Re: [PATCH v3] init: Do not select DEBUG_KERNEL by default

From: Kees Cook
Date: Wed Apr 10 2019 - 22:45:58 EST


On Wed, Apr 10, 2019 at 5:56 PM Sinan Kaya <okaya@xxxxxxxxxx> wrote:
>
> We can't seem to have a kernel with CONFIG_EXPERT set but
> CONFIG_DEBUG_KERNEL unset these days.
>
> While some of the features under the CONFIG_EXPERT require
> CONFIG_DEBUG_KERNEL, it doesn't apply for all features.
>
> It looks like CONFIG_KALLSYMS_ALL is the only feature that
> requires CONFIG_DEBUG_KERNEL.
>
> Select CONFIG_EXPERT when CONFIG_DEBUG_KERNEL is chosen but
> you can still choose CONFIG_EXPERT without CONFIG_DEBUG_KERNEL.
>
> Signed-off-by: Sinan Kaya <okaya@xxxxxxxxxx>
> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx>

Masahiro, should this go via your tree, or somewhere else?

Thanks!

-Kees

> ---
> init/Kconfig | 2 --
> lib/Kconfig.debug | 1 +
> 2 files changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/init/Kconfig b/init/Kconfig
> index 4592bf7997c0..37e10a8391a3 100644
> --- a/init/Kconfig
> +++ b/init/Kconfig
> @@ -1206,8 +1206,6 @@ config BPF
>
> menuconfig EXPERT
> bool "Configure standard kernel features (expert users)"
> - # Unhide debug options, to make the on-by-default options visible
> - select DEBUG_KERNEL
> help
> This option allows certain base kernel options and settings
> to be disabled or tweaked. This is for specialized
> diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
> index 0d9e81779e37..9fbf3499ec8d 100644
> --- a/lib/Kconfig.debug
> +++ b/lib/Kconfig.debug
> @@ -434,6 +434,7 @@ config MAGIC_SYSRQ_SERIAL
>
> config DEBUG_KERNEL
> bool "Kernel debugging"
> + default EXPERT
> help
> Say Y here if you are developing drivers or trying to debug and
> identify kernel problems.
> --
> 2.21.0
>


--
Kees Cook