svn commit: r226089 - in head: share/man/man7 sys/kern
David E. O'Brien
obrien at FreeBSD.org
Fri Oct 7 05:47:30 UTC 2011
Author: obrien
Date: Fri Oct 7 05:47:30 2011
New Revision: 226089
URL: http://svn.freebsd.org/changeset/base/226089
Log:
Disallow various debug.kdb sysctl's when securelevel is raised.
PR: 161350
Modified:
head/share/man/man7/security.7
head/sys/kern/subr_kdb.c
Modified: head/share/man/man7/security.7
==============================================================================
--- head/share/man/man7/security.7 Fri Oct 7 05:45:38 2011 (r226088)
+++ head/share/man/man7/security.7 Fri Oct 7 05:47:30 2011 (r226089)
@@ -544,6 +544,12 @@ may not be opened for writing;
kernel modules (see
.Xr kld 4 )
may not be loaded or unloaded.
+The kernel debugger may not be entered using the
+.Va debug.kdb.enter
+sysctl.
+A panic or trap cannot be forced using the
+.Va debug.kdb.panic
+and other sysctl's.
.It Ic 2
Highly secure mode \- same as secure mode, plus disks may not be
opened for writing (except by
Modified: head/sys/kern/subr_kdb.c
==============================================================================
--- head/sys/kern/subr_kdb.c Fri Oct 7 05:45:38 2011 (r226088)
+++ head/sys/kern/subr_kdb.c Fri Oct 7 05:47:30 2011 (r226089)
@@ -90,25 +90,30 @@ SYSCTL_PROC(_debug_kdb, OID_AUTO, availa
SYSCTL_PROC(_debug_kdb, OID_AUTO, current, CTLTYPE_STRING | CTLFLAG_RW, NULL,
0, kdb_sysctl_current, "A", "currently selected KDB backend");
-SYSCTL_PROC(_debug_kdb, OID_AUTO, enter, CTLTYPE_INT | CTLFLAG_RW, NULL, 0,
+SYSCTL_PROC(_debug_kdb, OID_AUTO, enter,
+ CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE, NULL, 0,
kdb_sysctl_enter, "I", "set to enter the debugger");
-SYSCTL_PROC(_debug_kdb, OID_AUTO, panic, CTLTYPE_INT | CTLFLAG_RW, NULL, 0,
+SYSCTL_PROC(_debug_kdb, OID_AUTO, panic,
+ CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE, NULL, 0,
kdb_sysctl_panic, "I", "set to panic the kernel");
-SYSCTL_PROC(_debug_kdb, OID_AUTO, trap, CTLTYPE_INT | CTLFLAG_RW, NULL, 0,
+SYSCTL_PROC(_debug_kdb, OID_AUTO, trap,
+ CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE, NULL, 0,
kdb_sysctl_trap, "I", "set to cause a page fault via data access");
-SYSCTL_PROC(_debug_kdb, OID_AUTO, trap_code, CTLTYPE_INT | CTLFLAG_RW, NULL, 0,
+SYSCTL_PROC(_debug_kdb, OID_AUTO, trap_code,
+ CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE, NULL, 0,
kdb_sysctl_trap_code, "I", "set to cause a page fault via code access");
-SYSCTL_INT(_debug_kdb, OID_AUTO, break_to_debugger, CTLTYPE_INT | CTLFLAG_RW |
- CTLFLAG_TUN, &kdb_break_to_debugger, 0, "Enable break to debugger");
+SYSCTL_INT(_debug_kdb, OID_AUTO, break_to_debugger,
+ CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_TUN | CTLFLAG_SECURE,
+ &kdb_break_to_debugger, 0, "Enable break to debugger");
TUNABLE_INT("debug.kdb.break_to_debugger", &kdb_break_to_debugger);
-SYSCTL_INT(_debug_kdb, OID_AUTO, alt_break_to_debugger, CTLTYPE_INT |
- CTLFLAG_RW | CTLFLAG_TUN, &kdb_alt_break_to_debugger, 0,
- "Enable alternative break to debugger");
+SYSCTL_INT(_debug_kdb, OID_AUTO, alt_break_to_debugger,
+ CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_TUN | CTLFLAG_SECURE,
+ &kdb_alt_break_to_debugger, 0, "Enable alternative break to debugger");
TUNABLE_INT("debug.kdb.alt_break_to_debugger", &kdb_alt_break_to_debugger);
/*
More information about the svn-src-all
mailing list