/src/systemd/src/journal/journald-kmsg.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* SPDX-License-Identifier: LGPL-2.1+ */ |
2 | | |
3 | | #include <fcntl.h> |
4 | | #include <sys/epoll.h> |
5 | | #include <sys/mman.h> |
6 | | #include <sys/socket.h> |
7 | | #include <unistd.h> |
8 | | |
9 | | #include "sd-device.h" |
10 | | #include "sd-messages.h" |
11 | | |
12 | | #include "alloc-util.h" |
13 | | #include "device-util.h" |
14 | | #include "escape.h" |
15 | | #include "fd-util.h" |
16 | | #include "format-util.h" |
17 | | #include "io-util.h" |
18 | | #include "journald-kmsg.h" |
19 | | #include "journald-server.h" |
20 | | #include "journald-syslog.h" |
21 | | #include "parse-util.h" |
22 | | #include "process-util.h" |
23 | | #include "stdio-util.h" |
24 | | #include "string-util.h" |
25 | | |
26 | | void server_forward_kmsg( |
27 | | Server *s, |
28 | | int priority, |
29 | | const char *identifier, |
30 | | const char *message, |
31 | 962k | const struct ucred *ucred) { |
32 | 962k | |
33 | 962k | _cleanup_free_ char *ident_buf = NULL; |
34 | 962k | struct iovec iovec[5]; |
35 | 962k | char header_priority[DECIMAL_STR_MAX(priority) + 3], |
36 | 962k | header_pid[STRLEN("[]: ") + DECIMAL_STR_MAX(pid_t) + 1]; |
37 | 962k | int n = 0; |
38 | 962k | |
39 | 962k | assert(s); |
40 | 962k | assert(priority >= 0); |
41 | 962k | assert(priority <= 999); |
42 | 962k | assert(message); |
43 | 962k | |
44 | 962k | if (_unlikely_(LOG_PRI(priority) > s->max_level_kmsg)) |
45 | 962k | return; |
46 | 955k | |
47 | 955k | if (_unlikely_(s->dev_kmsg_fd < 0)) |
48 | 955k | return; |
49 | 0 | |
50 | 0 | /* Never allow messages with kernel facility to be written to |
51 | 0 | * kmsg, regardless where the data comes from. */ |
52 | 0 | priority = syslog_fixup_facility(priority); |
53 | 0 |
|
54 | 0 | /* First: priority field */ |
55 | 0 | xsprintf(header_priority, "<%i>", priority); |
56 | 0 | iovec[n++] = IOVEC_MAKE_STRING(header_priority); |
57 | 0 |
|
58 | 0 | /* Second: identifier and PID */ |
59 | 0 | if (ucred) { |
60 | 0 | if (!identifier) { |
61 | 0 | get_process_comm(ucred->pid, &ident_buf); |
62 | 0 | identifier = ident_buf; |
63 | 0 | } |
64 | 0 |
|
65 | 0 | xsprintf(header_pid, "["PID_FMT"]: ", ucred->pid); |
66 | 0 |
|
67 | 0 | if (identifier) |
68 | 0 | iovec[n++] = IOVEC_MAKE_STRING(identifier); |
69 | 0 |
|
70 | 0 | iovec[n++] = IOVEC_MAKE_STRING(header_pid); |
71 | 0 | } else if (identifier) { |
72 | 0 | iovec[n++] = IOVEC_MAKE_STRING(identifier); |
73 | 0 | iovec[n++] = IOVEC_MAKE_STRING(": "); |
74 | 0 | } |
75 | 0 |
|
76 | 0 | /* Fourth: message */ |
77 | 0 | iovec[n++] = IOVEC_MAKE_STRING(message); |
78 | 0 | iovec[n++] = IOVEC_MAKE_STRING("\n"); |
79 | 0 |
|
80 | 0 | if (writev(s->dev_kmsg_fd, iovec, n) < 0) |
81 | 0 | log_debug_errno(errno, "Failed to write to /dev/kmsg for logging: %m"); |
82 | 0 | } |
83 | | |
84 | 467 | static bool is_us(const char *identifier, const char *pid) { |
85 | 467 | pid_t pid_num; |
86 | 467 | |
87 | 467 | if (!identifier || !pid) |
