lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070904032637.GY21089@ftp.linux.org.uk>
Date:	Tue, 4 Sep 2007 04:26:37 +0100
From:	Al Viro <viro@....linux.org.uk>
To:	Pallewatta Mano-FPCD67 <Mano.Pallewatta@...orola.com>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] linux-2.6.16.51 gzipped core dump patch

On Mon, Sep 03, 2007 at 10:32:00PM -0400, Pallewatta Mano-FPCD67 wrote:
> This patch was developed for embedded systems which had limited space
> for file storage. If an external process is to compress core files you
> will need to store those files somewhere first as core dump output
> cannot be directly fed to the stdin of compression program.

Why?  Create a pipe, start a new process, put the reader struct file
into its descriptor table as stdin, do execve in new process and
pass the writer struct file to ->core_dump().

As the matter of fact, it's already done - see
        lock_kernel();
        ispipe = format_corename(corename, core_pattern, signr);
        unlock_kernel();
        if (ispipe) {
                /* SIGPIPE can happen, but it's just never processed */
                if(call_usermodehelper_pipe(corename+1, NULL, NULL, &file)) {
                        printk(KERN_INFO "Core dump to %s pipe failed\n",
                               corename);
                        goto fail_unlock;
                }
        } else
                file = filp_open(corename,
                                 O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag,
                                 0600);
in do_coredump().  So take a look at fs/exec.c:format_corename() and see
what to feed for it in order to get the equivalent of your patch.
core_patttern is set by sysctl (just say
echo [whatever] >/proc/sys/kernel/core_pattern 
and don't forget quoting, since | should be the first character to indicate
that you want to pipe coredump through a helper).

I really don't see a reason to do that kind of work in the kernel, embedded
system or not.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