d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
freebsd-nq/sys/kern
History
Mark Johnston f5d6f7cb47 kdb: Modify securelevel policy 
Currently, sysctls which enable KDB in some way are flagged with
CTLFLAG_SECURE, meaning that you can't modify them if securelevel > 0.
This is so that KDB cannot be used to lower a running system's
securelevel, see commit 3d7618d8bf0b7.  However, the newer mac_ddb(4)
restricts DDB operations which could be abused to lower securelevel
while retaining some ability to gather useful debugging information.

To enable the use of KDB (specifically, DDB) on systems with a raised
securelevel, change the KDB sysctl policy: rather than relying on
CTLFLAG_SECURE, add a check of the current securelevel to kdb_trap().
If the securelevel is raised, only pass control to the backend if MAC
specifically grants access; otherwise simply check to see if mac_ddb
vetoes the request, as before.

Add a new secure sysctl, debug.kdb.enter_securelevel, to override this
behaviour.  That is, the sysctl lets one enter a KDB backend even with a
raised securelevel, so long as it is set before the securelevel is
raised.

Reviewed by:	mhorne, stevek
MFC after:	1 month
Sponsored by:	Juniper Networks
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D37122
2023-04-03 04:14:02 -04:00
..
bus_if.m
subr_bus: restore bus_null_rescan()
2022-06-23 16:07:00 -03:00
clock_if.m
cpufreq_if.m
device_if.m
firmw.S
genassym.sh
genoffset.c
genoffset.sh
imgact_aout.c
Retire sv_transtrap
2022-05-20 14:54:03 +03:00
imgact_binmisc.c
imgact_binmisc: Optionally pre-open the interpreter vnode
2022-12-08 14:32:03 +00:00
imgact_elf32.c
imgact_elf64.c
imgact_elf.c
Add AT_USRSTACK{BASE, LIM} AT vectors, and ELF_BSDF_VMNOOVERCOMMIT flag
2022-09-16 23:23:26 +03:00
imgact_shell.c
init_main.c
ddb: annotate some commands with DB_CMD_MEMSAFE
2022-07-18 22:06:09 +00:00
init_sysent.c
Regen
2023-04-03 04:13:52 -04:00
kern_acct.c
sysent: Get rid of bogus sys/sysent.h include.
2022-05-28 20:52:17 +03:00
kern_alq.c
vfs: NDFREE(&nd, NDF_ONLY_PNBUF) -> NDFREE_PNBUF(&nd)
2022-03-24 10:20:51 +00:00
kern_boottrace.c
boottrace: a simple boot and shutdown-time tracing facility
2022-02-21 20:15:45 -04:00
kern_clock.c
deadlkres: Make parameters settable with tunables
2023-03-03 11:16:41 -05:00
kern_clocksource.c
eventtimer: Simplify KTR traces
2022-07-11 15:58:43 -04:00
kern_condvar.c
kern_conf.c
Retire clone_drain_lock
2022-08-20 09:44:05 +00:00
kern_cons.c
Adjust function definitions in kern_cons.c to avoid clang 15 warnings
2022-07-26 19:59:56 +02:00
kern_context.c
sysent: Get rid of bogus sys/sysent.h include.
2022-05-28 20:52:17 +03:00
kern_cpu.c
cpufreq: Remove unused devclass argument to DRIVER_MODULE.
2022-05-06 15:46:58 -07:00
kern_cpuset.c
cpuset: Handle CPU_WHICH_TIDPID wherever cpuset_which() is called.
2023-01-30 19:28:54 +03:00
kern_ctf.c
vfs: NDFREE(&nd, NDF_ONLY_PNBUF) -> NDFREE_PNBUF(&nd)
2022-03-24 10:20:51 +00:00
kern_descrip.c
Add descrip_check_write_mp() helper
2022-12-29 22:55:39 +02:00
kern_devctl.c
devd: Warn for deprecated 'kern' system type
2022-12-02 10:48:02 -07:00
kern_dtrace.c
Adjust function definitions in kern_dtrace.c to avoid clang 15 warnings
2022-07-26 19:59:57 +02:00
kern_dump.c
kerneldump: remove physical from dump routines
2022-05-13 10:43:19 -03:00
kern_environment.c
kern_environment: Partially apply style(9)
2023-01-30 10:47:56 -07:00
kern_et.c
kern_event.c
Add kqueue1() syscall
2023-04-03 04:13:51 -04:00
kern_exec.c
imgact_binmisc: Optionally pre-open the interpreter vnode
2022-12-08 14:32:03 +00:00
kern_exit.c
proc: shave a lock trip on exit if possible
2023-04-03 04:13:57 -04:00
kern_fail.c
kern_ffclock.c
sysent: Get rid of bogus sys/sysent.h include.
