| Message ID | 4-v4-0cf4ec3b8143+4995-fwctl_jgg@nvidia.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers | show |
| Series | Introduce fwctl subystem | expand |
On Thu, 6 Feb 2025 20:13:26 -0400 Jason Gunthorpe <jgg@nvidia.com> wrote: > Requesting a fwctl scope of access that includes mutating device debug > data will cause the kernel to be tainted. Changing the device operation > through things in the debug scope may cause the device to malfunction in > undefined ways. This should be reflected in the TAINT flags to help any > debuggers understand that something has been done. > > Signed-off-by: Jason Gunthorpe <jgg@nvidia.com> Not something I've ever directly touched before, so more eyes on this would be good, but FWIW looks inline with other flags and the general principle seems sensible to me. Reviewed-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
On 2/6/25 5:13 PM, Jason Gunthorpe wrote: > Requesting a fwctl scope of access that includes mutating device debug > data will cause the kernel to be tainted. Changing the device operation > through things in the debug scope may cause the device to malfunction in > undefined ways. This should be reflected in the TAINT flags to help any > debuggers understand that something has been done. > > Signed-off-by: Jason Gunthorpe <jgg@nvidia.com> Reviewed-by: Dave Jiang <dave.jiang@intel.com> > --- > Documentation/admin-guide/tainted-kernels.rst | 5 +++++ > include/linux/panic.h | 3 ++- > kernel/panic.c | 1 + > tools/debugging/kernel-chktaint | 8 ++++++++ > 4 files changed, 16 insertions(+), 1 deletion(-) > > diff --git a/Documentation/admin-guide/tainted-kernels.rst b/Documentation/admin-guide/tainted-kernels.rst > index 700aa72eecb169..a0cc017e44246f 100644 > --- a/Documentation/admin-guide/tainted-kernels.rst > +++ b/Documentation/admin-guide/tainted-kernels.rst > @@ -101,6 +101,7 @@ Bit Log Number Reason that got the kernel tainted > 16 _/X 65536 auxiliary taint, defined for and used by distros > 17 _/T 131072 kernel was built with the struct randomization plugin > 18 _/N 262144 an in-kernel test has been run > + 19 _/J 524288 userspace used a mutating debug operation in fwctl > === === ====== ======================================================== > > Note: The character ``_`` is representing a blank in this table to make reading > @@ -184,3 +185,7 @@ More detailed explanation for tainting > build time. > > 18) ``N`` if an in-kernel test, such as a KUnit test, has been run. > + > + 19) ``J`` if userpace opened /dev/fwctl/* and performed a FWTCL_RPC_DEBUG_WRITE > + to use the devices debugging features. Device debugging features could > + cause the device to malfunction in undefined ways. > diff --git a/include/linux/panic.h b/include/linux/panic.h > index 54d90b6c5f47bd..2494d51707ef42 100644 > --- a/include/linux/panic.h > +++ b/include/linux/panic.h > @@ -74,7 +74,8 @@ static inline void set_arch_panic_timeout(int timeout, int arch_default_timeout) > #define TAINT_AUX 16 > #define TAINT_RANDSTRUCT 17 > #define TAINT_TEST 18 > -#define TAINT_FLAGS_COUNT 19 > +#define TAINT_FWCTL 19 > +#define TAINT_FLAGS_COUNT 20 > #define TAINT_FLAGS_MAX ((1UL << TAINT_FLAGS_COUNT) - 1) > > struct taint_flag { > diff --git a/kernel/panic.c b/kernel/panic.c > index d8635d5cecb250..0c55eec9e8744a 100644 > --- a/kernel/panic.c > +++ b/kernel/panic.c > @@ -511,6 +511,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = { > TAINT_FLAG(AUX, 'X', ' ', true), > TAINT_FLAG(RANDSTRUCT, 'T', ' ', true), > TAINT_FLAG(TEST, 'N', ' ', true), > + TAINT_FLAG(FWCTL, 'J', ' ', true), > }; > > #undef TAINT_FLAG > diff --git a/tools/debugging/kernel-chktaint b/tools/debugging/kernel-chktaint > index 279be06332be99..e7da0909d09707 100755 > --- a/tools/debugging/kernel-chktaint > +++ b/tools/debugging/kernel-chktaint > @@ -204,6 +204,14 @@ else > echo " * an in-kernel test (such as a KUnit test) has been run (#18)" > fi > > +T=`expr $T / 2` > +if [ `expr $T % 2` -eq 0 ]; then > + addout " " > +else > + addout "J" > + echo " * fwctl's mutating debug interface was used (#19)" > +fi > + > echo "For a more detailed explanation of the various taint flags see" > echo " Documentation/admin-guide/tainted-kernels.rst in the Linux kernel sources" > echo " or https://kernel.org/doc/html/latest/admin-guide/tainted-kernels.html"
