From: Nicolas Boichat <drinkcat@chromium.org>
To: linux-kernel@vger.kernel.org
Cc: Peter Chen <peter.chen@nxp.com>,
"Guilherme G . Piccoli" <gpiccoli@canonical.com>,
Rafael Aquini <aquini@redhat.com>,
Sam Ravnborg <sam@ravnborg.org>, David Airlie <airlied@linux.ie>,
Joonas Lahtinen <joonas.lahtinen@linux.intel.com>,
Todor Tomov <todor.too@gmail.com>,
Bjorn Andersson <bjorn.andersson@linaro.org>,
David Howells <dhowells@redhat.com>,
Tiezhu Yang <yangtiezhu@loongson.cn>,
Will Deacon <will@kernel.org>,
Christian Brauner <christian.brauner@ubuntu.com>,
Kees Cook <keescook@chromium.org>,
devel@driverdev.osuosl.org,
Stephen Rothwell <sfr@canb.auug.org.au>,
Nicolas Boichat <drinkcat@chromium.org>,
Jayshri Pawar <jpawar@cadence.com>,
Masahiro Yamada <masahiroy@kernel.org>,
Alexei Starovoitov <alexei.starovoitov@gmail.com>,
Jason Gunthorpe <jgg@ziepe.ca>, Andy Gross <agross@kernel.org>,
Tomas Winkler <tomas.winkler@intel.com>,
Alexey Dobriyan <adobriyan@gmail.com>,
linux-media@vger.kernel.org, Pawel Laszczak <pawell@cadence.com>,
Daniel Vetter <daniel@ffwll.ch>, Arnd Bergmann <arnd@arndb.de>,
linux-arm-msm@vger.kernel.org, intel-gfx@lists.freedesktop.org,
Chao Yu <chao@kernel.org>, Steven Rostedt <rostedt@goodmis.org>,
Jani Nikula <jani.nikula@linux.intel.com>,
Rodrigo Vivi <rodrigo.vivi@intel.com>,
Jaegeuk Kim <jaegeuk@kernel.org>,
Thomas Gleixner <tglx@linutronix.de>,
Mauro Carvalho Chehab <mchehab@kernel.org>,
Ingo Molnar <mingo@redhat.com>, Roger Quadros <rogerq@ti.com>,
Felipe Balbi <balbi@kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
dri-devel@lists.freedesktop.org, linux-usb@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Sakari Ailus <sakari.ailus@linux.intel.com>,
Colin Ian King <colin.king@canonical.com>,
Andrew Morton <akpm@linux-foundation.org>,
Divya Indi <divya.indi@oracle.com>
Subject: [PATCH v2 4/4] kernel/trace: Add TRACING_ALLOW_PRINTK config option
Date: Sat, 27 Jun 2020 15:03:07 +0800 [thread overview]
Message-ID: <20200627070307.516803-5-drinkcat@chromium.org> (raw)
In-Reply-To: <20200627070307.516803-1-drinkcat@chromium.org>
trace_printk is meant as a debugging tool, and should not be
compiled into production code without specific debug Kconfig
options enabled, or source code changes, as indicated by the
warning that shows up on boot if any trace_printk is called:
** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE **
** **
** trace_printk() being used. Allocating extra memory. **
** **
** This means that this is a DEBUG kernel and it is **
** unsafe for production use. **
If this option is set to n, the kernel will generate a
build-time error if trace_printk is used.
Note that the code to handle trace_printk is still present,
so this does not prevent people from compiling out-of-tree
kernel modules with the option set to =y, or BPF programs.
Signed-off-by: Nicolas Boichat <drinkcat@chromium.org>
---
Changes since v1:
- Use static_assert instead of __static_assert (Jason Gunthorpe)
- Fix issues that can be detected by this patch (running some
randconfig in a loop, kernel test robot, or manual inspection),
by:
- Making some debug config options that use trace_printk depend
on the new config option.
- Adding 3 patches before this one.
There is a question from Alexei whether the warning is warranted,
and it's possibly too strongly worded, but the fact is, we do
not want trace_printk to be sprinkled in kernel code by default,
unless a very specific Kconfig command is enabled (or preprocessor
macro).
There's at least 3 reasons that I can come up with:
1. trace_printk introduces some overhead.
2. If the kernel keeps adding always-enabled trace_printk, it will
be much harder for developers to make use of trace_printk for
debugging.
3. People may assume that trace_printk is for debugging only, and
may accidentally output sensitive data (theoritical at this
stage).
drivers/gpu/drm/i915/Kconfig.debug | 4 ++--
fs/f2fs/Kconfig | 1 +
include/linux/kernel.h | 17 ++++++++++++++++-
kernel/trace/Kconfig | 10 ++++++++++
samples/Kconfig | 2 ++
5 files changed, 31 insertions(+), 3 deletions(-)
diff --git a/drivers/gpu/drm/i915/Kconfig.debug b/drivers/gpu/drm/i915/Kconfig.debug
index 1cb28c20807c59d..fa30f9bdc82311f 100644
--- a/drivers/gpu/drm/i915/Kconfig.debug
+++ b/drivers/gpu/drm/i915/Kconfig.debug
@@ -84,7 +84,7 @@ config DRM_I915_ERRLOG_GEM
config DRM_I915_TRACE_GEM
bool "Insert extra ftrace output from the GEM internals"
depends on DRM_I915_DEBUG_GEM
- select TRACING
+ depends on TRACING_ALLOW_PRINTK
default n
help
Enable additional and verbose debugging output that will spam
@@ -98,7 +98,7 @@ config DRM_I915_TRACE_GEM
config DRM_I915_TRACE_GTT
bool "Insert extra ftrace output from the GTT internals"
depends on DRM_I915_DEBUG_GEM
- select TRACING
+ depends on TRACING_ALLOW_PRINTK
default n
help
Enable additional and verbose debugging output that will spam
diff --git a/fs/f2fs/Kconfig b/fs/f2fs/Kconfig
index d13c5c6a978769b..d161d96cc1b7418 100644
--- a/fs/f2fs/Kconfig
+++ b/fs/f2fs/Kconfig
@@ -80,6 +80,7 @@ config F2FS_IO_TRACE
bool "F2FS IO tracer"
depends on F2FS_FS
depends on FUNCTION_TRACER
+ depends on TRACING_ALLOW_PRINTK
help
F2FS IO trace is based on a function trace, which gathers process
information and block IO patterns in the filesystem level.
diff --git a/include/linux/kernel.h b/include/linux/kernel.h
index 196607aaf653082..8abce95b0c95a0e 100644
--- a/include/linux/kernel.h
+++ b/include/linux/kernel.h
@@ -721,10 +721,15 @@ do { \
#define trace_printk(fmt, ...) \
do { \
char _______STR[] = __stringify((__VA_ARGS__)); \
+ \
+ static_assert( \
+ IS_ENABLED(CONFIG_TRACING_ALLOW_PRINTK),\
+ "trace_printk called, please enable CONFIG_TRACING_ALLOW_PRINTK."); \
+ \
if (sizeof(_______STR) > 3) \
do_trace_printk(fmt, ##__VA_ARGS__); \
else \
- trace_puts(fmt); \
+ do_trace_puts(fmt); \
} while (0)
#define do_trace_printk(fmt, args...) \
@@ -773,6 +778,13 @@ int __trace_printk(unsigned long ip, const char *fmt, ...);
*/
#define trace_puts(str) ({ \
+ static_assert( \
+ IS_ENABLED(CONFIG_TRACING_ALLOW_PRINTK), \
+ "trace_puts called, please enable CONFIG_TRACING_ALLOW_PRINTK."); \
+ do_trace_puts(str); \
+})
+
+#define do_trace_puts(str) ({ \
static const char *trace_printk_fmt __used \
__attribute__((section("__trace_printk_fmt"))) = \
__builtin_constant_p(str) ? str : NULL; \
@@ -794,6 +806,9 @@ extern void trace_dump_stack(int skip);
*/
#define ftrace_vprintk(fmt, vargs) \
do { \
+ static_assert( \
+ IS_ENABLED(CONFIG_TRACING_ALLOW_PRINTK), \
+ "ftrace_vprintk called, please enable CONFIG_TRACING_ALLOW_PRINTK."); \
if (__builtin_constant_p(fmt)) { \
static const char *trace_printk_fmt __used \
__attribute__((section("__trace_printk_fmt"))) = \
diff --git a/kernel/trace/Kconfig b/kernel/trace/Kconfig
index a4020c0b4508c99..971b6035b197823 100644
--- a/kernel/trace/Kconfig
+++ b/kernel/trace/Kconfig
@@ -111,6 +111,15 @@ config GENERIC_TRACER
bool
select TRACING
+config TRACING_ALLOW_PRINTK
+ bool "Allow trace_printk"
+ default y if DEBUG_KERNEL
+ depends on TRACING
+ help
+ trace_printk is only meant as a debugging tool. If this option is
+ set to n, the kernel will generate a build-time error if trace_printk
+ is used.