2022-05-28 20:52:17 +03:00
kern_fork.c
jail: add process linkage
2022-09-05 11:54:47 +00:00
kern_hhook.c
kern_idle.c
kern_intr.c
kern_intr: Check for NULL event in intr_destroy()
2022-10-15 15:51:44 -03:00
kern_jail.c
netlink: allow netlink sockets in non-vnet jails.
2023-04-03 04:12:54 -04:00
kern_kcov.c
kcov: use __func__ in KASSERT instead of old function name
2022-03-07 10:47:27 -05:00
kern_khelp.c
kern_kthread.c
Update comments referencing create_thread()
2023-02-09 11:58:06 -04:00
kern_ktr.c
ddb: annotate some commands with DB_CMD_MEMSAFE
2022-07-18 22:06:09 +00:00
kern_ktrace.c
ktrace: change AST handler to require AST flag set
2022-08-02 21:11:10 +03:00
kern_linker.c
ddb: annotate some commands with DB_CMD_MEMSAFE
2022-07-18 22:06:09 +00:00
kern_lock.c
lockmgr: upgrade panic return checks
2023-02-22 11:12:22 -04:00
kern_lockf.c
lockf: elide vnode interlock in the common case in lf_purgelocks
2022-09-14 23:04:22 +00:00
kern_lockstat.c
kern_loginclass.c
kern_malloc.c
kmem_malloc/free: Use void * instead of vm_offset_t for kernel pointers.
2022-09-22 15:09:19 -07:00
kern_mbuf.c
IfAPI: use IfAPI in mbuf
2023-02-06 12:32:04 -05:00
kern_mib.c
Allow sysctl hw.machine/hw.machine_arch in capability mode
2023-02-06 14:00:52 -05:00
kern_module.c
modules: increase MAXMODNAME and provide backward compat
2021-12-09 18:09:53 +00:00
kern_mtxpool.c
kern_mutex.c
kern_ntptime.c
pps: Simplify the nsec calculation in pps_event()
2023-02-27 15:10:55 -07:00
kern_osd.c
kern_physio.c
SPDX: Not BSD-4-Clause
2022-09-16 21:49:16 -06:00
kern_pmc.c
kern_poll.c
kern_poll: include sys/sched.h
2023-02-09 17:13:02 -04:00
kern_priv.c
kern_proc.c
AST: rework
2022-08-02 21:11:09 +03:00
kern_procctl.c
Remove struct proc p_singlethr member
2022-08-20 20:34:30 +03:00
kern_prot.c
cred: convert the refcount from int to long
2023-04-03 04:13:55 -04:00
kern_racct.c
AST: rework
2022-08-02 21:11:09 +03:00
kern_rangelock.c
kern_rctl.c
sysent: Get rid of bogus sys/sysent.h include.
2022-05-28 20:52:17 +03:00
kern_resource.c
Adjust function definitions in kern_resource.c to avoid clang 15 warnings
2022-07-26 19:59:57 +02:00
kern_rmlock.c
rms: add rms_assert_rlock_ok
2022-08-23 19:15:48 +00:00
kern_rwlock.c
kern_sdt.c
kern_sema.c
kern_sendfile.c
vfs: add vn_getsize
2022-12-28 22:43:49 +00:00
kern_sharedpage.c
Rework how shared page related data is stored
2022-07-18 16:27:32 +02:00
kern_shutdown.c
kdb: Modify securelevel policy
2023-04-03 04:14:02 -04:00
kern_sig.c
Fixes for ptrace_syscallreq()
2022-12-23 01:53:41 +02:00
kern_switch.c
mi_switch(): clean up switch types and their usage
2023-02-09 12:01:32 -04:00
kern_sx.c
sx: whack set-but-not-used warn in _sx_slock_hard
2023-02-21 13:49:14 +00:00
kern_synch.c
mi_switch(): clean up switch types and their usage
2023-02-09 12:01:32 -04:00
kern_syscalls.c
sys/kern: Use C99 fixed-width integer types.