diff --git a/Documentation/admin-guide/tainted-kernels.rst b/Documentation/admin-guide/tainted-kernels.rst index 700aa72eecb169..a0cc017e44246f 100644 --- a/Documentation/admin-guide/tainted-kernels.rst +++ b/Documentation/admin-guide/tainted-kernels.rst @@ -101,6 +101,7 @@ Bit Log Number Reason that got the kernel tainted 16 _/X 65536 auxiliary taint, defined for and used by distros 17 _/T 131072 kernel was built with the struct randomization plugin 18 _/N 262144 an in-kernel test has been run + 19 _/J 524288 userspace used a mutating debug operation in fwctl === === ====== ======================================================== Note: The character ``_`` is representing a blank in this table to make reading @@ -184,3 +185,7 @@ More detailed explanation for tainting build time. 18) ``N`` if an in-kernel test, such as a KUnit test, has been run. + + 19) ``J`` if userpace opened /dev/fwctl/* and performed a FWTCL_RPC_DEBUG_WRITE + to use the devices debugging features. Device debugging features could + cause the device to malfunction in undefined ways. diff --git a/include/linux/panic.h b/include/linux/panic.h index 54d90b6c5f47bd..2494d51707ef42 100644 --- a/include/linux/panic.h +++ b/include/linux/panic.h @@ -74,7 +74,8 @@ static inline void set_arch_panic_timeout(int timeout, int arch_default_timeout) #define TAINT_AUX 16 #define TAINT_RANDSTRUCT 17 #define TAINT_TEST 18 -#define TAINT_FLAGS_COUNT 19 +#define TAINT_FWCTL 19 +#define TAINT_FLAGS_COUNT 20 #define TAINT_FLAGS_MAX ((1UL << TAINT_FLAGS_COUNT) - 1) struct taint_flag { diff --git a/kernel/panic.c b/kernel/panic.c index d8635d5cecb250..0c55eec9e8744a 100644 --- a/kernel/panic.c +++ b/kernel/panic.c @@ -511,6 +511,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = { TAINT_FLAG(AUX, 'X', ' ', true), TAINT_FLAG(RANDSTRUCT, 'T', ' ', true), TAINT_FLAG(TEST, 'N', ' ', true), + TAINT_FLAG(FWCTL, 'J', ' ', true), }; #undef TAINT_FLAG diff --git a/tools/debugging/kernel-chktaint b/tools/debugging/kernel-chktaint index 279be06332be99..e7da0909d09707 100755 --- a/tools/debugging/kernel-chktaint +++ b/tools/debugging/kernel-chktaint @@ -204,6 +204,14 @@ else echo " * an in-kernel test (such as a KUnit test) has been run (#18)" fi +T=`expr $T / 2` +if [ `expr $T % 2` -eq 0 ]; then + addout " " +else + addout "J" + echo " * fwctl's mutating debug interface was used (#19)" +fi + echo "For a more detailed explanation of the various taint flags see" echo " Documentation/admin-guide/tainted-kernels.rst in the Linux kernel sources" echo " or https://kernel.org/doc/html/latest/admin-guide/tainted-kernels.html"
Requesting a fwctl scope of access that includes mutating device debug data will cause the kernel to be tainted. Changing the device operation through things in the debug scope may cause the device to malfunction in undefined ways. This should be reflected in the TAINT flags to help any debuggers understand that something has been done. Signed-off-by: Jason Gunthorpe <jgg@nvidia.com> --- Documentation/admin-guide/tainted-kernels.rst | 5 +++++ include/linux/panic.h | 3 ++- kernel/panic.c | 1 + tools/debugging/kernel-chktaint | 8 ++++++++ 4 files changed, 16 insertions(+), 1 deletion(-)