]>
Commit | Line | Data |
---|---|---|
f5e04665 LP |
1 | /*** |
2 | This file is part of systemd. | |
3 | ||
4 | Copyright 2012 Lennart Poettering | |
5 | ||
6 | systemd is free software; you can redistribute it and/or modify it | |
5430f7f2 LP |
7 | under the terms of the GNU Lesser General Public License as published by |
8 | the Free Software Foundation; either version 2.1 of the License, or | |
f5e04665 LP |
9 | (at your option) any later version. |
10 | ||
11 | systemd is distributed in the hope that it will be useful, but | |
12 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
5430f7f2 | 14 | Lesser General Public License for more details. |
f5e04665 | 15 | |
5430f7f2 | 16 | You should have received a copy of the GNU Lesser General Public License |
f5e04665 LP |
17 | along with systemd; If not, see <http://www.gnu.org/licenses/>. |
18 | ***/ | |
19 | ||
20 | #include <errno.h> | |
803a3464 LP |
21 | #include <stdio.h> |
22 | #include <sys/prctl.h> | |
cacd6403 | 23 | #include <sys/xattr.h> |
4f5dd394 | 24 | #include <unistd.h> |
f5e04665 | 25 | |
4d229b31 | 26 | #ifdef HAVE_ELFUTILS |
3c171f0b LP |
27 | #include <dwarf.h> |
28 | #include <elfutils/libdwfl.h> | |
4d229b31 UTL |
29 | #endif |
30 | ||
73a99163 | 31 | #include "sd-daemon.h" |
f11943c5 LP |
32 | #include "sd-journal.h" |
33 | #include "sd-login.h" | |
73a99163 | 34 | #include "sd-messages.h" |
4f5dd394 LP |
35 | |
36 | #include "acl-util.h" | |
b5efdb8a | 37 | #include "alloc-util.h" |
430f0182 | 38 | #include "capability-util.h" |
ba1261bc | 39 | #include "cgroup-util.h" |
4f5dd394 | 40 | #include "compress.h" |
34c10968 LP |
41 | #include "conf-parser.h" |
42 | #include "copy.h" | |
f11943c5 | 43 | #include "coredump-vacuum.h" |
a0956174 | 44 | #include "dirent-util.h" |
4f5dd394 | 45 | #include "escape.h" |
3ffd4af2 | 46 | #include "fd-util.h" |
4f5dd394 | 47 | #include "fileio.h" |
f4f15635 | 48 | #include "fs-util.h" |
afc5dbf3 | 49 | #include "io-util.h" |
4f5dd394 LP |
50 | #include "journald-native.h" |
51 | #include "log.h" | |
52 | #include "macro.h" | |
0c773903 | 53 | #include "missing.h" |
4f5dd394 | 54 | #include "mkdir.h" |
6bedfcbb | 55 | #include "parse-util.h" |
0b452006 | 56 | #include "process-util.h" |
3c171f0b | 57 | #include "socket-util.h" |
4f5dd394 LP |
58 | #include "special.h" |
59 | #include "stacktrace.h" | |
8b43440b | 60 | #include "string-table.h" |
07630cea | 61 | #include "string-util.h" |
4f5dd394 | 62 | #include "strv.h" |
b1d4f8e1 | 63 | #include "user-util.h" |
4f5dd394 | 64 | #include "util.h" |
34727273 | 65 | |
34c10968 | 66 | /* The maximum size up to which we process coredumps */ |
59f448cf | 67 | #define PROCESS_SIZE_MAX ((uint64_t) (2LLU*1024LLU*1024LLU*1024LLU)) |
34c10968 | 68 | |
bdfd7b2c | 69 | /* The maximum size up to which we leave the coredump around on disk */ |
34c10968 LP |
70 | #define EXTERNAL_SIZE_MAX PROCESS_SIZE_MAX |
71 | ||
bdfd7b2c | 72 | /* The maximum size up to which we store the coredump in the journal */ |
34c10968 | 73 | #define JOURNAL_SIZE_MAX ((size_t) (767LU*1024LU*1024LU)) |
f5e04665 | 74 | |
c4aa09b0 | 75 | /* Make sure to not make this larger than the maximum journal entry |
874bc134 ZJS |
76 | * size. See DATA_SIZE_MAX in journald-native.c. */ |
77 | assert_cc(JOURNAL_SIZE_MAX <= DATA_SIZE_MAX); | |
f5e04665 LP |
78 | |
79 | enum { | |
3c171f0b LP |
80 | /* We use this as array indexes for a couple of special fields we use for naming coredumping files, and |
81 | * attaching xattrs */ | |
82 | CONTEXT_PID, | |
83 | CONTEXT_UID, | |
84 | CONTEXT_GID, | |
85 | CONTEXT_SIGNAL, | |
86 | CONTEXT_TIMESTAMP, | |
bdfd7b2c | 87 | CONTEXT_RLIMIT, |
3c171f0b LP |
88 | CONTEXT_COMM, |
89 | CONTEXT_EXE, | |
90 | _CONTEXT_MAX | |
f5e04665 LP |
91 | }; |
92 | ||
34c10968 LP |
93 | typedef enum CoredumpStorage { |
94 | COREDUMP_STORAGE_NONE, | |
95 | COREDUMP_STORAGE_EXTERNAL, | |
96 | COREDUMP_STORAGE_JOURNAL, | |
34c10968 LP |
97 | _COREDUMP_STORAGE_MAX, |
98 | _COREDUMP_STORAGE_INVALID = -1 | |
99 | } CoredumpStorage; | |
100 | ||
34c10968 LP |
101 | static const char* const coredump_storage_table[_COREDUMP_STORAGE_MAX] = { |
102 | [COREDUMP_STORAGE_NONE] = "none", | |
103 | [COREDUMP_STORAGE_EXTERNAL] = "external", | |
104 | [COREDUMP_STORAGE_JOURNAL] = "journal", | |
34c10968 LP |
105 | }; |
106 | ||
107 | DEFINE_PRIVATE_STRING_TABLE_LOOKUP(coredump_storage, CoredumpStorage); | |
8c9571d0 | 108 | static DEFINE_CONFIG_PARSE_ENUM(config_parse_coredump_storage, coredump_storage, CoredumpStorage, "Failed to parse storage setting"); |
34727273 ZJS |
109 | |
110 | static CoredumpStorage arg_storage = COREDUMP_STORAGE_EXTERNAL; | |
8c9571d0 | 111 | static bool arg_compress = true; |
59f448cf LP |
112 | static uint64_t arg_process_size_max = PROCESS_SIZE_MAX; |
113 | static uint64_t arg_external_size_max = EXTERNAL_SIZE_MAX; | |
6e2b4a69 | 114 | static uint64_t arg_journal_size_max = JOURNAL_SIZE_MAX; |
59f448cf LP |
115 | static uint64_t arg_keep_free = (uint64_t) -1; |
116 | static uint64_t arg_max_use = (uint64_t) -1; | |
34c10968 LP |
117 | |
118 | static int parse_config(void) { | |
34c10968 | 119 | static const ConfigTableItem items[] = { |
8c9571d0 LP |
120 | { "Coredump", "Storage", config_parse_coredump_storage, 0, &arg_storage }, |
121 | { "Coredump", "Compress", config_parse_bool, 0, &arg_compress }, | |
59f448cf LP |
122 | { "Coredump", "ProcessSizeMax", config_parse_iec_uint64, 0, &arg_process_size_max }, |
123 | { "Coredump", "ExternalSizeMax", config_parse_iec_uint64, 0, &arg_external_size_max }, | |
8c9571d0 | 124 | { "Coredump", "JournalSizeMax", config_parse_iec_size, 0, &arg_journal_size_max }, |
59f448cf LP |
125 | { "Coredump", "KeepFree", config_parse_iec_uint64, 0, &arg_keep_free }, |
126 | { "Coredump", "MaxUse", config_parse_iec_uint64, 0, &arg_max_use }, | |
34c10968 LP |
127 | {} |
128 | }; | |
129 | ||
43688c49 | 130 | return config_parse_many_nulstr(PKGSYSCONFDIR "/coredump.conf", |
75eb6154 | 131 | CONF_PATHS_NULSTR("systemd/coredump.conf.d"), |
301af7e4 JT |
132 | "Coredump\0", |
133 | config_item_table_lookup, items, | |
134 | false, NULL); | |
34c10968 LP |
135 | } |
136 | ||
73a99163 ZJS |
137 | static inline uint64_t storage_size_max(void) { |
