exposing audit information to user program

Maule Mark mark_maule@yahoo.com
Fri May 23 16:43:00 GMT 2014


Hi: 
I have a large heavily threaded program linked against lots of .so's which frequently experiences memory corruption.  Often times the area being corrupted is somewhere in the link_map list, rendering the core undebuggable. 
I've been experimenting with an audit library that would take a snapshot of the link_map list every time the LA_ACT_CONSISTENT event occurs, saving the snapshot into a mprotect'd area.  The thinking being that if the list gets corrupted, I can at least manually load the .so's from gdb for debugging.  Currently, the memory for the save area is a static array in the audit .so. 
Anyway, the problem I'm struggling with now is how to expose my saved list to gdb and/or the running program.  Is it possible to expose a symbol in an audit routine to the user program?  Does gdb/user-program even have access to memory allocated in the dynamic loader?  If not, is there another way to do this, maybe using TLS? 
Any thoughts/advice appreciated. 
Side Question:  I have recently started linking this program with -z relro.  I understand this will give me some protection on other sensitive areas such as got, etc.  But does this also protect the link_map list. 
Mark Maule



More information about the Libc-help mailing list