Subject: Re: printk: Add kernel parameter to disable writes to /dev/kmsg
To: Steven Rostedt <rostedt@goodmis.org>, Pavel Machek <pavel@ucw.cz>
References: <20160425130629.188a901c@gandalf.local.home>
 <20160426184458.GB8162@amd> <20160426154742.0da764a9@gandalf.local.home>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Ingo Molnar <mingo@kernel.org>, Peter Zijlstra <peterz@infradead.org>,
        Borislav Petkov <bp@alien8.de>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>
From: "Austin S. Hemmelgarn" <ahferroin7@gmail.com>
Message-ID: <5720A1B3.9020604@gmail.com>
Date: Wed, 27 Apr 2016 07:25:39 -0400
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <20160426154742.0da764a9@gandalf.local.home>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 698
Lines: 17

On 2016-04-26 15:47, Steven Rostedt wrote:
> On Tue, 26 Apr 2016 20:44:58 +0200
> Pavel Machek <pavel@ucw.cz> wrote:
>
>>> I simply propose a way to let us kernel developers keep user space from
>>> interfering, by adding a new kernel command line parameter that will
>>> disable writing to /dev/kmsg. Any attempt to open the file in write
>>> mode will return a -EPERM error.
>>
>> chmod 400 /dev/kmsg? With udev, it should be possible to make it persistent...
>
> But this opened while initramdisk is used. I'm thinking this wont work,
> or does udev run before main root is mounted?
>
It does, but I don't think it runs before journald on systemd systems...

So it probably still wouldn't work.