Author: obrien Date: Fri Oct 7 05:47:30 2011 New Revision: 226089 URL: http://svn.freebsd.org/changeset/base/226089
Log: Disallow various debug.kdb sysctl's when securelevel is raised. PR: 161350 Modified: head/share/man/man7/security.7 head/sys/kern/subr_kdb.c Modified: head/share/man/man7/security.7 ============================================================================== --- head/share/man/man7/security.7 Fri Oct 7 05:45:38 2011 (r226088) +++ head/share/man/man7/security.7 Fri Oct 7 05:47:30 2011 (r226089) @@ -544,6 +544,12 @@ may not be opened for writing; kernel modules (see .Xr kld 4 ) may not be loaded or unloaded. +The kernel debugger may not be entered using the +.Va debug.kdb.enter +sysctl. +A panic or trap cannot be forced using the +.Va debug.kdb.panic +and other sysctl's. .It Ic 2 Highly secure mode \- same as secure mode, plus disks may not be opened for writing (except by Modified: head/sys/kern/subr_kdb.c ============================================================================== --- head/sys/kern/subr_kdb.c Fri Oct 7 05:45:38 2011 (r226088) +++ head/sys/kern/subr_kdb.c Fri Oct 7 05:47:30 2011 (r226089) @@ -90,25 +90,30 @@ SYSCTL_PROC(_debug_kdb, OID_AUTO, availa SYSCTL_PROC(_debug_kdb, OID_AUTO, current, CTLTYPE_STRING | CTLFLAG_RW, NULL, 0, kdb_sysctl_current, "A", "currently selected KDB backend"); -SYSCTL_PROC(_debug_kdb, OID_AUTO, enter, CTLTYPE_INT | CTLFLAG_RW, NULL, 0, +SYSCTL_PROC(_debug_kdb, OID_AUTO, enter, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE, NULL, 0, kdb_sysctl_enter, "I", "set to enter the debugger"); -SYSCTL_PROC(_debug_kdb, OID_AUTO, panic, CTLTYPE_INT | CTLFLAG_RW, NULL, 0, +SYSCTL_PROC(_debug_kdb, OID_AUTO, panic, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE, NULL, 0, kdb_sysctl_panic, "I", "set to panic the kernel"); -SYSCTL_PROC(_debug_kdb, OID_AUTO, trap, CTLTYPE_INT | CTLFLAG_RW, NULL, 0, +SYSCTL_PROC(_debug_kdb, OID_AUTO, trap, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE, NULL, 0, kdb_sysctl_trap, "I", "set to cause a page fault via data access"); -SYSCTL_PROC(_debug_kdb, OID_AUTO, trap_code, CTLTYPE_INT | CTLFLAG_RW, NULL, 0, +SYSCTL_PROC(_debug_kdb, OID_AUTO, trap_code, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_SECURE, NULL, 0, kdb_sysctl_trap_code, "I", "set to cause a page fault via code access"); -SYSCTL_INT(_debug_kdb, OID_AUTO, break_to_debugger, CTLTYPE_INT | CTLFLAG_RW | - CTLFLAG_TUN, &kdb_break_to_debugger, 0, "Enable break to debugger"); +SYSCTL_INT(_debug_kdb, OID_AUTO, break_to_debugger, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_TUN | CTLFLAG_SECURE, + &kdb_break_to_debugger, 0, "Enable break to debugger"); TUNABLE_INT("debug.kdb.break_to_debugger", &kdb_break_to_debugger); -SYSCTL_INT(_debug_kdb, OID_AUTO, alt_break_to_debugger, CTLTYPE_INT | - CTLFLAG_RW | CTLFLAG_TUN, &kdb_alt_break_to_debugger, 0, - "Enable alternative break to debugger"); +SYSCTL_INT(_debug_kdb, OID_AUTO, alt_break_to_debugger, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_TUN | CTLFLAG_SECURE, + &kdb_alt_break_to_debugger, 0, "Enable alternative break to debugger"); TUNABLE_INT("debug.kdb.alt_break_to_debugger", &kdb_alt_break_to_debugger); /* _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"