| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 01 Mar 2007 21:35:20 +0900
From: "Kawai, Hidehiro" <hidehiro.kawai.ez@...achi.com>
To: Markus Gutschke <markus@...gle.com>
Cc: Andrew Morton <akpm@...l.org>,
kernel list <linux-kernel@...r.kernel.org>,
Pavel Machek <pavel@....cz>, Robin Holt <holt@....com>,
dhowells@...hat.com, Alan Cox <alan@...rguk.ukuu.org.uk>,
Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>,
sugita <yumiko.sugita.yf@...achi.com>,
Satoshi OSHIMA <soshima@...hat.com>,
"Hideo AOKI@...hat" <haoki@...hat.com>
Subject: Re: [PATCH 0/4] coredump: core dump masking support v3
Hi,
Markus Gutschke wrote:
> Kawai, Hidehiro wrote:
>
>> This patch series is version 3 of the core dump masking feature,
>> which provides a per-process flag not to dump anonymous shared
>> memory segments.
>
> I just wanted to remind you that you need to be careful about dumping
> the [vdso] segment no matter whether you omit other segments. I didn't
> actually try running your patches, and if the kernel doesn't actually
> consider this segment anonymous and shared, things might already work
> fine as is.
Thank you for your advice and sorry for not replying soon.
Fortunately, the latest kernel uses VM_ALWAYSDUMP flag to always dump
the vdso segment. My patchset doesn't change this behavior. So we
don't need to worry about the vdso segment.
> As an alternative to your kernel patch, you could achieve the same goal
> in user space, by linking my coredumper
> http://code.google.com/p/google-coredumper/ into your binaries and
> setting up appropriate signal handlers. An equivalent patch for
> selectively omitting memory regions would be trivial to add.
As far as I can see, google-coredumper has more flexibility.
Can google-coredumper satisfy the following requirements easily?
Requirements are:
(1) a user can change the core dump settings _anytime_
- sometimes want to dump anonymous shared memory segments and
sometimes don't want to dump them
(2) a user can change the core dump settings of _any processes_
(although permission checks are performed)
- in a huge application which forks many processes, a user
hopes that some processes dump anonymous shared memory
segments and some processes don't dump them
And reliability of the core dump feature is also important.
> While this
> does give you more flexibility, it of course has the drawback of
> requiring you to change your applications, so there still is some
> benefit in a kernelspace solution.
And all the software vendors don't necessarily apply
google-coredumper. If the vendor doesn't apply it, the user will
be bothered by huge core dumps or the buggy application which
remains unfixed. So I believe that in kernel solution is still
needed.
Thanks,
--
Hidehiro Kawai
Hitachi, Ltd., Systems Development Laboratory
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists