summaryrefslogtreecommitdiff
path: root/kernel
diff options
context:
space:
mode:
authorDavid Gow <davidgow@google.com>2022-07-01 16:47:41 +0800
committerShuah Khan <skhan@linuxfoundation.org>2022-07-01 16:38:35 -0600
commit2852ca7fba9f77b204f0fe953b31fadd0057c936 (patch)
treef1115190292206c03e129a4b5c579e976ff9d03c /kernel
parentf2906aa863381afb0015a9eb7fefad885d4e5a56 (diff)
downloadlwn-2852ca7fba9f77b204f0fe953b31fadd0057c936.tar.gz
lwn-2852ca7fba9f77b204f0fe953b31fadd0057c936.zip
panic: Taint kernel if tests are run
Most in-kernel tests (such as KUnit tests) are not supposed to run on production systems: they may do deliberately illegal things to trigger errors, and have security implications (for example, KUnit assertions will often deliberately leak kernel addresses). Add a new taint type, TAINT_TEST to signal that a test has been run. This will be printed as 'N' (originally for kuNit, as every other sensible letter was taken.) This should discourage people from running these tests on production systems, and to make it easier to tell if tests have been run accidentally (by loading the wrong configuration, etc.) Acked-by: Luis Chamberlain <mcgrof@kernel.org> Reviewed-by: Brendan Higgins <brendanhiggins@google.com> Signed-off-by: David Gow <davidgow@google.com> Signed-off-by: Shuah Khan <skhan@linuxfoundation.org>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/panic.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/kernel/panic.c b/kernel/panic.c
index a3c758dba15a..6b3369e21026 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -428,6 +428,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
[ TAINT_LIVEPATCH ] = { 'K', ' ', true },
[ TAINT_AUX ] = { 'X', ' ', true },
[ TAINT_RANDSTRUCT ] = { 'T', ' ', true },
+ [ TAINT_TEST ] = { 'N', ' ', true },
};
/**