path: root/kernel/debug/kdb
diff options
authorDaniel Thompson <daniel.thompson@linaro.org>2020-02-13 15:16:40 +0000
committerDaniel Thompson <daniel.thompson@linaro.org>2020-04-01 16:59:11 +0100
commitad99b5105c0823ff02126497f4366e6a8009453e (patch)
tree44e3f94cbac26b7e9208a2b4b1cabb30c77acabc /kernel/debug/kdb
parentd228bee8201a7ea77c414f1298b2f572f42c6113 (diff)
kdb: Censor attempts to set PROMPT without ENABLE_MEM_READ
Currently the PROMPT variable could be abused to provoke the printf() machinery to read outside the current stack frame. Normally this doesn't matter becaues md is already a much better tool for reading from memory. However the md command can be disabled by not setting KDB_ENABLE_MEM_READ. Let's also prevent PROMPT from being modified in these circumstances. Whilst adding a comment to help future code reviewers we also remove the #ifdef where PROMPT in consumed. There is no problem passing an unused (0) to snprintf when !CONFIG_SMP. argument Reported-by: Wang Xiayang <xywang.sjtu@sjtu.edu.cn> Signed-off-by: Daniel Thompson <daniel.thompson@linaro.org> Reviewed-by: Douglas Anderson <dianders@chromium.org>
Diffstat (limited to 'kernel/debug/kdb')
1 files changed, 8 insertions, 4 deletions
diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c
index a4641be4123c..515379cbf209 100644
--- a/kernel/debug/kdb/kdb_main.c
+++ b/kernel/debug/kdb/kdb_main.c
@@ -399,6 +399,13 @@ int kdb_set(int argc, const char **argv)
+ * Censor sensitive variables
+ */
+ if (strcmp(argv[1], "PROMPT") == 0 &&
+ !kdb_check_flags(KDB_ENABLE_MEM_READ, kdb_cmd_enabled, false))
+ return KDB_NOPERM;
+ /*
* Check for internal variables
if (strcmp(argv[1], "KDBDEBUG") == 0) {
@@ -1298,12 +1305,9 @@ static int kdb_local(kdb_reason_t reason, int error, struct pt_regs *regs,
*(cmd_hist[cmd_head]) = '\0';
-#if defined(CONFIG_SMP)
+ /* PROMPT can only be set if we have MEM_READ permission. */
snprintf(kdb_prompt_str, CMD_BUFLEN, kdbgetenv("PROMPT"),
- snprintf(kdb_prompt_str, CMD_BUFLEN, kdbgetenv("PROMPT"));
if (defcmd_in_progress)
strncat(kdb_prompt_str, "[defcmd]", CMD_BUFLEN);

Privacy Policy