svn commit: r237979 - stable/9/sys/kern
David E. O'Brien
obrien at FreeBSD.org
Mon Jul 2 08:21:16 UTC 2012
Author: obrien
Date: Mon Jul 2 08:21:15 2012
New Revision: 237979
URL: http://svn.freebsd.org/changeset/base/237979
Log:
MFC: r228475 & r228487: Disallow various debug.kdb sysctl's when securelevel
is raised.
PR: 161350
Modified:
stable/9/sys/kern/kern_shutdown.c
Directory Properties:
stable/9/ (props changed)
stable/9/sys/ (props changed)
Modified: stable/9/sys/kern/kern_shutdown.c
==============================================================================
--- stable/9/sys/kern/kern_shutdown.c Mon Jul 2 08:09:07 2012 (r237978)
+++ stable/9/sys/kern/kern_shutdown.c Mon Jul 2 08:21:15 2012 (r237979)
@@ -100,8 +100,9 @@ int debugger_on_panic = 0;
#else
int debugger_on_panic = 1;
#endif
-SYSCTL_INT(_debug, OID_AUTO, debugger_on_panic, CTLFLAG_RW | CTLFLAG_TUN,
- &debugger_on_panic, 0, "Run debugger on kernel panic");
+SYSCTL_INT(_debug, OID_AUTO, debugger_on_panic,
+ CTLFLAG_RW | CTLFLAG_SECURE | CTLFLAG_TUN,
+ &debugger_on_panic, 0, "Run debugger on kernel panic");
TUNABLE_INT("debug.debugger_on_panic", &debugger_on_panic);
#ifdef KDB_TRACE
@@ -109,8 +110,9 @@ static int trace_on_panic = 1;
#else
static int trace_on_panic = 0;
#endif
-SYSCTL_INT(_debug, OID_AUTO, trace_on_panic, CTLFLAG_RW | CTLFLAG_TUN,
- &trace_on_panic, 0, "Print stack trace on kernel panic");
+SYSCTL_INT(_debug, OID_AUTO, trace_on_panic,
+ CTLFLAG_RW | CTLFLAG_SECURE | CTLFLAG_TUN,
+ &trace_on_panic, 0, "Print stack trace on kernel panic");
TUNABLE_INT("debug.trace_on_panic", &trace_on_panic);
#endif /* KDB */
More information about the svn-src-stable
mailing list