Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add the ability to run drgn against the live kernel as non-root user #347

Merged
merged 3 commits into from
Sep 11, 2023

Commits on Sep 11, 2023

  1. Allow Program.set_core_dump() and program_from_core_dump() to accept FD

    This allows an open file descriptor to be passed into Drgn and treated
    as a core dump.  There are many use cases, but one interesting one is
    that the FD could be sent by a helper process running as root, allowing
    a non-root Drgn process to debug the running kernel.
    
    Signed-off-by: Stephen Brennan <[email protected]>
    brenns10 authored and osandov committed Sep 11, 2023
    Configuration menu
    Copy the full SHA
    9a93fe9 View commit details
    Browse the repository at this point in the history
  2. libdrgn: linux_kernel: fallback section iterator

    The files within /sys/module/*/sections seem to normally be 400
    permissions, only accessible by root. Normally for live use, this is not
    a problem because we are running as root. However, if we're running as
    non-root, then we may get EACCES on these files.
    
    To handle this, fall back to using the non-live approach if we get an
    EACCES. Even if we do get the error, we can continue to use the
    /sys/module/*/notes files to maintain a partial speedup.
    
    Signed-off-by: Stephen Brennan <[email protected]>
    brenns10 authored and osandov committed Sep 11, 2023
    Configuration menu
    Copy the full SHA
    f67d05f View commit details
    Browse the repository at this point in the history
  3. cli: Open /proc/kcore via sudo when not root

    Non-root users can now run Drgn against the running kernel. Drgn will
    attempt to use sudo to open /proc/kcore and transmit the opened file
    descriptor back to the user process. The file descriptor is then passed
    to Program.set_core_dump(). The user must still have sudo privileges.
    
    Signed-off-by: Stephen Brennan <[email protected]>
    brenns10 authored and osandov committed Sep 11, 2023
    Configuration menu
    Copy the full SHA
    ac75238 View commit details
    Browse the repository at this point in the history