Re: [PATCH 3/3] taint: Add taint for randstruct
On Fri, Feb 16, 2018 at 1:02 PM, Andrew Morton wrote: > On Thu, 15 Feb 2018 19:37:44 -0800 Kees Cook wrote: > >> --- a/Documentation/sysctl/kernel.txt >> +++ b/Documentation/sysctl/kernel.txt >> @@ -991,6 +991,7 @@ ORed together. The letters are seen in "Tainted" line of >> Oops reports. >> 16384 (L): A soft lockup has previously occurred on the system. >> 32768 (K): The kernel has been live patched. >> 65536 (X): Auxiliary taint, defined and used by for distros. >> +131072 (T): The kernel was built with the struct randomization plugin. > > Uncle. > > > From: Andrew Morton > Subject: Documentation/sysctl/kernel.txt: show taint codes in hex > > The decimal representation is getting a bit hard to follow. The rationale, AIUI, is that /proc/sys/kernel/tainted prints the values in decimal. If we change the docs to be hex and leave the output decimal, that makes it even harder to examine. If we change the proc output, will we break userspace? And if we change it, maybe avoid numbers at all, and proc should bring the same thing that Oops does (the letter codes)? (But then the sysctl would need to parse the letters...) -Kees -- Kees Cook Pixel Security
Re: [PATCH 3/3] taint: Add taint for randstruct
On Thu, 15 Feb 2018 19:37:44 -0800 Kees Cook wrote: > --- a/Documentation/sysctl/kernel.txt > +++ b/Documentation/sysctl/kernel.txt > @@ -991,6 +991,7 @@ ORed together. The letters are seen in "Tainted" line of > Oops reports. > 16384 (L): A soft lockup has previously occurred on the system. > 32768 (K): The kernel has been live patched. > 65536 (X): Auxiliary taint, defined and used by for distros. > +131072 (T): The kernel was built with the struct randomization plugin. Uncle. From: Andrew Morton Subject: Documentation/sysctl/kernel.txt: show taint codes in hex The decimal representation is getting a bit hard to follow. Signed-off-by: Andrew Morton --- Documentation/sysctl/kernel.txt | 50 +++--- 1 file changed, 25 insertions(+), 25 deletions(-) diff -puN Documentation/sysctl/kernel.txt~a Documentation/sysctl/kernel.txt --- a/Documentation/sysctl/kernel.txt~a +++ a/Documentation/sysctl/kernel.txt @@ -967,31 +967,31 @@ tainted: Non-zero if the kernel has been tainted. Numeric values, which can be ORed together. The letters are seen in "Tainted" line of Oops reports. - 1 (P): A module with a non-GPL license has been loaded, this - includes modules with no license. - Set by modutils >= 2.4.9 and module-init-tools. - 2 (F): A module was force loaded by insmod -f. -Set by modutils >= 2.4.9 and module-init-tools. - 4 (S): Unsafe SMP processors: SMP with CPUs not designed for SMP. - 8 (R): A module was forcibly unloaded from the system by rmmod -f. -16 (M): A hardware machine check error occurred on the system. -32 (B): A bad page was discovered on the system. -64 (U): The user has asked that the system be marked "tainted". This -could be because they are running software that directly modifies -the hardware, or for other reasons. - 128 (D): The system has died. - 256 (A): The ACPI DSDT has been overridden with one supplied by the user -instead of using the one provided by the hardware. - 512 (W): A kernel warning has occurred. - 1024 (C): A module from drivers/staging was loaded. - 2048 (I): The system is working around a severe firmware bug. - 4096 (O): An out-of-tree module has been loaded. - 8192 (E): An unsigned module has been loaded in a kernel supporting module -signature. - 16384 (L): A soft lockup has previously occurred on the system. - 32768 (K): The kernel has been live patched. - 65536 (X): Auxiliary taint, defined and used by for distros. -131072 (T): The kernel was built with the struct randomization plugin. +0x0001 (P): A