From owner-freebsd-hackers Thu Sep 16 2:43:59 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from outmail.utsunomiya-u.ac.jp (outmail.utsunomiya-u.ac.jp [160.12.196.3]) by hub.freebsd.org (Postfix) with ESMTP id 8751914F2E; Thu, 16 Sep 1999 02:43:56 -0700 (PDT) (envelope-from yokota@zodiac.mech.utsunomiya-u.ac.jp) Received: from zodiac.mech.utsunomiya-u.ac.jp (IDENT:t5xIauT29h9+Kj+XHYEy1jU5vj1P/aCH@zodiac.mech.utsunomiya-u.ac.jp [160.12.42.1]) by outmail.utsunomiya-u.ac.jp (8.9.3/3.7Wpl2) with ESMTP id SAA14729; Thu, 16 Sep 1999 18:43:54 +0900 (JST) Received: from zodiac.mech.utsunomiya-u.ac.jp (zodiac.mech.utsunomiya-u.ac.jp [160.12.42.1]) by zodiac.mech.utsunomiya-u.ac.jp (8.7.6+2.6Wbeta7/3.4W/zodiac-May96) with ESMTP id SAA02636; Thu, 16 Sep 1999 18:48:14 +0900 (JST) Message-Id: <199909160948.SAA02636@zodiac.mech.utsunomiya-u.ac.jp> To: hackers@freebsd.org Cc: sos@freebsd.org, bde@freebsd.org, yokota@zodiac.mech.utsunomiya-u.ac.jp Subject: panic() the system from the console (was: Re: kern/13721: There is no way to force system panic from console) Date: Thu, 16 Sep 1999 18:48:13 +0900 From: Kazutaka YOKOTA Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>Number: 13721 >>Category: kern >>Synopsis: There is no way to force system panic from console [...] >>Release: FreeBSD 3.3-RC >>Organization: >Server >>Environment: >>Description: >Under some rare circumstances there is a real need to reboot system via kernel >'s panic from the system console. For example: if any process has ran out of m >emory nobody can login and even Ctrl-Alt-Del does not work and there is no way > to find out source of the problem after cold boot. >And if reboot is not disabled the panic will not decrease the system's securit >y especially; where enabling kernel debugger is not acceptable. I tend to agree with the PR originator that this feature won't particularly jeopardize security in the kernel for which reboot key sequence is not disabled. As the originator suggested in his subsequent posting to the PR database, we can defined "panic" key and handle it in syscons as follows: case _PANIC_KEY_ #if !defined(SC_DISABLE_REBOOT) && !defined(SC_DISABLE_PANIC) panic(); #endif break; We can restrict this feature, by checking `securelevel' too. case _PANIC_KEY_ #if !defined(SC_DISABLE_REBOOT) && !defined(SC_DISABLE_PANIC) if (securelevel <= 0) panic(); #endif break; Any opinions? Kazu >On Sun it is the only way to reboot the working system: OpenBoot prom on boot >and reset commands at first checks whether Solaris is running and if it is run >ning - calls its panic routine. >>How-To-Repeat: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message