Re: [PATCHv2] kernel/panic: allocate taint string buffer dynamically

[Andrew Morton]

On Sun, 22 Feb 2026 19:38:04 +0530 Rio <rioo.tsukatsukii@xxxxxxxxx> wrote:

> The buffer used to hold the taint string is statically allocated, which
> requires updating whenever a new taint flag is added.
> 
> Instead, allocate the exact required length at boot once the allocator is
> available in an init function. The allocation sums the string lengths in
> taint_flags[], along with space for separators and formatting.
> print_tainted() is switched to use this dynamically allocated buffer.
> 
> If allocation fails, print_tainted() warns about the failure and continues
> to use the original static buffer as a fallback.
> 

Lovely, thanks.

> 
> --- a/kernel/panic.c
> +++ b/kernel/panic.c
> @@ -802,7 +802,7 @@ EXPORT_SYMBOL(panic);
>   * small shell script that prints the TAINT_FLAGS_COUNT bits of
>   * /proc/sys/kernel/tainted.
>   *
> - * Also, update TAINT_BUF_MAX below.
> + * Also, update INIT_TAINT_BUF_MAX below.
>   */
>  const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
>  	TAINT_FLAG(PROPRIETARY_MODULE,		'P', 'G'),
> @@ -856,17 +856,58 @@ static void print_tainted_seq(struct seq_buf *s, bool verbose)
>  	}
>  }
>  
> -/* 350 can accommodate all taint flags in verbose mode, with some headroom */
> -#define TAINT_BUF_MAX 350
> +/* The initial buffer can accommodate all taint flags in verbose
> + * mode, with some headroom. Once the allocator is available, the
> + * exact size is allocated dynamically; the initial buffer remains
> + * as a fallback if allocation fails.
> + *
> + * The verbose taint string currently requires up to 327 characters.
> + */
> +#define INIT_TAINT_BUF_MAX 350
> +
> +static char init_taint_buf[INIT_TAINT_BUF_MAX];

OK, this cannot be __initdata because

> +static char *taint_buf = init_taint_buf;
> +static size_t taint_buf_size = INIT_TAINT_BUF_MAX;
> +
> +static __init int alloc_taint_buf(void)
> +{
> +	int i;
> +	char *buf;
> +	size_t size = 0;
> +
> +	size += sizeof("Tainted: ") - 1;
> +	for (i = 0; i < TAINT_FLAGS_COUNT; i++) {
> +		size += 2; /* For ", " */
> +		size += 4; /* For "[%c]=" */
> +		size += strlen(taint_flags[i].desc);
> +	}
> +
> +	size += 1; /* For NULL terminator */
> +
> +	buf = kmalloc(size, GFP_KERNEL);
> +
> +	if (!buf) {
> +		/* Allocation may fail; this warning explains possibly
> +		 * truncated taint strings
> +		 */
> +		pr_warn_once("taint string buffer allocation failed, using fallback buffer\n");
> +		return 0;

We may end up using it after boot time.

> +	}
> +
> +	taint_buf = buf;
> +	taint_buf_size = size;
> +
> +	return 0;
> +}
> +postcore_initcall(alloc_taint_buf);

However there's a convention of assuming that __init-time allocations
cannot fail.  Because if a kmalloc() were to fail at this time, the
kernel is hopelessly messed up anyway.

So we could simply panic() if that kmalloc failed, then make that
350-byte buffer __initdata.

That saves about $100 per machine with current DRAM prices ;)