lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 27 May 2009 15:49:43 -0400
From:	Paul Smith <paul@...-scientist.net>
To:	Oleg Nesterov <oleg@...hat.com>
Cc:	Andi Kleen <andi@...stfloor.org>, linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	Roland McGrath <roland@...hat.com>
Subject: Re: [2.6.27.24] Kernel coredump to a pipe is failing

On Wed, 2009-05-27 at 21:05 +0200, Oleg Nesterov wrote:
> On 05/27, Andi Kleen wrote:
> >
> > > Actually, I think there is a strong reason to handle signals during
> > > core dumping. The coredump can take a lot of time/resources, not good
> > > it looks like unkillable procees to users.
> >
> > One problem with that is if you send a process a string of signals that cause
> > a core dump and then kill. In the old case you would just get a full core dump
> > on the first signal and be done. With your change it would process
> > the second signal too and stop the dumping and you get none or a partial
> > core dump. That might well break existing setups.
> 
> I don't think we should worry about this particular case. Suppose a user
> does
> 
> 	kill(pid, SIGQUIT);
> 	kill(pid, SIGKILL);

I'm not sure about this.  Why even bother with SIGQUIT (or anything
else) if you're just going to immediately SIGKILL afterwards?  What
people do all the time, and I think should be supported, is something
like this:

	<do 5 times>
		kill(pid, SIGINT);
		sleep(1);
		<if pid is dead break>
	kill(pid, SIGKILL);

Often with other signals in the mix like SIGHUP or whatever.  The idea
is to give the process a chance to do "whatever it does" to clean up and
then, if it's still there we consider it too wedged to respond and send
a SIGKILL.  If the cleanup operations invoked by receiving the SIGINT
caused a core dump, then you wouldn't want the SIGKILL to stop the core
dump.

On the other hand I do agree that it would be nice to be able to smash a
core dump that was taking a long time or trying to write to an
unavailable resource like a stalled NFS mount or whatever.  Sigh.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