From owner-svn-src-all@freebsd.org Wed Jun 27 04:11:10 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 93268102CF34; Wed, 27 Jun 2018 04:11:10 +0000 (UTC) (envelope-from imp@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48CFF92474; Wed, 27 Jun 2018 04:11:10 +0000 (UTC) (envelope-from imp@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 29F921DE8C; Wed, 27 Jun 2018 04:11:10 +0000 (UTC) (envelope-from imp@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w5R4B9L3078995; Wed, 27 Jun 2018 04:11:09 GMT (envelope-from imp@FreeBSD.org) Received: (from imp@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w5R4B9ZB078994; Wed, 27 Jun 2018 04:11:09 GMT (envelope-from imp@FreeBSD.org) Message-Id: <201806270411.w5R4B9ZB078994@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: imp set sender to imp@FreeBSD.org using -f From: Warner Losh Date: Wed, 27 Jun 2018 04:11:09 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r335690 - head/sys/kern X-SVN-Group: head X-SVN-Commit-Author: imp X-SVN-Commit-Paths: head/sys/kern X-SVN-Commit-Revision: 335690 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Jun 2018 04:11:10 -0000 Author: imp Date: Wed Jun 27 04:11:09 2018 New Revision: 335690 URL: https://svnweb.freebsd.org/changeset/base/335690 Log: Fix devctl generation for core files. We have a problem with vn_fullpath_global when the file exists. Work around it by printing the full path if the core file name starts with /, or current working directory followed by the filename if not. Sponsored by: Netflix Differential Review: https://reviews.freebsd.org/D16026 Modified: head/sys/kern/kern_sig.c Modified: head/sys/kern/kern_sig.c ============================================================================== --- head/sys/kern/kern_sig.c Wed Jun 27 04:10:48 2018 (r335689) +++ head/sys/kern/kern_sig.c Wed Jun 27 04:11:09 2018 (r335690) @@ -3431,24 +3431,6 @@ out: return (0); } -static int -coredump_sanitise_path(const char *path) -{ - size_t i; - - /* - * Only send a subset of ASCII to devd(8) because it - * might pass these strings to sh -c. - */ - for (i = 0; path[i]; i++) - if (!(isalpha(path[i]) || isdigit(path[i])) && - path[i] != '/' && path[i] != '.' && - path[i] != '-') - return (0); - - return (1); -} - /* * Dump a process' core. The main routine does some * policy checking, and creates the name of the coredump; @@ -3469,11 +3451,8 @@ coredump(struct thread *td) char *name; /* name of corefile */ void *rl_cookie; off_t limit; - char *data = NULL; char *fullpath, *freepath = NULL; - size_t len; - static const char comm_name[] = "comm="; - static const char core_name[] = "core="; + struct sbuf *sb; PROC_LOCK_ASSERT(p, MA_OWNED); MPASS((p->p_flag & P_HADTHREADS) == 0 || p->p_singlethread == td); @@ -3556,23 +3535,35 @@ coredump(struct thread *td) */ if (error != 0 || coredump_devctl == 0) goto out; - len = MAXPATHLEN * 2 + sizeof(comm_name) - 1 + - sizeof(' ') + sizeof(core_name) - 1; - data = malloc(len, M_TEMP, M_WAITOK); + sb = sbuf_new_auto(); if (vn_fullpath_global(td, p->p_textvp, &fullpath, &freepath) != 0) - goto out; - if (!coredump_sanitise_path(fullpath)) - goto out; - snprintf(data, len, "%s%s ", comm_name, fullpath); + goto out2; + sbuf_printf(sb, "comm=\""); + devctl_safe_quote_sb(sb, fullpath); free(freepath, M_TEMP); - freepath = NULL; - if (vn_fullpath_global(td, vp, &fullpath, &freepath) != 0) - goto out; - if (!coredump_sanitise_path(fullpath)) - goto out; - strlcat(data, core_name, len); - strlcat(data, fullpath, len); - devctl_notify("kernel", "signal", "coredump", data); + sbuf_printf(sb, "\" core=\""); + + /* + * We can't lookup core file vp directly. When we're replacing a core, and + * other random times, we flush the name cache, so it will fail. Instead, + * if the path of the core is relative, add the current dir in front if it. + */ + if (name[0] != '/') { + fullpath = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); + if (kern___getcwd(td, fullpath, UIO_SYSSPACE, MAXPATHLEN, MAXPATHLEN) != 0) { + free(fullpath, M_TEMP); + goto out2; + } + devctl_safe_quote_sb(sb, fullpath); + free(fullpath, M_TEMP); + sbuf_putc(sb, '/'); + } + devctl_safe_quote_sb(sb, name); + sbuf_printf(sb, "\""); + if (sbuf_finish(sb) == 0) + devctl_notify("kernel", "signal", "coredump", sbuf_data(sb)); +out2: + sbuf_delete(sb); out: error1 = vn_close(vp, FWRITE, cred, td); if (error == 0) @@ -3580,8 +3571,6 @@ out: #ifdef AUDIT audit_proc_coredump(td, name, error); #endif - free(freepath, M_TEMP); - free(data, M_TEMP); free(name, M_TEMP); return (error); }