Page MenuHomeFreeBSD
Differential D35370

mac: kdb/ddb framework hooks
ClosedPublic
Actions

Authored by mhorne on May 31 2022, 6:07 PM.
Tags
None
Referenced Files
F151661157: D35370.id108300.diff
Thu, Apr 9, 8:33 PM
Unknown Object (File)
Thu, Apr 9, 2:39 PM
Unknown Object (File)
Thu, Apr 9, 3:50 AM
Unknown Object (File)
Mon, Apr 6, 8:50 AM
Unknown Object (File)
Sat, Apr 4, 4:09 PM
Unknown Object (File)
Fri, Mar 20, 1:34 AM
Unknown Object (File)
Mar 9 2026, 11:48 AM
Unknown Object (File)
Mar 9 2026, 6:00 AM
View All Files
Subscribers
allanjude
imp
jhibbits

Details

Reviewers
jhb
markj
stevek
Commits
rG2449b9e5fe56: mac: kdb/ddb framework hooks
Summary

Add three simple hooks to the debugger allowing for a loaded MAC policy
to intervene if desired:

  1. Before invoking the kdb backend
  2. Before ddb command registration
  3. Before ddb command execution

We extend struct db_command with a private pointer and two flag bits
reserved for policy use.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

mhorne created this revision.May 31 2022, 6:07 PM
Herald added a subscriber: imp. · View Herald TranscriptMay 31 2022, 6:07 PM
mhorne requested review of this revision.May 31 2022, 6:07 PM
Harbormaster completed remote builds in B45795: Diff 106515.May 31 2022, 6:07 PM
mhorne added a child revision: D35371: mac: add new mac_ddb(4) policy.May 31 2022, 6:07 PM
markj accepted this revision.Jul 13 2022, 2:30 PM
markj added inline comments.
sys/ddb/db_command.c
494

This line appears to be too long.

sys/security/mac/mac_debugger.c
1 ↗(On Diff #106515)

mac_kdb.c might be a better name for this file. "debugger" sounds too generic to me.

This revision is now accepted and ready to land.Jul 13 2022, 2:30 PM
Closed by commit rG2449b9e5fe56: mac: kdb/ddb framework hooks (authored by mhorne, committed by allanjude). · Explain WhyJul 18 2022, 10:08 PM
This revision was automatically updated to reflect the committed changes.
allanjude added a commit: rG2449b9e5fe56: mac: kdb/ddb framework hooks.

Revision Contents
Changeset List

PathSize
sys/
conf/
1 line
ddb/
16 lines
3 lines
kern/
11 lines
security/
mac/
10 lines
69 lines
17 lines
mac_stub/
31 lines
mac_test/
39 lines

Diff 108300

View Options

sys/conf/files

Loading...
View Options

sys/ddb/db_command.c

Loading...
View Options

sys/ddb/ddb.h

Loading...
View Options

sys/kern/subr_kdb.c

Loading...
View Options

sys/security/mac/mac_framework.h

Loading...
View Options

sys/security/mac/mac_kdb.c

Loading...
View Options

sys/security/mac/mac_policy.h

Loading...
View Options

sys/security/mac_stub/mac_stub.c

Loading...
View Options

sys/security/mac_test/mac_test.c

Loading...