module with a non-GPL license has been loaded, this + includes modules with no license. + Set by modutils >= 2.4.9 and module-init-tools. +0x0002 (F): A module was force loaded by insmod -f. +Set by modutils >= 2.4.9 and module-init-tools. +0x0004 (S): Unsafe SMP processors: SMP with CPUs not designed for SMP. +0x0008 (R): A module was forcibly unloaded from the system by rmmod -f. +0x0010 (M): A hardware machine check error occurred on the system. +0x0020 (B): A bad page was discovered on the system. +0x0040 (U): The user has asked that the system be marked "tainted". This +could be because they are running software that directly +modifies the hardware, or for other reasons. +0x0080 (D): The system has died. +0x0100 (A): The ACPI DSDT has been overridden with one supplied by the user +instead of using the one provided by the hardware. +0x0200 (W): A kernel warning has occurred. +0x0400 (C): A module from drivers/staging was loaded. +0x0400 (I): The system is working around a severe firmware bug. +0x0800 (O): An out-of-tree module has been loaded. +0x0002 (E): An unsigned module has been loaded in a kernel supporting module +signature. +0x0004 (L): A soft lockup has previously occurred on the system. +0x0008 (K): The kernel has been live patched. +0x0010 (X): Auxiliary taint, defined and used by for distros. +0x0020 (T): The kernel was built with the struct randomization plugin. == _
Re: [PATCH 3/3] taint: Add taint for randstruct
On Thu, Feb 15, 2018 at 07:37:44PM -0800, Kees Cook wrote: > + [ TAINT_RANDSTRUCT ]= { 'T', ' ', true }, Something like this, yeah.
[PATCH 3/3] taint: Add taint for randstruct
Since the randstruct plugin can intentionally produce extremely unusual kernel structure layouts (even performance pathological ones), some maintainers want to be able to trivially determine if an Oops is coming from a randstruct-built kernel, so as to keep their sanity when debugging. This adds the new flag and initializes taint_mask immediately when built with randstruct. Signed-off-by: Kees Cook --- Documentation/sysctl/kernel.txt | 1 + include/linux/kernel.h | 1 + kernel/panic.c | 4 +++- 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/Documentation/sysctl/kernel.txt b/Documentation/sysctl/kernel.txt index 4a890c7fb6c3..eded671d55eb 100644 --- a/Documentation/sysctl/kernel.txt +++ b/Documentation/sysctl/kernel.txt @@ -991,6 +991,7 @@ ORed together. The letters are seen in "Tainted" line of Oops reports. 16384 (L): A soft lockup has previously occurred on the system. 32768 (K): The kernel has been live patched. 65536 (X): Auxiliary taint, defined and used by for distros. +131072 (T): The kernel was built with the struct randomization plugin. == diff --git a/include/linux/kernel.h b/include/linux/kernel.h index 0d2a2dd507b7..9e93ab8358d0 100644 --- a/include/linux/kernel.h +++ b/include/linux/kernel.h @@ -551,6 +551,7 @@ enum taint_enum { TAINT_SOFTLOCKUP, TAINT_LIVEPATCH, TAINT_AUX, + TAINT_RANDSTRUCT, /* End of taint bits */ TAINT_FLAGS_COUNT diff --git a/kernel/panic.c b/kernel/panic.c index 15d333a54ece..0153cae0d330 100644 --- a/kernel/panic.c +++ b/kernel/panic.c @@ -34,7 +34,8 @@ #define PANIC_BLINK_SPD 18 int panic_on_oops = CONFIG_PANIC_ON_OOPS_VALUE; -static unsigned long tainted_mask; +static unsigned long tainted_mask = + IS_ENABLED(CONFIG_GCC_PLUGIN_RANDSTRUCT) ? (1 << TAINT_RANDSTRUCT) : 0; static int pause_on_oops; static int pause_on_oops_flag; static DEFINE_SPINLOCK(pause_on_oops_lock); @@ -325,6 +326,7 @@ const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = { [ TAINT_SOFTLOCKUP ]= { 'L', ' ', false }, [ TAINT_LIVEPATCH ] = { 'K', ' ', true }, [ TAINT_AUX ] = { 'X', ' ', true }, + [ TAINT_RANDSTRUCT ]= { 'T', ' ', true }, }; /** -- 2.7.4