exposing audit information to user program
Maule Mark
mark_maule@yahoo.com
Fri May 23 16:43:00 GMT 2014
Hi:
I have a large heavily threaded program linked against lots of .so's which frequently experiences memory corruption. Often times the area being corrupted is somewhere in the link_map list, rendering the core undebuggable.
I've been experimenting with an audit library that would take a snapshot of the link_map list every time the LA_ACT_CONSISTENT event occurs, saving the snapshot into a mprotect'd area. The thinking being that if the list gets corrupted, I can at least manually load the .so's from gdb for debugging. Currently, the memory for the save area is a static array in the audit .so.
Anyway, the problem I'm struggling with now is how to expose my saved list to gdb and/or the running program. Is it possible to expose a symbol in an audit routine to the user program? Does gdb/user-program even have access to memory allocated in the dynamic loader? If not, is there another way to do this, maybe using TLS?
Any thoughts/advice appreciated.
Side Question: I have recently started linking this program with -z relro. I understand this will give me some protection on other sensitive areas such as got, etc. But does this also protect the link_map list.
Mark Maule
More information about the Libc-help
mailing list