Date: Tue, 5 Aug 2014 10:03:58 +1000 (EST) From: Bruce Evans <brde@optusnet.com.au> To: John Baldwin <jhb@freebsd.org> Cc: svn-src-head@freebsd.org, Aleksandr Rybalko <ray@freebsd.org>, src-committers@freebsd.org, svn-src-all@freebsd.org Subject: Re: svn commit: r269474 - in head: share/man/man4 sys/dev/vt Message-ID: <20140805091730.N2827@besplex.bde.org> In-Reply-To: <F59A7643-BE56-416A-A62C-42DAEF888E81@FreeBSD.org> References: <53de340e.52ce.7073778e@svn.freebsd.org> <F59A7643-BE56-416A-A62C-42DAEF888E81@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 4 Aug 2014, John Baldwin wrote: > On Aug 3, 2014, at 6:07 AM, Aleksandr Rybalko <ray@FreeBSD.org> wrote: > >> Log: >> Allow to disable some special key combinations handled by vt(4), like debug >> request, reboot request. >> >> Requested by: Claude Buisson >> >> Sponsored by: The FreeBSD Foundation > > I realize the API uses 'SPCL' as an abbreviation, but for user-facing things like a sysctl and tunable, I think it might be better to spell it out as "specialkeys" instead? It is a bad name, and also gratuitously different from syscons where the names are: hw.syscons.kbd_reboot hw.syscons.kbd_debug hw.syscons.sc_no_suspend_vtswitch The namespace seems to be more organized than syscons'. It seems to share other configuration bugs with syscons. Debugger entry is gated by debug.kdb.break_to_debugger and debug.kdb.alt_break_to_debugger. There are too many compile-time options to give defaults for the sysctls, but not enough to give usable ones. BREAK_TO_DEBUGGER) is misused to give the default for debug.kdb.break_to_debugger. The BREAK in it means a serial line break and is only indirectly related to breakpoint instructions or breaking into the debugger. Entering the debugger on serial line breaks is usually unwanted, since they happen when a serial console is unplugged, so BREAK_TO_DEBUGGER should rarely be configured. Misusing it to control the sysctl gives a wrong configuration for debugger entry from vt's when it is correctly configured to off. debug.kdb_alt_break_to_debugger defeats the vt sysctls in another way. It gives another way to enter the debugger, and due to the reboot misfeature in it, it also gives another way to reboot. It is correct but confusing for vt's to have per-device options for controlling debugger support. You might have a multiple consoles with only some secure enough to debug on. Serial consoles need per-device options even more, but have less than one -- the old global serial device options are abused for kdb defaults. So only the combination of an insecure vt with a secure serial console is supported -- you have to enable the global options to get any debugger support so can't do this if you have a secure vt and an insecure serial console. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140805091730.N2827>