lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <a842c1c1-948c-40bd-b564-9b746be69cd2@leemhuis.info>
Date: Tue, 28 Oct 2025 11:05:00 +0100
From: Thorsten Leemhuis <linux@...mhuis.info>
To: Randy Dunlap <rdunlap@...radead.org>, linux-kernel@...r.kernel.org
Cc: Jonathan Corbet <corbet@....net>, linux-doc@...r.kernel.org
Subject: Re: [PATCH] kernel-chktaint: add reporting for tainted modules

On 10/28/25 08:12, Randy Dunlap wrote:
> Check all loaded modules and report any that have their 'taint'
> flags set along with a count of all tainted modules.
> The tainted module output format is:
> <module_name>: taint=<flags>
> 
> Example output:
> 
> Kernel is "tainted" for the following reasons:
>  * externally-built ('out-of-tree') module was loaded  (#12)
>  * unsigned module was loaded (#13)
> Raw taint value as int/string: 12288/'G           OE      '

I wonder if it would be easier more readable if the format used above...
> Modules tainted: count=1
> dump_test: taint=OE

...would be reused here somewhat. Like this maybe?

Modules tainted: 1
 * dump_test (OE)

Anyway:

Acked-by: Thorsten Leemhuis <linux@...mhuis.info>

Ciao, Thorsten
> Signed-off-by: Randy Dunlap <rdunlap@...radead.org>
> ---
> Cc: Thorsten Leemhuis <linux@...mhuis.info>
> Cc: Jonathan Corbet <corbet@....net>
> Cc: linux-doc@...r.kernel.org
> ---
>  tools/debugging/kernel-chktaint |   17 ++++++++++++++++-
>  1 file changed, 16 insertions(+), 1 deletion(-)
> 
> --- linux-next-20251027.orig/tools/debugging/kernel-chktaint
> +++ linux-next-20251027/tools/debugging/kernel-chktaint
> @@ -211,9 +211,24 @@ else
>  	addout "J"
>  	echo " * fwctl's mutating debug interface was used (#19)"
>  fi
> +echo "Raw taint value as int/string: $taint/'$out'"
> +
> +# report on any tainted loadable modules
> +[ -r /sys/module/ ] && cnt=`grep [A-Z] /sys/module/*/taint | wc -l` || cnt=0
>  
> +if [ $cnt -ne 0 ]; then
> +	echo
> +	echo "Modules tainted: count=$cnt"
> +	for dir in `ls /sys/module` ; do
> +		if [ -r /sys/module/$dir/taint ]; then
> +			modtnt=`cat /sys/module/$dir/taint`
> +			[ "$modtnt" = "" ] || echo "$dir: taint=$modtnt"
> +		fi
> +	done
> +fi
> +
> +echo
>  echo "For a more detailed explanation of the various taint flags see"
>  echo " Documentation/admin-guide/tainted-kernels.rst in the Linux kernel sources"
>  echo " or https://kernel.org/doc/html/latest/admin-guide/tainted-kernels.html"
> -echo "Raw taint value as int/string: $taint/'$out'"
>  #EOF#
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