Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 27 Nov 2012 22:53:06 GMT
From:      Brooks Davis <brooks@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 219857 for review
Message-ID:  <201211272253.qARMr6G2037699@skunkworks.freebsd.org>

next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@219857?ac=10

Change 219857 by brooks@brooks_zenith on 2012/11/27 22:52:29

	Add the ability to break into the debugger on a capability
	exception.  This behavior is controlled by the sysctl
	security.cheri.debugger_on_exception which defaults to off.

Affected files ...

.. //depot/projects/ctsrd/cheribsd/src/sys/mips/cheri/cheri.c#11 edit

Differences ...

==== //depot/projects/ctsrd/cheribsd/src/sys/mips/cheri/cheri.c#11 (text+ko) ====

@@ -36,6 +36,7 @@
 #include <sys/sysctl.h>
 
 #include <ddb/ddb.h>
+#include <sys/kdb.h>
 
 #include <machine/atomic.h>
 #include <machine/cheri.h>
@@ -64,6 +65,11 @@
 SYSCTL_UINT(_security_cheri, OID_AUTO, syscall_violations, CTLFLAG_RD,
     &security_cheri_syscall_violations, 0, "Number of system calls blocked");
 
+static u_int	security_cheri_debugger_on_exception;
+SYSCTL_UINT(_security_cheri, OID_AUTO, debugger_on_exception, CTLFLAG_RW,
+    &security_cheri_debugger_on_exception, 0,
+    "Run debugger on CHERI exception");
+
 /*
  * Given an existing more privileged capability (fromcrn), build a new
  * capability in tocrn with the contents of the passed flattened
@@ -331,6 +337,11 @@
 	CHERI_CGETTAG(ctag, 31);
 	intr_enable();
 	CHERI_REG_PRINT(c, ctag, 31);
+
+#if DDB
+	if (security_cheri_debugger_on_exception)
+		kdb_enter(KDB_WHY_CHERI, "CHERI exception");
+#endif
 }
 
 /*



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201211272253.qARMr6G2037699>