Received: by 2002:ac0:cd04:0:0:0:0:0 with SMTP id w4csp481883imn;
        Fri, 1 Jul 2022 21:26:39 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1s20yOQBfsXGdSE5MzUn8RUJ9lvYCPPsd1LhGhmLC4yddQpkVUSxKoa13daOui30eZWYwpc
X-Received: by 2002:a17:907:30cb:b0:722:e898:c9c8 with SMTP id vl11-20020a17090730cb00b00722e898c9c8mr17903877ejb.465.1656735999385;
        Fri, 01 Jul 2022 21:26:39 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1656735999; cv=none;
        d=google.com; s=arc-20160816;
        b=stRZ5JB3vnvwKw3Hrh6kdfi/b5bfjMYCxo0R78plV0MW5TypzPPa7XHqHzIiaqMWkv
         ZQe2vrXY7AM3DuoK1r5nyylabxyUTuWm+BQRVwoarWw9Yb7v9WN6WNBEEjDRHyBOifSu
         jnUvEa+L0S/SPfGqaw3qLXqwqYMmQzBdNrsVLfh7zgQ2KHTVRUlyxf5IcV/yzCU5hWpy
         TbvWjlP8zFN/ftmTO8pw9yMDj/X5RKtuEK2ibRHlrKqRJgI0eMKEoKAR9GdbKL2Ah8Fx
         Xcs5nTf128iaNCiObdxwN4qAwa3l7BONtpFCEIrmKXOzYwtXbr20ckUgmJMjIepWnG7F
         DUyQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:from:subject:mime-version:message-id:date
         :dkim-signature;
        bh=JYBUfu4dRUjoMzW6ZjvMbfNS2SXXbcilGbZXDricLmU=;
        b=cPhX5Hlgh21i3FNGOdTLagOqyEoWlWMeGU1AQiHKHBFne0ZDNCMRQLsXV2eV3q2DrH
         TmFhPgXH2ShKyUbZMXeCucX9aZL254Kmx2mhCy+hzunoJZtWdO6nobLTgfjetYlzbixa
         siXP2c+li232iSiLfji6nwR4NW1muVm6kj2PPRvi0xUcClZfRU4+/LGPfyeAvBS5bOE1
         iewhVGmQ71qyhgwmHzR86aL6wqzmYBFqNk7L/oCVOsfLM8fQrs0k4TrNsC314yjZyx3Y
         vYZ/1D231/2mcRFxu4de0deeTOm6grMtDqSBarIxbbwvmiU6+muqMBu7RLcVKNAiAHIU
         sfEQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=M4MJU8Zt;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id v24-20020a509558000000b0043576e473dcsi2854215eda.535.2022.07.01.21.25.48;
        Fri, 01 Jul 2022 21:26:39 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20210112 header.b=M4MJU8Zt;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229951AbiGBEKK (ORCPT <rfc822;alexanderschnackenberg@gmail.com>
        + 99 others); Sat, 2 Jul 2022 00:10:10 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48970 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231382AbiGBEKG (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Sat, 2 Jul 2022 00:10:06 -0400
Received: from mail-pj1-x1049.google.com (mail-pj1-x1049.google.com [IPv6:2607:f8b0:4864:20::1049])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AB96830560
        for <linux-kernel@vger.kernel.org>; Fri,  1 Jul 2022 21:10:05 -0700 (PDT)
Received: by mail-pj1-x1049.google.com with SMTP id lt7-20020a17090b354700b001ec8364bed0so2149882pjb.5
        for <linux-kernel@vger.kernel.org>; Fri, 01 Jul 2022 21:10:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=date:message-id:mime-version:subject:from:to:cc;
        bh=JYBUfu4dRUjoMzW6ZjvMbfNS2SXXbcilGbZXDricLmU=;
        b=M4MJU8ZtAznGxGY7dmrESXmUeUdfwxVXaZ3LRTPPliqlD1cjIRvh0Kuu9p+55etK+G
         ssHoq9j+4VuU5ypw24KgRs00V2EOx2rP48tiZMH3uEzPs5p/ypPIdoka9KFEA9LJXTQO
         YzLU4cyHzky6gMG3CCcxBVEGqCTRajbCWW4NYFEUTUqpbATF8M7Foysv+CtQISLM5ZIn
         NqDoOQcVM5GL1QMEgtyJy0tUXiAoJs9bGYtAqIcihC0i09A0y5JYYaQ8ShZs5hbaZmqC
         weflkr6UfyLGZSWRz6003TMwH7ooADO1uCeZg7H3kRFgDmJ/5xwajyv+Vd3nEvcakbue
         TLqQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc;
        bh=JYBUfu4dRUjoMzW6ZjvMbfNS2SXXbcilGbZXDricLmU=;
        b=4sJsnG+sdnL03IADq9xjhqquSv80U4O2LRVm513tFOmzG70QZ6SsaHEdZwUrtKoy6s
         aoVs1cBgwzYVsMqxkk7HXVv+7a4KPqPGKlU83sONV+xURdO6BjaO361WNfOSlAiwSDTT
         QLipKwzTN6YKgLgwbCzzKAvhEfs9rAk1NodtQz6Ehi/k7GdV2TQoRGT3uRbZ8r24LB7S
         DDpv0k/dfnu3IjUXlhoKfnkEvI0Am++rOu2BkWQ8/FL2hPV9a5vE7Xm6rHAS/QUs/d6i
         rrKfBBx/8HdG5X80hOgWbLm4uD/hDUeoNuCb70xnO4K509li+sPARUTWubWwvKdC2uft
         BAng==
X-Gm-Message-State: AJIora+3QqJACSJ70NVcZcRcubtY0FAUx6gTmNPN/Shh29/oGCLrpPxD
        yA35+QOMrainlmpVnppo2yGCb0kQDViLdQ==
X-Received: from slicestar.c.googlers.com ([fda3:e722:ac3:cc00:4f:4b78:c0a8:20a1])
 (user=davidgow job=sendgmr) by 2002:a05:6a00:c84:b0:528:3c39:f42d with SMTP
 id a4-20020a056a000c8400b005283c39f42dmr4507362pfv.76.1656735004933; Fri, 01
 Jul 2022 21:10:04 -0700 (PDT)
Date:   Sat,  2 Jul 2022 12:09:56 +0800
Message-Id: <20220702040959.3232874-1-davidgow@google.com>
Mime-Version: 1.0
X-Mailer: git-send-email 2.37.0.rc0.161.g10f37bed90-goog
Subject: [PATCH v5 1/4] panic: Taint kernel if tests are run
From:   David Gow <davidgow@google.com>
To:     Brendan Higgins <brendanhiggins@google.com>,
        Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
        Jonathan Corbet <corbet@lwn.net>,
        Andrew Morton <akpm@linux-foundation.org>,
        Kees Cook <keescook@chromium.org>,
        Shuah Khan <skhan@linuxfoundation.org>,
        Greg KH <gregkh@linuxfoundation.org>,
        Luis Chamberlain <mcgrof@kernel.org>,
        Masahiro Yamada <masahiroy@kernel.org>
Cc:     David Gow <davidgow@google.com>,
        "Guilherme G . Piccoli" <gpiccoli@igalia.com>,
        Sebastian Reichel <sre@kernel.org>,
        John Ogness <john.ogness@linutronix.de>,
        Joe Fradley <joefradley@google.com>,
        Daniel Latypov <dlatypov@google.com>,
        kunit-dev@googlegroups.com, linux-kselftest@vger.kernel.org,
        linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org,
        Jani Nikula <jani.nikula@linux.intel.com>,
        Lucas De Marchi <lucas.demarchi@intel.com>,
        Aaron Tomlin <atomlin@redhat.com>,
        linux-fsdevel@vger.kernel.org, linux-block@vger.kernel.org,
        Michal Marek <michal.lkml@markovi.net>,
        Nick Desaulniers <ndesaulniers@google.com>,
        linux-kbuild@vger.kernel.org
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-9.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,
        SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL
        autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Most in-kernel tests (such as KUnit tests) are not supposed to run on
production systems: they may do deliberately illegal things to trigger
errors, and have security implications (for example, KUnit assertions
will often deliberately leak kernel addresses).

Add a new taint type, TAINT_TEST to signal that a test has been run.
This will be printed as 'N' (originally for kuNit, as every other
sensible letter was taken.)

This should discourage people from running these tests on production
systems, and to make it easier to tell if tests have been run
accidentally (by loading the wrong configuration, etc.)

Acked-by: Luis Chamberlain <mcgrof@kernel.org>
Reviewed-by: Brendan Higgins <brendanhiggins@google.com>
Signed-off-by: David Gow <davidgow@google.com>
---
 Documentation/admin-guide/tainted-kernels.rst | 1 +
 include/linux/panic.h                         | 3 ++-
 kernel/panic.c                                | 1 +
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/Documentation/admin-guide/tainted-kernels.rst b/Documentation/admin-guide/tainted-kernels.rst
index ceeed7b0798d..7d80e8c307d1 100644
--- a/Documentation/admin-guide/tainted-kernels.rst
+++ b/Documentation/admin-guide/tainted-kernels.rst
@@ -100,6 +100,7 @@ Bit  Log  Number  Reason that got the kernel tainted
  15  _/K   32768  kernel has been live patched
  16  _/X   65536  auxiliary taint, defined for and used by distros
  17  _/T  131072  kernel was built with the struct randomization plugin
+ 18  _/N  262144  an in-kernel test has been run
 ===  ===  ======  ========================================================
 
 Note: The character ``_`` is representing a blank in this table to make reading
diff --git a/include/linux/panic.h b/include/linux/panic.h
index e71161da69c4..c7759b3f2045 100644
--- a/include/linux/panic.h
+++ b/include/linux/panic.h
@@ -68,7 +68,8 @@ static inline void set_arch_panic_timeout(int timeout, int arch_default_timeout)
 #define TAINT_LIVEPATCH			15
 #define TAINT_AUX			16
 #define TAINT_RANDSTRUCT		17
-#define TAINT_FLAGS_COUNT		18
+#define TAINT_TEST			18
+#define TAINT_FLAGS_COUNT		19
 #define TAINT_FLAGS_MAX			((1UL << TAINT_FLAGS_COUNT) - 1)
 
 struct taint_flag {
diff --git a/kernel/panic.c b/kernel/panic.c
index a3c758dba15a..6b3369e21026 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -428,6 +428,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
 	[ TAINT_LIVEPATCH ]		= { 'K', ' ', true },
 	[ TAINT_AUX ]			= { 'X', ' ', true },
 	[ TAINT_RANDSTRUCT ]		= { 'T', ' ', true },
+	[ TAINT_TEST ]			= { 'N', ' ', true },
 };
 
 /**
-- 
2.37.0.rc0.161.g10f37bed90-goog