lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1249071610.4800.5.camel@wing-commander>
Date:	Fri, 31 Jul 2009 21:20:10 +0100
From:	Scott James Remnant <scott@...ntu.com>
To:	Neil Horman <nhorman@...driver.com>
Cc:	linux-kernel@...r.kernel.org, akpm@...ux-foundation.org,
	earl_chew@...lent.com
Subject: Re: [PATCH] exec: Make do_coredump more robust and safer when
 using pipes in core_pattern

On Wed, 2009-07-29 at 16:18 -0400, Neil Horman wrote:

> On Wed, Jul 29, 2009 at 04:13:02PM +0100, Scott James Remnant wrote:
> > On Mon, 2009-06-22 at 13:28 -0400, Neil Horman wrote:
> > 
> > > 2) Allow for the kernel to wait for a core_pattern process to complete.  One of
> > > the things core_pattern processes might do is interrogate the status of a
> > > crashing process via its /proc/pid directory.  To ensure that that directory is
> > > not removed prematurely, we wait for the process to exit prior to cleaning it
> > > up.
> > > 
> > Would this mean that the kernel would wait for the pattern process to
> > complete before PANIC in the case of init core dumping?
> > 
> > I'd find that useful :-)
> > 
> Not without additional work.  If init crashed in the initramfs, I don't think
> theres a way to handle that.  If it crashes at some later time, I think it just
> gets restarted IIRC.  I'm sure you can change that behavior, but this patch
> doesn't address that.
> 
When the system init daemon crashes, the kernel PANICs.  When not using
core_pattern, this is ok, we get a core file - when using apport, as far
as I can tell it never waits for apport to finish so we don't get the
crash.

I was hoping that by waiting for the core_pattern process to finish,
this might solve this issue.

The other obvious fix I can apply to the init daemon is to reset the
core pattern and deliberately dump core somewhere that can be picked up.

> If you want to debug a custom init process, why not run a wrapper program as
> init, that just forks the init you want to run and captures the core when it
> crashes?
> 
Because then that's not the init daemon; it's not pid 1, it doesn't have
processes reparented to it.  And it's very annoying having the entire
system reparented to gdb, which doesn't deal so well with that ;-)

Scott
-- 
Scott James Remnant
scott@...ntu.com

Download attachment "signature.asc" of type "application/pgp-signature" (198 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