Re: git: 4819e5aeda4e - main - Add new privilege PRIV_KDB_SET_BACKEND
Date: Mon, 17 Apr 2023 04:50:27 UTC
Konstantin Belousov <kostikbel@gmail.com> wrote:
> > @@ -484,6 +485,11 @@ int
> > kdb_dbbe_select(const char *name)
> > {
> > struct kdb_dbbe *be, **iter;
> > + int error;
> > +
> > + error = priv_check(curthread, PRIV_KDB_SET_BACKEND);
> priv_check() fails for jailed, or even simply non-root process.
> kdb_dbbe_select() is called from a random context, e.g. from
> kdb_alt_break_gdb(), where it inherits whatever thread was running
> at the moment of break to debugger.
That sounds like a bug?
> In other words, this function no longer works reliably.
>
> > + if (error)
> > + return (error);
> >
> > SET_FOREACH(iter, kdb_dbbe_set) {
> > be = *iter;
> > diff --git a/sys/sys/priv.h b/sys/sys/priv.h
> > index 20bfc7312ce3..cb4dcecea4aa 100644
> > --- a/sys/sys/priv.h
> > +++ b/sys/sys/priv.h
> > @@ -515,10 +515,15 @@
> > #define PRIV_KMEM_READ 680 /* Open mem/kmem for reading. */
> > #define PRIV_KMEM_WRITE 681 /* Open mem/kmem for writing. */
> >
> > +/*
> > + * Kernel debugger privileges.
> > + */
> > +#define PRIV_KDB_SET_BACKEND 690 /* Allow setting KDB backend. */
> > +
> > /*
> > * Track end of privilege list.
> > */
> > -#define _PRIV_HIGHEST 682
> > +#define _PRIV_HIGHEST 691
> >
> > /*
> > * Validate that a named privilege is known by the privilege system. Invalid