From nobody Sun Apr 30 20:26:52 2023
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Q8dDD6FxRz48GdW;
	Sun, 30 Apr 2023 20:26:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4Q8dDD5fPVz44dZ;
	Sun, 30 Apr 2023 20:26:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1682886412;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=a/tZpc3m2jZ3SMtGoxPcM3L9CqwMVW61IpD8h9FAGZg=;
	b=Emryr9IH0SB8OtKDEa6SwafKcIis277bZJFUs8JAmKoV9gYxsz45Jjo1433CtgQz33U0KU
	xK8CL2hdhvocR9GJ7h2PpRC0CN1pABggO3odTfRc1X8PBILDJAriGHQ0ipijmDY1xv0/zB
	hKtyOB5/P9NwPT50kxETpqE9j7tt0ubiK68xlUhDQ+71eoJoJW6h4Px36/WHtJlUbXJITu
	BpQmeV30/QDhExYzUEFF3oETW5ERvh6inFEXjn5NDuJB9qbSmWZdWU/h5cLxyDnKu/YXWK
	0uRPZsyRpGYjsp7kFTfeY+WsNk9TwjUuzzUtQSeGHu6cHZtC0ChXy+OosSeq8A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1682886412;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=a/tZpc3m2jZ3SMtGoxPcM3L9CqwMVW61IpD8h9FAGZg=;
	b=UE59X6DB4HdYoAqv5kyO03CFfrdCXzv46i/FL2CcLFErtvY+SyIbeyRodNDvYjbVuOpMMr
	wQDhdt2BbY7avjcYyQEXFD6FCTjy6QxU3i9XG57G5DNn7pg5C9Zb4VHOJzkKbqKcNoFqEy
	yVarCBchpIjgkY9KhOaLsffp8HkEp9aro5k37PuRnuYOlqTLhiXiXs2ypjhNUK9dyRit4F
	uVKgFt1xioODkEut3vTXZccO+SaSLrgFVQcxWsKN42xhazs0bdO4XkDJ84a7JHcIUH0pn6
	4DSUfLUfAiiLgbYPsuNnmyoHDUsqZ/Zt7PGoXrMdnf0IVRIdB8egQ3p/4lT7KQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1682886412; a=rsa-sha256; cv=none;
	b=gv1Ak0Ml0jGgNyPi+FgjLxmUQDHIXF0Px5hrLUy8tRv6vnMgZWACk4/Jx9BhVrLUeuFcC4
	JeUmmBkfRYR9u5uiTo3tfQL7sbZIrMpAmIsybmMVYjfa8Asn4d3PwIJ99d9lh67ZYgvCFF
	KPl1LG22quob+5kQbAYZWSFx0qW1U0ekxojss+vd7u79hZT8LOwLiZHA2AeYMW8SsdXym4
	3y8xsWKgDvwvRcLJPkPmGkIQORQZxOq85RnHEiaWqqafs8hMRIdDQ48td9hfRqZTaaNc/j
	JOLqHUwVpeoB6XIgwLzuhUl+LdZKPMVx38hJt1hwZp1zl1kQTlTd8Y5LQz/ScQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Q8dDD4bzSzd4d;
	Sun, 30 Apr 2023 20:26:52 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 33UKQqF6009094;
	Sun, 30 Apr 2023 20:26:52 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 33UKQqwD009093;
	Sun, 30 Apr 2023 20:26:52 GMT
	(envelope-from git)
Date: Sun, 30 Apr 2023 20:26:52 GMT
Message-Id: <202304302026.33UKQqwD009093@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Eugene Grosbein <eugen@FreeBSD.org>
Subject: git: 4824d7887259 - main - listen(2): improve administrator control over logging
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-all@freebsd.org
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: eugen
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 4824d788725987bccff53dec8c103cbac455b3ed
Auto-Submitted: auto-generated
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by eugen:

URL: https://cgit.FreeBSD.org/src/commit/?id=4824d788725987bccff53dec8c103cbac455b3ed

commit 4824d788725987bccff53dec8c103cbac455b3ed
Author:     Eugene Grosbein <eugen@FreeBSD.org>
AuthorDate: 2023-04-30 20:14:30 +0000
Commit:     Eugene Grosbein <eugen@FreeBSD.org>
CommitDate: 2023-04-30 20:26:44 +0000

    listen(2): improve administrator control over logging
    
    As documented in listen.2 manual page, the kernel emits a LOG_DEBUG
    syslog message if a socket listen queue overflows. For some appliances,
    it may be desirable to change the priority to some higher value
    like LOG_INFO while keeping other debugging suppressed.
    
