lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 26 Jul 2007 15:36:24 -0400
From:	Will Woods <wwoods@...hat.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	Neil Horman <nhorman@...driver.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] core_pattern: Add ability for core_pattern to parse
	arguments when pattern is a pipe

On Thu, 2007-07-26 at 11:48 -0700, Andrew Morton wrote:
> On Thu, 26 Jul 2007 13:40:19 -0400 Neil Horman <nhorman@...driver.com> wrote:
> 
> > 	Currently, core dumps can be redirected to a pipe by placing the
> > following string template in /proc/sys/kernel/core_pattern:
> > |<path/to/application>
> > This patch extends this ability, allowing the core_pattern to contain arguments
> > to be passed as an argv array to the userspace helper application.  It also add
> > a format specifier, %c, which allows the RLIM_CORE value of the crashing
> > application to be passed on the command line, since RLIMIT_CORE is reduced to
> > zero when execing the userspace helper
> 
> This all seems to be getting a bit nutty.  Who needs this feature
> and what will they do with it, etc?

We're using it for doing a system-wide crash dump handler. Currently
Ubuntu's using it with their Apport tool[1] for this purpose; I'm
adapting that for Fedora. 

The Ubuntu approach requires a kernel patch that adds a bunch of process
information (process pid, RLIMIT_CORE, etc) to the environment of the
crash handler[2]. Most of that information can instead be parsed out of
the ELF headers - which is what I wrote code to do[3]. The problem that
remains is determining the value of RLIMIT_CORE. (This is used to
determine whether the user wants a normal corefile, thus retaining
normal core dump behavior). 

As I understand it, getrlimit() won't return the correct values while
dumping to a pipe. So we need to pass the original RLIMIT_CORE to the
userspace helper somehow. It seems sensible to pass arguments to a
userspace program by using argv[]. So there we are.

There's probably many other uses for this stuff but that's the specific
one we're targeting. Does that make sense? If there's an easier way to
get the original RLIMIT_CORE from inside the crash handler, I'd love to
hear it.

-w

[1] https://wiki.ubuntu.com/Apport 
[2]
http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-feisty.git;a=blob;hb=HEAD;f=fs/exec.c#l1557
[3] http://rdr.to/bX


Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