aboutsummaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorPetr Mladek <pmladek@suse.cz>2014-06-04 19:11:30 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2014-06-04 19:54:16 -0400
commitf40e4b9f70d48eb08f443642283fdd9d05b27c6d (patch)
tree6ccb314ef25a9316eeca024e8d2465d151d32904 /kernel
parent0a581694ab7a5bc083d710df8a552a6a055b005f (diff)
printk: ignore too long messages
There was no check for too long messages. The check for free space always passed when first_seq and next_seq were equal. Enough free space was not guaranteed, though. log_store() might be called to store messages up to 64kB + 64kB + 16B. This is sum of maximal text_len, dict_len values, and the size of the structure printk_log. On the other hand, the minimal size for the main log buffer currently is 4kB and it is enforced only by Kconfig. The good news is that the usage looks safe right now. log_store() is called only from vprintk_emit() and cont_flush(). Here the "text" part is always passed via a static buffer and the length is limited to LOG_LINE_MAX which is 1024. The "dict" part is NULL in most cases. The only exceptions is when vprintk_emit() is called from printk_emit() and dev_vprintk_emit(). But printk_emit() is currently used only in devkmsg_writev() and here "dict" is NULL as well. In dev_vprintk_emit(), "dict" is limited by the static buffer "hdr" of the size 128 bytes. It meas that the current maximal printed text is 1024B + 128B + 16B and it always fit the log buffer. But it is only matter of time when someone calls printk_emit() with unsafe parameters, especially the "dict" one. This patch adds a check for the free space when the buffer is empty. It reuses the already existing log_has_space() function but it has to add an extra parameter. It defines whether the buffer is empty. Note that the same values of "first_idx" and "next_idx" might also mean that the buffer is full. If the buffer is empty, we must respect the current position of the indexes. We cannot reset them to the beginning of the buffer. Otherwise, the functions reading the buffer would get crazy. The question is what to do when the message is too long. This patch uses the easiest solution and just ignores the problematic message. Let's do something better in a followup patch. Signed-off-by: Petr Mladek <pmladek@suse.cz> Cc: Jan Kara <jack@suse.cz> Cc: Jiri Kosina <jkosina@suse.cz> Cc: Kay Sievers <kay@vrfy.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/printk/printk.c30
1 files changed, 23 insertions, 7 deletions
diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
index 99b7a2d87b6a..8fbbab1771eb 100644
--- a/kernel/printk/printk.c
+++ b/kernel/printk/printk.c
@@ -297,12 +297,20 @@ static u32 log_next(u32 idx)
297 return idx + msg->len; 297 return idx + msg->len;
298} 298}
299 299
300/* check whether there is enough free space for the given message */ 300/*
301static int logbuf_has_space(u32 msg_size) 301 * Check whether there is enough free space for the given message.
302 *
303 * The same values of first_idx and next_idx mean that the buffer
304 * is either empty or full.
305 *
306 * If the buffer is empty, we must respect the position of the indexes.
307 * They cannot be reset to the beginning of the buffer.
308 */
309static int logbuf_has_space(u32 msg_size, bool empty)
302{ 310{
303 u32 free; 311 u32 free;
304 312
305 if (log_next_idx > log_first_idx) 313 if (log_next_idx > log_first_idx || empty)
306 free = max(log_buf_len - log_next_idx, log_first_idx); 314 free = max(log_buf_len - log_next_idx, log_first_idx);
307 else 315 else
308 free = log_first_idx - log_next_idx; 316 free = log_first_idx - log_next_idx;
@@ -314,15 +322,21 @@ static int logbuf_has_space(u32 msg_size)
314 return free >= msg_size + sizeof(struct printk_log); 322 return free >= msg_size + sizeof(struct printk_log);
315} 323}
316 324
317static void log_make_free_space(u32 msg_size) 325static int log_make_free_space(u32 msg_size)
318{ 326{
319 while (log_first_seq < log_next_seq) { 327 while (log_first_seq < log_next_seq) {
320 if (logbuf_has_space(msg_size)) 328 if (logbuf_has_space(msg_size, false))
321 return; 329 return 0;
322 /* drop old messages until we have enough continuous space */ 330 /* drop old messages until we have enough continuous space */
323 log_first_idx = log_next(log_first_idx); 331 log_first_idx = log_next(log_first_idx);
324 log_first_seq++; 332 log_first_seq++;
325 } 333 }
334
335 /* sequence numbers are equal, so the log buffer is empty */
336 if (logbuf_has_space(msg_size, true))
337 return 0;
338
339 return -ENOMEM;
326} 340}
327 341
328/* insert record into the buffer, discard old ones, update heads */ 342/* insert record into the buffer, discard old ones, update heads */
@@ -339,7 +353,9 @@ static void log_store(int facility, int level,
339 pad_len = (-size) & (LOG_ALIGN - 1); 353 pad_len = (-size) & (LOG_ALIGN - 1);
340 size += pad_len; 354 size += pad_len;
341 355
342 log_make_free_space(size); 356 /* if message does not fit empty log buffer, ignore it */
357 if (log_make_free_space(size))
358 return;
343 359
344 if (log_next_idx + size + sizeof(struct printk_log) > log_buf_len) { 360 if (log_next_idx + size + sizeof(struct printk_log) > log_buf_len) {
345 /* 361 /*