138 | return arg_storage == COREDUMP_STORAGE_EXTERNAL ? arg_external_size_max : arg_journal_size_max; | |
139 | } | |
140 | ||
34c10968 LP |
141 | static int fix_acl(int fd, uid_t uid) { |
142 | ||
143 | #ifdef HAVE_ACL | |
144 | _cleanup_(acl_freep) acl_t acl = NULL; | |
145 | acl_entry_t entry; | |
146 | acl_permset_t permset; | |
709f6e46 | 147 | int r; |
34c10968 | 148 | |
b59233e6 LP |
149 | assert(fd >= 0); |
150 | ||
34c10968 LP |
151 | if (uid <= SYSTEM_UID_MAX) |
152 | return 0; | |
153 | ||
154 | /* Make sure normal users can read (but not write or delete) | |
155 | * their own coredumps */ | |
156 | ||
157 | acl = acl_get_fd(fd); | |
4a62c710 MS |
158 | if (!acl) |
159 | return log_error_errno(errno, "Failed to get ACL: %m"); | |
34c10968 LP |
160 | |
161 | if (acl_create_entry(&acl, &entry) < 0 || | |
162 | acl_set_tag_type(entry, ACL_USER) < 0 || | |
d710aaf7 ZJS |
163 | acl_set_qualifier(entry, &uid) < 0) |
164 | return log_error_errno(errno, "Failed to patch ACL: %m"); | |
34c10968 LP |
165 | |
166 | if (acl_get_permset(entry, &permset) < 0 || | |
709f6e46 MS |
167 | acl_add_perm(permset, ACL_READ) < 0) |
168 | return log_warning_errno(errno, "Failed to patch ACL: %m"); | |
169 | ||
170 | r = calc_acl_mask_if_needed(&acl); | |
171 | if (r < 0) | |
172 | return log_warning_errno(r, "Failed to patch ACL: %m"); | |
34c10968 | 173 | |
4a62c710 MS |
174 | if (acl_set_fd(fd, acl) < 0) |
175 | return log_error_errno(errno, "Failed to apply ACL: %m"); | |
34c10968 LP |
176 | #endif |
177 | ||
178 | return 0; | |
179 | } | |
180 | ||
3c171f0b | 181 | static int fix_xattr(int fd, const char *context[_CONTEXT_MAX]) { |
0cd77f97 | 182 | |
3c171f0b LP |
183 | static const char * const xattrs[_CONTEXT_MAX] = { |
184 | [CONTEXT_PID] = "user.coredump.pid", | |
185 | [CONTEXT_UID] = "user.coredump.uid", | |
186 | [CONTEXT_GID] = "user.coredump.gid", | |
187 | [CONTEXT_SIGNAL] = "user.coredump.signal", | |
188 | [CONTEXT_TIMESTAMP] = "user.coredump.timestamp", | |
189 | [CONTEXT_COMM] = "user.coredump.comm", | |
190 | [CONTEXT_EXE] = "user.coredump.exe", | |
0cd77f97 LP |
191 | }; |
192 | ||
34c10968 | 193 | int r = 0; |
0cd77f97 | 194 | unsigned i; |
34c10968 | 195 | |
b59233e6 LP |
196 | assert(fd >= 0); |
197 | ||
1eef15b1 | 198 | /* Attach some metadata to coredumps via extended |
34c10968 LP |
199 | * attributes. Just because we can. */ |
200 | ||
3c171f0b | 201 | for (i = 0; i < _CONTEXT_MAX; i++) { |
1eef15b1 ZJS |
202 | int k; |
203 | ||
3c171f0b | 204 | if (isempty(context[i]) || !xattrs[i]) |
0cd77f97 | 205 | continue; |
34c10968 | 206 | |
3c171f0b | 207 | k = fsetxattr(fd, xattrs[i], context[i], strlen(context[i]), XATTR_CREATE); |
1eef15b1 | 208 | if (k < 0 && r == 0) |
34c10968 | 209 | r = -errno; |
0cd77f97 | 210 | } |
34c10968 LP |
211 | |
212 | return r; | |
213 | } | |
214 | ||
b0b21dce | 215 | #define filename_escape(s) xescape((s), "./ ") |
34c10968 | 216 | |
0c773903 EV |
217 | static inline const char *coredump_tmpfile_name(const char *s) { |
218 | return s ? s : "(unnamed temporary file)"; | |
219 | } | |
220 | ||
b59233e6 LP |
221 | static int fix_permissions( |
222 | int fd, | |
223 | const char *filename, | |
224 | const char *target, | |
3c171f0b | 225 | const char *context[_CONTEXT_MAX], |
b59233e6 LP |
226 | uid_t uid) { |
227 | ||
03532f0a LP |
228 | int r; |
229 | ||
b59233e6 | 230 | assert(fd >= 0); |
b59233e6 | 231 | assert(target); |
3c171f0b | 232 | assert(context); |
cfd652ed ZJS |
233 | |
234 | /* Ignore errors on these */ | |
3c171f0b LP |
235 | (void) fchmod(fd, 0640); |
236 | (void) fix_acl(fd, uid); | |
237 | (void) fix_xattr(fd, context); | |
cfd652ed | 238 | |
4a62c710 | 239 | if (fsync(fd) < 0) |
0c773903 | 240 | return log_error_errno(errno, "Failed to sync coredump %s: %m", coredump_tmpfile_name(filename)); |
cfd652ed | 241 | |
03532f0a LP |
242 | r = link_tmpfile(fd, filename, target); |
243 | if (r < 0) | |
244 | return log_error_errno(r, "Failed to move coredump %s into place: %m", target); | |
cfd652ed ZJS |
245 | |
246 | return 0; | |
247 | } | |
248 | ||
59f448cf | 249 | static int maybe_remove_external_coredump(const char *filename, uint64_t size) { |
cfd652ed | 250 | |
b59233e6 | 251 | /* Returns 1 if might remove, 0 if will not remove, < 0 on error. */ |
cfd652ed | 252 | |
fc6cec86 | 253 | if (arg_storage == COREDUMP_STORAGE_EXTERNAL && |
cfd652ed ZJS |
254 | size <= arg_external_size_max) |
255 | return 0; | |
256 | ||
257 | if (!filename) | |
258 | return 1; | |
259 | ||
4a62c710 MS |
260 | if (unlink(filename) < 0 && errno != ENOENT) |
261 | return log_error_errno(errno, "Failed to unlink %s: %m", filename); | |
cfd652ed ZJS |
262 | |
263 | return 1; | |
264 | } | |
265 | ||
3c171f0b | 266 | static int make_filename(const char *context[_CONTEXT_MAX], char **ret) { |
b59233e6 | 267 | _cleanup_free_ char *c = NULL, *u = NULL, *p = NULL, *t = NULL; |
a7f7d1bd | 268 | sd_id128_t boot = {}; |
34c10968 LP |
269 | int r; |
270 | ||
3c171f0b | 271 | assert(context); |
34c10968 | 272 | |
3c171f0b | 273 | c = filename_escape(context[CONTEXT_COMM]); |
34c10968 | 274 | if (!c) |
b59233e6 | 275 | return -ENOMEM; |
34c10968 | 276 | |
3c171f0b | 277 | u = filename_escape(context[CONTEXT_UID]); |
0dc5d23c | 278 | if (!u) |
b59233e6 | 279 | return -ENOMEM; |
34c10968 LP |
280 | |
281 | r = sd_id128_get_boot(&boot); | |
b59233e6 | 282 | if (r < 0) |
34c10968 | 283 | return r; |
34c10968 | 284 | |
3c171f0b | 285 | p = filename_escape(context[CONTEXT_PID]); |
b59233e6 LP |
286 | if (!p) |
287 | return -ENOMEM; | |
288 | ||
3c171f0b | 289 | t = filename_escape(context[CONTEXT_TIMESTAMP]); |
b59233e6 LP |
290 | if (!t) |
291 | return -ENOMEM; | |
292 | ||
293 | if (asprintf(ret, | |
0dc5d23c | 294 | "/var/lib/systemd/coredump/core.%s.%s." SD_ID128_FORMAT_STR ".%s.%s000000", |
34c10968 | 295 | c, |
0dc5d23c | 296 | u, |
34c10968 LP |
297 | SD_ID128_FORMAT_VAL(boot), |
298 | p, | |
b59233e6 LP |
299 | t) < 0) |
300 | return -ENOMEM; | |
301 | ||
302 | return 0; | |
303 | } | |
304 | ||
305 | static int save_external_coredump( | |
3c171f0b LP |
306 | const char *context[_CONTEXT_MAX], |
307 | int input_fd, | |
b59233e6 | 308 | char **ret_filename, |
5f3e0a74 HW |
309 | int *ret_node_fd, |
310 | int *ret_data_fd, | |
59f448cf | 311 | uint64_t *ret_size) { |
