From: Eric Biggers <ebiggers@kernel.org>
To: stable@vger.kernel.org
Cc: Harshit Mogalapalli <harshit.m.mogalapalli@oracle.com>,
Kees Cook <keescook@chromium.org>, SeongJae Park <sj@kernel.org>,
Seth Jenkins <sethjenkins@google.com>,
Jann Horn <jannh@google.com>,
"Eric W . Biederman" <ebiederm@xmission.com>,
linux-hardening@vger.kernel.org, linux-kernel@vger.kernel.org,
Jonathan Corbet <corbet@lwn.net>,
Andrew Morton <akpm@linux-foundation.org>,
Baolin Wang <baolin.wang@linux.alibaba.com>,
"Jason A. Donenfeld" <Jason@zx2c4.com>,
Eric Biggers <ebiggers@google.com>,
Huang Ying <ying.huang@intel.com>, Petr Mladek <pmladek@suse.com>,
tangmeng <tangmeng@uniontech.com>,
"Guilherme G. Piccoli" <gpiccoli@igalia.com>,
Tiezhu Yang <yangtiezhu@loongson.cn>,
Sebastian Andrzej Siewior <bigeasy@linutronix.de>,
linux-doc@vger.kernel.org, Luis Chamberlain <mcgrof@kernel.org>
Subject: [PATCH 5.4 14/17] panic: Introduce warn_limit
Date: Wed, 1 Feb 2023 20:42:52 -0800 [thread overview]
Message-ID: <20230202044255.128815-15-ebiggers@kernel.org> (raw)
In-Reply-To: <20230202044255.128815-1-ebiggers@kernel.org>
From: Kees Cook <keescook@chromium.org>
commit 9fc9e278a5c0b708eeffaf47d6eb0c82aa74ed78 upstream.
Like oops_limit, add warn_limit for limiting the number of warnings when
panic_on_warn is not set.
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Baolin Wang <baolin.wang@linux.alibaba.com>
Cc: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: Eric Biggers <ebiggers@google.com>
Cc: Huang Ying <ying.huang@intel.com>
Cc: Petr Mladek <pmladek@suse.com>
Cc: tangmeng <tangmeng@uniontech.com>
Cc: "Guilherme G. Piccoli" <gpiccoli@igalia.com>
Cc: Tiezhu Yang <yangtiezhu@loongson.cn>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: linux-doc@vger.kernel.org
Reviewed-by: Luis Chamberlain <mcgrof@kernel.org>
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20221117234328.594699-5-keescook@chromium.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
Documentation/admin-guide/sysctl/kernel.rst | 10 ++++++++
kernel/panic.c | 27 +++++++++++++++++++++
2 files changed, 37 insertions(+)
diff --git a/Documentation/admin-guide/sysctl/kernel.rst b/Documentation/admin-guide/sysctl/kernel.rst
index bc31c4a88f20f..568c24ff00a72 100644
--- a/Documentation/admin-guide/sysctl/kernel.rst
+++ b/Documentation/admin-guide/sysctl/kernel.rst
@@ -1186,6 +1186,16 @@ entry will default to 2 instead of 0.
2 Unprivileged calls to ``bpf()`` are disabled
= =============================================================
+
+warn_limit
+==========
+
+Number of kernel warnings after which the kernel should panic when
+``panic_on_warn`` is not set. Setting this to 0 disables checking
+the warning count. Setting this to 1 has the same effect as setting
+``panic_on_warn=1``. The default value is 0.
+
+
watchdog:
=========
diff --git a/kernel/panic.c b/kernel/panic.c
index 7e4900eb25ac1..8f72305dd501d 100644
--- a/kernel/panic.c
+++ b/kernel/panic.c
@@ -44,6 +44,7 @@ static int pause_on_oops_flag;
static DEFINE_SPINLOCK(pause_on_oops_lock);
bool crash_kexec_post_notifiers;
int panic_on_warn __read_mostly;
+static unsigned int warn_limit __read_mostly;
int panic_timeout = CONFIG_PANIC_TIMEOUT;
EXPORT_SYMBOL_GPL(panic_timeout);
@@ -60,6 +61,26 @@ ATOMIC_NOTIFIER_HEAD(panic_notifier_list);
EXPORT_SYMBOL(panic_notifier_list);
+#ifdef CONFIG_SYSCTL
+static struct ctl_table kern_panic_table[] = {
+ {
+ .procname = "warn_limit",
+ .data = &warn_limit,
+ .maxlen = sizeof(warn_limit),
+ .mode = 0644,
+ .proc_handler = proc_douintvec,
+ },
+ { }
+};
+
+static __init int kernel_panic_sysctls_init(void)
+{
+ register_sysctl_init("kernel", kern_panic_table);
+ return 0;
+}
+late_initcall(kernel_panic_sysctls_init);
+#endif
+
static long no_blink(int state)
{
return 0;
@@ -158,8 +179,14 @@ static void panic_print_sys_info(void)
void check_panic_on_warn(const char *origin)
{
+ static atomic_t warn_count = ATOMIC_INIT(0);
+
if (panic_on_warn)
panic("%s: panic_on_warn set ...\n", origin);
+
+ if (atomic_inc_return(&warn_count) >= READ_ONCE(warn_limit) && warn_limit)
+ panic("%s: system warned too often (kernel.warn_limit is %d)",
+ origin, warn_limit);
}
/**
--
2.39.1
next prev parent reply other threads:[~2023-02-02 4:44 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-02 4:42 [PATCH 5.4 00/17] Backport oops_limit to 5.4 Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 01/17] sysctl: add a new register_sysctl_init() interface Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 02/17] panic: unset panic_on_warn inside panic() Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 03/17] mm: kasan: do not panic if both panic_on_warn and kasan_multishot set Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 04/17] exit: Add and use make_task_dead Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 05/17] objtool: Add a missing comma to avoid string concatenation Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 06/17] hexagon: Fix function name in die() Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 07/17] h8300: Fix build errors from do_exit() to make_task_dead() transition Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 08/17] csky: Fix function name in csky_alignment() and die() Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 09/17] ia64: make IA64_MCA_RECOVERY bool instead of tristate Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 10/17] exit: Put an upper limit on how often we can oops Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 11/17] exit: Expose "oops_count" to sysfs Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 12/17] exit: Allow oops_limit to be disabled Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 13/17] panic: Consolidate open-coded panic_on_warn checks Eric Biggers
2023-02-02 4:42 ` Eric Biggers [this message]
2023-02-02 4:42 ` [PATCH 5.4 15/17] panic: Expose "warn_count" to sysfs Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 16/17] docs: Fix path paste-o for /sys/kernel/warn_count Eric Biggers
2023-02-02 4:42 ` [PATCH 5.4 17/17] exit: Use READ_ONCE() for all oops/warn limit reads Eric Biggers
2023-02-02 17:16 ` [PATCH 5.4 00/17] Backport oops_limit to 5.4 Sasha Levin
2023-02-02 17:47 ` Sasha Levin
2023-02-02 19:20 ` Eric Biggers
2023-02-02 18:43 ` SeongJae Park
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230202044255.128815-15-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=Jason@zx2c4.com \
--cc=akpm@linux-foundation.org \
--cc=baolin.wang@linux.alibaba.com \
--cc=bigeasy@linutronix.de \
--cc=corbet@lwn.net \
--cc=ebiederm@xmission.com \
--cc=ebiggers@google.com \
--cc=gpiccoli@igalia.com \
--cc=harshit.m.mogalapalli@oracle.com \
--cc=jannh@google.com \
--cc=keescook@chromium.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mcgrof@kernel.org \
--cc=pmladek@suse.com \
--cc=sethjenkins@google.com \
--cc=sj@kernel.org \
--cc=stable@vger.kernel.org \
--cc=tangmeng@uniontech.com \
--cc=yangtiezhu@loongson.cn \
--cc=ying.huang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.