parent
10f49b6466
commit
c1e3f99157
@ -0,0 +1,69 @@
|
||||
From ea011ddb65272c74d6378deae3f3a3365aadd77d Mon Sep 17 00:00:00 2001
|
||||
From: Romain Geissler <romain.geissler@amadeus.com>
|
||||
Date: Tue, 20 Jun 2023 16:06:31 +0000
|
||||
Subject: [PATCH] elf-util: discard PT_LOAD segment early based on the start
|
||||
address.
|
||||
|
||||
Indeed when iterating over all the PT_LOAD segment of the core dump
|
||||
while trying to look for the elf headers of a given module, we iterate
|
||||
over them all and try to use the first one for which we can parse a
|
||||
package metadata, but the start address is never taken into account,
|
||||
so absolutely nothing guarantees we actually parse the right ELF header
|
||||
of the right module we are currently iterating on.
|
||||
|
||||
This was tested like this:
|
||||
- Create a core dump using sleep on a fedora 37 container, with an
|
||||
explicit LD_PRELOAD of a library having a valid package metadata:
|
||||
|
||||
podman run -t -i --rm -v $(pwd):$(pwd) -w $(pwd) fedora:37 bash -x -c \
|
||||
'LD_PRELOAD=libreadline.so.8 sleep 1000 & SLEEP_PID="$!" && sleep 1 && kill -11 "${SLEEP_PID}" && mv "core.${SLEEP_PID}" the-core'
|
||||
|
||||
- Then from a fedora 38 container with systemd installed, the resulting
|
||||
core dump has been passed to systemd-coredump with and without this
|
||||
patch. Without this patch, we get:
|
||||
|
||||
Module /usr/bin/sleep from rpm bash-5.2.15-3.fc38.x86_64
|
||||
Module /usr/lib64/libtinfo.so.6.3 from rpm coreutils-9.1-8.fc37.x86_64
|
||||
Module /usr/lib64/libc.so.6 from rpm coreutils-9.1-8.fc37.x86_64
|
||||
Module /usr/lib64/libreadline.so.8.2 from rpm coreutils-9.1-8.fc37.x86_64
|
||||
Module /usr/lib64/ld-linux-x86-64.so.2 from rpm coreutils-9.1-8.fc37.x86_64
|
||||
|
||||
While with this patch we get:
|
||||
|
||||
Module /usr/bin/sleep from rpm bash-5.2.15-3.fc38.x86_64
|
||||
Module /usr/lib64/libtinfo.so.6.3 from rpm ncurses-6.3-5.20220501.fc37.x86_64
|
||||
Module /usr/lib64/libreadline.so.8.2 from rpm readline-8.2-2.fc37.x86_64
|
||||
|
||||
So the parsed package metadata reported by systemd-coredump when the module
|
||||
files are not found on the host (ie the case of crash inside a container) are
|
||||
now correct. The inconsistency of the first module in the above example
|
||||
(sleep is indeed not provided by the bash package) can be ignored as it
|
||||
is a consequence of how this was tested.
|
||||
|
||||
In addition to this, this also fixes the performance issue of
|
||||
systemd-coredump in case of the crashing process uses a large number of
|
||||
shared libraries and having no package metadata, as reported in
|
||||
https://sourceware.org/pipermail/elfutils-devel/2023q2/006225.html.
|
||||
|
||||
(cherry picked from commit 21a2c735e2bfdc3bfdc42f894d6e3d00f4a38dcd)
|
||||
|
||||
Resolves: #2222259
|
||||
---
|
||||
src/shared/elf-util.c | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/src/shared/elf-util.c b/src/shared/elf-util.c
|
||||
index 181735409d..d746f3ab3f 100644
|
||||
--- a/src/shared/elf-util.c
|
||||
+++ b/src/shared/elf-util.c
|
||||
@@ -538,6 +538,10 @@ static int module_callback(Dwfl_Module *mod, void **userdata, const char *name,
|
||||
if (!program_header || program_header->p_type != PT_LOAD)
|
||||
continue;
|
||||
|
||||
+ /* This PT_LOAD segment doesn't contain the start address, so it can't be the module we are looking for. */
|
||||
+ if (start < program_header->p_vaddr || start >= program_header->p_vaddr + program_header->p_memsz)
|
||||
+ continue;
|
||||
+
|
||||
/* Now get a usable Elf reference, and parse the notes from it. */
|
||||
data = sym_elf_getdata_rawchunk(elf,
|
||||
program_header->p_offset,
|
@ -0,0 +1,40 @@
|
||||
From 2fcb340ec5faf51a8d9b0cb2ddd8386b4db6a33d Mon Sep 17 00:00:00 2001
|
||||
From: Romain Geissler <romain.geissler@amadeus.com>
|
||||
Date: Thu, 22 Jun 2023 16:05:18 +0000
|
||||
Subject: [PATCH] elf-util: check for overflow when computing end of core's
|
||||
PT_LOAD segments
|
||||
|
||||
(cherry picked from commit 3965f173eae4701a014113cfaf4a28a6bb63bed7)
