If sendsyslog(2) is called with LOG_CONS before syslogd(8) has been

started and before init(8) has opened the console, the kernel could
crash as the console device has not been initialized.  Open
/dev/console in the kernel before starting init(8) and keep it open.
This way sendsyslog(2) can be called early in the system.
OK beck@ deraadt@

3 files changed, 23 insertions, 11 deletions

diff --git a/sys/kern/init_main.c b/sys/kern/init_main.c
index 44f73a20e8b..87f76c07bd6 100644
--- a/sys/kern/init_main.c
+++ b/sys/kern/init_main.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: init_main.c,v 1.251 2016/05/10 18:39:51 deraadt Exp $	*/
+/*	$OpenBSD: init_main.c,v 1.252 2016/05/10 23:54:00 bluhm Exp $	*/
 /*	$NetBSD: init_main.c,v 1.84.4.1 1996/06/02 09:08:06 mrg Exp $	*/
 
 /*
@@ -120,7 +120,7 @@ struct	proc *reaperproc;
 
 extern	struct user *proc0paddr;
 
-struct	vnode *rootvp, *swapdev_vp;
+struct	vnode *rootvp, *swapdev_vp, *consolevp;
 int	boothowto;
 struct	timespec boottime;
 int	ncpus =  1;
@@ -133,7 +133,7 @@ long	__guard_local __attribute__((section(".openbsd.randomdata")));
 
 /* XXX return int so gcc -Werror won't complain */
 int	main(void *);
-void	check_console(struct proc *);
+void	open_console(struct proc *);
 void	start_init(void *);
 void	start_cleaner(void *);
 void	start_update(void *);
@@ -570,20 +570,30 @@ static char *initpaths[] = {
 };
 
 void
-check_console(struct proc *p)
+open_console(struct proc *p)
 {
 	struct nameidata nd;
+	struct vnode *vp;
 	int error;
 
 	NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, "/dev/console", p);
-	error = namei(&nd);
+	error = vn_open(&nd, FWRITE, 0);
 	if (error) {
 		if (error == ENOENT)
 			printf("warning: /dev/console does not exist\n");
 		else
 			printf("warning: /dev/console error %d\n", error);
-	} else
-		vrele(nd.ni_vp);
+		return;
+	}
+	vp = nd.ni_vp;
+	VOP_UNLOCK(vp, p);
+	if (!ISSET(vp->v_flag, VISTTY)) {
+		printf("warning: /dev/console is not a tty device\n");
+		vn_close(vp, FWRITE, p->p_ucred, p);
+		return;
+	}
+
+	consolevp = vp;
 }
 
 /*
@@ -616,7 +626,7 @@ start_init(void *arg)
 	while (start_init_exec == 0)
 		(void) tsleep((void *)&start_init_exec, PWAIT, "initexec", 0);
 
-	check_console(p);
+	open_console(p);
 
 	/* process 0 ignores SIGCHLD, but we can't */
 	p->p_p->ps_sigacts->ps_flags = 0;
diff --git a/sys/kern/subr_log.c b/sys/kern/subr_log.c
index 7ecdfa9185a..1d11ef02232 100644
--- a/sys/kern/subr_log.c
+++ b/sys/kern/subr_log.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: subr_log.c,v 1.38 2016/03/21 22:41:29 bluhm Exp $	*/
+/*	$OpenBSD: subr_log.c,v 1.39 2016/05/10 23:54:00 bluhm Exp $	*/
 /*	$NetBSD: subr_log.c,v 1.11 1996/03/30 22:24:44 christos Exp $	*/
 
 /*
@@ -415,7 +415,7 @@ dosendsyslog(struct proc *p, const char *buf, size_t nbyte, int flags,
 
 	if (syslogf)
 		FREF(syslogf);
-	else if ((flags & LOG_CONS) == 0)
+	else if (!ISSET(flags, LOG_CONS) || consolevp == NULL)
 		return (ENOTCONN);
 	else {
 		/*
diff --git a/sys/sys/systm.h b/sys/sys/systm.h
index 78e3007dd04..83e16052820 100644
--- a/sys/sys/systm.h
+++ b/sys/sys/systm.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: systm.h,v 1.111 2016/03/24 08:57:51 mpi Exp $	*/
+/*	$OpenBSD: systm.h,v 1.112 2016/05/10 23:54:01 bluhm Exp $	*/
 /*	$NetBSD: systm.h,v 1.50 1996/06/09 04:55:09 briggs Exp $	*/
 
 /*-
@@ -99,6 +99,8 @@ extern struct vnode *rootvp;	/* vnode equivalent to above */
 extern dev_t swapdev;		/* swapping device */
 extern struct vnode *swapdev_vp;/* vnode equivalent to above */
 
+extern struct vnode *consolevp; /* vnode of console tty device */
+
 struct proc;
 struct process;
 #define curproc curcpu()->ci_curproc