Received: by 2002:ac0:a5b6:0:0:0:0:0 with SMTP id m51-v6csp884476imm; Thu, 31 May 2018 11:04:50 -0700 (PDT) X-Google-Smtp-Source: ADUXVKJ81pO/AeOZU6FHxfIc7Vfc3Ej73OEaJqye6sbdR+j35E7xP+YvjSOCpamfdgrN3ZsgMgu+ X-Received: by 2002:a65:4c87:: with SMTP id m7-v6mr6460459pgt.364.1527789890227; Thu, 31 May 2018 11:04:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1527789890; cv=none; d=google.com; s=arc-20160816; b=zeDem8mm7LT/5y7nyBn0dS1SXpmhzman26G2s+tWgOOQ9QdAb3gByLQBUWY6THo2M6 FNBHsUa3iEuZP0NgNCL4dPnlT9a4Jl89klKiBsZnfHUAq7nV0aIO7FSA/Dexu8OVL66R wCn0CGIo9gh6vMUnCvt80YaE0aswccI7RkowERspyWRvt25z1YGAfoueybYeiYGnPJQU qt+CyKuANIyH/lyHmpTbae1HZlg6tOcOG9K0CZ46DRd1s6/BVXxdiIVYsmxgerU5bdNB MlJxdyAn9XYyNIxjfeFA+LijcA6TXYlO4FaFmdyKP3vnldb7DmdfKWGwRnxd3lyuBgSt nm5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=ANazNOayx2EWt3IVKO02lbNQSsv6N88ji7rkjR4mXws=; b=h2ghnzcs/DAjnSToliHA4wHl9eZZ9MwdbNaN30Mmf8GHBC22EYW/scBLx1hZXriX0T bKYSlOjNbl1tgKaN9bVHIPm+U8ZCbjuVArM2cLx7q0QD2EuE8QHZjV//WqX6FX7FraFo 0rsE+kIziFYYJiBTc62Hk+57PzgyfP6CrDyX6D25rciGnVuuLAepGFO7D5Y+sOd0zLNx h8DsC6qGdAIGozj85BB+Yp8S81rC1IpkJ4UhzojjFbm0HyIb3zT4mM0OzE1gO2PbcwY8 7Eq8JPaprKDKF0GxI0oiv76BdxKrBYehcl9SvxFJLz3RKlH4fkYg88nvNYFiHrH+olRT H4aQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f9-v6si29754568pgt.625.2018.05.31.11.04.35; Thu, 31 May 2018 11:04:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756042AbeEaSB5 (ORCPT + 99 others); Thu, 31 May 2018 14:01:57 -0400 Received: from mga01.intel.com ([192.55.52.88]:18561 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755937AbeEaR67 (ORCPT ); Thu, 31 May 2018 13:58:59 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 31 May 2018 10:58:57 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.49,463,1520924400"; d="scan'208";a="60725515" Received: from chang-linux-2.sc.intel.com ([10.3.52.139]) by orsmga001.jf.intel.com with ESMTP; 31 May 2018 10:58:56 -0700 From: "Chang S. Bae" To: Andy Lutomirski , "H . Peter Anvin" , Thomas Gleixner , Ingo Molnar Cc: Andi Kleen , Dave Hansen , Markus T Metzger , "Ravi V . Shankar" , "Chang S . Bae" , linux-kernel@vger.kernel.org Subject: [PATCH V2 06/15] taint: Add taint for insecure Date: Thu, 31 May 2018 10:58:36 -0700 Message-Id: <1527789525-8857-7-git-send-email-chang.seok.bae@intel.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1527789525-8857-1-git-send-email-chang.seok.bae@intel.com> References: <1527789525-8857-1-git-send-email-chang.seok.bae@intel.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org When adding new feature support, patches need to be incrementally applied and tested with temporal parameters. For such testing (or root-only) purposes, the new flag will serve to tag the kernel taint state properly. Suggested-by: H. Peter Anvin Signed-off-by: Chang S. Bae Cc: Andy Lutomirski Cc: Andi Kleen Cc: Dave Hansen Cc: Thomas Gleixner Cc: Ingo Molnar --- Documentation/sysctl/kernel.txt | 1 + include/linux/kernel.h | 3 ++- kernel/panic.c | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/Documentation/sysctl/kernel.txt b/Documentation/sysctl/kernel.txt index eded671d..06c4009 100644 --- a/Documentation/sysctl/kernel.txt +++ b/Documentation/sysctl/kernel.txt @@ -992,6 +992,7 @@ ORed together. The letters are seen in "Tainted" line of Oops reports. 32768 (K): The kernel has been live patched. 65536 (X): Auxiliary taint, defined and used by for distros. 131072 (T): The kernel was built with the struct randomization plugin. +262144 (Z): The kernel is running in a known insecure configuration. ============================================================== diff --git a/include/linux/kernel.h b/include/linux/kernel.h index 6a1eb0b..7051415 100644 --- a/include/linux/kernel.h +++ b/include/linux/kernel.h @@ -563,7 +563,8 @@ extern enum system_states { #define TAINT_LIVEPATCH 15 #define TAINT_AUX 16 #define TAINT_RANDSTRUCT 17 -#define TAINT_FLAGS_COUNT 18 +#define TAINT_INSECURE 18 +#define TAINT_FLAGS_COUNT 19 struct taint_flag { char c_true; /* character printed when tainted */ diff --git a/kernel/panic.c b/kernel/panic.c index 42e4874..53ea36a 100644 --- a/kernel/panic.c +++ b/kernel/panic.c @@ -327,6 +327,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = { [ TAINT_LIVEPATCH ] = { 'K', ' ', true }, [ TAINT_AUX ] = { 'X', ' ', true }, [ TAINT_RANDSTRUCT ] = { 'T', ' ', true }, + [ TAINT_INSECURE ] = { 'Z', ' ', false }, }; /** -- 2.7.4