### This RFC has significant updates since v2. Comments appreciated (I ### hope the next iteration can be PATCH rather than RFC).
This patchset implements restricted modes for the KDB debugger. It is a continuation of previous kiosk mode work of Anton Vorontsov (dating back to late 2012).
Modelled of the SysRq masking functionality it provides a means for the root user to choose the set of kdb commands that are available on the kdb console.
There are a few patches, some are just cleanups, some are churn-ish cleanups, but inevitable. And the rest implements the mode -- after all the preparations, everything is pretty straightforward. The first patch is actually a pure bug fix (arguably unrelated to kiosk mode) but collides with the code to honour the sysrq mask when capabilities are stricted so I have included it here.
Changes since v2: * Fixed stupid build error when CONFIG_KDB[_KIOSK]_DEFAULT_ENABLE was not defined. * Increase flexibility by allowing the userspace greater control over the commands to be restricted. * Removed the "kiosk" terminology. Its confusing.
Changes since v1 (circa 2012):
* ef (Display exception frame) is essentially an overly complex peek and has therefore been marked unsafe * bt (Stack traceback) has been marked safe only with no arguments * sr (Magic SysRq key) honours the sysrq mask when called in kiosk mode * Fixed over-zealous blocking of macro commands * Symbol lookup is forbidden by kdbgetaddrarg (more robust, better error reporting to user) * Fix deadlock in sr (Magic SysRq key) * Better help text in kiosk mode * Default (kiosk on/off) can be changed From the config file.
Anton Vorontsov (6): kdb: Remove currently unused kdbtab_t->cmd_flags kdb: Rename kdb_repeat_t to kdb_cmdflags_t, cmd_repeat to cmd_flags kdb: Rename kdb_register_repeat() to kdb_register_flags() kdb: Use KDB_REPEAT_* values as flags kdb: Remove KDB_REPEAT_NONE flag kdb: Add enable mask for groups of commands
Daniel Thompson (3): sysrq: Implement __handle_sysrq_nolock to avoid recursive locking in kdb kdb: Categorize kdb commands (similar to SysRq categorization) kdb: Allow access to sensitive commands to be restricted by default
drivers/tty/sysrq.c | 11 +- include/linux/kdb.h | 66 +++++++++-- include/linux/sysrq.h | 1 + kernel/debug/kdb/kdb_bp.c | 37 ++++--- kernel/debug/kdb/kdb_main.c | 243 +++++++++++++++++++++++++---------------- kernel/debug/kdb/kdb_private.h | 3 +- kernel/trace/trace_kdb.c | 4 +- lib/Kconfig.kgdb | 25 +++++ 8 files changed, 264 insertions(+), 126 deletions(-)