Site Navigation

Date:      Mon, 17 Apr 2023 14:39:03 +0300
From:      Konstantin Belousov <kostikbel@gmail.com>
To:        "Simon J. Gerraty" <sjg@juniper.net>
Cc:        "Stephen J. Kiernan" <stevek@freebsd.org>, src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org
Subject:   Re: git: 4819e5aeda4e - main - Add new privilege PRIV_KDB_SET_BACKEND
Message-ID:  <ZD0v19gDgWpMH8ya@kib.kiev.ua>
In-Reply-To: <11356.1681707027@kaos.jnpr.net>
References:  <202304161838.33GIcJiX079190@gitrepo.freebsd.org> <ZDxe9Jux8fbqBtHV@kib.kiev.ua> <11356.1681707027@kaos.jnpr.net>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

On Sun, Apr 16, 2023 at 09:50:27PM -0700, Simon J. Gerraty wrote:
> Konstantin Belousov <kostikbel@gmail.com> wrote:
> > > @@ -484,6 +485,11 @@ int
> > >  kdb_dbbe_select(const char *name)
> > >  {
> > >       struct kdb_dbbe *be, **iter;
> > > +     int error;
> > > +
> > > +     error = priv_check(curthread, PRIV_KDB_SET_BACKEND);
> > priv_check() fails for jailed, or even simply non-root process.
> > kdb_dbbe_select() is called from a random context, e.g. from
> > kdb_alt_break_gdb(), where it inherits whatever thread was running
> > at the moment of break to debugger.
> 
> That sounds like a bug?
Definitely.

> 
> > In other words, this function no longer works reliably.
> > 
> > > +     if (error)
> > > +             return (error);
> > >
> > >       SET_FOREACH(iter, kdb_dbbe_set) {
> > >               be = *iter;
> > > diff --git a/sys/sys/priv.h b/sys/sys/priv.h
> > > index 20bfc7312ce3..cb4dcecea4aa 100644
> > > --- a/sys/sys/priv.h
> > > +++ b/sys/sys/priv.h
> > > @@ -515,10 +515,15 @@
> > >  #define      PRIV_KMEM_READ          680     /* Open mem/kmem for reading. */
> > >  #define      PRIV_KMEM_WRITE         681     /* Open mem/kmem for writing. */
> > >
> > > +/*
> > > + * Kernel debugger privileges.
> > > + */
> > > +#define      PRIV_KDB_SET_BACKEND    690     /* Allow setting KDB backend. */
> > > +
> > >  /*
> > >   * Track end of privilege list.
> > >   */
> > > -#define      _PRIV_HIGHEST           682
> > > +#define      _PRIV_HIGHEST           691
> > >
> > >  /*
> > >   * Validate that a named privilege is known by the privilege system.  Invalid

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ZD0v19gDgWpMH8ya>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact