Commit 909af768 authored by Jason Baron's avatar Jason Baron Committed by Linus Torvalds

coredump: remove VM_ALWAYSDUMP flag

The motivation for this patchset was that I was looking at a way for a
qemu-kvm process, to exclude the guest memory from its core dump, which
can be quite large.  There are already a number of filter flags in
/proc/<pid>/coredump_filter, however, these allow one to specify 'types'
of kernel memory, not specific address ranges (which is needed in this
case).

Since there are no more vma flags available, the first patch eliminates
the need for the 'VM_ALWAYSDUMP' flag.  The flag is used internally by
the kernel to mark vdso and vsyscall pages.  However, it is simple
enough to check if a vma covers a vdso or vsyscall page without the need
for this flag.

The second patch then replaces the 'VM_ALWAYSDUMP' flag with a new
'VM_NODUMP' flag, which can be set by userspace using new madvise flags:
'MADV_DONTDUMP', and unset via 'MADV_DODUMP'.  The core dump filters
continue to work the same as before unless 'MADV_DONTDUMP' is set on the
region.

The qemu code which implements this features is at:

  http://people.redhat.com/~jbaron/qemu-dump/qemu-dump.patch

In my testing the qemu core dump shrunk from 383MB -> 13MB with this
patch.

I also believe that the 'MADV_DONTDUMP' flag might be useful for
security sensitive apps, which might want to select which areas are
dumped.

This patch:

