| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1396453440-16445-11-git-send-email-daniel.thompson@linaro.org> Date: Wed, 2 Apr 2014 16:44:00 +0100 From: Daniel Thompson <daniel.thompson@...aro.org> To: kgdb-bugreport@...ts.sourceforge.net, Jason Wessel <jason.wessel@...driver.com> Cc: patches@...aro.org, linaro-kernel@...ts.linaro.org, Daniel Thompson <daniel.thompson@...aro.org>, linux-kernel@...r.kernel.org, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Jiri Slaby <jslaby@...e.cz>, Steven Rostedt <rostedt@...dmis.org>, Frederic Weisbecker <fweisbec@...il.com>, Ingo Molnar <mingo@...hat.com>, John Stultz <john.stultz@...aro.org>, Anton Vorontsov <anton.vorontsov@...aro.org>, Colin Cross <ccross@...roid.com>, kernel-team@...roid.com Subject: [RFC v2 10/10] kdb: Allow access to sensitive commands to be restricted by default Currently kiosk mode must be explicitly requested by the bootloader or userspace. It is convenient to be able to change the default value in a similar manner to CONFIG_MAGIC_SYSRQ_DEFAULT_MASK. Signed-off-by: Daniel Thompson <daniel.thompson@...aro.org> --- kernel/debug/kdb/kdb_main.c | 2 +- lib/Kconfig.kgdb | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c index 77b6e61..34f0989 100644 --- a/kernel/debug/kdb/kdb_main.c +++ b/kernel/debug/kdb/kdb_main.c @@ -47,7 +47,7 @@ #undef MODULE_PARAM_PREFIX #define MODULE_PARAM_PREFIX "kdb." -static bool kdb_kiosk; +static bool kdb_kiosk = CONFIG_KDB_KIOSK_DEFAULT_ENABLE; module_param_named(kiosk, kdb_kiosk, bool, 0600); #define GREP_LEN 256 diff --git a/lib/Kconfig.kgdb b/lib/Kconfig.kgdb index 358eb81..a284327 100644 --- a/lib/Kconfig.kgdb +++ b/lib/Kconfig.kgdb @@ -73,6 +73,27 @@ config KGDB_KDB help KDB frontend for kernel +config KDB_KIOSK_DEFAULT_ENABLE + bool "KDB: enable kiosk mode at kernel boot time" + depends on KGDB_KDB + default n + help + Kiosk mode disables kdb commands that can be trivially used to + escalate privilege or dump sensitive data. Those commands that + remain are sufficient for certain types of fault diagnosis but + not fully fledged debugging. + + Note that it is assumed that neither the process list, the + kernel log buffer nor the (kernel) backtrace of running + processes contain sensitive information. + + The config option merely sets the default at boot time. Both + issuing 'echo X > /sys/module/kdb/parameters/kiosk' or + booting with kdb.kiosk=X kernel command line option will override + the default settings. + + If unsure, say N. + config KDB_KEYBOARD bool "KGDB_KDB: keyboard as input device" depends on VT && KGDB_KDB -- 1.9.0 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists