git: bd16c274c382 - main - kdb: Permit a NULL thread credential in kdb_backend_permitted()
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 02 Aug 2023 13:15:43 UTC
The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=bd16c274c3826926108f0539b5043c5a811cad43 commit bd16c274c3826926108f0539b5043c5a811cad43 Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2023-08-01 21:58:42 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2023-08-02 13:15:08 +0000 kdb: Permit a NULL thread credential in kdb_backend_permitted() Early during boot, thread0 runs with td->td_ucred == NULL. This is fixed up in proc0_init() at SI_SUB_INTRINSIC. If a panic occurs before then, rather than dereference a NULL pointer, simply allow the thread to enter KDB. Reported by: stevek Reviewed by: mhorne, stevek MFC after: 1 week Fixes: cab1056105e3 ("kdb: Modify securelevel policy") Differential Revision: https://reviews.freebsd.org/D41280 --- sys/kern/subr_kdb.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/sys/kern/subr_kdb.c b/sys/kern/subr_kdb.c index 2f419b4d8ad5..dda21d53b6a5 100644 --- a/sys/kern/subr_kdb.c +++ b/sys/kern/subr_kdb.c @@ -503,11 +503,19 @@ kdb_dbbe_select(const char *name) } static bool -kdb_backend_permitted(struct kdb_dbbe *be, struct ucred *cred) +kdb_backend_permitted(struct kdb_dbbe *be, struct thread *td) { + struct ucred *cred; int error; - error = securelevel_gt(cred, kdb_enter_securelevel); + cred = td->td_ucred; + if (cred == NULL) { + KASSERT(td == &thread0 && cold, + ("%s: missing cred for %p", __func__, td)); + error = 0; + } else { + error = securelevel_gt(cred, kdb_enter_securelevel); + } #ifdef MAC /* * Give MAC a chance to weigh in on the policy: if the securelevel is @@ -776,7 +784,7 @@ kdb_trap(int type, int code, struct trapframe *tf) cngrab(); for (;;) { - if (!kdb_backend_permitted(be, curthread->td_ucred)) { + if (!kdb_backend_permitted(be, curthread)) { /* Unhandled breakpoint traps are fatal. */ handled = 1; break;