| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1398443370-12668-1-git-send-email-daniel.thompson@linaro.org>
Date: Fri, 25 Apr 2014 17:29:21 +0100
From: Daniel Thompson <daniel.thompson@...aro.org>
To: kgdb-bugreport@...ts.sourceforge.net,
Jason Wessel <jason.wessel@...driver.com>
Cc: patches@...aro.org, linaro-kernel@...ts.linaro.org,
Daniel Thompson <daniel.thompson@...aro.org>,
linux-kernel@...r.kernel.org,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Jiri Slaby <jslaby@...e.cz>,
Steven Rostedt <rostedt@...dmis.org>,
Frederic Weisbecker <fweisbec@...il.com>,
Ingo Molnar <mingo@...hat.com>,
John Stultz <john.stultz@...aro.org>,
Anton Vorontsov <anton.vorontsov@...aro.org>,
Colin Cross <ccross@...roid.com>, kernel-team@...roid.com
Subject: [RFC v3 0/9] kdb: Allow selective reduction in capabilities (was "kiosk mode")
### This RFC has significant updates since v2. Comments appreciated (I
### hope the next iteration can be PATCH rather than RFC).
This patchset implements restricted modes for the KDB debugger. It is a
continuation of previous kiosk mode work of Anton Vorontsov (dating
back to late 2012).
Modelled of the SysRq masking functionality it provides a means for the
root user to choose the set of kdb commands that are available on the
kdb console.
There are a few patches, some are just cleanups, some are churn-ish
cleanups, but inevitable. And the rest implements the mode -- after all
the preparations, everything is pretty straightforward. The first patch
is actually a pure bug fix (arguably unrelated to kiosk mode) but
collides with the code to honour the sysrq mask when capabilities
are stricted so I have included it here.
Changes since v2:
* Fixed stupid build error when CONFIG_KDB[_KIOSK]_DEFAULT_ENABLE was not
defined.
* Increase flexibility by allowing the userspace greater control over the
commands to be restricted.
* Removed the "kiosk" terminology. Its confusing.
Changes since v1 (circa 2012):
* ef (Display exception frame) is essentially an overly complex peek
and has therefore been marked unsafe
* bt (Stack traceback) has been marked safe only with no arguments
* sr (Magic SysRq key) honours the sysrq mask when called in kiosk
mode
* Fixed over-zealous blocking of macro commands
* Symbol lookup is forbidden by kdbgetaddrarg (more robust, better
error reporting to user)
* Fix deadlock in sr (Magic SysRq key)
* Better help text in kiosk mode
* Default (kiosk on/off) can be changed From the config file.
Anton Vorontsov (6):
kdb: Remove currently unused kdbtab_t->cmd_flags
kdb: Rename kdb_repeat_t to kdb_cmdflags_t, cmd_repeat to cmd_flags
kdb: Rename kdb_register_repeat() to kdb_register_flags()
kdb: Use KDB_REPEAT_* values as flags
kdb: Remove KDB_REPEAT_NONE flag
kdb: Add enable mask for groups of commands
Daniel Thompson (3):
sysrq: Implement __handle_sysrq_nolock to avoid recursive locking in
kdb
kdb: Categorize kdb commands (similar to SysRq categorization)
kdb: Allow access to sensitive commands to be restricted by default
drivers/tty/sysrq.c | 11 +-
include/linux/kdb.h | 66 +++++++++--
include/linux/sysrq.h | 1 +
kernel/debug/kdb/kdb_bp.c | 37 ++++---
kernel/debug/kdb/kdb_main.c | 243 +++++++++++++++++++++++++----------------
kernel/debug/kdb/kdb_private.h | 3 +-
kernel/trace/trace_kdb.c | 4 +-
lib/Kconfig.kgdb | 25 +++++
8 files changed, 264 insertions(+), 126 deletions(-)
--
1.9.0
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists