Re: [PATCH v5 01/13] taint: Introduce a new taint flag (insecure)

From: Andy Lutomirski
Date: Fri Feb 01 2019 - 21:44:26 EST

Next message: Andy Lutomirski: "Re: [PATCH v5 00/13] x86: Enable FSGSBASE instructions"
Previous message: Zhou Wang: "Re: [PATCH v2 2/4] crypto: hisilicon: Add queue management driver for HiSilicon QM module"
In reply to: Chang S. Bae: "[PATCH v5 01/13] taint: Introduce a new taint flag (insecure)"
Next in thread: Andrew Morton: "Re: [PATCH v5 01/13] taint: Introduce a new taint flag (insecure)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Feb 1, 2019 at 12:54 PM Chang S. Bae <chang.seok.bae@xxxxxxxxx> wrote:
>
> For testing (or root-only) purposes, the new flag will serve to tag the
> kernel taint accurately.
>
> When adding a new feature support, patches need to be incrementally
> applied and tested with temporal parameters. Currently, there is no flag
> for this usage.

I think this should be reviewed by someone like akpm. akpm, for
background, this is part of an x86 patch series. If only part of the
series is applied, the kernel will be blatantly insecure (but still
functional and useful for testing and bisection), and this taint flag
will be set if this kernel is booted. With the whole series applied,
there are no users of the taint flag in the kernel.

Do you think this is a good idea?

Next message: Andy Lutomirski: "Re: [PATCH v5 00/13] x86: Enable FSGSBASE instructions"
Previous message: Zhou Wang: "Re: [PATCH v2 2/4] crypto: hisilicon: Add queue management driver for HiSilicon QM module"
In reply to: Chang S. Bae: "[PATCH v5 01/13] taint: Introduce a new taint flag (insecure)"
Next in thread: Andrew Morton: "Re: [PATCH v5 01/13] taint: Introduce a new taint flag (insecure)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]