100
From: Borislav Petkov <bp@...en8.de>
To: Steven Rostedt <rostedt@...dmis.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Masami Hiramatsu <mhiramat@...nel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Peter Zijlstra <peterz@...radead.org>,
Kees Cook <keescook@...omium.org>,
Josh Poimboeuf <jpoimboe@...hat.com>,
KP Singh <kpsingh@...nel.org>, Chris Mason <clm@...a.com>,
Mark Rutland <mark.rutland@....com>,
Alexei Starovoitov <alexei.starovoitov@...il.com>,
Florent Revest <revest@...omium.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Christoph Hellwig <hch@...radead.org>
Subject: Re: [PATCH] error-injection: Add prompt for function error injection
On Mon, Nov 21, 2022 at 10:44:03AM -0500, Steven Rostedt wrote:
> From: "Steven Rostedt (Google)" <rostedt@...dmis.org>
>
> The config to be able to inject error codes into any function annotated
> with ALLOW_ERROR_INJECTION() is enabled when CONFIG_FUNCTION_ERROR_INJECTION
> is enabled. But unfortunately, this is always enabled on x86 when KPROBES
> is enabled, and there's no way to turn it off.
>
> As kprobes is useful for observability of the kernel, it is useful to have
> it enabled in production environments. But error injection should be
> avoided. Add a prompt to the config to allow it to be disabled even when
> kprobes is enabled, and get rid of the "def_bool y".
>
> This is a kernel debug feature (it's in Kconfig.debug), and should have
> never been something enabled by default.
>
> Cc: stable@...r.kernel.org
> Fixes: 540adea3809f6 ("error-injection: Separate error-injection from kprobe")
> Signed-off-by: Steven Rostedt (Google) <rostedt@...dmis.org>
> ---
> lib/Kconfig.debug | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
As stated on another thread, debugging production kernels where folks
have been injecting errors into functions is not something anyone would
like to and have to do. Especially if from looking at system dumps, it
is not even clear what has been injected and why, rendering the system
unstable and the issue probably unreproducible.
Acked-by: Borislav Petkov <bp@...e.de>
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists