diff options
author | David Gow <davidgow@google.com> | 2022-07-01 16:47:41 +0800 |
---|---|---|
committer | Shuah Khan <skhan@linuxfoundation.org> | 2022-07-01 16:38:35 -0600 |
commit | 2852ca7fba9f77b204f0fe953b31fadd0057c936 (patch) | |
tree | f1115190292206c03e129a4b5c579e976ff9d03c /kernel | |
parent | f2906aa863381afb0015a9eb7fefad885d4e5a56 (diff) | |
download | lwn-2852ca7fba9f77b204f0fe953b31fadd0057c936.tar.gz lwn-2852ca7fba9f77b204f0fe953b31fadd0057c936.zip |
panic: Taint kernel if tests are run
Most in-kernel tests (such as KUnit tests) are not supposed to run on
production systems: they may do deliberately illegal things to trigger
errors, and have security implications (for example, KUnit assertions
will often deliberately leak kernel addresses).
Add a new taint type, TAINT_TEST to signal that a test has been run.
This will be printed as 'N' (originally for kuNit, as every other
sensible letter was taken.)
This should discourage people from running these tests on production
systems, and to make it easier to tell if tests have been run
accidentally (by loading the wrong configuration, etc.)
Acked-by: Luis Chamberlain <mcgrof@kernel.org>
Reviewed-by: Brendan Higgins <brendanhiggins@google.com>
Signed-off-by: David Gow <davidgow@google.com>
Signed-off-by: Shuah Khan <skhan@linuxfoundation.org>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/panic.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/kernel/panic.c b/kernel/panic.c index a3c758dba15a..6b3369e21026 100644 --- a/kernel/panic.c +++ b/kernel/panic.c @@ -428,6 +428,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = { [ TAINT_LIVEPATCH ] = { 'K', ' ', true }, [ TAINT_AUX ] = { 'X', ' ', true }, [ TAINT_RANDSTRUCT ] = { 'T', ' ', true }, + [ TAINT_TEST ] = { 'N', ' ', true }, }; /** |