    OTOH there are cases when such overflows are normal and expected.
    Then it may be desirable to suppress overflow logging altogether,
    so that dmesg buffer is not flooded over long run.
    
    In addition to existing sysctl kern.ipc.sooverinterval,
    introduce new sysctl kern.ipc.sooverprio that defaults to 7 (LOG_DEBUG)
    to preserve current behavior. It may be changed to any value
    in a range of 0..7 for corresponding priority or to -1 to suppress logging.
    Document it in the listen.2 manual page.
    
    MFC after:      1 month
---
 lib/libc/sys/listen.2  | 15 +++++++++++++--
 sys/kern/uipc_socket.c | 13 ++++++++++---
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/lib/libc/sys/listen.2 b/lib/libc/sys/listen.2
index 4d0962fd412c..076163548b72 100644
--- a/lib/libc/sys/listen.2
+++ b/lib/libc/sys/listen.2
@@ -28,7 +28,7 @@
 .\"	From: @(#)listen.2	8.2 (Berkeley) 12/11/93
 .\" $FreeBSD$
 .\"
-.Dd April 14, 2020
+.Dd April 30, 2023
 .Dt LISTEN 2
 .Os
 .Sh NAME
@@ -111,10 +111,20 @@ or less than zero is specified,
 is silently forced to
 .Va kern.ipc.soacceptqueue .
 .Pp
-If the listen queue overflows, the kernel will emit a LOG_DEBUG syslog message.
+If the listen queue overflows, the kernel will emit a syslog message
+using default priority LOG_DEBUG (7).
 The
 .Xr sysctl 3
 MIB variable
+.Va kern.ipc.sooverprio
+may be used to change this priority to any value in a range of 0..7
+(LOG_EMERG..LOG_DEBUG).
+See
+.Xr syslog 3
+for details.
+It may be set to -1 to disable these messages.
+.Pp
+The variable
 .Va kern.ipc.sooverinterval
 specifies a per-socket limit on how often the kernel will emit these messages.
 .Sh INTERACTION WITH ACCEPT FILTERS
@@ -164,6 +174,7 @@ The socket is not of a type that supports the operation
 .Xr connect 2 ,
 .Xr socket 2 ,
 .Xr sysctl 3 ,
+.Xr syslog 3 ,
 .Xr sysctl 8 ,
 .Xr accept_filter 9
 .Sh HISTORY
diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c
index f529f885d17c..eaff57d50d78 100644
--- a/sys/kern/uipc_socket.c
+++ b/sys/kern/uipc_socket.c
@@ -578,6 +578,10 @@ SYSCTL_INT(_regression, OID_AUTO, sonewconn_earlytest, CTLFLAG_RW,
     &regression_sonewconn_earlytest, 0, "Perform early sonewconn limit test");
 #endif
 
+static int sooverprio = LOG_DEBUG;
+SYSCTL_INT(_kern_ipc, OID_AUTO, sooverprio, CTLFLAG_RW,
+    &sooverprio, 0, "Log priority for listen socket overflows: 0..7 or -1 to disable");
+
 static struct timeval overinterval = { 60, 0 };
 SYSCTL_TIMEVAL_SEC(_kern_ipc, OID_AUTO, sooverinterval, CTLFLAG_RW,
     &overinterval,
@@ -617,7 +621,8 @@ solisten_clone(struct socket *head)
 	if (over) {
 #endif
 		head->sol_overcount++;
-		dolog = !!ratecheck(&head->sol_lastover, &overinterval);
+		dolog = (sooverprio >= 0) &&
+			!!ratecheck(&head->sol_lastover, &overinterval);
 
 		/*
 		 * If we're going to log, copy the overflow count and queue
@@ -706,14 +711,16 @@ solisten_clone(struct socket *head)
 			 * sys/kern/sonewconn_overflow checks for it.
 			 */
 			if (head->so_cred == 0) {
-				log(LOG_DEBUG, "sonewconn: pcb %p (%s): "
+				log(LOG_PRI(sooverprio),
+				    "sonewconn: pcb %p (%s): "
 				    "Listen queue overflow: %i already in "
 				    "queue awaiting acceptance (%d "
 				    "occurrences)\n", head->so_pcb,
 				    sbuf_data(&descrsb),
 			    	qlen, overcount);
 			} else {
-				log(LOG_DEBUG, "sonewconn: pcb %p (%s): "
+				log(LOG_PRI(sooverprio),
+				    "sonewconn: pcb %p (%s): "
 				    "Listen queue overflow: "
 				    "%i already in queue awaiting acceptance "
 				    "(%d occurrences), euid %d, rgid %d, jail %s\n",