Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp1377739iob;
        Sat, 14 May 2022 07:27:12 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwuS2EHmnCjuo64m4hSnmqi1NA6tVSgKv7oxUMIST8+jrrSa685H+AWnfx6OhVjCICw+lVp
X-Received: by 2002:a1c:44d6:0:b0:396:37df:e0e2 with SMTP id r205-20020a1c44d6000000b0039637dfe0e2mr7061547wma.75.1652538432484;
        Sat, 14 May 2022 07:27:12 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1652538432; cv=none;
        d=google.com; s=arc-20160816;
        b=ssp/K/sBwNccQEfRA5AznYoi2fW3hLjL+Hs5YAApBqobi47B0Oahf4M3aUVKYPrUew
         jfpq91gJfN87vRpzgVAyS17KfO8GkOsS0Nik4noUGb7qIVso6SRT8fBcyo/Oil4+A+Af
         nN1bZsru3wm+CuB8/X9zU/UBG+qh2vT5KM9H3nab/uL/EI8RvNQcrlFk/DrLFh3K1HDz
         hXewfopQMgKxm+dLgnHwLVAmddX6eKx+GRq/xAxOp3UPocrFYbxVd+tOITWKrB4gnVLi
         9lJv9vEBYLwA7zsfkB664CfcFNdtSq8QMb2i93XIF+GIL8r+Uuj+MJ3y4/znxf7UlN52
         H+CA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to
         :references:mime-version:dkim-signature;
        bh=Wqqxn5+q5xmPpZtFRIbD60XulpYnUc5+LRYDs7jEaLY=;
        b=Lf7Q3UeG8MS2AxLnFqFNcGzoT8VZmABqKfbjVI/b7GNS1Eg75PoeHt+FMtLAktfJWO
         lxRz22R9FraPrDB0vseeKQ45y4GGzeYMg2dWh9tiABLHVKNGGhHRyCFNbLfKFmyzmDv8
         tIJVnt94ikohl822HS52HmReo5p88lcYMgpRdWJ5Ia8EzgodHLTgG4LnseQMWTrT8M8e
         PjE+DMte6BqlrdGJUbePZ//u4Mr4ipCsu2Q+hOXzyyOy2820wvc4Byt/IBoO9/K0m6Wo
         CCjnXhn3E8qcFJ43hrPNvo6l2jq5z5T1pseos24yHuCFnFtnHfSlC7Y7Uno6zxwlkkKL
         gedQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=BRlzdhTV;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id az35-20020a05600c602300b0038cd677cbf4si5390230wmb.229.2022.05.14.07.26.27;
        Sat, 14 May 2022 07:27:12 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=BRlzdhTV;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230139AbiENIel (ORCPT <rfc822;sshegde.linux@gmail.com>
        + 99 others); Sat, 14 May 2022 04:34:41 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43226 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229733AbiENIei (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 14 May 2022 04:34:38 -0400
Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com [IPv6:2a00:1450:4864:20::329])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 15AA911E
        for <linux-kernel@vger.kernel.org>; Sat, 14 May 2022 01:34:36 -0700 (PDT)
Received: by mail-wm1-x329.google.com with SMTP id p189so5915957wmp.3
        for <linux-kernel@vger.kernel.org>; Sat, 14 May 2022 01:34:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=Wqqxn5+q5xmPpZtFRIbD60XulpYnUc5+LRYDs7jEaLY=;
        b=BRlzdhTV9zT8+bxHgq0iD5R/JhGL/k8jAR9b7CiU8hDeCgzVWFrrjTP0aHZq5tQ8XX
         3pYNl+Xbb81AWFyTev3K9GimQzlDxKm5/ng/W1WSUjRhKZN93OQN0hDCuANEnE1eNUL6
         +aUzBtR+QI4bADN71NUFlQC83QglUyIurXGuydMevh73G+uVG3TYo/sIvqErTRAzb58h
         nzGFgjXKmB/RG2aqyyKCKKFmMioLSkKXxX9GlafBjaZm1KrP7Lw/OTZCsI8ACoMpACYq
         Rphk6LNz2/OeuYMnsUUf1WipjrlSd1VS+CWBrGJUgfc8Muq8FPXmuSTbP+VZ/Q+iIMod
         U5zQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=Wqqxn5+q5xmPpZtFRIbD60XulpYnUc5+LRYDs7jEaLY=;
        b=d8aVNBsEsu3YawnA/jDQ31bo+QxQlwDRQa1yP5/1o3Hr7npk1DppyKBEvjr6jLTMqc
         8KryhobQHkAHMS7ntX3px+b8K/PM2SuYxhuQt85GoZsJeV63MQB5Zb7ZnlysmaxjVCI3
         k5FdjPZIpQGZQnnoYg16CUo/fYOVne6JVDoIfA3uAXFd5f2HZSe7HcZgE6BMhcQ2X32F
         60y/avhB0IVBg24M+afwRuqEBDPrQcn5RxkeO727ZSBXBw/rPAkg5c9W/pP/3X+pXvxR
         c1BJ+WwhPw1SzCrKXNiqlwi2kYT33ZkwIe3Sany9/roojLU9uW2ujORpPU2+H4cxquDG
         W0/Q==
X-Gm-Message-State: AOAM5332SAGvgCYOhV+Q0Ye3PhZeNF57kHNrT8cuLc0PRxfm/stl1Uj2
        kx8nGEgjxWsNBPQJ+rQClevKdtApvhWVz1AYVQMWVQ==
X-Received: by 2002:a05:600c:1d9f:b0:394:7a51:cb8b with SMTP id
 p31-20020a05600c1d9f00b003947a51cb8bmr8040011wms.163.1652517274539; Sat, 14
 May 2022 01:34:34 -0700 (PDT)
MIME-Version: 1.0
References: <20220429043913.626647-1-davidgow@google.com> <20220513083212.3537869-3-davidgow@google.com>
 <Yn57d1e6k8uv2uQj@bombadil.infradead.org>
In-Reply-To: <Yn57d1e6k8uv2uQj@bombadil.infradead.org>
From:   David Gow <davidgow@google.com>
Date:   Sat, 14 May 2022 16:34:23 +0800
Message-ID: <CABVgOSkhr6xfgXZWW6UdbU4MpAvqsDOsqVP0THsH0gVB949HjA@mail.gmail.com>
Subject: Re: [PATCH v3 3/3] selftest: Taint kernel when test module loaded
To:     Luis Chamberlain <mcgrof@kernel.org>
Cc:     Brendan Higgins <brendanhiggins@google.com>,
        Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
        Jonathan Corbet <corbet@lwn.net>,
        Andrew Morton <akpm@linux-foundation.org>,
        Kees Cook <keescook@chromium.org>,
        Shuah Khan <skhan@linuxfoundation.org>,
        Greg KH <gregkh@linuxfoundation.org>,
        "Guilherme G . Piccoli" <gpiccoli@igalia.com>,
        Sebastian Reichel <sre@kernel.org>,
        John Ogness <john.ogness@linutronix.de>,
        Joe Fradley <joefradley@google.com>,
        Daniel Latypov <dlatypov@google.com>,
        KUnit Development <kunit-dev@googlegroups.com>,
        "open list:KERNEL SELFTEST FRAMEWORK" 
        <linux-kselftest@vger.kernel.org>,
        "open list:DOCUMENTATION" <linux-doc@vger.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Jani Nikula <jani.nikula@linux.intel.com>,
        Lucas De Marchi <lucas.demarchi@intel.com>,
        Aaron Tomlin <atomlin@redhat.com>,
        linux-fsdevel@vger.kernel.org, linux-block@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
        ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,
        T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL
        autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, May 13, 2022 at 11:38 PM Luis Chamberlain <mcgrof@kernel.org> wrote:
>
> On Fri, May 13, 2022 at 04:32:13PM +0800, David Gow wrote:
> > Make any kselftest test module (using the kselftest_module framework)
> > taint the kernel with TAINT_TEST on module load.
> >
> > Note that several selftests use kernel modules which are not based on
> > the kselftest_module framework, and so will not automatically taint the
> > kernel. These modules will have to be manually modified if they should
> > taint the kernel this way.
> >
> > Similarly, selftests which do not load modules into the kernel generally
> > should not taint the kernel (or possibly should only do so on failure),
> > as it's assumed that testing from user-space should be safe. Regardless,
> > they can write to /proc/sys/kernel/tainted if required.
> >
> > Signed-off-by: David Gow <davidgow@google.com>
>
> Not all selftest modules use KSTM_MODULE_LOADERS() so I'd like to see a
> modpost target as well, otherwise this just covers a sliver of
> selftests.
>

My personal feeling is that the ideal way of solving this is actually
to port those modules which aren't using KSTM_MODULE_LOADERS() (or
KUnit, or some other system) to do so, or to otherwise manually tag
them as selftests and/or make them taint the kernel.

That being said, we can gain a bit my making the module-loading
helpers in kselftest/module.sh manually taint the kernel with
/proc/sys/kernel/tainted, which will catch quite a few of them (even
if tainting from userspace before they're loaded is suboptimal).

I've also started experimenting with a "test" MODULE_INFO field, which
modpost would add with the -t option. That still requires sprinkling
MODULE_INFO() everwhere, or the '-t' option to a bunch of makefiles,
or doing something more drastic to set it automatically for modules in
a given directory / makefile. Or the staging thing of checking the
directory / prefix in modpost.

I'll play around some more and have something to show in v4. (If we
have a MODULE_INFO field, we should use it for KUnit modules, but we'd
still have to taint the kernel manually for built-in tests anyway, so
it'd be redundant...)

-- David