b59233e6 LP |
312 | |
313 | _cleanup_free_ char *fn = NULL, *tmp = NULL; | |
314 | _cleanup_close_ int fd = -1; | |
bdfd7b2c | 315 | uint64_t rlimit, max_size; |
b59233e6 | 316 | struct stat st; |
3c171f0b | 317 | uid_t uid; |
b59233e6 LP |
318 | int r; |
319 | ||
3c171f0b | 320 | assert(context); |
b59233e6 | 321 | assert(ret_filename); |
5f3e0a74 HW |
322 | assert(ret_node_fd); |
323 | assert(ret_data_fd); | |
b59233e6 LP |
324 | assert(ret_size); |
325 | ||
3c171f0b LP |
326 | r = parse_uid(context[CONTEXT_UID], &uid); |
327 | if (r < 0) | |
328 | return log_error_errno(r, "Failed to parse UID: %m"); | |
329 | ||
bdfd7b2c LP |
330 | r = safe_atou64(context[CONTEXT_RLIMIT], &rlimit); |
331 | if (r < 0) | |
332 | return log_error_errno(r, "Failed to parse resource limit: %s", context[CONTEXT_RLIMIT]); | |
6998b540 ZJS |
333 | if (rlimit < page_size()) { |
334 | /* Is coredumping disabled? Then don't bother saving/processing the coredump. | |
335 | * Anything below PAGE_SIZE cannot give a readable coredump (the kernel uses | |
336 | * ELF_EXEC_PAGESIZE which is not easily accessible, but is usually the same as PAGE_SIZE. */ | |
73a99163 ZJS |
337 | log_info("Resource limits disable core dumping for process %s (%s).", |
338 | context[CONTEXT_PID], context[CONTEXT_COMM]); | |
bdfd7b2c LP |
339 | return -EBADSLT; |
340 | } | |
341 | ||
342 | /* Never store more than the process configured, or than we actually shall keep or process */ | |
73a99163 | 343 | max_size = MIN(rlimit, MAX(arg_process_size_max, storage_size_max())); |
bdfd7b2c | 344 | |
3c171f0b | 345 | r = make_filename(context, &fn); |
23bbb0de MS |
346 | if (r < 0) |
347 | return log_error_errno(r, "Failed to determine coredump file name: %m"); | |
34c10968 | 348 | |
d2e54fae | 349 | mkdir_p_label("/var/lib/systemd/coredump", 0755); |
803a3464 | 350 | |
03532f0a | 351 | fd = open_tmpfile_linkable(fn, O_RDWR|O_CLOEXEC, &tmp); |
4a62c710 | 352 | if (fd < 0) |
03532f0a | 353 | return log_error_errno(fd, "Failed to create temporary file for coredump %s: %m", fn); |
803a3464 | 354 | |
bdfd7b2c | 355 | r = copy_bytes(input_fd, fd, max_size, false); |
73a99163 ZJS |
356 | if (r < 0) { |
357 | log_error_errno(r, "Cannot store coredump of %s (%s): %m", context[CONTEXT_PID], context[CONTEXT_COMM]); | |
93240d3a | 358 | goto fail; |
73a99163 ZJS |
359 | } else if (r == 1) |
360 | log_struct(LOG_INFO, | |
361 | LOG_MESSAGE("Core file was truncated to %zu bytes.", max_size), | |
362 | "SIZE_LIMIT=%zu", max_size, | |
363 | LOG_MESSAGE_ID(SD_MESSAGE_TRUNCATED_CORE), | |
364 | NULL); | |
803a3464 | 365 | |
34c10968 | 366 | if (fstat(fd, &st) < 0) { |
73a99163 | 367 | log_error_errno(errno, "Failed to fstat core file %s: %m", coredump_tmpfile_name(tmp)); |
34c10968 LP |
368 | goto fail; |
369 | } | |
370 | ||
7849c2ac | 371 | if (lseek(fd, 0, SEEK_SET) == (off_t) -1) { |
0c773903 | 372 | log_error_errno(errno, "Failed to seek on %s: %m", coredump_tmpfile_name(tmp)); |
b59233e6 | 373 | goto fail; |
7849c2ac TA |
374 | } |
375 | ||
d89c8fdf | 376 | #if defined(HAVE_XZ) || defined(HAVE_LZ4) |
cfd652ed | 377 | /* If we will remove the coredump anyway, do not compress. */ |
6e9ef603 | 378 | if (arg_compress && !maybe_remove_external_coredump(NULL, st.st_size)) { |
cfd652ed | 379 | |
b59233e6 LP |
380 | _cleanup_free_ char *fn_compressed = NULL, *tmp_compressed = NULL; |
381 | _cleanup_close_ int fd_compressed = -1; | |
cfd652ed | 382 | |
d89c8fdf | 383 | fn_compressed = strappend(fn, COMPRESSED_EXT); |
b59233e6 | 384 | if (!fn_compressed) { |
d89c8fdf | 385 | log_oom(); |
cfd652ed ZJS |
386 | goto uncompressed; |
387 | } | |
388 | ||
03532f0a LP |
389 | fd_compressed = open_tmpfile_linkable(fn_compressed, O_RDWR|O_CLOEXEC, &tmp_compressed); |
390 | if (fd_compressed < 0) { | |
391 | log_error_errno(fd_compressed, "Failed to create temporary file for coredump %s: %m", fn_compressed); | |
b59233e6 | 392 | goto uncompressed; |
03532f0a | 393 | } |
cfd652ed | 394 | |
d89c8fdf | 395 | r = compress_stream(fd, fd_compressed, -1); |
b59233e6 | 396 | if (r < 0) { |
0c773903 | 397 | log_error_errno(r, "Failed to compress %s: %m", coredump_tmpfile_name(tmp_compressed)); |
b59233e6 LP |
398 | goto fail_compressed; |
399 | } | |
400 | ||
3c171f0b | 401 | r = fix_permissions(fd_compressed, tmp_compressed, fn_compressed, context, uid); |
cfd652ed | 402 | if (r < 0) |
b59233e6 LP |
403 | goto fail_compressed; |
404 | ||
405 | /* OK, this worked, we can get rid of the uncompressed version now */ | |
0c773903 EV |
406 | if (tmp) |
407 | unlink_noerrno(tmp); | |
cfd652ed | 408 | |
59f448cf | 409 | *ret_filename = fn_compressed; /* compressed */ |
5f3e0a74 HW |
410 | *ret_node_fd = fd_compressed; /* compressed */ |
411 | *ret_data_fd = fd; /* uncompressed */ | |
59f448cf | 412 | *ret_size = (uint64_t) st.st_size; /* uncompressed */ |
cfd652ed | 413 | |
b59233e6 | 414 | fn_compressed = NULL; |
5f3e0a74 | 415 | fd = fd_compressed = -1; |
cfd652ed ZJS |
416 | |
417 | return 0; | |
418 | ||
b59233e6 | 419 | fail_compressed: |
0c773903 EV |
420 | if (tmp_compressed) |
421 | (void) unlink(tmp_compressed); | |
34c10968 | 422 | } |
cfd652ed ZJS |
423 | |
424 | uncompressed: | |
3b1a55e1 | 425 | #endif |
5f3e0a74 | 426 | |
3c171f0b | 427 | r = fix_permissions(fd, tmp, fn, context, uid); |
cfd652ed ZJS |
428 | if (r < 0) |
429 | goto fail; | |
34c10968 LP |
430 | |
431 | *ret_filename = fn; | |
5f3e0a74 HW |
432 | *ret_data_fd = fd; |
433 | *ret_node_fd = -1; | |
59f448cf | 434 | *ret_size = (uint64_t) st.st_size; |
34c10968 LP |
435 | |
436 | fn = NULL; | |
437 | fd = -1; | |
438 | ||
439 | return 0; | |
440 | ||
441 | fail: | |
0c773903 EV |
442 | if (tmp) |
443 | (void) unlink(tmp); | |
34c10968 LP |
444 | return r; |
445 | } | |
446 | ||
447 | static int allocate_journal_field(int fd, size_t size, char **ret, size_t *ret_size) { | |
448 | _cleanup_free_ char *field = NULL; | |
449 | ssize_t n; | |
450 | ||
8d4e028f | 451 | assert(fd >= 0); |
34c10968 LP |
452 | assert(ret); |
453 | assert(ret_size); | |
454 | ||
4a62c710 MS |
455 | if (lseek(fd, 0, SEEK_SET) == (off_t) -1) |
456 | return log_warning_errno(errno, "Failed to seek: %m"); | |
803a3464 | 457 | |
34c10968 LP |
458 | field = malloc(9 + size); |
459 | if (!field) { | |
