On Wed, Feb 2, 2022 at 6:43 PM Jann Horn <jannh@xxxxxxxxxx> wrote: > > On Wed, Feb 2, 2022 at 4:19 PM Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote: > > > > Jann Horn <jannh@xxxxxxxxxx> writes: > > > > > When I rewrote the VMA dumping logic for coredumps, I changed it to > > > recognize ELF library mappings based on the file being executable instead > > > of the mapping having an ELF header. But turns out, distros ship many ELF > > > libraries as non-executable, so the heuristic goes wrong... > > > > > > Restore the old behavior where FILTER(ELF_HEADERS) dumps the first page of > > > any offset-0 readable mapping that starts with the ELF magic. > > > > > > This fix is technically layer-breaking a bit, because it checks for > > > something ELF-specific in fs/coredump.c; but since we probably want to > > > share this between standard ELF and FDPIC ELF anyway, I guess it's fine? > > > And this also keeps the change small for backporting. > > > > In light of the conflict with my other changes, and in light of the pain > > of calling get_user. > > > > Is there any reason why the doesn't unconditionally dump all headers? > > Something like the diff below? > > > > I looked in the history and the code was filtering for ELF headers > > there already. I am just thinking this feels like a good idea > > regardless of the file format to help verify the file on-disk > > is the file we think was mapped. > > Yeah, I guess that's reasonable. The main difference will probably be > that the starting pages of some font files, locale files and python > libraries will also be logged. Are you planning to turn that into a proper patch and take it through your tree, or something like that? If so, we should tell akpm to take this one back out...
