patches/old/kunit-taint-the-kernel-when-kunit-tests-are-run.patch - pub/scm/linux/kernel/git/akpm/25-new - Git at Google

 From: David Gow <davidgow@google.com>
 Subject: kunit: taint the kernel when KUnit tests are run
 Date: Fri, 8 Jul 2022 12:48:46 +0800

 Make KUnit trigger the new TAINT_TEST taint when any KUnit test is run.
 Due to KUnit tests not being intended to run on production systems, and
 potentially causing problems (or security issues like leaking kernel
 addresses), the kernel's state should not be considered safe for
 production use after KUnit tests are run.

 This both marks KUnit modules as test modules using MODULE_INFO() and
 manually taints the kernel when tests are run (which catches builtin
 tests).

 Link: https://lkml.kernel.org/r/20220708044847.531566-3-davidgow@google.com
 Signed-off-by: David Gow <davidgow@google.com>
 Acked-by: Luis Chamberlain <mcgrof@kernel.org>
 Tested-by: Daniel Latypov <dlatypov@google.com>
 Reviewed-by: Brendan Higgins <brendanhiggins@google.com>
 Cc: Aaron Tomlin <atomlin@redhat.com>
 Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
 Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 Cc: Guilherme G. Piccoli <gpiccoli@igalia.com>
 Cc: Jani Nikula <jani.nikula@linux.intel.com>
 Cc: John Ogness <john.ogness@linutronix.de>
 Cc: Jonathan Corbet <corbet@lwn.net>
 Cc: Kees Cook <keescook@chromium.org>
 Cc: Lucas De Marchi <lucas.demarchi@intel.com>
 Cc: Masahiro Yamada <masahiroy@kernel.org>
 Cc: Michal Marek <michal.lkml@markovi.net>
 Cc: Nathan Chancellor <nathan@kernel.org>
 Cc: Nick Desaulniers <ndesaulniers@google.com>
 Cc: Sebastian Reichel <sre@kernel.org>
 Cc: Shuah Khan <skhan@linuxfoundation.org>
 Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
 ---

  include/kunit/test.h |    3 ++-
  lib/kunit/test.c     |    4 ++++
  2 files changed, 6 insertions(+), 1 deletion(-)

 --- a/include/kunit/test.h~kunit-taint-the-kernel-when-kunit-tests-are-run
 +++ a/include/kunit/test.h
 @@ -277,7 +277,8 @@ static inline int kunit_run_all_tests(vo
  	{								\
  		return __kunit_test_suites_exit(__suites);		\
  	}								\
 -	module_exit(kunit_test_suites_exit)
 +	module_exit(kunit_test_suites_exit)				\
 +	MODULE_INFO(test, "Y");
  #else
  #define kunit_test_suites_for_module(__suites)
  #endif /* MODULE */
 --- a/lib/kunit/test.c~kunit-taint-the-kernel-when-kunit-tests-are-run
 +++ a/lib/kunit/test.c
 @@ -11,6 +11,7 @@
  #include <kunit/test-bug.h>
  #include <linux/kernel.h>
  #include <linux/moduleparam.h>
 +#include <linux/panic.h>
  #include <linux/sched/debug.h>
  #include <linux/sched.h>

 @@ -501,6 +502,9 @@ int kunit_run_tests(struct kunit_suite *
  	struct kunit_result_stats suite_stats = { 0 };
  	struct kunit_result_stats total_stats = { 0 };

 +	/* Taint the kernel so we know we've run tests. */
 +	add_taint(TAINT_TEST, LOCKDEP_STILL_OK);
 +
  	if (suite->suite_init) {
  		suite->suite_init_err = suite->suite_init(suite);
  		if (suite->suite_init_err) {
 _
	From: David Gow <davidgow@google.com>
	Subject: kunit: taint the kernel when KUnit tests are run
	Date: Fri, 8 Jul 2022 12:48:46 +0800

	Make KUnit trigger the new TAINT_TEST taint when any KUnit test is run.
	Due to KUnit tests not being intended to run on production systems, and
	potentially causing problems (or security issues like leaking kernel
	addresses), the kernel's state should not be considered safe for
	production use after KUnit tests are run.

	This both marks KUnit modules as test modules using MODULE_INFO() and
	manually taints the kernel when tests are run (which catches builtin
	tests).

	Link: https://lkml.kernel.org/r/20220708044847.531566-3-davidgow@google.com
	Signed-off-by: David Gow <davidgow@google.com>
	Acked-by: Luis Chamberlain <mcgrof@kernel.org>
	Tested-by: Daniel Latypov <dlatypov@google.com>
	Reviewed-by: Brendan Higgins <brendanhiggins@google.com>
	Cc: Aaron Tomlin <atomlin@redhat.com>
	Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
	Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Cc: Guilherme G. Piccoli <gpiccoli@igalia.com>
	Cc: Jani Nikula <jani.nikula@linux.intel.com>
	Cc: John Ogness <john.ogness@linutronix.de>
	Cc: Jonathan Corbet <corbet@lwn.net>
	Cc: Kees Cook <keescook@chromium.org>
	Cc: Lucas De Marchi <lucas.demarchi@intel.com>
	Cc: Masahiro Yamada <masahiroy@kernel.org>
	Cc: Michal Marek <michal.lkml@markovi.net>
	Cc: Nathan Chancellor <nathan@kernel.org>
	Cc: Nick Desaulniers <ndesaulniers@google.com>
	Cc: Sebastian Reichel <sre@kernel.org>
	Cc: Shuah Khan <skhan@linuxfoundation.org>
	Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
	---

	include/kunit/test.h \| 3 ++-
	lib/kunit/test.c \| 4 ++++
	2 files changed, 6 insertions(+), 1 deletion(-)

	--- a/include/kunit/test.h~kunit-taint-the-kernel-when-kunit-tests-are-run
	+++ a/include/kunit/test.h
	@@ -277,7 +277,8 @@ static inline int kunit_run_all_tests(vo
	{ \
	return __kunit_test_suites_exit(__suites); \
	} \
	- module_exit(kunit_test_suites_exit)
	+ module_exit(kunit_test_suites_exit) \
	+ MODULE_INFO(test, "Y");
	#else
	#define kunit_test_suites_for_module(__suites)
	#endif /* MODULE */
	--- a/lib/kunit/test.c~kunit-taint-the-kernel-when-kunit-tests-are-run
	+++ a/lib/kunit/test.c
	@@ -11,6 +11,7 @@
	#include <kunit/test-bug.h>
	#include <linux/kernel.h>
	#include <linux/moduleparam.h>
	+#include <linux/panic.h>
	#include <linux/sched/debug.h>
	#include <linux/sched.h>

	@@ -501,6 +502,9 @@ int kunit_run_tests(struct kunit_suite *
	struct kunit_result_stats suite_stats = { 0 };
	struct kunit_result_stats total_stats = { 0 };

	+ /* Taint the kernel so we know we've run tests. */
	+ add_taint(TAINT_TEST, LOCKDEP_STILL_OK);
	+
	if (suite->suite_init) {
	suite->suite_init_err = suite->suite_init(suite);
	if (suite->suite_init_err) {
	_