cfd652ed | 460 | log_warning("Failed to allocate memory for coredump, coredump will not be stored."); |
34c10968 LP |
461 | return -ENOMEM; |
462 | } | |
463 | ||
464 | memcpy(field, "COREDUMP=", 9); | |
465 | ||
466 | n = read(fd, field + 9, size); | |
23bbb0de MS |
467 | if (n < 0) |
468 | return log_error_errno((int) n, "Failed to read core data: %m"); | |
34c10968 LP |
469 | if ((size_t) n < size) { |
470 | log_error("Core data too short."); | |
471 | return -EIO; | |
472 | } | |
473 | ||
474 | *ret = field; | |
475 | *ret_size = size + 9; | |
476 | ||
477 | field = NULL; | |
478 | ||
479 | return 0; | |
480 | } | |
803a3464 | 481 | |
3f132692 JF |
482 | /* Joins /proc/[pid]/fd/ and /proc/[pid]/fdinfo/ into the following lines: |
483 | * 0:/dev/pts/23 | |
484 | * pos: 0 | |
485 | * flags: 0100002 | |
486 | * | |
487 | * 1:/dev/pts/23 | |
488 | * pos: 0 | |
489 | * flags: 0100002 | |
490 | * | |
491 | * 2:/dev/pts/23 | |
492 | * pos: 0 | |
493 | * flags: 0100002 | |
494 | * EOF | |
495 | */ | |
496 | static int compose_open_fds(pid_t pid, char **open_fds) { | |
4d84bc2f LP |
497 | _cleanup_closedir_ DIR *proc_fd_dir = NULL; |
498 | _cleanup_close_ int proc_fdinfo_fd = -1; | |
499 | _cleanup_free_ char *buffer = NULL; | |
3f132692 | 500 | _cleanup_fclose_ FILE *stream = NULL; |
59059b4a | 501 | const char *fddelim = "", *path; |
3f132692 | 502 | struct dirent *dent = NULL; |
4d84bc2f | 503 | size_t size = 0; |
3f132692 JF |
504 | int r = 0; |
505 | ||
506 | assert(pid >= 0); | |
507 | assert(open_fds != NULL); | |
508 | ||
59059b4a | 509 | path = procfs_file_alloca(pid, "fd"); |
3f132692 | 510 | proc_fd_dir = opendir(path); |
59059b4a ZJS |
511 | if (!proc_fd_dir) |
512 | return -errno; | |
3f132692 | 513 | |
4d84bc2f | 514 | proc_fdinfo_fd = openat(dirfd(proc_fd_dir), "../fdinfo", O_DIRECTORY|O_NOFOLLOW|O_CLOEXEC|O_PATH); |
59059b4a ZJS |
515 | if (proc_fdinfo_fd < 0) |
516 | return -errno; | |
3f132692 | 517 | |
4d84bc2f | 518 | stream = open_memstream(&buffer, &size); |
3f132692 JF |
519 | if (!stream) |
520 | return -ENOMEM; | |
521 | ||
4d84bc2f | 522 | FOREACH_DIRENT(dent, proc_fd_dir, return -errno) { |
3f132692 | 523 | _cleanup_fclose_ FILE *fdinfo = NULL; |
4d84bc2f | 524 | _cleanup_free_ char *fdname = NULL; |
59059b4a | 525 | char line[LINE_MAX]; |
4d84bc2f | 526 | int fd; |
3f132692 | 527 | |
59059b4a | 528 | r = readlinkat_malloc(dirfd(proc_fd_dir), dent->d_name, &fdname); |
3f132692 JF |
529 | if (r < 0) |
530 | return r; | |
531 | ||
532 | fprintf(stream, "%s%s:%s\n", fddelim, dent->d_name, fdname); | |
533 | fddelim = "\n"; | |
534 | ||
535 | /* Use the directory entry from /proc/[pid]/fd with /proc/[pid]/fdinfo */ | |
59059b4a ZJS |
536 | fd = openat(proc_fdinfo_fd, dent->d_name, O_NOFOLLOW|O_CLOEXEC|O_RDONLY); |
537 | if (fd < 0) | |
3f132692 JF |
538 | continue; |
539 | ||
59059b4a ZJS |
540 | fdinfo = fdopen(fd, "re"); |
541 | if (fdinfo == NULL) { | |
542 | close(fd); | |
3f132692 | 543 | continue; |
59059b4a | 544 | } |
3f132692 | 545 | |
4d84bc2f LP |
546 | FOREACH_LINE(line, fdinfo, break) { |
547 | fputs(line, stream); | |
548 | if (!endswith(line, "\n")) | |
549 | fputc('\n', stream); | |
550 | } | |
3f132692 JF |
551 | } |
552 | ||
4d84bc2f | 553 | errno = 0; |
74ca738f | 554 | stream = safe_fclose(stream); |
4d84bc2f | 555 | |
b3267152 | 556 | if (errno > 0) |
4d84bc2f LP |
557 | return -errno; |
558 | ||
559 | *open_fds = buffer; | |
560 | buffer = NULL; | |
561 | ||
3f132692 JF |
562 | return 0; |
563 | } | |
564 | ||
7ed03ce6 JF |
565 | static int get_process_ns(pid_t pid, const char *namespace, ino_t *ns) { |
566 | const char *p; | |
567 | struct stat stbuf; | |
568 | _cleanup_close_ int proc_ns_dir_fd; | |
569 | ||
570 | p = procfs_file_alloca(pid, "ns"); | |
571 | ||
572 | proc_ns_dir_fd = open(p, O_DIRECTORY | O_CLOEXEC | O_RDONLY); | |
573 | if (proc_ns_dir_fd < 0) | |
574 | return -errno; | |
575 | ||
576 | if (fstatat(proc_ns_dir_fd, namespace, &stbuf, /* flags */0) < 0) | |
577 | return -errno; | |
578 | ||
579 | *ns = stbuf.st_ino; | |
580 | return 0; | |
581 | } | |
582 | ||
583 | static int get_mount_namespace_leader(pid_t pid, pid_t *container_pid) { | |
584 | pid_t cpid = pid, ppid = 0; | |
585 | ino_t proc_mntns; | |
586 | int r = 0; | |
587 | ||
588 | r = get_process_ns(pid, "mnt", &proc_mntns); | |
589 | if (r < 0) | |
590 | return r; | |
591 | ||
aa7530d6 | 592 | for (;;) { |
7ed03ce6 JF |
593 | ino_t parent_mntns; |
594 | ||
595 | r = get_process_ppid(cpid, &ppid); | |
596 | if (r < 0) | |
597 | return r; | |
598 | ||
599 | r = get_process_ns(ppid, "mnt", &parent_mntns); | |
600 | if (r < 0) | |
601 | return r; | |
602 | ||
603 | if (proc_mntns != parent_mntns) | |
604 | break; | |
605 | ||
606 | if (ppid == 1) | |
607 | return -ENOENT; | |
608 | ||
609 | cpid = ppid; | |
610 | } | |
611 | ||
612 | *container_pid = ppid; | |
613 | return 0; | |
614 | } | |
615 | ||
616 | /* Returns 1 if the parent was found. | |
617 | * Returns 0 if there is not a process we can call the pid's | |
618 | * container parent (the pid's process isn't 'containerized'). | |
619 | * Returns a negative number on errors. | |
620 | */ | |
621 | static int get_process_container_parent_cmdline(pid_t pid, char** cmdline) { | |
622 | int r = 0; | |
623 | pid_t container_pid; | |
624 | const char *proc_root_path; | |
625 | struct stat root_stat, proc_root_stat; | |
626 | ||
627 | /* To compare inodes of / and /proc/[pid]/root */ | |
628 | if (stat("/", &root_stat) < 0) | |
629 | return -errno; | |
630 | ||
631 | proc_root_path = procfs_file_alloca(pid, "root"); | |
632 | if (stat(proc_root_path, &proc_root_stat) < 0) | |
633 | return -errno; | |
634 | ||
635 | /* The process uses system root. */ | |
636 | if (proc_root_stat.st_ino == root_stat.st_ino) { | |
637 | *cmdline = NULL; | |
638 | return 0; | |
639 | } | |
640 | ||
641 | r = get_mount_namespace_leader(pid, &container_pid); | |
642 | if (r < 0) | |
643 | return r; | |
644 | ||
d3cba4ea EV |
645 | r = get_process_cmdline(container_pid, 0, false, cmdline); |
646 | if (r < 0) | |
647 | return r; | |
648 | ||
649 | return 1; | |
7ed03ce6 JF |
650 | } |
651 | ||
3c171f0b LP |
652 | static int change_uid_gid(const char *context[]) { |
653 | uid_t uid; | |
654 | gid_t gid; | |
655 | int r; | |