|
||||
|
||||
Resolves: #2222259
|
||||
---
|
||||
src/shared/elf-util.c | 9 ++++++++-
|
||||
1 file changed, 8 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/shared/elf-util.c b/src/shared/elf-util.c
|
||||
index d746f3ab3f..bde5013b92 100644
|
||||
--- a/src/shared/elf-util.c
|
||||
+++ b/src/shared/elf-util.c
|
||||
@@ -532,14 +532,21 @@ static int module_callback(Dwfl_Module *mod, void **userdata, const char *name,
|
||||
for (size_t i = 0; i < n_program_headers; ++i) {
|
||||
GElf_Phdr mem, *program_header;
|
||||
Elf_Data *data;
|
||||
+ GElf_Addr end_of_segment;
|
||||
|
||||
/* The core file stores the ELF files in the PT_LOAD segment. */
|
||||
program_header = sym_gelf_getphdr(elf, i, &mem);
|
||||
if (!program_header || program_header->p_type != PT_LOAD)
|
||||
continue;
|
||||
|
||||
+ /* Check that the end of segment is a valid address. */
|
||||
+ if (__builtin_add_overflow(program_header->p_vaddr, program_header->p_memsz, &end_of_segment)) {
|
||||
+ log_error("Abort due to corrupted core dump, end of segment address %#zx + %#zx overflows", (size_t)program_header->p_vaddr, (size_t)program_header->p_memsz);
|
||||
+ return DWARF_CB_ABORT;
|
||||
+ }
|
||||
+
|
||||
/* This PT_LOAD segment doesn't contain the start address, so it can't be the module we are looking for. */
|
||||
- if (start < program_header->p_vaddr || start >= program_header->p_vaddr + program_header->p_memsz)
|
||||
+ if (start < program_header->p_vaddr || start >= end_of_segment)
|
||||
continue;
|
||||
|
||||
/* Now get a usable Elf reference, and parse the notes from it. */
|
@ -0,0 +1,64 @@
|
||||
From 6c4090a8bdf54928e43c21d7443d2e6825ed6d1f Mon Sep 17 00:00:00 2001
|
||||
From: Jan Macku <jamacku@redhat.com>
|
||||
Date: Tue, 9 May 2023 13:15:06 +0200
|
||||
Subject: [PATCH] manager: don't taint the host if cgroups v1 is used
|
||||
|
||||
In upstream of systemd, cgroups v1 are not considered as supported.
|
||||
This is not true for RHEL, don't taint the host when cgroups v1 are enabled.
|
||||
|
||||
rhel-only
|
||||
|
||||
Resolves: #2196479
|
||||
---
|
||||
man/org.freedesktop.systemd1.xml | 6 ------
|
||||
src/core/manager.c | 3 ---
|
||||
src/test/test-manager.c | 5 -----
|
||||
3 files changed, 14 deletions(-)
|
||||
|
||||
diff --git a/man/org.freedesktop.systemd1.xml b/man/org.freedesktop.systemd1.xml
|
||||
index 40510c43eb..13a84af747 100644
|
||||
--- a/man/org.freedesktop.systemd1.xml
|
||||
+++ b/man/org.freedesktop.systemd1.xml
|
||||
@@ -1589,12 +1589,6 @@ node /org/freedesktop/systemd1 {
|
||||
<listitem><para>Support for cgroups is unavailable.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
- <varlistentry>
|
||||
- <term><literal>cgroupsv1</literal></term>
|
||||
-
|
||||
- <listitem><para>The system is using the old cgroup hierarchy.</para></listitem>
|
||||
- </varlistentry>
|
||||
-
|
||||
<varlistentry>
|
||||
<term><literal>local-hwclock</literal></term>
|
||||
|
||||
diff --git a/src/core/manager.c b/src/core/manager.c
|
||||
index a59afafb58..657263eb73 100644
|
||||
--- a/src/core/manager.c
|
||||
+++ b/src/core/manager.c
|
||||
@@ -4491,9 +4491,6 @@ char* manager_taint_string(const Manager *m) {
|
||||
if (access("/proc/cgroups", F_OK) < 0)
|
||||
stage[n++] = "cgroups-missing";
|
||||
|
||||
- if (cg_all_unified() == 0)
|
||||
- stage[n++] = "cgroupsv1";
|
||||
-
|
||||
if (clock_is_localtime(NULL) > 0)
|
||||
stage[n++] = "local-hwclock";
|
||||
|
||||
diff --git a/src/test/test-manager.c b/src/test/test-manager.c
|
||||
index 89f9277b28..2faf715d76 100644
|
||||
--- a/src/test/test-manager.c
|
||||
+++ b/src/test/test-manager.c
|
||||
@@ -14,11 +14,6 @@ TEST(manager_taint_string) {
|
||||
* to test for them. Let's do just one. */
|
||||
assert_se(!strstr(a, "split-usr"));
|
||||
|
||||
- if (cg_all_unified() == 0)
|
||||
- assert_se(strstr(a, "cgroupsv1"));
|
||||
- else
|
||||
- assert_se(!strstr(a, "cgroupsv1"));
|
||||
-
|
||||
m.taint_usr = true;
|
||||
_cleanup_free_ char *b = manager_taint_string(&m);
|
||||
assert_se(b);
|
Loading…
Reference in new issue