88 | 265 | return false; |
89 | 202 | |
90 | 202 | if (parse_pid(pid, &pid_num) < 0) |
91 | 116 | return false; |
92 | 86 | |
93 | 86 | return pid_num == getpid_cached() && |
94 | 86 | streq(identifier, program_invocation_short_name); |
95 | 86 | } |
96 | | |
97 | 2.17k | void dev_kmsg_record(Server *s, char *p, size_t l) { |
98 | 2.17k | |
99 | 2.17k | _cleanup_free_ char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL, *identifier = NULL, *pid = NULL; |
100 | 2.17k | struct iovec iovec[N_IOVEC_META_FIELDS + 7 + N_IOVEC_KERNEL_FIELDS + 2 + N_IOVEC_UDEV_FIELDS]; |
101 | 2.17k | char *kernel_device = NULL; |
102 | 2.17k | unsigned long long usec; |
103 | 2.17k | size_t n = 0, z = 0, j; |
104 | 2.17k | int priority, r; |
105 | 2.17k | char *e, *f, *k; |
106 | 2.17k | uint64_t serial; |
107 | 2.17k | size_t pl; |
108 | 2.17k | |
109 | 2.17k | assert(s); |
110 | 2.17k | assert(p); |
111 | 2.17k | |
112 | 2.17k | if (l <= 0) |
113 | 0 | return; |
114 | 2.17k | |
115 | 2.17k | e = memchr(p, ',', l); |
116 | 2.17k | if (!e) |
117 | 14 | return; |
118 | 2.16k | *e = 0; |
119 | 2.16k | |
120 | 2.16k | r = safe_atoi(p, &priority); |
121 | 2.16k | if (r < 0 || priority < 0 || priority > 999) |
122 | 176 | return; |
123 | 1.98k | |
124 | 1.98k | if (s->forward_to_kmsg && LOG_FAC(priority) != LOG_KERN) |
125 | 1.98k | return; |
126 | 1.98k | |
127 | 1.98k | l -= (e - p) + 1; |
128 | 1.98k | p = e + 1; |
129 | 1.98k | e = memchr(p, ',', l); |
130 | 1.98k | if (!e) |
131 | 22 | return; |
132 | 1.96k | *e = 0; |
133 | 1.96k | |
134 | 1.96k | r = safe_atou64(p, &serial); |
135 | 1.96k | if (r < 0) |
136 | 11 | return; |
137 | 1.95k | |
138 | 1.95k | if (s->kernel_seqnum) { |
139 | 0 | /* We already read this one? */ |
140 | 0 | if (serial < *s->kernel_seqnum) |
141 | 0 | return; |
142 | 0 | |
143 | 0 | /* Did we lose any? */ |
144 | 0 | if (serial > *s->kernel_seqnum) |
145 | 0 | server_driver_message(s, 0, |
146 | 0 | "MESSAGE_ID=" SD_MESSAGE_JOURNAL_MISSED_STR, |
147 | 0 | LOG_MESSAGE("Missed %"PRIu64" kernel messages", |
148 | 0 | serial - *s->kernel_seqnum), |
149 | 0 | NULL); |
150 | 0 |
|
151 | 0 | /* Make sure we never read this one again. Note that |
152 | 0 | * we always store the next message serial we expect |
153 | 0 | * here, simply because this makes handling the first |
154 | 0 | * message with serial 0 easy. */ |
155 | 0 | *s->kernel_seqnum = serial + 1; |
156 | 0 | } |
157 | 1.95k | |
158 | 1.95k | l -= (e - p) + 1; |
159 | 1.95k | p = e + 1; |
160 | 1.95k | f = memchr(p, ';', l); |
161 | 1.95k | if (!f) |
162 | 6 | return; |
163 | 1.94k | /* Kernel 3.6 has the flags field, kernel 3.5 lacks that */ |
164 | 1.94k | e = memchr(p, ',', l); |
165 | 1.94k | if (!e || f < e) |
166 | 1.93k | e = f; |
167 | 1.94k | *e = 0; |
168 | 1.94k | |
169 | 1.94k | r = safe_atollu(p, &usec); |
170 | 1.94k | if (r < 0) |
171 | 4 | return; |
172 | 1.94k | |
173 | 1.94k | l -= (f - p) + 1; |
174 | 1.94k | p = f + 1; |
175 | 1.94k | e = memchr(p, '\n', l); |
176 | 1.94k | if (!e) |
177 | 1 | return; |
178 | 1.94k | *e = 0; |
179 | 1.94k | |
180 | 1.94k | pl = e - p; |
181 | 1.94k | l -= (e - p) + 1; |
182 | 1.94k | k = e + 1; |
183 | 1.94k | |
184 | 3.92k | for (j = 0; l > 0 && j < N_IOVEC_KERNEL_FIELDS; j++) { |
185 | 2.03k | char *m; |
186 | 2.03k | /* Metadata fields attached */ |
187 | 2.03k | |
188 | 2.03k | if (*k != ' ') |
189 | 55 | break; |
190 | 1.98k | |
191 | 1.98k | k++, l--; |
192 | 1.98k | |
193 | 1.98k | e = memchr(k, '\n', l); |
194 | 1.98k | if (!e) |
195 | 7 | goto finish; |
196 | 1.97k | |
197 | 1.97k | *e = 0; |
198 | 1.97k | |
199 | 1.97k | if (cunescape_length_with_prefix(k, e - k, "_KERNEL_", UNESCAPE_RELAX, &m) < 0) |
200 | 0 | break; |
201 | 1.97k | |
202 | 1.97k | if (startswith(m, "_KERNEL_DEVICE=")) |
203 | 839 | kernel_device = m + 15; |
204 | 1.97k | |
205 | 1.97k | iovec[n++] = IOVEC_MAKE_STRING(m); |
206 | 1.97k | z++; |
207 | 1.97k | |
208 | 1.97k | l -= (e - k) + 1; |
209 | 1.97k | k = e + 1; |
210 | 1.97k | } |
211 | 1.94k | |
212 | 1.94k | if (kernel_device) { |
213 | 767 | _cleanup_(sd_device_unrefp) sd_device *d = NULL; |
214 | 767 | |
215 | 767 | if (sd_device_new_from_device_id(&d, kernel_device) >= 0) { |
216 | 16 | const char *g; |
217 | 16 | char *b; |
218 | 16 | |
219 | 16 | if (sd_device_get_devname(d, &g) >= 0) { |
220 | 2 | b = strappend("_UDEV_DEVNODE=", g); |
221 | 2 | if (b) { |
222 | 2 | iovec[n++] = IOVEC_MAKE_STRING(b); |
223 | 2 | z++; |
224 | 2 | } |
225 | 2 | } |
226 | 16 | |
227 | 16 | if (sd_device_get_sysname(d, &g) >= 0) { |
228 | 16 | b = strappend("_UDEV_SYSNAME=", g); |
229 | 16 | if (b) { |
230 | 16 | iovec[n++] = IOVEC_MAKE_STRING(b); |
231 | 16 | z++; |
232 | 16 | } |
233 | 16 | } |
234 | 16 | |
235 | 16 | j = 0; |
236 | 16 | FOREACH_DEVICE_DEVLINK(d, g) { |
237 | 0 |
|
238 | 0 | if (j >= N_IOVEC_UDEV_FIELDS) |
239 | 0 | break; |
240 | 0 | |
241 | 0 | b = strappend("_UDEV_DEVLINK=", g); |
242 | 0 | if (b) { |
243 | 0 | iovec[n++] = IOVEC_MAKE_STRING(b); |
244 | 0 | z++; |
245 | 0 | } |
246 | 0 |
|
247 | 0 | j++; |
248 | 0 | } |
249 | 16 | } |
250 | 767 | } |
251 | 1.93k | |
252 | 1.93k | if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu", usec) >= 0) |
253 | 1.93k | iovec[n++] = IOVEC_MAKE_STRING(source_time); |
254 | 1.93k | |
255 | 1.93k | iovec[n++] = IOVEC_MAKE_STRING("_TRANSPORT=kernel"); |
256 | 1.93k | |
257 | 1.93k | if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0) |
258 | 1.93k | iovec[n++] = IOVEC_MAKE_STRING(syslog_priority); |
259 | 1.93k | |
260 | 1.93k | if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0) |
261 | 1.93k | iovec[n++] = IOVEC_MAKE_STRING(syslog_facility); |
262 | 1.93k | |
263 | 1.93k | if (LOG_FAC(priority) == LOG_KERN) |
264 | 1.93k | iovec[n++] = IOVEC_MAKE_STRING("SYSLOG_IDENTIFIER=kernel"); |
265 | 1.93k | else { |
266 | 467 | pl -= syslog_parse_identifier((const char**) &p, &identifier, &pid); |
267 | 467 | |
268 | 467 | /* Avoid any messages we generated ourselves via |
269 | 467 | * log_info() and friends. */ |
270 | 467 | if (is_us(identifier, pid)) |
271 | 0 | goto finish; |
272 | 467 | |
273 | 467 | if (identifier) { |
274 | 270 | syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier); |
275 | 270 | if (syslog_identifier) |
276 | 270 | iovec[n++] = IOVEC_MAKE_STRING(syslog_identifier); |
277 | 270 | } |
278 | 467 | |
279 | 467 | if (pid) { |
280 | 202 | syslog_pid = strappend("SYSLOG_PID=", pid); |
281 | 202 | if (syslog_pid) |
282 | 202 | iovec[n++] = IOVEC_MAKE_STRING(syslog_pid); |
283 | 202 | } |
284 | 467 | } |
285 | 1.93k | |
286 | 1.93k | if (cunescape_length_with_prefix(p, pl, "MESSAGE=", UNESCAPE_RELAX, &message) >= 0) |
287 | 1.93k | iovec[n++] = IOVEC_MAKE_STRING(message); |
288 | 1.93k | |
289 | 1.93k | server_dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, priority, 0); |
290 | 1.93k | |
291 | 1.94k | finish: |
292 | 3.93k | for (j = 0; j < z; j++) |
293 | 1.99k | free(iovec[j].iov_base); |
294 | 1.94k | } |
295 | | |
296 | 0 | static int server_read_dev_kmsg(Server *s) { |
297 | 0 | char buffer[8192+1]; /* the kernel-side limit per record is 8K currently */ |
298 | 0 | ssize_t l; |
299 | 0 |
|
300 | 0 | assert(s); |
301 | 0 | assert(s->dev_kmsg_fd >= 0); |
302 | 0 |
|
303 | 0 | l = read(s->dev_kmsg_fd, buffer, sizeof(buffer) - 1); |
304 | 0 | if (l == 0) |
305 | 0 | return 0; |
306 | 0 | if (l < 0) { |
307 | 0 | /* Old kernels who don't allow reading from /dev/kmsg |
308 | 0 | * return EINVAL when we try. So handle this cleanly, |
309 | 0 | * but don' try to ever read from it again. */ |
310 | 0 | if (errno == EINVAL) { |
311 | 0 | s->dev_kmsg_event_source = sd_event_source_unref(s->dev_kmsg_event_source); |
312 | 0 | return 0; |
313 | 0 | } |
314 | 0 | |
315 | 0 | if (IN_SET(errno, EAGAIN, EINTR, EPIPE)) |
316 | 0 | return 0; |
317 | 0 | |
318 | 0 | return log_error_errno(errno, "Failed to read from kernel: %m"); |
319 | 0 | } |
320 | 0 |
|
321 | 0 | dev_kmsg_record(s, buffer, l); |
322 | 0 | return 1; |
323 | 0 | } |
324 | | |
325 | 0 | int server_flush_dev_kmsg(Server *s) { |
326 | 0 | int r; |
327 | 0 |
|
328 | 0 | assert(s); |
329 | 0 |
|
330 | 0 | if (s->dev_kmsg_fd < 0) |
331 | 0 | return 0; |
332 | 0 | |
333 | 0 | if (!s->dev_kmsg_readable) |
334 | 0 | return 0; |
335 | 0 | |
336 | 0 | log_debug("Flushing /dev/kmsg..."); |
337 | 0 |
|
338 | 0 | for (;;) { |
339 | 0 | r = server_read_dev_kmsg(s); |
340 | 0 | if (r < 0) |
341 | 0 | return r; |
342 | 0 | |
343 | 0 | if (r == 0) |
344 | 0 | break; |
345 | 0 | } |
346 | 0 |
|
347 | 0 | return 0; |
348 | 0 | } |
349 | | |
350 | 0 | static int dispatch_dev_kmsg(sd_event_source *es, int fd, uint32_t revents, void *userdata) { |
351 | 0 | Server *s = userdata; |
352 | 0 |
|
353 | 0 | assert(es); |
354 | 0 | assert(fd == s->dev_kmsg_fd); |
355 | 0 | assert(s); |
356 | 0 |
|
357 | 0 | if (revents & EPOLLERR) |
358 | 0 | log_warning("/dev/kmsg buffer overrun, some messages lost."); |
359 | 0 |
|
360 | 0 | if (!(revents & EPOLLIN)) |
361 | 0 | log_error("Got invalid event from epoll for /dev/kmsg: %"PRIx32, revents); |
362 | 0 |
|
363 | 0 | return server_read_dev_kmsg(s); |
364 | 0 | } |
365 | | |
366 | 0 | int server_open_dev_kmsg(Server *s) { |
367 | 0 | mode_t mode; |
368 | 0 | int r; |
369 | 0 |
|
370 | 0 | assert(s); |
371 | 0 |
|
372 | 0 | if (s->read_kmsg) |
373 | 0 | mode = O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY; |
374 | 0 | else |
375 | 0 | mode = O_WRONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY; |
376 | 0 |
|
377 | 0 | s->dev_kmsg_fd = open("/dev/kmsg", mode); |
378 | 0 | if (s->dev_kmsg_fd < 0) { |
379 | 0 | log_full(errno == ENOENT ? LOG_DEBUG : LOG_WARNING, |
380 | 0 | "Failed to open /dev/kmsg, ignoring: %m"); |
381 | 0 | return 0; |
382 | 0 | } |
383 | 0 |
|
384 | 0 | if (!s->read_kmsg) |
385 | 0 | return 0; |
386 | 0 | |
387 | 0 | r = sd_event_add_io(s->event, &s->dev_kmsg_event_source, s->dev_kmsg_fd, EPOLLIN, dispatch_dev_kmsg, s); |
388 | 0 | if (r < 0) { |
389 | 0 |
|
390 | 0 | /* This will fail with EPERM on older kernels where |
391 | 0 | * /dev/kmsg is not readable. */ |
392 | 0 | if (r == -EPERM) { |
393 | 0 | r = 0; |
394 | 0 | goto fail; |
395 | 0 | } |
396 | 0 | |
397 | 0 | log_error_errno(r, "Failed to add /dev/kmsg fd to event loop: %m"); |
398 | 0 | goto fail; |
399 | 0 | } |
400 | 0 | |
401 | 0 | r = sd_event_source_set_priority(s->dev_kmsg_event_source, SD_EVENT_PRIORITY_IMPORTANT+10); |
402 | 0 | if (r < 0) { |
403 | 0 | log_error_errno(r, "Failed to adjust priority of kmsg event source: %m"); |
404 | 0 | goto fail; |
405 | 0 | } |
406 | 0 |
|
407 | 0 | s->dev_kmsg_readable = true; |
408 | 0 |
|
409 | 0 | return 0; |
410 | 0 | |
411 | 0 | fail: |
412 | 0 | s->dev_kmsg_event_source = sd_event_source_unref(s->dev_kmsg_event_source); |
413 | 0 | s->dev_kmsg_fd = safe_close(s->dev_kmsg_fd); |
414 | 0 |
|
415 | 0 | return r; |
416 | 0 | } |
417 | | |
418 | 0 | int server_open_kernel_seqnum(Server *s) { |
419 | 0 | _cleanup_close_ int fd; |
420 | 0 | uint64_t *p; |
421 | 0 | int r; |
422 | 0 |
|
423 | 0 | assert(s); |
424 | 0 |
|
425 | 0 | /* We store the seqnum we last read in an mmaped file. That |
426 | 0 | * way we can just use it like a variable, but it is |
427 | 0 | * persistent and automatically flushed at reboot. */ |
428 | 0 |
|
429 | 0 | fd = open("/run/systemd/journal/kernel-seqnum", O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0644); |
430 | 0 | if (fd < 0) { |
431 | 0 | log_error_errno(errno, "Failed to open /run/systemd/journal/kernel-seqnum, ignoring: %m"); |
432 | 0 | return 0; |
433 | 0 | } |
434 | 0 |
|
435 | 0 | r = posix_fallocate(fd, 0, sizeof(uint64_t)); |
436 | 0 | if (r != 0) { |
437 | 0 | log_error_errno(r, "Failed to allocate sequential number file, ignoring: %m"); |
438 | 0 | return 0; |
439 | 0 | } |
440 | 0 |
|
441 | 0 | p = mmap(NULL, sizeof(uint64_t), PROT_READ|PROT_WRITE, MAP_SHARED, fd, 0); |
442 | 0 | if (p == MAP_FAILED) { |
443 | 0 | log_error_errno(errno, "Failed to map sequential number file, ignoring: %m"); |
444 | 0 | return 0; |
445 | 0 | } |
446 | 0 |
|
447 | 0 | s->kernel_seqnum = p; |
448 | 0 |
|
449 | 0 | return 0; |
450 | 0 | } |