34c10968 | 656 | |
3c171f0b LP |
657 | r = parse_uid(context[CONTEXT_UID], &uid); |
658 | if (r < 0) | |
659 | return r; | |
8c8549db | 660 | |
888e378d LP |
661 | if (uid <= SYSTEM_UID_MAX) { |
662 | const char *user = "systemd-coredump"; | |
663 | ||
664 | r = get_user_creds(&user, &uid, &gid, NULL, NULL); | |
665 | if (r < 0) { | |
666 | log_warning_errno(r, "Cannot resolve %s user. Proceeding to dump core as root: %m", user); | |
667 | uid = gid = 0; | |
668 | } | |
669 | } else { | |
670 | r = parse_gid(context[CONTEXT_GID], &gid); | |
671 | if (r < 0) | |
672 | return r; | |
673 | } | |
3c171f0b LP |
674 | |
675 | return drop_privileges(uid, gid, 0); | |
676 | } | |
8c8549db | 677 | |
3c171f0b LP |
678 | static int submit_coredump( |
679 | const char *context[_CONTEXT_MAX], | |
680 | struct iovec *iovec, | |
681 | size_t n_iovec_allocated, | |
682 | size_t n_iovec, | |
683 | int input_fd) { | |
34c10968 | 684 | |
5f3e0a74 | 685 | _cleanup_close_ int coredump_fd = -1, coredump_node_fd = -1; |
3c171f0b | 686 | _cleanup_free_ char *core_message = NULL, *filename = NULL, *coredump_data = NULL; |
a5ca3649 | 687 | uint64_t coredump_size = UINT64_MAX; |
3c171f0b | 688 | int r; |
f5e04665 | 689 | |
3c171f0b LP |
690 | assert(context); |
691 | assert(iovec); | |
692 | assert(n_iovec_allocated >= n_iovec + 3); | |
693 | assert(input_fd >= 0); | |
f5e04665 | 694 | |
3c171f0b LP |
695 | /* Vacuum before we write anything again */ |
696 | (void) coredump_vacuum(-1, arg_keep_free, arg_max_use); | |
803a3464 | 697 | |
3c171f0b LP |
698 | /* Always stream the coredump to disk, if that's possible */ |
699 | r = save_external_coredump(context, input_fd, &filename, &coredump_node_fd, &coredump_fd, &coredump_size); | |
700 | if (r < 0) | |
701 | /* Skip whole core dumping part */ | |
702 | goto log; | |
703 | ||
704 | /* If we don't want to keep the coredump on disk, remove it now, as later on we will lack the privileges for | |
705 | * it. However, we keep the fd to it, so that we can still process it and log it. */ | |
706 | r = maybe_remove_external_coredump(filename, coredump_size); | |
707 | if (r < 0) | |
708 | return r; | |
709 | if (r == 0) { | |
710 | const char *coredump_filename; | |
711 | ||
712 | coredump_filename = strjoina("COREDUMP_FILENAME=", filename); | |
713 | IOVEC_SET_STRING(iovec[n_iovec++], coredump_filename); | |
6e9ef603 | 714 | } else if (arg_storage == COREDUMP_STORAGE_EXTERNAL) |
5206a724 | 715 | log_info("The core will not be stored: size %"PRIu64" is greater than %"PRIu64" (the configured maximum)", |
6e9ef603 | 716 | coredump_size, arg_external_size_max); |
f5e04665 | 717 | |
3c171f0b LP |
718 | /* Vacuum again, but exclude the coredump we just created */ |
719 | (void) coredump_vacuum(coredump_node_fd >= 0 ? coredump_node_fd : coredump_fd, arg_keep_free, arg_max_use); | |
8c9571d0 | 720 | |
3c171f0b LP |
721 | /* Now, let's drop privileges to become the user who owns the segfaulted process and allocate the coredump |
722 | * memory under the user's uid. This also ensures that the credentials journald will see are the ones of the | |
723 | * coredumping user, thus making sure the user gets access to the core dump. Let's also get rid of all | |
724 | * capabilities, if we run as root, we won't need them anymore. */ | |
725 | r = change_uid_gid(context); | |
726 | if (r < 0) | |
727 | return log_error_errno(r, "Failed to drop privileges: %m"); | |
34c10968 | 728 | |
3c171f0b LP |
729 | #ifdef HAVE_ELFUTILS |
730 | /* Try to get a strack trace if we can */ | |
731 | if (coredump_size <= arg_process_size_max) { | |
732 | _cleanup_free_ char *stacktrace = NULL; | |
733 | ||
734 | r = coredump_make_stack_trace(coredump_fd, context[CONTEXT_EXE], &stacktrace); | |
735 | if (r >= 0) | |
605405c6 ZJS |
736 | core_message = strjoin("MESSAGE=Process ", context[CONTEXT_PID], |
737 | " (", context[CONTEXT_COMM], ") of user ", | |
738 | context[CONTEXT_UID], " dumped core.\n\n", | |
739 | stacktrace); | |
3c171f0b LP |
740 | else if (r == -EINVAL) |
741 | log_warning("Failed to generate stack trace: %s", dwfl_errmsg(dwfl_errno())); | |
742 | else | |
743 | log_warning_errno(r, "Failed to generate stack trace: %m"); | |
6e9ef603 | 744 | } else |
5206a724 | 745 | log_debug("Not generating stack trace: core size %"PRIu64" is greater than %"PRIu64" (the configured maximum)", |
6e9ef603 | 746 | coredump_size, arg_process_size_max); |
803a3464 | 747 | |
3c171f0b LP |
748 | if (!core_message) |
749 | #endif | |
750 | log: | |
605405c6 ZJS |
751 | core_message = strjoin("MESSAGE=Process ", context[CONTEXT_PID], " (", |
752 | context[CONTEXT_COMM], ") of user ", | |
753 | context[CONTEXT_UID], " dumped core."); | |
3c171f0b LP |
754 | if (core_message) |
755 | IOVEC_SET_STRING(iovec[n_iovec++], core_message); | |
756 | ||
757 | /* Optionally store the entire coredump in the journal */ | |
6e9ef603 ZJS |
758 | if (arg_storage == COREDUMP_STORAGE_JOURNAL) { |
759 | if (coredump_size <= arg_journal_size_max) { | |
760 | size_t sz = 0; | |
761 | ||
762 | /* Store the coredump itself in the journal */ | |
763 | ||
764 | r = allocate_journal_field(coredump_fd, (size_t) coredump_size, &coredump_data, &sz); | |
765 | if (r >= 0) { | |
766 | iovec[n_iovec].iov_base = coredump_data; | |
767 | iovec[n_iovec].iov_len = sz; | |
768 | n_iovec++; | |
769 | } else | |
770 | log_warning_errno(r, "Failed to attach the core to the journal entry: %m"); | |
771 | } else | |
5206a724 | 772 | log_info("The core will not be stored: size %"PRIu64" is greater than %"PRIu64" (the configured maximum)", |
6e9ef603 | 773 | coredump_size, arg_journal_size_max); |
f5e04665 LP |
774 | } |
775 | ||
3c171f0b LP |
776 | assert(n_iovec <= n_iovec_allocated); |
777 | ||
778 | r = sd_journal_sendv(iovec, n_iovec); | |
779 | if (r < 0) | |
780 | return log_error_errno(r, "Failed to log coredump: %m"); | |
781 | ||
782 | return 0; | |
783 | } | |
784 | ||
785 | static void map_context_fields(const struct iovec *iovec, const char *context[]) { | |
786 | ||
787 | static const char * const context_field_names[_CONTEXT_MAX] = { | |
788 | [CONTEXT_PID] = "COREDUMP_PID=", | |
789 | [CONTEXT_UID] = "COREDUMP_UID=", | |
790 | [CONTEXT_GID] = "COREDUMP_GID=", | |
791 | [CONTEXT_SIGNAL] = "COREDUMP_SIGNAL=", | |
