Re: [PATCH] printk: handle blank console arguments passed in.

From: Guenter Roeck
Date: Tue Oct 06 2020 - 06:45:07 EST


On 10/6/20 2:52 AM, Petr Mladek wrote:
> On Mon 2020-10-05 20:35:59, Guenter Roeck wrote:
>> On 10/5/20 7:59 PM, Sergey Senozhatsky wrote:
>>> On (20/05/22 12:00), Petr Mladek wrote:
>>>> On Fri 2020-05-22 16:53:06, Shreyas Joshi wrote:
>>>>> If uboot passes a blank string to console_setup then it results in a trashed memory.
>>>>> Ultimately, the kernel crashes during freeing up the memory. This fix checks if there
>>>>> is a blank parameter being passed to console_setup from uboot.
>>>>> In case it detects that the console parameter is blank then
>>>>> it doesn't setup the serial device and it gracefully exits.
>>>>>
>>> Petr, this patch's causing regressions for us. We use blank console= boot
>>> param to bypass dts. It appears that it'd be better to revert the change.
>>>
>> Not just to bypass dts, it was also possible to use console= to disable consoles
>> passed as config option, as well as other default console options. A quick test
>> confirms that this affects all platforms/architectures, not just Chromebooks.
>> Prior to this patch, it was possible to disable a default console with an
>> empty "console=" parameter. This is no longer possible. This means that
>> this patch results in a substantial (and, as far as I can see, completely
>> undiscussed) functionality change.
>
> Where is this behavior documented, please?
>

I don't know. I didn't find it either. All I know is that Chromebooks
apparently used it from day 1 to disable the console, and I always thought
it was official behavior until I stumbled over the problem last weekend,
tried to look it up, and failed to find it.

> I do not see it anywhere (documentation, git log, google) and it is far from
> obvious from the code. It seems that any random string would do the
> same job, e.g. console=none.
>

Agreed about the "far from obvious". From looking at the code, it seems like
an unintended (?) side effect to me.

> Of course, we need to restore the original behavior when it breaks
> existing systems. But I want to be sure that there is no better
> solution.
>
> And it makes perfect sense to disable all consoles or drop all defined
> by dts. But I would prefer to make it more obvious way, for
> example by parameters like:
>
> + console=none
> + no-console
> + no-dtd-console
> + no-default-console
>
Again, the problem isn't limited to dts provided consoles, or at least
that was my understanding. I am still trying to understand how default
consoles are defined, so I may get something wrong. Anyway, personally I
liked "console=", but that is just me. Anything else should work for us
as long as it is backward compatible (which excludes the no-xxx options).

Whatever is decided, I'd like to have it made official and documented to
avoid a similar problem in the future.

>
> JFYI, the console= parameter handling is a real historical mess. We are
> always surprised what undefined behavior people depend on. For
> example, see:
>
> + commit 33225d7b0ac9903c5701b ("printk: Correctly set CON_CONSDEV
> even when preferred console was not registered")
>
> + commit e369d8227fd211be3624 ("printk: Fix preferred console
> selection with multiple matches")
>
>> I don't understand why (yet), but the patch also causes regressions with
>> seemingly unrelated functionality, specifically with dm-verity on at least
>> one Chromebook platform. I filed crbug.com/1135157 to track the problem,
>> and reverted the patch from all our stable releases immediately after
>> the last round of stable release merges.
>>
>> On a side note, I don't see the problem presumably fixed with this
>> patch in any of my tests.
>
> Console drivers might provide a custom match() callback to handle
> various aliases. I guess that some driver wrongly matches the empty
> string stored in the array of preferred consoles.
>

That might well be. Obviously all Chromebooks never had a problem with it.
I'll keep trying; maybe I can find a qemu emulation that crashes with it.

Unfortunately we don't have a traceback, so it is difficult to determine
what actually caused the problem. Maybe Sergey can provide one.

> There are likely other ways to fix the original problem.
>
Most definitely. Either case, again, I'd like to make sure that we get
some official means to disable a pre-configured console using the
command lime.

Thanks,
Guenter