Re: [PATCH] include all vmas with unbacked pages in ELF core dumps

From: Linus Torvalds
Date: Thu Oct 21 2004 - 07:09:53 EST

Next message: Stefan Schweizer: "Re: Hibernation and time and dhcp"
Previous message: Pavel Machek: "Re: Generic VESA framebuffer driver and Video card BOOT?"
In reply to: Roland McGrath: "[PATCH] include all vmas with unbacked pages in ELF core dumps"
Next in thread: Roland McGrath: "Re: [PATCH] include all vmas with unbacked pages in ELF core dumps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 20 Oct 2004, Roland McGrath wrote:
>
> This patch changes the criteria for including vm regions in a core dump.
> In recent glibc, the dynamic linker uses mprotect on part of a data segment
> to write-protect pages that should never be touched after startup time
> (this makes it harder for exploits to clobber indirection tables and the like).
> Currently, this part of the segment is omitted from core dumps, losing
> information about what the program did before it died.

Augh. Not all filesystems support holes, and I think VM_SHARED should
trump VM_WRITE.

In general, I'd much prefer just adding a VM_DIRTY flag, and making the
COW logic set it. That should guarantee that we write out the minimal
required sections.

> Including unreadable regions gives you things like guard pages, showing
> an accurate representation of of those in the core dump image. Since we
> now have the ZERO_PAGE check, this won't actually write any more pages
> to disk for those cases.

But any non-dumped section _will_ show up in the ELF headers, so things
like guard pages have nothing to do with "maydump()", imho. And as
mentioned, some filesystems _will_ write many more pages.

So if gdb has trouble with guard pages, pls get somebody to fix gdb
instead, and tell them what the difference between p_filesz and p_memsz
is. Putting them into the dump is just stupid.

So "maydump()" might sanely look something like

/* Shared or IO mappings are never written out */
if (vma->vm_flags & (VM_IO | VM_SHARED | VM_SHM))
return 0;

/*
* Was the mapped backing store opened for writing?
* This really only happens for VM_SHARED (which we
* don't write out anyway), but it's conceptually
* the right thing to do. Some future internal use
* might end up doing this.
*/
if (!(vma->vm_flags & VM_MAYWRITE))
return 0;

/* We really should add this flag */
if (!(vma->vm_flags & VM_DIRTY))
return 0;

/* otherwise, write it out */
return 1;

and that should make people happy. No?

Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stefan Schweizer: "Re: Hibernation and time and dhcp"
Previous message: Pavel Machek: "Re: Generic VESA framebuffer driver and Video card BOOT?"
In reply to: Roland McGrath: "[PATCH] include all vmas with unbacked pages in ELF core dumps"
Next in thread: Roland McGrath: "Re: [PATCH] include all vmas with unbacked pages in ELF core dumps"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]