From a4a5b2dde05603de9cca69b1dc903bfc80cebcdf Mon Sep 17 00:00:00 2001 From: Mark Salyzyn Date: Tue, 20 Dec 2016 15:59:19 -0800 Subject: android: fiq_debugger: restrict access to critical commands. Sysrq must be enabled via /proc/sys/kernel/sysrq as a security measure to enable various critical fiq debugger commands that either leak information or can be used as a system attack. Default disabled, this will leave the reboot, reset, irqs, sleep, nosleep, console and ps commands. Reboot and reset commands will be restricted from taking any parameters. We will also switch to showing the limited command set in this mode. Signed-off-by: Mark Salyzyn Bug: 32402555 Change-Id: I3f74b1ff5e4971d619bcb37a911fed68fbb538d5 Git-repo: https://android.googlesource.com/kernel/msm Git-commit: 1031836c0895f1f5a05c25efec83bfa11aa08ca9 Signed-off-by: Dennis Cagle --- include/linux/sysrq.h | 1 + 1 file changed, 1 insertion(+) (limited to 'include/linux') diff --git a/include/linux/sysrq.h b/include/linux/sysrq.h index 7faf933cc..5a0bd938c 100644 --- a/include/linux/sysrq.h +++ b/include/linux/sysrq.h @@ -45,6 +45,7 @@ struct sysrq_key_op { * are available -- else NULL's). */ +bool sysrq_on(void); void handle_sysrq(int key); void __handle_sysrq(int key, bool check_mask); int register_sysrq_key(int key, struct sysrq_key_op *op); -- cgit v1.2.3