lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 26 May 2009 22:31:41 +0200
From:	Andi Kleen <andi@...stfloor.org>
To:	paul@...-scientist.net
Cc:	linux-kernel@...r.kernel.org
Subject: Re: [2.6.27.24] Kernel coredump to a pipe is failing

Paul Smith <paul@...-scientist.net> writes:
>
> So I annotated dump_write() to printk() if this operation is false, and
> I get:
>
>         file ffff8803b95d0180: dump_write: -512 < 4096
>
> Well, -512 is ERESTARTSYS.  That, to me, seems like a reasonable error
> code to get when we're trying to dump core to a pipe.  Yes?  No?

Which signal is it? SIGPIPE?

>
> Shouldn't we be doing some kind of error handling here, at least for
> basic things like signals?  Should a process that's dumping core be set
> to ignore signals?  Should dump_write() try again on ERESTARTSYS?

I think it should block signals. Here's a untested patch.

It has the disadvantage that it reports the incorrect blocked mask
in the ELF corefile, but that's probably better than truncated 
coredumps.

-Andi

---

Block signals during core dump

When a signal happens during core dump the core dump to a pipe 
can fail, because the write returns short, but the ELF core dumpers
cannot handle that.

There's no reason to handle signals during core dumping, so just
block them all.

Open issue: ELF puts blocked signals into the core dump and
that will be always fully blocked now.  Need to save it somewhere?

Based on debugging by Paul Smith.

Signed-off-by: Andi Kleen <ak@...ux.intel.com>

---
 fs/exec.c |    6 ++++++
 1 file changed, 6 insertions(+)

Index: linux-2.6.30-rc5-ak/fs/exec.c
===================================================================
--- linux-2.6.30-rc5-ak.orig/fs/exec.c	2009-05-14 11:46:24.000000000 +0200
+++ linux-2.6.30-rc5-ak/fs/exec.c	2009-05-26 22:22:12.000000000 +0200
@@ -1760,6 +1760,12 @@
 		goto fail;
 	}
 
+	/* block all signals */
+	spin_lock_irq(&current->sighand->siglock);
+	sigfillset(&current->blocked);
+	/* No recalc sigpending */
+	spin_unlock_irq(&current->sighand->siglock);
+
 	down_write(&mm->mmap_sem);
 	/*
 	 * If another thread got here first, or we are not dumpable, bail out.



-- 
ak@...ux.intel.com -- Speaking for myself only.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