lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20090802235004.GA11903@localhost.localdomain>
Date:	Sun, 2 Aug 2009 19:50:05 -0400
From:	Neil Horman <nhorman@...driver.com>
To:	Scott James Remnant <scott@...ntu.com>
Cc:	linux-kernel@...r.kernel.org, akpm@...ux-foundation.org,
	earl_chew@...lent.com
Subject: Re: [PATCH] exec: Make do_coredump more robust and safer when
	using pipes in core_pattern

On Sun, Aug 02, 2009 at 02:49:56PM +0100, Scott James Remnant wrote:
> On Sat, 2009-08-01 at 20:22 -0400, Neil Horman wrote:
> 
> > On Sat, Aug 01, 2009 at 07:28:52PM +0100, Scott James Remnant wrote:
> > > On Sat, 2009-08-01 at 09:41 -0400, Neil Horman wrote:
> > > 
> > > > > > Not without additional work.  If init crashed in the initramfs, I don't think
> > > > > > theres a way to handle that.  If it crashes at some later time, I think it just
> > > > > > gets restarted IIRC.  I'm sure you can change that behavior, but this patch
> > > > > > doesn't address that.
> > > > > > 
> > > > > When the system init daemon crashes, the kernel PANICs.  When not using
> > > > > core_pattern, this is ok, we get a core file - when using apport, as far
> > > > > as I can tell it never waits for apport to finish so we don't get the
> > > > > crash.
> > > > > 
> > > > This is non-sensical.  If init crashes, and the kernel panics, you'll only get a
> > > > core by sheer luck and good fortune.
> > > > 
> > > Or by being a bit clever.  Upstart catches the SIGSEGV and the signal
> > > handler forks a child process, unmasking the signal in that child
> > > process with no signal handler installed.
> > > 
> > I don't see how this works.  How is upstart (which by definition is a child of
> > init (pid 1)) going to catch a SIGSEGV from its parent?  How would any process
> > catch a signal targeted to its parent?
> > 
> Upstart *is* /sbin/init (pid 1)
> 
Ah, so basically, you catch sigsegv, and in the handler fork a child, and return
from the handler in the pid, so that the child crashes.  Yeah, I don't see why
that won't work with this patch.  If pid 1 waits for its child to crash, then
you should serialize on the collection of the core via the pipe.  Of couse, pid
1 will have to make sure that all the sysctls are set appropriately before it
encounters a crash.
Neil

> Scott
> -- 
> Scott James Remnant
> scott@...ntu.com


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