From: Andrew Morton <akpm@linux-foundation.org>
To: Jungseung Lee <js07.lee@gmail.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH] fs/binfmt_elf.c: fix inconsistent vma dump size
Date: Tue, 25 Nov 2014 13:38:57 -0800 [thread overview]
Message-ID: <20141125133857.bb2d71659287df6aa908de5b@linux-foundation.org> (raw)
In-Reply-To: <1416683799-678-1-git-send-email-js07.lee@gmail.com>
On Sun, 23 Nov 2014 04:16:39 +0900 Jungseung Lee <js07.lee@gmail.com> wrote:
> vma_dump_size() has been used several times on actual dumper
> and it is supposed to be same values for same vma.
> But vma_dump_size() could be different, while coredump is procceeded.
> (e.g. remove shared memory)
>
> In that case, header info and vma size could be inconsistent
> and it cause wrong coredump file creation.
>
> Fix the problem by always using the same vma dump size
> which is stored in vma_filsz.
So concurrent shared memory removal causes inconsistencies.
But concurrent shared memory removal can still cause inconsistency
after this patch, can't it? If it happens while vma_filesz[] is being
populated or if it happens between vma_filesz[] population and
vma_filesz[] usage. This will result in a dump file which is
internally consistent, but is inconsistent with reality?
If my understanding is correct then please fully describe this scenario
within the changelog and explain why it is tolerable, if it is
tolerable.
> @@ -2093,7 +2083,20 @@ static int elf_core_dump(struct coredump_params *cprm)
>
> dataoff = offset = roundup(offset, ELF_EXEC_PAGESIZE);
>
> - offset += elf_core_vma_data_size(gate_vma, cprm->mm_flags);
> + vma_filesz = kmalloc(sizeof(*vma_filesz) * (segs - 1), GFP_KERNEL);
Use kmalloc_array() here, in case a disaster has occurred...
> + if (!vma_filesz)
> + goto end_coredump;
> +
> + for (i = 0, vma = first_vma(current, gate_vma); vma != NULL;
> + vma = next_vma(vma, gate_vma)) {
> + unsigned long dump_size;
> +
> + dump_size = vma_dump_size(vma, cprm->mm_flags);
> + vma_filesz[i++] = dump_size;
> + vma_data_size += dump_size;
> + }
> +
> + offset += vma_data_size;
next prev parent reply other threads:[~2014-11-25 21:38 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-22 19:16 [RFC PATCH] fs/binfmt_elf.c: fix inconsistent vma dump size Jungseung Lee
2014-11-25 21:38 ` Andrew Morton [this message]
2014-11-26 6:51 ` Jungseung Lee
2014-11-26 12:37 ` Jungseung Lee
2014-11-26 12:43 ` Andrew Morton
2014-11-26 13:13 ` Jungseung Lee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141125133857.bb2d71659287df6aa908de5b@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=js07.lee@gmail.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox