LKML Archive on lore.kernel.org
 help / color / Atom feed
From: Steven Rostedt <rostedt@goodmis.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: LKML <linux-kernel@vger.kernel.org>,
	"Ingo Molnar" <mingo@kernel.org>,
	"Peter Zijlstra" <peterz@infradead.org>,
	"Borislav Petkov" <bp@alien8.de>,
	"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
	"Andrew Morton" <akpm@linux-foundation.org>,
	"Uwe Kleine-König" <u.kleine-koenig@pengutronix.de>
Subject: [PATCH v2] printk: Add kernel parameter to disable writes to /dev/kmsg
Date: Mon, 25 Apr 2016 14:56:06 -0400
Message-ID: <20160425145606.598329f2@gandalf.local.home> (raw)

Over the weekend my server was acting funny. The display wasn't working
well, and I assumed that a driver was going bad. I went to look at the
kernel dmesg, but the buffer only had the following over and over:

[226062.401405] systemd-logind[3511]: Removed session 4168.
[226063.381051] systemd-logind[3511]: Removed session 4169.
[226232.279412] systemd-logind[3511]: New session 4172 of user rostedt.
[226295.639223] systemd-logind[3511]: Removed session 4172.
[227867.920584] systemd-logind[3511]: New session 4204 of user rostedt.
[227869.016023] systemd-logind[3511]: New session 4205 of user rostedt.
[227927.094215] systemd-logind[3511]: Removed session 4204.
[227927.905655] systemd-logind[3511]: Removed session 4205.
[229740.942811] systemd-logind[3511]: New session 4237 of user rostedt.
[229741.505884] systemd-logind[3511]: New session 4238 of user rostedt.
[229799.710123] systemd-logind[3511]: Removed session 4237.
[229800.668171] systemd-logind[3511]: Removed session 4238.
[229835.378869] systemd-logind[3511]: New session 4240 of user rostedt.
[229898.433560] systemd-logind[3511]: Removed session 4240.
[231429.405715] systemd-logind[3511]: New session 4272 of user rostedt.
[231429.964865] systemd-logind[3511]: New session 4273 of user rostedt.
[231487.908190] systemd-logind[3511]: Removed session 4272.
[231488.861240] systemd-logind[3511]: Removed session 4273.
[233280.032816] systemd-logind[3511]: New session 4306 of user rostedt.
[233280.505022] systemd-logind[3511]: New session 4307 of user rostedt.
[233338.761804] systemd-logind[3511]: Removed session 4306.
[233339.749970] systemd-logind[3511]: Removed session 4307.
[233438.696027] systemd-logind[3511]: New session 4309 of user rostedt.
[233499.959512] systemd-logind[3511]: Removed session 4309.

The kernel buffer was completely overridden by useless spewing from
user space. I know that people consider this a "feature" but to me it's
quite annoying that I constantly have to fight to get kernel messages.
I personally believe that only the kernel should have the right to
write into the kernel log buffers, as user space can easily blow away
any useful kernel information with useless logging.

I simply propose a way to let us kernel developers keep user space from
interfering, by adding a new kernel command line parameter that will
disable writing to /dev/kmsg. Any attempt to open the file in write
mode will return a -EPERM error.

This should have no affect on distros that want to keep the feature of
writing to /dev/kmsg, as it requires a kernel command line to disable.

Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
---
Changes since v1:
  Rename the kernel parameter disable_devkmsg_write to
  printk.disable_kmsg_write, to be more inline with the other printk
  kmsg parameters. (Suggested by Borislav Petkov).

  Have the internal parameter be set to "read_mostly" as it's only set
  on boot up. (Suggested by Uwe Kleine-König).

diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index 0b3de80ec8f6..517ebe4bb391 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -3111,6 +3111,12 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
 			Format: <bool>  (1/Y/y=enable, 0/N/n=disable)
 			default: disabled
 
+	printk.disable_kmsg_write
+			Disable writing to /dev/kmsg. This prevents user space
+			tools from writing into the kernel printk buffers.
+			When set, opening /dev/kmsg for write mode will return
+			-EPERM.
+
 	printk.time=	Show timing data prefixed to each printk message line
 			Format: <bool>  (1/Y/y=enable, 0/N/n=disable)
 
diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
index bfbf284e4218..e86cede893a9 100644
--- a/kernel/printk/printk.c
+++ b/kernel/printk/printk.c
@@ -85,6 +85,15 @@ static struct lockdep_map console_lock_dep_map = {
 };
 #endif
 
+static bool __read_mostly devkmsg_disabled;
+static int __init disable_devkmsg(char *str)
+{
+	devkmsg_disabled = true;
+	return 0;
+}
+__setup("printk.disable_kmsg_write", disable_devkmsg);
+
+
 /*
  * Number of registered extended console drivers.
  *
@@ -799,6 +808,10 @@ static int devkmsg_open(struct inode *inode, struct file *file)
 	struct devkmsg_user *user;
 	int err;
 
+	/* When devkmsg_disabled is set, fail all write access */
+	if (devkmsg_disabled && (file->f_flags & O_ACCMODE))
+		return -EPERM;
+
 	/* write-only does not need any file context */
 	if ((file->f_flags & O_ACCMODE) == O_WRONLY)
 		return 0;

             reply index

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-04-25 18:56 Steven Rostedt [this message]
2016-04-25 19:06 ` Peter Zijlstra
2016-04-25 19:18   ` Greg Kroah-Hartman
2016-04-25 19:24     ` Peter Zijlstra
2016-04-25 19:44       ` Andrew Morton
2016-04-25 19:54       ` Greg Kroah-Hartman
2016-04-25 20:00         ` Steven Rostedt
2016-04-25 20:23           ` Linus Torvalds
2016-04-25 20:34             ` Steven Rostedt
2016-04-25 20:45               ` Linus Torvalds
2016-04-25 21:23                 ` Steven Rostedt
2016-04-26 11:01             ` Borislav Petkov
2016-04-26 11:12         ` Peter Zijlstra
2016-04-25 19:30     ` Steven Rostedt
2016-04-25 19:28   ` Linus Torvalds
2016-04-25 19:34     ` Linus Torvalds
2016-04-25 19:35     ` Steven Rostedt
2016-04-25 19:44     ` Steven Rostedt
2016-04-26  5:36       ` Ingo Molnar
2016-04-26 10:43         ` Bjørn Mork
2016-04-26 11:09           ` Peter Zijlstra
2016-04-25 19:46 ` Andi Kleen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160425145606.598329f2@gandalf.local.home \
    --to=rostedt@goodmis.org \
    --cc=akpm@linux-foundation.org \
    --cc=bp@alien8.de \
    --cc=gregkh@linuxfoundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@kernel.org \
    --cc=peterz@infradead.org \
    --cc=torvalds@linux-foundation.org \
    --cc=u.kleine-koenig@pengutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

LKML Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/lkml/0 lkml/git/0.git
	git clone --mirror https://lore.kernel.org/lkml/1 lkml/git/1.git
	git clone --mirror https://lore.kernel.org/lkml/2 lkml/git/2.git
	git clone --mirror https://lore.kernel.org/lkml/3 lkml/git/3.git
	git clone --mirror https://lore.kernel.org/lkml/4 lkml/git/4.git
	git clone --mirror https://lore.kernel.org/lkml/5 lkml/git/5.git
	git clone --mirror https://lore.kernel.org/lkml/6 lkml/git/6.git
	git clone --mirror https://lore.kernel.org/lkml/7 lkml/git/7.git
	git clone --mirror https://lore.kernel.org/lkml/8 lkml/git/8.git
	git clone --mirror https://lore.kernel.org/lkml/9 lkml/git/9.git
	git clone --mirror https://lore.kernel.org/lkml/10 lkml/git/10.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 lkml lkml/ https://lore.kernel.org/lkml \
		linux-kernel@vger.kernel.org
	public-inbox-index lkml

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-kernel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git