Re: [PATCH] kernel: add panic_on_taint
From: Rafael Aquini
Date: Thu May 07 2020 - 18:22:07 EST
On Thu, May 07, 2020 at 06:05:27PM -0400, Qian Cai wrote:
>
>
> > On May 7, 2020, at 4:42 PM, Rafael Aquini <aquini@xxxxxxxxxx> wrote:
> >
> > On Wed, May 06, 2020 at 10:50:19PM -0400, Qian Cai wrote:
> >>
> >>
> >>> On May 6, 2020, at 6:28 PM, Rafael Aquini <aquini@xxxxxxxxxx> wrote:
> >>>
> >>> Analogously to the introduction of panic_on_warn, this patch
> >>> introduces a kernel option named panic_on_taint in order to
> >>> provide a simple and generic way to stop execution and catch
> >>> a coredump when the kernel gets tainted by any given taint flag.
> >>>
> >>> This is useful for debugging sessions as it avoids rebuilding
> >>> the kernel to explicitly add calls to panic() or BUG() into
> >>> code sites that introduce the taint flags of interest.
> >>> Another, perhaps less frequent, use for this option would be
> >>> as a mean for assuring a security policy (in paranoid mode)
> >>> case where no single taint is allowed for the running system.
> >>
> >> Andrew, you can drop the patch below from -mm now because that one is now obsolete,
> >>
> >> mm-slub-add-panic_on_error-to-the-debug-facilities.patch
> >>
> > Please, don't drop it yet. I'll send a patch to get rid of the bits,
> > once this one gets accepted, if it gets accepted.
>
> Why do you ever want that obsolete patch even show up in linux-next to potentailly waste other people/bots time to test it and develop things on top of it?
>
It's a reasonable and self-contained feature that we have a valid use for.
I honestly fail to see it causing that amount of annoyance as you are
suggesting here.