Re: [PATCH 0/4] module: add support for unsafe, tainting parameters

From: Rusty Russell
Date: Wed Aug 13 2014 - 16:31:52 EST

Next message: Rusty Russell: "[PATCH] virtio: rng: add derating factor for use by hwrng core"
Previous message: Arnaldo Carvalho de Melo: "Re: [RFC/PATCH 1/2] perf top: Fix -z option behavior"
In reply to: Jani Nikula: "[PATCH 3/4] module: add module_param_unsafe and module_param_named_unsafe"
Next in thread: Daniel Vetter: "Re: [PATCH 0/4] module: add support for unsafe, tainting parameters"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jani Nikula <jani.nikula@xxxxxxxxx> writes:
> This is a generic version of Daniel's patch [1] letting us have unsafe
> module parameters (experimental, debugging, testing, etc.) that taint
> the kernel when set. Quoting Daniel,

OK, I think the idea is fine, but we'll probably only want this for
a few types (eg. int and bool). So for the moment I prefer a more
naive approach.

Does this work for you?

Subject: module: add taint_int type

An int parameter which taints the kernel if set; i915 at least wants this.

Based-on-patches-by: Daniel Vetter <daniel.vetter@xxxxxxxx>
Based-on-patches-by: Jani Nikula <jani.nikula@xxxxxxxxx>
Signed-off-by: Rusty Russell <rusty@xxxxxxxxxxxxxxx>

diff --git a/include/linux/moduleparam.h b/include/linux/moduleparam.h
index 494f99e852da..99ba68206ba4 100644
--- a/include/linux/moduleparam.h
+++ b/include/linux/moduleparam.h
@@ -408,6 +408,10 @@ extern int param_set_bint(const char *val, const struct kernel_param *kp);
#define param_get_bint param_get_int
#define param_check_bint param_check_int

+/* An int, which taints the kernel if set. */
+extern struct kernel_param_ops param_ops_taint_int;
+#define param_check_taint_int param_check_int
+
/**
* module_param_array - a parameter which is an array of some type
* @name: the name of the array variable
diff --git a/kernel/params.c b/kernel/params.c
index 34f527023794..3128218158cf 100644
--- a/kernel/params.c
+++ b/kernel/params.c
@@ -375,6 +375,20 @@ struct kernel_param_ops param_ops_bint = {
};
EXPORT_SYMBOL(param_ops_bint);

+static int param_set_taint_int(const char *val, const struct kernel_param *kp)
+{
+ pr_warn("Setting dangerous option %s - tainting kernel\n", kp->name);
+ add_taint(TAINT_USER, LOCKDEP_STILL_OK);
+
+ return param_set_int(val, kp);
+}
+
+struct kernel_param_ops param_ops_taint_int = {
+ .set = param_set_taint_int,
+ .get = param_get_int,
+};
+EXPORT_SYMBOL(param_ops_taint_int);
+
/* We break the rule and mangle the string. */
static int param_array(const char *name,
const char *val,
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rusty Russell: "[PATCH] virtio: rng: add derating factor for use by hwrng core"
Previous message: Arnaldo Carvalho de Melo: "Re: [RFC/PATCH 1/2] perf top: Fix -z option behavior"
In reply to: Jani Nikula: "[PATCH 3/4] module: add module_param_unsafe and module_param_named_unsafe"
Next in thread: Daniel Vetter: "Re: [PATCH 0/4] module: add support for unsafe, tainting parameters"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]