Re-trigger PTRACE_EVENT_EXIT
(if one is requested with PTRACE_SEIZE setting PTRACE_O_TRACEEXIT option)
for a process being core-dumped, after the coredump is finished.
This enables a potential tracer - coredump user mode helper
(or any other tracer started after the coredump was initiated)
to receive the PTRACE_EVENT_EXIT for all threads of the crashing process.
Rationale:
For zapped threads, PTRACE_EVENT_EXIT is triggered early during do_exit(),
before the point at which they sleep, waiting for
coredump to finish - in exit_mm(), and before a potential
coredump user mode helper process is launched.
That makes it impossible for the coredump user mode helper process to
receive PTRACE_EVENT_EXIT events for all threads of the crashing process,
except for the thread handling the core-dump, which will trigger
the PTRACE_EVENT_EXIT after the coredump has been finished.
Signed-off-by: Vladimir Divjak <[email protected]>
---
kernel/exit.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/kernel/exit.c b/kernel/exit.c
index fd1c04193e18..0157507e75a2 100644
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -473,6 +473,13 @@ static void exit_mm(void)
break;
freezable_schedule();
}
+ /*
+ * Re-trigger PTRACE_EVENT_EXIT for a process being core-dumped,
+ * after the coredump finished (see above).
+ * This enables the coredump user mode helper to receive PTRACE_EVENT_EXIT
+ * for each thread of the dying process.
+ */
+ ptrace_event(PTRACE_EVENT_EXIT, current->exit_code);
__set_current_state(TASK_RUNNING);
mmap_read_lock(mm);
}
--
2.25.1
Vladimir Divjak <[email protected]> writes:
> Re-trigger PTRACE_EVENT_EXIT
> (if one is requested with PTRACE_SEIZE setting PTRACE_O_TRACEEXIT option)
> for a process being core-dumped, after the coredump is finished.
>
> This enables a potential tracer - coredump user mode helper
> (or any other tracer started after the coredump was initiated)
> to receive the PTRACE_EVENT_EXIT for all threads of the crashing process.
>
> Rationale:
>
> For zapped threads, PTRACE_EVENT_EXIT is triggered early during do_exit(),
> before the point at which they sleep, waiting for
> coredump to finish - in exit_mm(), and before a potential
> coredump user mode helper process is launched.
>
> That makes it impossible for the coredump user mode helper process to
> receive PTRACE_EVENT_EXIT events for all threads of the crashing process,
> except for the thread handling the core-dump, which will trigger
> the PTRACE_EVENT_EXIT after the coredump has been finished.
Please test the latest kernel.
The coredump now stops much earlier than exit_mm, and PTRACE_EVENT_EXIT
is after the point the coredump stops.
If you need this functionality on older kernels it should be possible to
backport a subset of my changes without too much trouble
Eric