coredump: treat RLIMIT_CORE below page size as disabling coredumps (#3932)

The kernel treats values below a certain threshold (minfmt->min_coredump
which is initialized do ELF_EXEC_PAGESIZE, which varies between architectures,
but is usually the same as PAGE_SIZE) as disabling coredumps [1].
Any core image below ELF_EXEC_PAGESIZE will yield an invalid backtrace anyway [2],
so follow the kernel and not try to parse or store such images.

[1] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/fs/coredump.c#n660
[2] systemd-coredump[16260]: Process 16258 (sleep) of user 1002 dumped core.
                                Stack trace of thread 16258:
                                #0  0x00007f1d8b3d3810 n/a (n/a)

https://bugzilla.redhat.com/show_bug.cgi?id=1309172#c19

diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c
index e3d17c864db5630a4034f1dbaeec4762f6fbc45d..be724aed4ea23182dee2a9dcc3b149d41aaa90ea 100644 (file)
--- a/src/coredump/coredump.c
+++ b/src/coredump/coredump.c
@@ -327,9 +327,11 @@ static int save_external_coredump(
         r = safe_atou64(context[CONTEXT_RLIMIT], &rlimit);
         if (r < 0)
                 return log_error_errno(r, "Failed to parse resource limit: %s", context[CONTEXT_RLIMIT]);
-        if (rlimit <= 0) {
-                /* Is coredumping disabled? Then don't bother saving/processing the coredump */
-                log_info("Core Dumping has been disabled for process %s (%s).", context[CONTEXT_PID], context[CONTEXT_COMM]);
+        if (rlimit < page_size()) {
+                /* Is coredumping disabled? Then don't bother saving/processing the coredump.
+                 * Anything below PAGE_SIZE cannot give a readable coredump (the kernel uses
+                 * ELF_EXEC_PAGESIZE which is not easily accessible, but is usually the same as PAGE_SIZE. */
+                log_info("Core dumping has been disabled for process %s (%s).", context[CONTEXT_PID], context[CONTEXT_COMM]);
                 return -EBADSLT;
         }