792 | [CONTEXT_TIMESTAMP] = "COREDUMP_TIMESTAMP=", | |
793 | [CONTEXT_COMM] = "COREDUMP_COMM=", | |
794 | [CONTEXT_EXE] = "COREDUMP_EXE=", | |
bdfd7b2c | 795 | [CONTEXT_RLIMIT] = "COREDUMP_RLIMIT=", |
3c171f0b LP |
796 | }; |
797 | ||
798 | unsigned i; | |
799 | ||
800 | assert(iovec); | |
801 | assert(context); | |
802 | ||
803 | for (i = 0; i < _CONTEXT_MAX; i++) { | |
804 | size_t l; | |
805 | ||
806 | l = strlen(context_field_names[i]); | |
807 | if (iovec->iov_len < l) | |
808 | continue; | |
809 | ||
810 | if (memcmp(iovec->iov_base, context_field_names[i], l) != 0) | |
811 | continue; | |
812 | ||
813 | /* Note that these strings are NUL terminated, because we made sure that a trailing NUL byte is in the | |
814 | * buffer, though not included in the iov_len count. (see below) */ | |
815 | context[i] = (char*) iovec->iov_base + l; | |
816 | break; | |
817 | } | |
818 | } | |
819 | ||
820 | static int process_socket(int fd) { | |
821 | _cleanup_close_ int coredump_fd = -1; | |
822 | struct iovec *iovec = NULL; | |
823 | size_t n_iovec = 0, n_iovec_allocated = 0, i; | |
824 | const char *context[_CONTEXT_MAX] = {}; | |
825 | int r; | |
826 | ||
827 | assert(fd >= 0); | |
828 | ||
829 | log_set_target(LOG_TARGET_AUTO); | |
830 | log_parse_environment(); | |
831 | log_open(); | |
832 | ||
833 | for (;;) { | |
834 | union { | |
835 | struct cmsghdr cmsghdr; | |
836 | uint8_t buf[CMSG_SPACE(sizeof(int))]; | |
837 | } control = {}; | |
838 | struct msghdr mh = { | |
839 | .msg_control = &control, | |
840 | .msg_controllen = sizeof(control), | |
841 | .msg_iovlen = 1, | |
842 | }; | |
843 | ssize_t n; | |
fe1ef0f8 | 844 | ssize_t l; |
3c171f0b LP |
845 | |
846 | if (!GREEDY_REALLOC(iovec, n_iovec_allocated, n_iovec + 3)) { | |
847 | r = log_oom(); | |
848 | goto finish; | |
849 | } | |
850 | ||
fe1ef0f8 EV |
851 | l = next_datagram_size_fd(fd); |
852 | if (l < 0) { | |
853 | r = log_error_errno(l, "Failed to determine datagram size to read: %m"); | |
3c171f0b LP |
854 | goto finish; |
855 | } | |
856 | ||
857 | assert(l >= 0); | |
858 | ||
859 | iovec[n_iovec].iov_len = l; | |
860 | iovec[n_iovec].iov_base = malloc(l + 1); | |
3c171f0b LP |
861 | if (!iovec[n_iovec].iov_base) { |
862 | r = log_oom(); | |
863 | goto finish; | |
864 | } | |
865 | ||
866 | mh.msg_iov = iovec + n_iovec; | |
867 | ||
868 | n = recvmsg(fd, &mh, MSG_NOSIGNAL|MSG_CMSG_CLOEXEC); | |
869 | if (n < 0) { | |
870 | free(iovec[n_iovec].iov_base); | |
871 | r = log_error_errno(errno, "Failed to receive datagram: %m"); | |
872 | goto finish; | |
873 | } | |
874 | ||
875 | if (n == 0) { | |
876 | struct cmsghdr *cmsg, *found = NULL; | |
877 | /* The final zero-length datagram carries the file descriptor and tells us that we're done. */ | |
878 | ||
879 | free(iovec[n_iovec].iov_base); | |
880 | ||
881 | CMSG_FOREACH(cmsg, &mh) { | |
882 | if (cmsg->cmsg_level == SOL_SOCKET && | |
883 | cmsg->cmsg_type == SCM_RIGHTS && | |
884 | cmsg->cmsg_len == CMSG_LEN(sizeof(int))) { | |
885 | assert(!found); | |
886 | found = cmsg; | |
887 | } | |
888 | } | |
889 | ||
890 | if (!found) { | |
891 | log_error("Coredump file descriptor missing."); | |
892 | r = -EBADMSG; | |
893 | goto finish; | |
894 | } | |
895 | ||
896 | assert(coredump_fd < 0); | |
897 | coredump_fd = *(int*) CMSG_DATA(found); | |
898 | break; | |
899 | } | |
900 | ||
901 | /* Add trailing NUL byte, in case these are strings */ | |
902 | ((char*) iovec[n_iovec].iov_base)[n] = 0; | |
903 | iovec[n_iovec].iov_len = (size_t) n; | |
904 | ||
905 | cmsg_close_all(&mh); | |
906 | map_context_fields(iovec + n_iovec, context); | |
907 | n_iovec++; | |
908 | } | |
909 | ||
910 | if (!GREEDY_REALLOC(iovec, n_iovec_allocated, n_iovec + 3)) { | |
911 | r = log_oom(); | |
34c10968 LP |
912 | goto finish; |
913 | } | |
914 | ||
61233823 | 915 | /* Make sure we got all data we really need */ |
3c171f0b LP |
916 | assert(context[CONTEXT_PID]); |
917 | assert(context[CONTEXT_UID]); | |
918 | assert(context[CONTEXT_GID]); | |
919 | assert(context[CONTEXT_SIGNAL]); | |
920 | assert(context[CONTEXT_TIMESTAMP]); | |
bdfd7b2c | 921 | assert(context[CONTEXT_RLIMIT]); |
3c171f0b LP |
922 | assert(context[CONTEXT_COMM]); |
923 | assert(coredump_fd >= 0); | |
924 | ||
925 | r = submit_coredump(context, iovec, n_iovec_allocated, n_iovec, coredump_fd); | |
926 | ||
927 | finish: | |
928 | for (i = 0; i < n_iovec; i++) | |
929 | free(iovec[i].iov_base); | |
930 | free(iovec); | |
931 | ||
932 | return r; | |
933 | } | |
934 | ||
935 | static int send_iovec(const struct iovec iovec[], size_t n_iovec, int input_fd) { | |
936 | ||
937 | static const union sockaddr_union sa = { | |
938 | .un.sun_family = AF_UNIX, | |
939 | .un.sun_path = "/run/systemd/coredump", | |
940 | }; | |
941 | _cleanup_close_ int fd = -1; | |
942 | size_t i; | |
943 | int r; | |
944 | ||
945 | assert(iovec || n_iovec <= 0); | |
946 | assert(input_fd >= 0); | |
947 | ||
948 | fd = socket(AF_UNIX, SOCK_SEQPACKET|SOCK_CLOEXEC, 0); | |
949 | if (fd < 0) | |
950 | return log_error_errno(errno, "Failed to create coredump socket: %m"); | |
951 | ||
fc2fffe7 | 952 | if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) |
3c171f0b LP |
953 | return log_error_errno(errno, "Failed to connect to coredump service: %m"); |
954 | ||
955 | for (i = 0; i < n_iovec; i++) { | |
fec603eb LP |
956 | struct msghdr mh = { |
957 | .msg_iov = (struct iovec*) iovec + i, | |
958 | .msg_iovlen = 1, | |
959 | }; | |
960 | struct iovec copy[2]; | |
961 | ||
962 | for (;;) { | |
963 | if (sendmsg(fd, &mh, MSG_NOSIGNAL) >= 0) | |
964 | break; | |
965 | ||
966 | if (errno == EMSGSIZE && mh.msg_iov[0].iov_len > 0) { | |
967 | /* This field didn't fit? That's a pity. Given that this is just metadata, | |
968 | * let's truncate the field at half, and try again. We append three dots, in | |
969 | * order to show that this is truncated. */ | |
970 | ||
971 | if (mh.msg_iov != copy) { | |
972 | /* We don't want to modify the caller's iovec, hence let's create our | |
973 | * own array, consisting of two new iovecs, where the first is a | |
974 | * (truncated) copy of what we want to send, and the second one | |
975 | * contains the trailing dots. */ | |
976 | copy[0] = iovec[i]; | |
977 | copy[1] = (struct iovec) { | |
