Proxmox-Port/linux-loongson
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/chenhuacai/linux-loongson synced 2025-09-05 11:53:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
loongarch-next
linux-loongson/tools/testing/selftests/powerpc/security/mitigation-patching.sh
Michael Ellerman a8a54a65ca selftests/powerpc: Detect taint change in mitigation patching test 
Currently the mitigation patching test errors out if the kernel is
tainted prior to the test running.

That causes the test to fail unnecessarily if some other test has caused
the kernel to be tainted, or if a proprietary or force module is loaded
for example.

Instead just warn if the kernel is tainted to begin with, and only
report a change in the taint state as an error in the test.

Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://patch.msgid.link/20241106130453.1741013-5-mpe@ellerman.id.au
2024-11-07 22:36:31 +11:00

79 lines
1.4 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
set -euo pipefail
TIMEOUT=10
function do_one
{
local mitigation="$1"
local orig
local start
local now
orig=$(cat "$mitigation")
start=$(date +%s)
now=$start
while [[ $((now-start)) -lt "$TIMEOUT" ]]
do
echo 0 > "$mitigation"
echo 1 > "$mitigation"
now=$(date +%s)
done
echo "$orig" > "$mitigation"
}
rc=0
cd /sys/kernel/debug/powerpc || rc=1
if [[ "$rc" -ne 0 ]]; then
echo "Error: couldn't cd to /sys/kernel/debug/powerpc" >&2
exit 1
fi
tainted=$(cat /proc/sys/kernel/tainted)
if [[ "$tainted" -ne 0 ]]; then
echo "Warning: kernel already tainted! ($tainted)" >&2
fi
mitigations="barrier_nospec stf_barrier count_cache_flush rfi_flush entry_flush uaccess_flush"
for m in $mitigations
do
if [[ -f /sys/kernel/debug/powerpc/$m ]]
then
do_one "$m" &
fi
done
echo "Spawned threads enabling/disabling mitigations ..."
if stress-ng > /dev/null 2>&1; then
stress="stress-ng"
elif stress > /dev/null 2>&1; then
stress="stress"
else
stress=""
fi
if [[ -n "$stress" ]]; then
"$stress" -m "$(nproc)" -t "$TIMEOUT" &
echo "Spawned VM stressors ..."
fi
echo "Waiting for timeout ..."
wait
orig_tainted=$tainted
tainted=$(cat /proc/sys/kernel/tainted)
if [[ "$tainted" != "$orig_tainted" ]]; then
echo "Error: kernel newly tainted, before ($orig_tainted) after ($tainted)" >&2
exit 1
fi
echo "OK"
exit 0
Reference in New Issue View Git Blame Copy Permalink