All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Theodore Ts'o" <tytso@mit.edu>
To: Joerg Roedel <joro@8bytes.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
	Jiri Kosina <jkosina@suse.cz>,
	Andrew Morton <akpm@linux-foundation.org>,
	Mateusz Guzik <mguzik@redhat.com>,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	Steven Rostedt <rostedt@goodmis.org>,
	LKML <linux-kernel@vger.kernel.org>,
	Thomas Gleixner <tglx@linutronix.de>,
	"H. Peter Anvin" <hpa@zytor.com>, Borislav Petkov <bp@alien8.de>,
	Ingo Molnar <mingo@kernel.org>, Mel Gorman <mgorman@suse.de>,
	Kay Sievers <kay@vrfy.org>
Subject: Re: [RFC PATCH] cmdline: Hide "debug" from /proc/cmdline
Date: Thu, 3 Apr 2014 13:05:42 -0400	[thread overview]
Message-ID: <20140403170541.GA19010@thunk.org> (raw)
In-Reply-To: <20140403104308.GP13491@8bytes.org>

On Thu, Apr 03, 2014 at 12:43:08PM +0200, Joerg Roedel wrote:
> 
> How about just ignoring writes to /dev/kmsg altogether by default
> (unless explicitly enabled in Kconfig or on the kernel cmdline)? Maybe I
> am missing something but what are the legitimate use-cases for generally
> allowing user-space to write into the kernel-log?

I'll give you one example which where /dev/kmesg is useful --- if you
are running automated kernel tests, echoing "running test shared/127"
.... several minutes later .... "running test shared/128", is very
useful since if the kernel starts spewing warnings, or even
oops/panics/livelocks, you know what test was running at the time of
the failure.

So in general, most of the valid use cases I can see for /dev/kmesg
are small amounts of information where understanding the relationship
between what is going in userspace can help understand the kernel
warnings, errors, or other printk messages.  Which is why I think rate
limiting, even with a very low threshold, is a perfectly good alternative.

If you need to do bulk logging, and the problem is you want to make
sure the information doesn't get lost because syslogd/journald hasn't
started up yet, or the file system hasn't been remounted read/write
yet, there is a simple answer to this, and it doesn't involve spamming
the kernel ring buffer (because kernel memory is non-swappable).

The answer is logsave(8), which I developed to solve this specific
problem.  I wanted to make sure distributions could capture the output
of fsck, even when checking the read-only root file system.  Note that
I did not even *consider* spamming the dmesg log with e2fsck output.
Instead, I created a userspace logsave process which could buffer the
output (which of course was still displayed on the console) until the
root file system was writeable (and/or /var was mounted), at which
point the contents could be saved to a file in /var/log.

So there are so many other ways of solving this problem without trying
to abuse the kernel logging facilities (which were never intended to
be a general-purpose syslog replacement).  I suspect some systemd
developer was being lazy....

					- Ted

  reply	other threads:[~2014-04-03 17:06 UTC|newest]

Thread overview: 74+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-04-02 18:42 [RFC PATCH] cmdline: Hide "debug" from /proc/cmdline Steven Rostedt
2014-04-02 18:57 ` Linus Torvalds
2014-04-02 19:04 ` Andrew Morton
2014-04-02 19:05   ` Borislav Petkov
2014-04-02 19:08   ` Randy Dunlap
2014-04-02 19:50   ` Thomas Gleixner
2014-04-02 20:05     ` Richard Weinberger
2014-04-02 20:43       ` Thomas Gleixner
2014-04-02 22:18   ` Greg KH
2014-04-02 19:08 ` Borislav Petkov
2014-04-02 19:33   ` Steven Rostedt
2014-04-02 22:12 ` Mateusz Guzik
2014-04-02 22:30   ` David Daney
2014-04-02 22:37   ` Greg KH
2014-04-02 23:13   ` Linus Torvalds
2014-04-02 23:23     ` Jiri Kosina
2014-04-02 23:28       ` Andrew Morton
2014-04-02 23:42         ` Linus Torvalds
2014-04-02 23:47           ` Jiri Kosina
2014-04-02 23:52             ` Linus Torvalds
2014-04-02 23:57               ` Jiri Kosina
2014-04-03  1:38               ` Steven Rostedt
2014-04-03  1:47               ` Linus Torvalds
2014-04-03  9:03                 ` Borislav Petkov
2014-04-03 10:43                 ` Joerg Roedel
2014-04-03 17:05                   ` Theodore Ts'o [this message]
2014-04-03 17:09                     ` H. Peter Anvin
2014-04-03 17:18                       ` Theodore Ts'o
2014-04-03 19:19                         ` H. Peter Anvin
2014-04-04 18:21                     ` Andy Lutomirski
2014-04-04 18:32                       ` Linus Torvalds
2014-04-04 18:57                         ` Andy Lutomirski
2014-04-04 19:09                           ` Linus Torvalds
2014-04-04 21:17                         ` John Stoffel
2014-04-04 23:17                           ` Greg Kroah-Hartman
2014-04-05 14:37                             ` John Stoffel
2014-04-05 23:23                             ` Theodore Ts'o
2014-04-04 18:42                       ` Linus Torvalds
2014-04-04 18:51                         ` Andrew Morton
2014-04-04 18:57                           ` Linus Torvalds
2014-04-06 20:49                             ` David Timothy Strauss
2014-05-06  9:38                               ` Felipe Contreras
2014-04-04 19:44                           ` Steven Rostedt
2014-04-04 20:17                             ` Theodore Ts'o
2014-04-04 22:45                               ` Alexei Starovoitov
2014-04-04 22:48                                 ` Linus Torvalds
2014-04-04 19:00                         ` Andy Lutomirski
2014-04-03 11:23                 ` Borislav Petkov
2014-04-03 11:38                   ` Ingo Molnar
2014-04-15  7:26                 ` Borislav Petkov
2014-04-03 10:34               ` Måns Rullgård
2014-04-03 11:03                 ` Borislav Petkov
2014-04-06 17:19                   ` One Thousand Gnomes
2014-05-06  9:47                   ` Felipe Contreras
2014-04-02 23:47           ` Joe Perches
2014-04-02 23:31       ` Linus Torvalds
2014-04-03 11:25       ` Måns Rullgård
2014-04-03 15:17         ` Tim Bird
2014-04-03 18:06           ` Greg Kroah-Hartman
2014-05-06  9:35             ` Felipe Contreras
2014-04-07  4:54     ` Rusty Russell
2014-05-02 22:34       ` Andrew Morton
2014-05-05  2:17         ` Rusty Russell
2014-05-05 13:15           ` Randy Dunlap
2014-05-06  0:57             ` Rusty Russell
2014-05-19  8:06               ` Diego Viola
2014-05-19  8:11                 ` Diego Viola
2014-05-19 14:40                   ` Randy Dunlap
2014-05-20  1:26                     ` Rusty Russell
2014-05-20  6:26                       ` Diego Viola
2014-05-21  1:52                         ` Rusty Russell
2014-04-03  0:49   ` Steven Rostedt
2014-04-23 15:15 Borislav Petkov
2014-04-23 20:44 ` Borislav Petkov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140403170541.GA19010@thunk.org \
    --to=tytso@mit.edu \
    --cc=akpm@linux-foundation.org \
    --cc=bp@alien8.de \
    --cc=gregkh@linuxfoundation.org \
    --cc=hpa@zytor.com \
    --cc=jkosina@suse.cz \
    --cc=joro@8bytes.org \
    --cc=kay@vrfy.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mgorman@suse.de \
    --cc=mguzik@redhat.com \
    --cc=mingo@kernel.org \
    --cc=rostedt@goodmis.org \
    --cc=tglx@linutronix.de \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.