linux-kernel - Re: [RFC][PATCH] printk: increase devkmsg write() ratelimit

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite for Android: free password hash cracker in your pocket

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Date:   Wed, 19 Dec 2018 09:50:16 +0100
From:   Petr Mladek <pmladek@...e.com>
To:     Steven Rostedt <rostedt@...dmis.org>
Cc:     Peter Zijlstra <peterz@...radead.org>,
        Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        Borislav Petkov <bp@...en8.de>,
        Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        linux-kernel@...r.kernel.org
Subject: Re: [RFC][PATCH] printk: increase devkmsg write() ratelimit

On Tue 2018-12-18 12:37:48, Steven Rostedt wrote:
> On Tue, 18 Dec 2018 18:21:09 +0100
> Peter Zijlstra <peterz@...radead.org> wrote:
> 
> > On Wed, Dec 19, 2018 at 01:52:17AM +0900, Sergey Senozhatsky wrote:
> > > On (12/18/18 16:24), Borislav Petkov wrote:  
> > > > On Wed, Dec 19, 2018 at 12:14:55AM +0900, Sergey Senozhatsky wrote:  
> > > > > Right, but unlike log_buf_len, devkmsg is a bit close to a "binary" knob:
> > > > > either all messages or none;  
> > > > 
> > > > ... which is perfectly fine for a debugging session.  
> > > 
> > > But devkmsg ratelimits systemd errors, so one does not even know that
> > > "some debugging is required". For instance from my x86 box:
> > > 
> > >  Unmounting /home...
> > >  [..]
> > >  home.mount: Mount process exited, code=exited status=32
> > >  Failed unmounting /home.
> > > 
> > > I don't want to debug systemd, I want to know that something didn't
> > > work out. 10 messages max and 5 seconds interval looks a bit too strict.  
> > 
> > Again, complain to system-doofus for printing so much crap to somewhere
> > it should not print to begin with.
> 
> I've been saying that it would be good to make the kmsg be a separate
> buffer that just gets interleaved with the kernel buffer. Userspace
> processes should never be able to overwrite messages from the kernel.

There was a proposal for this few years ago, see
https://lkml.kernel.org/r/1435920595-30879-1-git-send-email-m.niesluchow@samsung.com

Honestly, I got scared. It proposed an interface for dynamically adding
separate /dev/kmsg devices and related log buffers. This smells with
huge amount of messages that might fight for console throughput and
complicate printk code.

Best Regards,
Petr