The VM_ALWAYSDUMP flag is currently used by the coredump code to
indicate that a vma is part of a vsyscall or vdso section.  However, we
can determine if a vma is in one these sections by checking it against
the gate_vma and checking for a non-NULL return value from
arch_vma_name().  Thus, freeing a valuable vma bit.
Signed-off-by: default avatarJason Baron <jbaron@redhat.com>
Acked-by: default avatarRoland McGrath <roland@hack.frob.com>
Cc: Chris Metcalf <cmetcalf@tilera.com>
Cc: Avi Kivity <avi@redhat.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 1cc684ab
...@@ -533,8 +533,7 @@ int vectors_user_mapping(void) ...@@ -533,8 +533,7 @@ int vectors_user_mapping(void)
struct mm_struct *mm = current->mm; struct mm_struct *mm = current->mm;
return install_special_mapping(mm, 0xffff0000, PAGE_SIZE, return install_special_mapping(mm, 0xffff0000, PAGE_SIZE,
VM_READ | VM_EXEC | VM_READ | VM_EXEC |
VM_MAYREAD | VM_MAYEXEC | VM_MAYREAD | VM_MAYEXEC | VM_RESERVED,
VM_ALWAYSDUMP | VM_RESERVED,
NULL); NULL);
} }
......
...@@ -78,8 +78,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) ...@@ -78,8 +78,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
/* MAYWRITE to allow gdb to COW and set breakpoints. */ /* MAYWRITE to allow gdb to COW and set breakpoints. */
ret = install_special_mapping(mm, vdso_base, PAGE_SIZE, ret = install_special_mapping(mm, vdso_base, PAGE_SIZE,
VM_READ|VM_EXEC| VM_READ|VM_EXEC|
VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC| VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC,
VM_ALWAYSDUMP,
&vdso_page); &vdso_page);
if (ret) if (ret)
......
...@@ -88,8 +88,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) ...@@ -88,8 +88,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
ret = install_special_mapping(mm, addr, PAGE_SIZE, ret = install_special_mapping(mm, addr, PAGE_SIZE,
VM_READ|VM_EXEC| VM_READ|VM_EXEC|
VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC| VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC,
VM_ALWAYSDUMP,
&vdso_page); &vdso_page);
if (ret) if (ret)
......
...@@ -263,17 +263,11 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) ...@@ -263,17 +263,11 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
* the "data" page of the vDSO or you'll stop getting kernel updates * the "data" page of the vDSO or you'll stop getting kernel updates
* and your nice userland gettimeofday will be totally dead. * and your nice userland gettimeofday will be totally dead.
* It's fine to use that for setting breakpoints in the vDSO code * It's fine to use that for setting breakpoints in the vDSO code
* pages though * pages though.
*
* Make sure the vDSO gets into every core dump.
* Dumping its contents makes post-mortem fully interpretable later
* without matching up the same kernel and hardware config to see
* what PC values meant.
*/ */
rc = install_special_mapping(mm, vdso_base, vdso_pages << PAGE_SHIFT, rc = install_special_mapping(mm, vdso_base, vdso_pages << PAGE_SHIFT,
VM_READ|VM_EXEC| VM_READ|VM_EXEC|
VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC| VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC,
VM_ALWAYSDUMP,
vdso_pagelist); vdso_pagelist);
if (rc) { if (rc) {
current->mm->context.vdso_base = 0; current->mm->context.vdso_base = 0;
......
...@@ -241,17 +241,11 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) ...@@ -241,17 +241,11 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
* on the "data" page of the vDSO or you'll stop getting kernel * on the "data" page of the vDSO or you'll stop getting kernel
* updates and your nice userland gettimeofday will be totally dead. * updates and your nice userland gettimeofday will be totally dead.
* It's fine to use that for setting breakpoints in the vDSO code * It's fine to use that for setting breakpoints in the vDSO code
* pages though * pages though.
*
* Make sure the vDSO gets into every core dump.
* Dumping its contents makes post-mortem fully interpretable later
* without matching up the same kernel and hardware config to see
* what PC values meant.
*/ */
rc = install_special_mapping(mm, vdso_base, vdso_pages << PAGE_SHIFT, rc = install_special_mapping(mm, vdso_base, vdso_pages << PAGE_SHIFT,
VM_READ|VM_EXEC| VM_READ|VM_EXEC|
VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC| VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC,
VM_ALWAYSDUMP,
vdso_pagelist); vdso_pagelist);
if (rc) if (rc)
current->mm->context.vdso_base = 0; current->mm->context.vdso_base = 0;
......
...@@ -73,8 +73,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) ...@@ -73,8 +73,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
ret = install_special_mapping(mm, addr, PAGE_SIZE, ret = install_special_mapping(mm, addr, PAGE_SIZE,
VM_READ | VM_EXEC | VM_READ | VM_EXEC |
VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC,
VM_ALWAYSDUMP,
syscall_pages); syscall_pages);
if (unlikely(ret)) if (unlikely(ret))
goto up_fail; goto up_fail;
......
...@@ -117,17 +117,11 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, ...@@ -117,17 +117,11 @@ int arch_setup_additional_pages(struct linux_binprm *bprm,
/* /*
* MAYWRITE to allow gdb to COW and set breakpoints * MAYWRITE to allow gdb to COW and set breakpoints
*
* Make sure the vDSO gets into every core dump. Dumping its
* contents makes post-mortem fully interpretable later
* without matching up the same kernel and hardware config to
* see what PC values meant.
*/ */
vdso_base = VDSO_BASE; vdso_base = VDSO_BASE;
retval = install_special_mapping(mm, vdso_base, PAGE_SIZE, retval = install_special_mapping(mm, vdso_base, PAGE_SIZE,
VM_READ|VM_EXEC| VM_READ|VM_EXEC|
VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC| VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC,
VM_ALWAYSDUMP,
vdso_pages); vdso_pages);
#ifndef __tilegx__ #ifndef __tilegx__
......
...@@ -381,7 +381,7 @@ int vectors_user_mapping(void) ...@@ -381,7 +381,7 @@ int vectors_user_mapping(void)
return install_special_mapping(mm, 0xffff0000, PAGE_SIZE, return install_special_mapping(mm, 0xffff0000, PAGE_SIZE,
VM_READ | VM_EXEC | VM_READ | VM_EXEC |
VM_MAYREAD | VM_MAYEXEC | VM_MAYREAD | VM_MAYEXEC |
VM_ALWAYSDUMP | VM_RESERVED, VM_RESERVED,
NULL); NULL);
} }
......
...@@ -23,14 +23,6 @@ static int __init gate_vma_init(void) ...@@ -23,14 +23,6 @@ static int __init gate_vma_init(void)
gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC;
gate_vma.vm_page_prot = __P101; gate_vma.vm_page_prot = __P101;
/*
* Make sure the vDSO gets into every core dump.
* Dumping its contents makes post-mortem fully interpretable later
* without matching up the same kernel and hardware config to see
* what PC values meant.
*/
gate_vma.vm_flags |= VM_ALWAYSDUMP;
return 0; return 0;
} }
__initcall(gate_vma_init); __initcall(gate_vma_init);
......
...@@ -64,8 +64,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) ...@@ -64,8 +64,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
err = install_special_mapping(mm, um_vdso_addr, PAGE_SIZE, err = install_special_mapping(mm, um_vdso_addr, PAGE_SIZE,
VM_READ|VM_EXEC| VM_READ|VM_EXEC|
VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC| VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC,
VM_ALWAYSDUMP,
vdsop); vdsop);
up_write(&mm->mmap_sem); up_write(&mm->mmap_sem);
......
...@@ -250,13 +250,7 @@ static int __init gate_vma_init(void) ...@@ -250,13 +250,7 @@ static int __init gate_vma_init(void)
gate_vma.vm_end = FIXADDR_USER_END; gate_vma.vm_end = FIXADDR_USER_END;
gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC;
gate_vma.vm_page_prot = __P101; gate_vma.vm_page_prot = __P101;
/*
* Make sure the vDSO gets into every core dump.
* Dumping its contents makes post-mortem fully interpretable later
* without matching up the same kernel and hardware config to see
* what PC values meant.
*/
gate_vma.vm_flags |= VM_ALWAYSDUMP;
return 0; return 0;
} }
...@@ -343,17 +337,10 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) ...@@ -343,17 +337,10 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
if (compat_uses_vma || !compat) { if (compat_uses_vma || !compat) {
/* /*
* MAYWRITE to allow gdb to COW and set breakpoints * MAYWRITE to allow gdb to COW and set breakpoints
*
* Make sure the vDSO gets into every core dump.
* Dumping its contents makes post-mortem fully
* interpretable later without matching up the same
* kernel and hardware config to see what PC values
* meant.
*/ */
ret = install_special_mapping(mm, addr, PAGE_SIZE, ret = install_special_mapping(mm, addr, PAGE_SIZE,
VM_READ|VM_EXEC| VM_READ|VM_EXEC|
VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC| VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC,
VM_ALWAYSDUMP,
vdso32_pages); vdso32_pages);
if (ret) if (ret)
......
...@@ -124,8 +124,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp) ...@@ -124,8 +124,7 @@ int arch_setup_additional_pages(struct linux_binprm *bprm, int uses_interp)
ret = install_special_mapping(mm, addr, vdso_size, ret = install_special_mapping(mm, addr, vdso_size,
VM_READ|VM_EXEC| VM_READ|VM_EXEC|
VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC| VM_MAYREAD|VM_MAYWRITE|VM_MAYEXEC,
VM_ALWAYSDUMP,
vdso_pages); vdso_pages);
if (ret) { if (ret) {
current->mm->context.vdso = NULL; current->mm->context.vdso = NULL;
......
...@@ -1092,6 +1092,29 @@ static int load_elf_library(struct file *file) ...@@ -1092,6 +1092,29 @@ static int load_elf_library(struct file *file)
* Jeremy Fitzhardinge <jeremy@sw.oz.au> * Jeremy Fitzhardinge <jeremy@sw.oz.au>
*/ */
/*
* The purpose of always_dump_vma() is to make sure that special kernel mappings
* that are useful for post-mortem analysis are included in every core dump.
* In that way we ensure that the core dump is fully interpretable later
* without matching up the same kernel and hardware config to see what PC values
* meant. These special mappings include - vDSO, vsyscall, and other
* architecture specific mappings
*/
static bool always_dump_vma(struct vm_area_struct *vma)
{
/* Any vsyscall mappings? */
if (vma == get_gate_vma(vma->vm_mm))
return true;
/*
* arch_vma_name() returns non-NULL for special architecture mappings,
* such as vDSO sections.
*/
if (arch_vma_name(vma))
return true;
return false;
}
/* /*
* Decide what to dump of a segment, part, all or none. * Decide what to dump of a segment, part, all or none.
*/ */
...@@ -1100,8 +1123,8 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma, ...@@ -1100,8 +1123,8 @@ static unsigned long vma_dump_size(struct vm_area_struct *vma,
{ {
#define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type)) #define FILTER(type) (mm_flags & (1UL << MMF_DUMP_##type))
/* The vma can be set up to tell us the answer directly. */ /* always dump the vdso and vsyscall sections */
if (vma->vm_flags & VM_ALWAYSDUMP) if (always_dump_vma(vma))
goto whole; goto whole;
/* Hugetlb memory check */ /* Hugetlb memory check */
......
...@@ -111,7 +111,6 @@ extern unsigned int kobjsize(const void *objp); ...@@ -111,7 +111,6 @@ extern unsigned int kobjsize(const void *objp);
#define VM_HUGEPAGE 0x01000000 /* MADV_HUGEPAGE marked this vma */ #define VM_HUGEPAGE 0x01000000 /* MADV_HUGEPAGE marked this vma */
#endif #endif
#define VM_INSERTPAGE 0x02000000 /* The vma has had "vm_insert_page()" done on it */ #define VM_INSERTPAGE 0x02000000 /* The vma has had "vm_insert_page()" done on it */
#define VM_ALWAYSDUMP 0x04000000 /* Always include in core dumps */
#define VM_CAN_NONLINEAR 0x08000000 /* Has ->fault & does nonlinear pages */ #define VM_CAN_NONLINEAR 0x08000000 /* Has ->fault & does nonlinear pages */
#define VM_MIXEDMAP 0x10000000 /* Can contain "struct page" and pure PFN pages */ #define VM_MIXEDMAP 0x10000000 /* Can contain "struct page" and pure PFN pages */
......
...@@ -3623,13 +3623,7 @@ static int __init gate_vma_init(void) ...@@ -3623,13 +3623,7 @@ static int __init gate_vma_init(void)
gate_vma.vm_end = FIXADDR_USER_END; gate_vma.vm_end = FIXADDR_USER_END;
gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC; gate_vma.vm_flags = VM_READ | VM_MAYREAD | VM_EXEC | VM_MAYEXEC;
gate_vma.vm_page_prot = __P101; gate_vma.vm_page_prot = __P101;
/*
* Make sure the vDSO gets into every core dump.
* Dumping its contents makes post-mortem fully interpretable later
* without matching up the same kernel and hardware config to see
* what PC values meant.
*/
gate_vma.vm_flags |= VM_ALWAYSDUMP;
return 0; return 0;
} }
__initcall(gate_vma_init); __initcall(gate_vma_init);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment