git: 936440560bde - main - sysctl: implement debug.kdb.panic_str

Fri Jan 8 21:31:05 UTC 2021

The branch main has been updated by imp:

URL: https://cgit.FreeBSD.org/src/commit/?id=936440560bde54050e1ad9daae3b9103e05ad3fc

commit 936440560bde54050e1ad9daae3b9103e05ad3fc
Author:     Warner Losh <imp at FreeBSD.org>
AuthorDate: 2021-01-08 16:34:31 +0000
Commit:     Warner Losh <imp at FreeBSD.org>
CommitDate: 2021-01-08 21:30:28 +0000

    sysctl: implement debug.kdb.panic_str
    
    This is just like debug.kdb.panic, except the string that's passed in
    is reported in the panic message. This allows people with automated
    systems to collect kernel panics over a large fleet of machines to
    flag panics better. Strings like "Warner look at this hang" or "see
    JIRA ABC-1234 for details" allow these automated systems to route the
    forced panic to the appropriate engineers like you can with other
    types of panics. Other users are likely possible.
    
    Relnotes: Yes
    Sponsored by: Netflix
    Reviewed by: allanjude (earlier version)
    Suggestions from review folded in by: 0mp, emaste, lwhsu
    Differential Revision: https://reviews.freebsd.org/D28041
---
 share/man/man7/security.7 |  5 +++--
 sys/kern/subr_kdb.c       | 20 ++++++++++++++++++++
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/share/man/man7/security.7 b/share/man/man7/security.7
index 587df4cb74e5..9ff39c74759c 100644
--- a/share/man/man7/security.7
+++ b/share/man/man7/security.7
@@ -28,7 +28,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd November 28, 2020
+.Dd January 8, 2020
 .Dt SECURITY 7
 .Os
 .Sh NAME
@@ -539,7 +539,8 @@ The kernel debugger may not be entered using the
 .Va debug.kdb.enter
 sysctl.
 A panic or trap cannot be forced using the
-.Va debug.kdb.panic
+.Va debug.kdb.panic ,
+.Va debug.kdb.panic_str
 and other sysctl's.
 .It Ic 2
 Highly secure mode \- same as secure mode, plus disks may not be
diff --git a/sys/kern/subr_kdb.c b/sys/kern/subr_kdb.c
index 576635e4a8dc..9de2d9de13e8 100644
--- a/sys/kern/subr_kdb.c
+++ b/sys/kern/subr_kdb.c
@@ -82,6 +82,7 @@ static int kdb_sysctl_available(SYSCTL_HANDLER_ARGS);
 static int kdb_sysctl_current(SYSCTL_HANDLER_ARGS);
 static int kdb_sysctl_enter(SYSCTL_HANDLER_ARGS);
 static int kdb_sysctl_panic(SYSCTL_HANDLER_ARGS);
+static int kdb_sysctl_panic_str(SYSCTL_HANDLER_ARGS);
 static int kdb_sysctl_trap(SYSCTL_HANDLER_ARGS);
 static int kdb_sysctl_trap_code(SYSCTL_HANDLER_ARGS);
 static int kdb_sysctl_stack_overflow(SYSCTL_HANDLER_ARGS);
@@ -109,6 +110,11 @@ SYSCTL_PROC(_debug_kdb, OID_AUTO, panic,
     kdb_sysctl_panic, "I",
     "set to panic the kernel");
 
+SYSCTL_PROC(_debug_kdb, OID_AUTO, panic_str,
+    CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_SECURE | CTLFLAG_MPSAFE, NULL, 0,
+    kdb_sysctl_panic_str, "A",
+    "set to panic the kernel with using the string as the panic message");
+
 SYSCTL_PROC(_debug_kdb, OID_AUTO, trap,
     CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE | CTLFLAG_MPSAFE, NULL, 0,
     kdb_sysctl_trap, "I",
@@ -206,6 +212,20 @@ kdb_sysctl_panic(SYSCTL_HANDLER_ARGS)
 	return (0);
 }
 
+static int
+kdb_sysctl_panic_str(SYSCTL_HANDLER_ARGS)
+{
+	int error;
+	static char buf[256]; /* static buffer to limit mallocs when panicing */
+
+	*buf = '\0';
+	error = sysctl_handle_string(oidp, buf, sizeof(buf), req);
+	if (error != 0 || req->newptr == NULL)
+		return (error);
+	panic("kdb_sysctl_panic: %s", buf);
+	return (0);
+}
+
 static int
 kdb_sysctl_trap(SYSCTL_HANDLER_ARGS)
 {