2021-12-28 09:41:08 -08:00
kern_sysctl.c
sysctl: use correct types and names in sysctl_*sec_to_sbintime
2023-01-27 07:09:22 -08:00
kern_tc.c
pps: Round to closest integer in pps_event()
2023-02-27 15:10:55 -07:00
kern_thr.c
thread_create(): call cpu_copy_thread() after td_pflags is zeroed
2022-08-08 19:44:17 +03:00
kern_thread.c
whitespace: rewrap to match case directly above
2023-02-03 00:37:31 +00:00
kern_time.c
time: s/ppsratecheck/eventratecheck
2023-02-24 19:26:36 +00:00
kern_timeout.c
callout(9): adopt old references to timeout(9)
2023-04-03 04:12:21 -04:00
kern_tslog.c
tslog: Add CTLFLAG_SKIP to sysctls
2022-03-20 11:31:16 -07:00
kern_ubsan.c
kern_umtx.c
kern_umtx.c do_wait(): correct confusing indent
2023-01-20 23:33:11 +02:00
kern_uuid.c
kern_vnodedumper.c
kerneldump: Inline dump_savectx() into its callers
2023-04-03 04:12:20 -04:00
kern_xxx.c
vfs: retire KERN_VNODE
2023-04-03 04:11:47 -04:00
ksched.c
ksched: correct return code for invalid priority
2022-10-17 15:12:13 -03:00
link_elf_obj.c
vfs: NDFREE(&nd, NDF_ONLY_PNBUF) -> NDFREE_PNBUF(&nd)
2022-03-24 10:20:51 +00:00
link_elf.c
Retire broken GPROF support from the kernel
2022-11-15 14:17:10 +00:00
linker_if.m
kernel linker: do not read debug symbol tables for non-debug symbols
2021-12-08 23:32:29 +02:00
Make.tags.inc
Makefile
md4c.c
sys/kern: Use C99 fixed-width integer types.
2021-12-28 09:41:08 -08:00
md5c.c
md5: Use c89 function definitions
2022-11-27 13:22:31 -07:00
msi_if.m
p1003_1b.c
sysent: Get rid of bogus sys/sysent.h include.
2022-05-28 20:52:17 +03:00
pic_if.m
posix4_mib.c
sched_4bsd.c
mi_switch(): clean up switch types and their usage
2023-02-09 12:01:32 -04:00
sched_ule.c
mi_switch(): clean up switch types and their usage
2023-02-09 12:01:32 -04:00
serdev_if.m
stack_protector.c
subr_acl_nfs4.c
subr_acl_posix1e.c
subr_asan.c
atomic: Intercept atomic_(load|store)_bool for kernel sanitizers
2022-10-29 11:10:58 -04:00
subr_atomic64.c
sys/kern: Use C99 fixed-width integer types.
2021-12-28 09:41:08 -08:00
subr_autoconf.c
Adjust function definition in subr_autoconf.c to avoid clang 15 warnings
2022-07-26 19:59:57 +02:00
subr_blist.c
subr_boot.c
boot: Remove stray free()
2022-12-07 11:30:04 -07:00
subr_bufring.c
subr_bus_dma.c
bus_dma: Deduplicate locking helper functions.
2022-01-05 13:50:40 -08:00
subr_bus.c
Revert "newbus: Change attach failure behavior"
2022-12-05 17:00:26 -07:00
subr_busdma_bounce.c
Add sched_ithread_prio to set the base priority of an interrupt thread.
2022-07-14 13:13:10 -07:00
subr_busdma_bufalloc.c
kmem_malloc/free: Use void * instead of vm_offset_t for kernel pointers.
2022-09-22 15:09:19 -07:00
subr_capability.c
subr_clock.c
subr_clockcalib.c
clockcalib: Fix an overflow bug
2022-01-20 08:23:38 -05:00
subr_compressor.c
MFV: zstd 1.5.2
2023-01-27 17:22:31 +00:00
subr_counter.c
subr_coverage.c
subr_csan.c
atomic: Intercept atomic_(load|store)_bool for kernel sanitizers
2022-10-29 11:10:58 -04:00
subr_devmap.c
Remove pre-armv6 support from devmap
2022-10-05 09:56:17 +01:00
subr_devstat.c
devstat: Remove DTrace io probes lacking a BIO reference
2022-08-29 13:22:36 -04:00
subr_disk.c
subr_dummy_vdso_tc.c
subr_early.c
subr_epoch.c
Move kstack_contains() and GET_STACK_USAGE() to MD machine/stack.h
2023-02-02 00:59:26 +02:00
subr_eventhandler.c
subr_fattime.c
subr_filter.c
kern: Fix two typos in source code comments
2022-04-02 14:15:27 +02:00
subr_firmware.c
subr_gtaskqueue.c
subr_hash.c
subr_hints.c
subr_intr.c
arm64: add KASAN support
2023-04-03 04:12:47 -04:00
subr_kdb.c
kdb: Modify securelevel policy
2023-04-03 04:14:02 -04:00
subr_kobj.c
kobj: plug set-but-not-used vars
2021-12-14 14:52:25 +00:00
subr_lock.c
locks: whack a failed experiment in form of restrict_starvation
2022-09-16 17:29:37 +00:00
subr_log.c
subr_mchain.c
subr_module.c
subr_msan.c
atomic: Intercept atomic_(load|store)_bool for kernel sanitizers
2022-10-29 11:10:58 -04:00
subr_msgbuf.c
msgbuf: Allow microsecond granularity timestamps
2022-05-07 09:32:22 -06:00
subr_param.c
kern: whack __mips__ leftover
2023-03-01 11:05:12 +00:00
subr_pcpu.c
ddb: annotate some commands with DB_CMD_MEMSAFE
2022-07-18 22:06:09 +00:00
subr_pctrie.c
subr_physmem.c
kern: physmem: don't create a new exregion for different flags...
2023-04-03 04:10:05 -04:00
subr_pidctrl.c
subr_power.c
subr_prf.c
ddb: annotate some commands with DB_CMD_MEMSAFE
2022-07-18 22:06:09 +00:00
subr_prng.c
subr_prof.c
AST: rework
2022-08-02 21:11:09 +03:00
subr_rangeset.c
subr_rman.c
ddb: annotate some commands with DB_CMD_MEMSAFE
2022-07-18 22:06:09 +00:00
subr_rtc.c
subr_sbuf.c
subr_scanf.c
subr_sfbuf.c
subr_sglist.c
subr_sleepqueue.c
sleepq_set_timeout_sbt(): correct comment to not talk about ticks
2022-08-20 20:33:17 +03:00
subr_smp.c
subr_smp: Trim trailing whitespaces.
2023-01-29 16:18:17 +03:00
subr_smr.c
smr: Remove the return value from smr_wait()
2023-04-03 04:10:12 -04:00
subr_stack.c
subr_stats.c
rb_tree: reduce duplication in balancing code
2022-09-07 23:46:19 -05:00
subr_syscall.c
Add a thread debugging flag TDB_BOUNDARY
2022-12-22 23:11:35 +02:00
subr_taskqueue.c
LinuxKPI: Implement kthread_worker related functions
2022-05-17 15:10:20 +03:00
subr_terminal.c
subr_trap.c
kern/subr_trap.c: cleanup no longer needed headers
2022-08-02 21:11:10 +03:00
subr_turnstile.c
ddb: annotate some commands with DB_CMD_MEMSAFE
2022-07-18 22:06:09 +00:00
subr_uio.c
subr_unit.c
unr: remove UNR64_LOCKED
2022-10-08 10:41:21 +00:00
subr_vmem.c
subr_witness.c
Add tarfs, a filesystem backed by tarballs.
2023-02-02 18:19:29 +01:00
sys_capability.c
fd: rename fget*_locked to fget*_noref
2022-02-22 18:53:43 +00:00
sys_eventfd.c
struct kinfo_file changes needed for lsof to work using only usermode APIs`
2022-06-18 12:34:25 +03:00
sys_generic.c
sockets: provide sousrsend() that does socket specific error handling
2022-12-14 10:02:44 -08:00
sys_getrandom.c
sys_pipe.c
SPDX: Not BSD-4-Clause
2022-09-14 21:29:31 -06:00
sys_procdesc.c
sys_process.c
ptrace(2): add PT_SC_REMOTE remote syscall request
2022-12-22 23:11:35 +02:00
sys_socket.c
Unbreak the build when MAC is not defined
2022-12-14 17:39:25 -05:00
syscalls.c
Regen
2023-04-03 04:13:52 -04:00
syscalls.master
Add kqueue1() syscall
2023-04-03 04:13:51 -04:00
systrace_args.c
Regen
2023-04-03 04:13:52 -04:00
sysv_ipc.c
kern/sysv_ipc.c: use ANSI C function definition
2023-02-21 16:02:46 +02:00
sysv_msg.c
Adjust function definitions in sysv_msg.c to avoid clang 15 warnings
2022-07-26 19:59:57 +02:00
sysv_sem.c
sysv: ansify
2023-02-08 00:11:10 +00:00
sysv_shm.c
Make SHMMAXPGS an unsigned long
2022-03-21 10:27:35 +00:00
tty_compat.c
tty_info.c
tty: Default to printing kernel stack traceback only on INVARIANT kernels
2022-07-02 08:02:12 -06:00
tty_inq.c
tty: Remove an incorrect assertion from ttyinq_line_iterate()
2022-04-12 17:30:04 -04:00
tty_outq.c
tty_pts.c
sysent: Get rid of bogus sys/sysent.h include.
