[kernel] r15150 - in dists/trunk/linux-2.6/debian: . config patches/debian patches/series
Bastian Blank
waldi at alioth.debian.org
Sun Feb 14 15:14:48 UTC 2010
Author: waldi
Date: Sun Feb 14 15:11:35 2010
New Revision: 15150
Log:
Restrict access to sensitive SysRq keys by default
* debian/changelog: Update.
* debian/config/config: Set MAGIC_SYSRQ_DEFAULT_MASK.
* debian/patches/debian/sysrq-mask.patch, debian/patches/series/9:
Add new patch.
Added:
dists/trunk/linux-2.6/debian/patches/debian/sysrq-mask.patch
Modified:
dists/trunk/linux-2.6/debian/changelog
dists/trunk/linux-2.6/debian/config/config
dists/trunk/linux-2.6/debian/patches/series/9
Modified: dists/trunk/linux-2.6/debian/changelog
==============================================================================
--- dists/trunk/linux-2.6/debian/changelog Sat Feb 13 12:25:52 2010 (r15149)
+++ dists/trunk/linux-2.6/debian/changelog Sun Feb 14 15:11:35 2010 (r15150)
@@ -1,4 +1,4 @@
-linux-2.6 (2.6.32-9) unstable; urgency=low
+linux-2.6 (2.6.32-9) UNRELEASED; urgency=low
[ Ben Hutchings ]
* Do not build obsolete lgs8gl5 driver
@@ -7,6 +7,9 @@
[ maximilian attems]
* Postinst don't refercence k-p related manpage. (Closes: #542208)
+ [ Bastian Blank ]
+ * Restrict access to sensitive SysRq keys by default.
+
-- Ben Hutchings <ben at decadent.org.uk> Fri, 12 Feb 2010 02:59:33 +0000
linux-2.6 (2.6.32-8) unstable; urgency=high
Modified: dists/trunk/linux-2.6/debian/config/config
==============================================================================
--- dists/trunk/linux-2.6/debian/config/config Sat Feb 13 12:25:52 2010 (r15149)
+++ dists/trunk/linux-2.6/debian/config/config Sun Feb 14 15:11:35 2010 (r15150)
@@ -3279,6 +3279,8 @@
CONFIG_ENABLE_WARN_DEPRECATED=y
CONFIG_ENABLE_MUST_CHECK=y
CONFIG_MAGIC_SYSRQ=y
+#. everything except {DUMP SIGNAL}
+CONFIG_MAGIC_SYSRQ_DEFAULT_MASK=0x01b6
CONFIG_STRIP_ASM_SYMS=y
CONFIG_UNUSED_SYMBOLS=y
CONFIG_DEBUG_FS=y
Added: dists/trunk/linux-2.6/debian/patches/debian/sysrq-mask.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/trunk/linux-2.6/debian/patches/debian/sysrq-mask.patch Sun Feb 14 15:11:35 2010 (r15150)
@@ -0,0 +1,32 @@
+diff --git a/drivers/char/sysrq.c b/drivers/char/sysrq.c
+index 44203ff..964bab1 100644
+--- a/drivers/char/sysrq.c
++++ b/drivers/char/sysrq.c
+@@ -43,7 +43,7 @@
+ #include <asm/irq_regs.h>
+
+ /* Whether we react on sysrq keys or just ignore them */
+-int __read_mostly __sysrq_enabled = 1;
++int __read_mostly __sysrq_enabled = CONFIG_MAGIC_SYSRQ_DEFAULT_MASK;
+
+ static int __read_mostly sysrq_always_enabled;
+
+diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
+index 234ceb1..415a834 100644
+--- a/lib/Kconfig.debug
++++ b/lib/Kconfig.debug
+@@ -50,6 +50,14 @@ config MAGIC_SYSRQ
+ keys are documented in <file:Documentation/sysrq.txt>. Don't say Y
+ unless you really know what this hack does.
+
++config MAGIC_SYSRQ_DEFAULT_MASK
++ hex "Default mask for Magic SysRq keys on the console"
++ depends on MAGIC_SYSRQ
++ default 1
++ help
++ Specifies the default mask for the allowed SysRq keys. This can be
++ used to disable several sensitive keys by default.
++
+ config STRIP_ASM_SYMS
+ bool "Strip assembler-generated symbols during link"
+ default n
Modified: dists/trunk/linux-2.6/debian/patches/series/9
==============================================================================
--- dists/trunk/linux-2.6/debian/patches/series/9 Sat Feb 13 12:25:52 2010 (r15149)
+++ dists/trunk/linux-2.6/debian/patches/series/9 Sun Feb 14 15:11:35 2010 (r15150)
@@ -1 +1,2 @@
+ bugfix/all/cxusb-dont-select-lgs8gl5.patch
++ debian/sysrq-mask.patch
More information about the Kernel-svn-changes
mailing list