978 | .iov_base = (char[]) { '.', '.', '.' }, | |
979 | .iov_len = 3, | |
980 | }; | |
981 | ||
982 | mh.msg_iov = copy; | |
983 | mh.msg_iovlen = 2; | |
984 | } | |
985 | ||
986 | copy[0].iov_len /= 2; /* halve it, and try again */ | |
987 | continue; | |
988 | } | |
3c171f0b | 989 | |
3c171f0b | 990 | return log_error_errno(errno, "Failed to send coredump datagram: %m"); |
fec603eb | 991 | } |
1eef15b1 ZJS |
992 | } |
993 | ||
3c171f0b LP |
994 | r = send_one_fd(fd, input_fd, 0); |
995 | if (r < 0) | |
996 | return log_error_errno(r, "Failed to send coredump fd: %m"); | |
1eef15b1 | 997 | |
3c171f0b LP |
998 | return 0; |
999 | } | |
1eef15b1 | 1000 | |
78f043f7 | 1001 | static int process_special_crash(const char *context[], int input_fd) { |
3c171f0b LP |
1002 | _cleanup_close_ int coredump_fd = -1, coredump_node_fd = -1; |
1003 | _cleanup_free_ char *filename = NULL; | |
1004 | uint64_t coredump_size; | |
1005 | int r; | |
803a3464 | 1006 | |
3c171f0b LP |
1007 | assert(context); |
1008 | assert(input_fd >= 0); | |
803a3464 | 1009 | |
78f043f7 | 1010 | /* If we are pid1 or journald, we cut things short, don't write to the journal, but still create a coredump. */ |
34c10968 | 1011 | |
3c171f0b LP |
1012 | if (arg_storage != COREDUMP_STORAGE_NONE) |
1013 | arg_storage = COREDUMP_STORAGE_EXTERNAL; | |
34c10968 | 1014 | |
3c171f0b LP |
1015 | r = save_external_coredump(context, input_fd, &filename, &coredump_node_fd, &coredump_fd, &coredump_size); |
1016 | if (r < 0) | |
1017 | return r; | |
34c10968 | 1018 | |
3c171f0b LP |
1019 | r = maybe_remove_external_coredump(filename, coredump_size); |
1020 | if (r < 0) | |
1021 | return r; | |
34c10968 | 1022 | |
78f043f7 LP |
1023 | log_notice("Detected coredump of the journal daemon or PID 1, diverted to %s.", filename); |
1024 | ||
3c171f0b LP |
1025 | return 0; |
1026 | } | |
1027 | ||
9aa82023 ZJS |
1028 | static char* set_iovec_field(struct iovec iovec[27], size_t *n_iovec, const char *field, const char *value) { |
1029 | char *x; | |
3c171f0b | 1030 | |
9aa82023 ZJS |
1031 | x = strappend(field, value); |
1032 | if (x) | |
1033 | IOVEC_SET_STRING(iovec[(*n_iovec)++], x); | |
1034 | return x; | |
1035 | } | |
3c171f0b | 1036 | |
9aa82023 ZJS |
1037 | static char* set_iovec_field_free(struct iovec iovec[27], size_t *n_iovec, const char *field, char *value) { |
1038 | char *x; | |
1039 | ||
1040 | x = set_iovec_field(iovec, n_iovec, field, value); | |
1041 | free(value); | |
1042 | return x; | |
1043 | } | |
1044 | ||
1045 | static int gather_pid_metadata( | |
1046 | const char *context[_CONTEXT_MAX], | |
1047 | char **comm_fallback, | |
1048 | struct iovec iovec[27], size_t *n_iovec) { | |
3c171f0b LP |
1049 | |
1050 | _cleanup_free_ char *exe = NULL, *comm = NULL; | |
3c171f0b | 1051 | uid_t owner_uid; |
3c171f0b LP |
1052 | pid_t pid; |
1053 | char *t; | |
9aa82023 | 1054 | const char *p; |
3c171f0b LP |
1055 | int r; |
1056 | ||
9aa82023 | 1057 | r = parse_pid(context[CONTEXT_PID], &pid); |
3c171f0b LP |
1058 | if (r < 0) |
1059 | return log_error_errno(r, "Failed to parse PID."); | |
1060 | ||
1061 | r = get_process_comm(pid, &comm); | |
1062 | if (r < 0) { | |
1063 | log_warning_errno(r, "Failed to get COMM, falling back to the command line: %m"); | |
9aa82023 | 1064 | comm = strv_join(comm_fallback, " "); |
3c171f0b LP |
1065 | if (!comm) |
1066 | return log_oom(); | |
1067 | } | |
1068 | ||
1069 | r = get_process_exe(pid, &exe); | |
1070 | if (r < 0) | |
1071 | log_warning_errno(r, "Failed to get EXE, ignoring: %m"); | |
1072 | ||
3c171f0b LP |
1073 | if (cg_pid_get_unit(pid, &t) >= 0) { |
1074 | ||
c8091d92 LP |
1075 | /* If this is PID 1 disable coredump collection, we'll unlikely be able to process it later on. */ |
1076 | if (streq(t, SPECIAL_INIT_SCOPE)) { | |
1077 | log_notice("Due to PID 1 having crashed coredump collection will now be turned off."); | |
1078 | (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0); | |
1079 | } | |
1080 | ||
78f043f7 LP |
1081 | /* Let's avoid dead-locks when processing journald and init crashes, as socket activation and logging |
1082 | * are unlikely to work then. */ | |
1083 | if (STR_IN_SET(t, SPECIAL_JOURNALD_SERVICE, SPECIAL_INIT_SCOPE)) { | |
3c171f0b | 1084 | free(t); |
78f043f7 | 1085 | return process_special_crash(context, STDIN_FILENO); |
803a3464 LP |
1086 | } |
1087 | ||
9aa82023 | 1088 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_UNIT=", t); |
8c8549db | 1089 | } |
803a3464 | 1090 | |
3c171f0b | 1091 | /* OK, now we know it's not the journal, hence we can make use of it now. */ |
803a3464 LP |
1092 | log_set_target(LOG_TARGET_JOURNAL_OR_KMSG); |
1093 | log_open(); | |
1094 | ||
9aa82023 ZJS |
1095 | if (cg_pid_get_user_unit(pid, &t) >= 0) |
1096 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_USER_UNIT=", t); | |
3c171f0b | 1097 | |
9aa82023 ZJS |
1098 | /* The next few are mandatory */ |
1099 | if (!set_iovec_field(iovec, n_iovec, "COREDUMP_PID=", context[CONTEXT_PID])) | |
1100 | return log_oom(); | |
3c171f0b | 1101 | |
9aa82023 ZJS |
1102 | if (!set_iovec_field(iovec, n_iovec, "COREDUMP_UID=", context[CONTEXT_UID])) |
1103 | return log_oom(); | |
f5e04665 | 1104 | |
9aa82023 ZJS |
1105 | if (!set_iovec_field(iovec, n_iovec, "COREDUMP_GID=", context[CONTEXT_GID])) |
1106 | return log_oom(); | |
f5e04665 | 1107 | |
9aa82023 ZJS |
1108 | if (!set_iovec_field(iovec, n_iovec, "COREDUMP_SIGNAL=", context[CONTEXT_SIGNAL])) |
1109 | return log_oom(); | |
f5e04665 | 1110 | |
9aa82023 ZJS |
1111 | if (!set_iovec_field(iovec, n_iovec, "COREDUMP_RLIMIT=", context[CONTEXT_RLIMIT])) |
1112 | return log_oom(); | |
f5e04665 | 1113 | |
9aa82023 ZJS |
1114 | if (!set_iovec_field(iovec, n_iovec, "COREDUMP_COMM=", comm)) |
1115 | return log_oom(); | |
bdfd7b2c | 1116 | |
9aa82023 ZJS |
1117 | if (exe && |
1118 | !set_iovec_field(iovec, n_iovec, "COREDUMP_EXE=", exe)) | |
1119 | return log_oom(); | |
f5e04665 | 1120 | |
9aa82023 ZJS |
1121 | if (sd_pid_get_session(pid, &t) >= 0) |
1122 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_SESSION=", t); | |
f5e04665 | 1123 | |
a035f819 | 1124 | if (sd_pid_get_owner_uid(pid, &owner_uid) >= 0) { |
9aa82023 | 1125 | r = asprintf(&t, "COREDUMP_OWNER_UID=" UID_FMT, owner_uid); |
7de80bfe | 1126 | if (r > 0) |
9aa82023 | 1127 | IOVEC_SET_STRING(iovec[(*n_iovec)++], t); |
f5e04665 LP |
1128 | } |
1129 | ||
9aa82023 ZJS |
1130 | if (sd_pid_get_slice(pid, &t) >= 0) |
1131 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_SLICE=", t); | |
f5e04665 | 1132 | |
9aa82023 ZJS |
1133 | if (get_process_cmdline(pid, 0, false, &t) >= 0) |
1134 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_CMDLINE=", t); | |
a035f819 | 1135 | |
9aa82023 ZJS |
1136 | if (cg_pid_get_path_shifted(pid, NULL, &t) >= 0) |
1137 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_CGROUP=", t); | |
a035f819 | 1138 | |
9aa82023 ZJS |
1139 | if (compose_open_fds(pid, &t) >= 0) |
1140 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_OPEN_FDS=", t); | |
3f132692 JF |
1141 | |
1142 | p = procfs_file_alloca(pid, "status"); | |
9aa82023 ZJS |
1143 | if (read_full_file(p, &t, NULL) >= 0) |
1144 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_PROC_STATUS=", t); | |
3f132692 JF |
1145 | |
1146 | p = procfs_file_alloca(pid, "maps"); | |
9aa82023 ZJS |
1147 | if (read_full_file(p, &t, NULL) >= 0) |
1148 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_PROC_MAPS=", t); | |
3f132692 JF |
1149 | |
1150 | p = procfs_file_alloca(pid, "limits"); | |
9aa82023 ZJS |
1151 | if (read_full_file(p, &t, NULL) >= 0) |
1152 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_PROC_LIMITS=", t); | |
3f132692 JF |
1153 | |
1154 | p = procfs_file_alloca(pid, "cgroup"); | |
9aa82023 ZJS |
1155 | if (read_full_file(p, &t, NULL) >=0) |
1156 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_PROC_CGROUP=", t); | |
3f132692 | 1157 | |
d7032b1f | 1158 | p = procfs_file_alloca(pid, "mountinfo"); |
9aa82023 ZJS |
1159 | if (read_full_file(p, &t, NULL) >=0) |
1160 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_PROC_MOUNTINFO=", t); | |
d7032b1f | 1161 | |
9aa82023 ZJS |
1162 | if (get_process_cwd(pid, &t) >= 0) |
1163 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_CWD=", t); | |
3f132692 JF |
1164 | |
1165 | if (get_process_root(pid, &t) >= 0) { | |
9aa82023 ZJS |
1166 | bool proc_self_root_is_slash; |
1167 | ||
1168 | proc_self_root_is_slash = strcmp(t, "/") == 0; | |
3f132692 | 1169 | |
9aa82023 | 1170 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_ROOT=", t); |
7ed03ce6 JF |
1171 | |
1172 | /* If the process' root is "/", then there is a chance it has | |
1173 | * mounted own root and hence being containerized. */ | |
9aa82023 ZJS |
1174 | if (proc_self_root_is_slash && get_process_container_parent_cmdline(pid, &t) > 0) |
1175 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_CONTAINER_CMDLINE=", t); | |
3f132692 JF |
1176 | } |
1177 | ||
9aa82023 ZJS |
1178 | if (get_process_environ(pid, &t) >= 0) |
1179 | set_iovec_field_free(iovec, n_iovec, "COREDUMP_ENVIRON=", t); | |
1180 | ||
1181 | t = strjoin("COREDUMP_TIMESTAMP=", context[CONTEXT_TIMESTAMP], "000000", NULL); | |
1182 | if (t) | |
1183 | IOVEC_SET_STRING(iovec[(*n_iovec)++], t); | |
1184 | ||
1185 | return 0; | |
1186 | } | |
3f132692 | 1187 | |
9aa82023 ZJS |
1188 | static int process_kernel(int argc, char* argv[]) { |
1189 | ||
1190 | const char *context[_CONTEXT_MAX]; | |
1191 | struct iovec iovec[27]; | |
1192 | size_t n_iovec = 0, i, n_to_free; | |
1193 | int r; | |
1194 | ||
1195 | if (argc < CONTEXT_COMM + 1) { | |
1196 | log_error("Not enough arguments passed from kernel (%i, expected %i).", argc - 1, CONTEXT_COMM + 1 - 1); | |
1197 | return -EINVAL; | |
3f132692 JF |
1198 | } |
1199 | ||
9aa82023 ZJS |
1200 | context[CONTEXT_PID] = argv[CONTEXT_PID + 1]; |
1201 | context[CONTEXT_UID] = argv[CONTEXT_UID + 1]; | |
1202 | context[CONTEXT_GID] = argv[CONTEXT_GID + 1]; | |
1203 | context[CONTEXT_SIGNAL] = argv[CONTEXT_SIGNAL + 1]; | |
1204 | context[CONTEXT_TIMESTAMP] = argv[CONTEXT_TIMESTAMP + 1]; | |
1205 | context[CONTEXT_RLIMIT] = argv[CONTEXT_RLIMIT + 1]; | |
1206 | ||
1207 | r = gather_pid_metadata(context, argv + CONTEXT_COMM + 1, iovec, &n_iovec); | |
1208 | if (r < 0) | |
1209 | goto finish; | |
1210 | n_to_free = n_iovec; | |
f5e04665 | 1211 | |
3c171f0b | 1212 | IOVEC_SET_STRING(iovec[n_iovec++], "MESSAGE_ID=fc2e22bc6ee647b6b90729ab34a250b1"); |
4850d39a LP |
1213 | |
1214 | assert_cc(2 == LOG_CRIT); | |
3c171f0b | 1215 | IOVEC_SET_STRING(iovec[n_iovec++], "PRIORITY=2"); |
0dc5d23c | 1216 | |
3c171f0b | 1217 | assert(n_iovec <= ELEMENTSOF(iovec)); |
34c10968 | 1218 | |
9aa82023 ZJS |
1219 | r = send_iovec(iovec, n_iovec, STDIN_FILENO); |
1220 | ||
1221 | finish: | |
1222 | for (i = 0; i < n_to_free; i++) | |
1223 | free(iovec[i].iov_base); | |
1224 | ||
1225 | return r; | |
3c171f0b | 1226 | } |
34c10968 | 1227 | |
3c171f0b LP |
1228 | int main(int argc, char *argv[]) { |
1229 | int r; | |
fee80f69 | 1230 | |
9aa82023 ZJS |
1231 | /* First, log to a safe place, since we don't know what crashed and it might |
1232 | * be journald which we'd rather not log to then. */ | |
8d4e028f | 1233 | |
3c171f0b LP |
1234 | log_set_target(LOG_TARGET_KMSG); |
1235 | log_open(); | |
8d4e028f | 1236 | |
3c171f0b LP |
1237 | /* Make sure we never enter a loop */ |
1238 | (void) prctl(PR_SET_DUMPABLE, 0); | |
8d4e028f | 1239 | |
3c171f0b LP |
1240 | /* Ignore all parse errors */ |
1241 | (void) parse_config(); | |
fee80f69 | 1242 | |
3c171f0b LP |
1243 | log_debug("Selected storage '%s'.", coredump_storage_to_string(arg_storage)); |
1244 | log_debug("Selected compression %s.", yes_no(arg_compress)); | |
fee80f69 | 1245 | |
3c171f0b LP |
1246 | r = sd_listen_fds(false); |
1247 | if (r < 0) { | |
1248 | log_error_errno(r, "Failed to determine number of file descriptor: %m"); | |
1249 | goto finish; | |
fee80f69 LP |
1250 | } |
1251 | ||
9aa82023 ZJS |
1252 | /* If we got an fd passed, we are running in coredumpd mode. Otherwise we |
1253 | * are invoked from the kernel as coredump handler. */ | |
3c171f0b LP |
1254 | if (r == 0) |
1255 | r = process_kernel(argc, argv); | |
1256 | else if (r == 1) | |
1257 | r = process_socket(SD_LISTEN_FDS_START); | |
1258 | else { | |
1259 | log_error("Received unexpected number of file descriptors."); | |
1260 | r = -EINVAL; | |
1261 | } | |
f5e04665 LP |
1262 | |
1263 | finish: | |
f5e04665 LP |
1264 | return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; |
1265 | } |