From: Bastian Blank <[email protected]>
Add a Kconfig variable to set the initial value of the Magic SysRq mask
(sysctl: kernel.sysrq).
Signed-off-by: Ben Hutchings <[email protected]>
---
This has been in Debian for a while, but should probably be signed-off
by Bastian as well.
Debian sets this to 0x01b6, which excludes.
8 - enable debugging dumps of processes etc.
64 - enable signalling of processes (term, kill, oom-kill)
Ben.
--- a/include/linux/sysrq.h
+++ b/include/linux/sysrq.h
@@ -18,7 +18,7 @@
#include <linux/types.h>
/* Enable/disable SYSRQ support by default (0==no, 1==yes). */
-#define SYSRQ_DEFAULT_ENABLE 1
+#define SYSRQ_DEFAULT_ENABLE CONFIG_MAGIC_SYSRQ_DEFAULT_MASK
/* Possible values of bitmask for enabling sysrq functions */
/* 0x0001 is reserved for enable everything */
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -312,6 +312,14 @@ config MAGIC_SYSRQ
keys are documented in <file:Documentation/sysrq.txt>. Don't say Y
unless you really know what this hack does.
+config MAGIC_SYSRQ_DEFAULT_MASK
+ hex "Default mask for Magic SysRq keys on the console"
+ depends on MAGIC_SYSRQ
+ default 1
+ help
+ Specifies the default mask for the allowed SysRq keys. This can be
+ used to disable several sensitive keys by default.
+
config DEBUG_KERNEL
bool "Kernel debugging"
help
--
Ben Hutchings
Life is like a sewer:
what you get out of it depends on what you put into it.
On Mon, Sep 30, 2013 at 02:31:08AM +0100, Ben Hutchings wrote:
> From: Bastian Blank <[email protected]>
>
> Add a Kconfig variable to set the initial value of the Magic SysRq mask
> (sysctl: kernel.sysrq).
>
> Signed-off-by: Ben Hutchings <[email protected]>
> ---
> This has been in Debian for a while, but should probably be signed-off
> by Bastian as well.
>
> Debian sets this to 0x01b6, which excludes.
>
> 8 - enable debugging dumps of processes etc.
> 64 - enable signalling of processes (term, kill, oom-kill)
> ...
>
> +config MAGIC_SYSRQ_DEFAULT_MASK
> + hex "Default mask for Magic SysRq keys on the console"
> + depends on MAGIC_SYSRQ
> + default 1
> + help
> + Specifies the default mask for the allowed SysRq keys. This can be
> + used to disable several sensitive keys by default.
Might be nice to have the mask values duplicated here to save having to
go grepping through code ?
Dave
On Sun, Sep 29, 2013 at 09:40:09PM -0400, Dave Jones wrote:
> On Mon, Sep 30, 2013 at 02:31:08AM +0100, Ben Hutchings wrote:
> > From: Bastian Blank <[email protected]>
> >
> > Add a Kconfig variable to set the initial value of the Magic SysRq mask
> > (sysctl: kernel.sysrq).
> >
> > Signed-off-by: Ben Hutchings <[email protected]>
> > ---
> > This has been in Debian for a while, but should probably be signed-off
> > by Bastian as well.
> >
> > Debian sets this to 0x01b6, which excludes.
> >
> > 8 - enable debugging dumps of processes etc.
> > 64 - enable signalling of processes (term, kill, oom-kill)
> > ...
> >
> > +config MAGIC_SYSRQ_DEFAULT_MASK
> > + hex "Default mask for Magic SysRq keys on the console"
> > + depends on MAGIC_SYSRQ
> > + default 1
> > + help
> > + Specifies the default mask for the allowed SysRq keys. This can be
> > + used to disable several sensitive keys by default.
>
> Might be nice to have the mask values duplicated here to save having to
> go grepping through code ?
Yeah, a hit would be good. Like what '1' does as default would be a
nice start :)
thanks,
greg k-h