+
#
# Minimum requirements an architecture has to meet for us to
# be able to offer generic tracing facilities:
@@ -686,6 +695,7 @@ config TRACEPOINT_BENCHMARK
config RING_BUFFER_BENCHMARK
tristate "Ring buffer benchmark stress tester"
depends on RING_BUFFER
+ depends on TRACING_ALLOW_PRINTK
help
This option creates a test to stress the ring buffer and benchmark it.
It creates its own ring buffer such that it will not interfere with
diff --git a/samples/Kconfig b/samples/Kconfig
index 0ed6e4d71d87b16..6b1ade57f00dd5d 100644
--- a/samples/Kconfig
+++ b/samples/Kconfig
@@ -19,6 +19,7 @@ config SAMPLE_TRACE_EVENTS
config SAMPLE_TRACE_PRINTK
tristate "Build trace_printk module - tests various trace_printk formats"
depends on EVENT_TRACING && m
+ depends on TRACING_ALLOW_PRINTK
help
This builds a module that calls trace_printk() and can be used to
test various trace_printk() calls from a module.
@@ -26,6 +27,7 @@ config SAMPLE_TRACE_PRINTK
config SAMPLE_FTRACE_DIRECT
tristate "Build register_ftrace_direct() example"
depends on DYNAMIC_FTRACE_WITH_DIRECT_CALLS && m
+ depends on TRACING_ALLOW_PRINTK
depends on X86_64 # has x86_64 inlined asm
help
This builds an ftrace direct function example
--
2.27.0.212.ge8ba1cc988-goog
_______________________________________________
devel mailing list
devel@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
prev parent reply other threads:[~2020-06-27 7:04 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-27 7:03 [PATCH 0/4] Detect and remove trace_printk Nicolas Boichat
2020-06-27 7:03 ` [PATCH 1/4] usb: cdns3: gadget: Replace trace_printk by dev_dbg Nicolas Boichat
2020-06-29 3:31 ` Peter Chen
2020-07-23 13:17 ` Felipe Balbi
2020-07-24 0:17 ` Nicolas Boichat
2020-07-24 7:53 ` Felipe Balbi
2020-06-27 7:03 ` [PATCH 2/4] media: atomisp: Replace trace_printk by pr_info Nicolas Boichat
2020-06-27 7:03 ` [PATCH 3/4] media: camss: vfe: Use trace_printk for debugging only Nicolas Boichat
2020-06-27 7:03 ` Nicolas Boichat [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200627070307.516803-5-drinkcat@chromium.org \
--to=drinkcat@chromium.org \
--cc=adobriyan@gmail.com \
--cc=agross@kernel.org \
--cc=airlied@linux.ie \
--cc=akpm@linux-foundation.org \
--cc=alexei.starovoitov@gmail.com \
--cc=andriy.shevchenko@linux.intel.com \
--cc=aquini@redhat.com \
--cc=arnd@arndb.de \
--cc=balbi@kernel.org \
--cc=bjorn.andersson@linaro.org \
--cc=chao@kernel.org \
--cc=christian.brauner@ubuntu.com \
--cc=colin.king@canonical.com \
--cc=daniel@ffwll.ch \
--cc=devel@driverdev.osuosl.org \
--cc=dhowells@redhat.com \
--cc=divya.indi@oracle.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=gpiccoli@canonical.com \
--cc=gregkh@linuxfoundation.org \
--cc=intel-gfx@lists.freedesktop.org \
--cc=jaegeuk@kernel.org \
--cc=jani.nikula@linux.intel.com \
--cc=jgg@ziepe.ca \
--cc=joonas.lahtinen@linux.intel.com \
--cc=jpawar@cadence.com \
--cc=keescook@chromium.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=mchehab@kernel.org \
--cc=mingo@redhat.com \
--cc=pawell@cadence.com \
--cc=peter.chen@nxp.com \
--cc=rodrigo.vivi@intel.com \
--cc=rogerq@ti.com \
--cc=rostedt@goodmis.org \
--cc=sakari.ailus@linux.intel.com \
--cc=sam@ravnborg.org \
--cc=sfr@canb.auug.org.au \
--cc=tglx@linutronix.de \
--cc=todor.too@gmail.com \
--cc=tomas.winkler@intel.com \
--cc=will@kernel.org \
--cc=yangtiezhu@loongson.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).