Re: Re: [PATCH v12 00/18] Enable FSGSBASE instructions
From: Jarkko Sakkinen
Date: Wed May 27 2020 - 04:31:35 EST
On Sun, 2020-05-24 at 12:45 -0700, hpa@xxxxxxxxx wrote:
> On a related topic (needless to say, this should never have happened
> and is being raised at the highest levels inside Intel):
> There are legitimate reasons to write a root-hole module, the main one
> being able to test security features like SMAP. I have requested
> before a TAINT flag specifically for this purpose, because
> TAINT_CRAP is nowhere near explicit enough, and is also used for
> staging drivers. Call it TAINT_TOXIC or TAINT_ROOTHOLE; it should
> always be accompanied with a CRIT level alert.
Are these flags easy to bump into in the first place for a person with
no prior familarity with the kernel?