2022-05-28 20:52:17 +03:00
tty_tty.c
Retire clone_drain_lock
2022-08-20 09:44:05 +00:00
tty_ttydisc.c
tty.c
fd: rename fget*_locked to fget*_noref
2022-02-22 18:53:43 +00:00
uipc_accf.c
uipc_debug.c
domains: use queue(9) SLIST for linked list of domains
2022-08-29 19:15:01 -07:00
uipc_domain.c
protocols: make socket buffers ioctl handler changeable
2022-09-28 10:20:09 +00:00
uipc_ktls.c
ktls: Drop all the INET and INET6 compile-time guards.
2023-04-03 04:12:47 -04:00
uipc_mbuf2.c
mbuf_tags: use explicitly sized type for 'type' parameter
2021-12-29 09:23:52 +01:00
uipc_mbuf.c
mbufs: isolate max_linkhdr and max_protohdr handling in the mbuf code
2022-08-29 19:14:25 -07:00
uipc_mbufhash.c
uipc_mqueue.c
vfs: always retain path buffer after lookup
2022-09-17 09:10:38 +00:00
uipc_sem.c
freebsd32: semid_t -> int32_t
2021-11-17 20:12:26 +00:00
uipc_shm.c
shmfd: account for the actually allocated pages
2022-12-09 14:17:12 +02:00
uipc_sockbuf.c
sockbufs: add sbreserve_locked_limit() with custom maxsockbuf limit.
2022-09-28 10:20:09 +00:00
uipc_socket.c
ktls: Fix interlocking between ktls_enable_rx() and listen(2)
2023-04-03 04:12:25 -04:00
uipc_syscalls.c
uipc: ansify
2023-02-13 18:20:29 +00:00
uipc_usrreq.c
Revert "unix/dgram: return EAGAIN instead of ENOBUFS when O_NONBLOCK set"
2023-02-21 08:50:07 -08:00
vfs_acl.c
vfs: stop using NDFREE
2022-12-19 08:07:23 +00:00
vfs_aio.c
aio: Fix more synchronization issues in aio_biowakeup.
2023-02-15 13:32:52 -08:00
vfs_bio.c
buf: Make buf_daemon_shutdown() a no-op after a panic
2023-03-01 10:15:54 -05:00
vfs_cache.c
vfs cache: always assert on ndp->ni_resflags
2023-04-03 04:12:53 -04:00
vfs_cluster.c
vfs_default.c
vfs: ansify
2023-02-07 23:03:20 +00:00
vfs_export.c
vfs_export: Add mnt_exjail to control exports done in prisons
2023-02-21 13:00:42 -08:00
vfs_extattr.c
vfs: stop using NDFREE
2022-12-19 08:07:23 +00:00
vfs_hash.c
vfs_init.c
Fix O(n^2) behavior in sysctl
2022-09-26 18:03:34 -06:00
vfs_lookup.c
vfs: add the concept of vnode state transitions
2022-12-26 17:35:12 +00:00
vfs_mount.c
vfs_mount.c: Allow mountd(8) to do exports in a vnet prison
2023-03-02 13:09:01 -08:00
vfs_mountroot.c
vfs: s/ppsratecheck/eventratecheck
2023-02-24 19:30:49 +00:00
vfs_subr.c
vfs: trylock vnode requeue
2023-04-03 04:12:52 -04:00
vfs_syscalls.c
vfs: stop using SAVESTART for rename
2022-12-19 08:09:37 +00:00
vfs_vnops.c
FIOSEEKHOLE/FIOSEEKDATA: correct consistency for bmap-based implementation
2023-02-04 20:32:07 +02:00
vnode_if.src
vnode(9): Fix a typo in a source code comment
2022-08-07 16:08:43 +02:00