[haiku-commits] Re: r35896 - haiku/trunk/src/system/kernel/debug

  • From: Ingo Weinhold <ingo_weinhold@xxxxxx>
  • To: haiku-commits@xxxxxxxxxxxxx
  • Date: Thu, 18 Mar 2010 13:35:24 +0100

On 2010-03-18 at 02:40:05 [+0100], David McPaul <dlmcpaul@xxxxxxxxx> wrote:
> On 18 March 2010 11:47,  <ingo_weinhold@xxxxxx> wrote:
> > Author: bonefish
> > Date: 2010-03-18 01:47:43 +0100 (Thu, 18 Mar 2010)
> > New Revision: 35896
> > Changeset: http://dev.haiku-os.org/changeset/35896/haiku
> >
> > Modified:
> >   haiku/trunk/src/system/kernel/debug/debug.cpp
> > Log:
> > * sCurrentKernelDebuggerMessageArgs is no longer used directly. Whenever 
> > it
> >  is passed to some v*printf(), we clone it first. This way we can use it
> >  repeatedly. It worked only on certain architectures correctly before.
> > * Changed the panic() semantics a bit: When the format contains the
> >  (hopefully unusual enough) string "@!" only the part before it is
> >  considered to belong to the panic message. The part after it is 
> >  interpreted
> >  as a command line to be executed directly after entering KDL. This way it
> >  is possible to provide helpful command invocations only developers 
> >  somewhat
> >  familiar with the subsystem might come up with. E.g.:
> >    panic("dec_vnode_ref_count: called on busy vnode %p"
> >      "@! vnode -p %p; mount _mount", vnode, vnode);
> 
> Hmm, are there debug commands that could modify data or are
> destructive to a hard drive etc?

It is possible to manipulate any memory and registers in the kernel debugger. 
Access to (memory mapped) hardware is at least theoretically possible through 
that feature, too.

> If you could force a particular panic then you could force commands to
> be executed.  Or am I just being paranoid?

The kernel debugger is obviously a nightmare security-wise. But with the 
default user being root so is Haiku anyway. As for forcing a panic -- I 
suppose you mean through malicious software -- if there's a bug that triggers 
a panic, only the commands specified for the panic are executed. There's no 
way to change them other than modifying the kernel code. But whoever can do 
that can execute arbitrary code much more conveniently than through the 
kernel debugger.

CU, Ingo

Other related posts: