This series aims to clean up an aspect of coredump generation:

ELF coredumps contain a set of notes describing the state of machine
registers and other information about the dumped process.

Notes are identified by a numeric identifier n_type and a "name"
string, although this terminology is somewhat misleading.  Officially,
the "name" of a note is really an "originator" or namespace identifier
that indicates how to interpret n_type [1], although in practice it is
often used more loosely.

Either way, each kind of note needs _both_ a specific "name" string and
a specific n_type to identify it robustly.

To centralise this knowledge in one place and avoid the need for ad-hoc
code to guess the correct name for a given note, commit 7da8e4ad4df0
("elf: Define note name macros") [2] added an explicit NN_<foo> #define
in elf.h to give the name corresponding to each named note type
NT_<foo>.

Now that the note name for each note is specified explicitly, the
remaining guesswork for determining the note name for common and
arch-specific regsets in ELF core dumps can be eliminated.

This series aims to do just that:

 * Patch 2 adds a user_regset field to specify the note name, and a
   helper macro to populate it correctly alongside the note type.

 * Patch 3 ports away the ad-hoc note names in the common coredump
   code.

 * Patches 4-22 make the arch-specific changes.  (This is pretty
   mechanical for most arches.)

 * The final patch adds a WARN() when no note name is specified,
   and simplifies the fallback guess.  This should only be applied
   when all arches have ported across.

See the individual patches for details.


Testing:

 * x86, arm64: Booted in a VM and triggered a core dump with no WARN(),
   and verified that the dumped notes are the same.

 * arm: Build-tested only (for now).

 * Other arches: not tested yet

Any help with testing is appreciated.  If the following generates the
same notes (as dumped by readelf -n core) and doesn't trigger a WARN,
then we are probably good.

$ sleep 60 &
$ kill -QUIT $!

(Register content might differ between runs, but it should be safe to
ignore that -- this series only deals with the note names and types.)

Cheers
---Dave


[1] System V Application Binary Interface, Edition 4.1,
Section 5 (Program Loading and Dynamic Linking) -> "Note Section"

https://refspecs.linuxfoundation.org/elf/gabi41.pdf

[2] elf: Define note name macros

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/include/uapi/linux/elf.h?id=7da8e4ad4df0dd12f37357af62ce1b63e75ae2e6


Dave Martin (23):
  regset: Fix kerneldoc for struct regset_get() in user_regset
  regset: Add explicit core note name in struct user_regset
  binfmt_elf: Dump non-arch notes with strictly matching name and type
  ARC: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
  ARM: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
  arm64: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
    names
  csky: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
  hexagon: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
    names
  LoongArch: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
    names
  m68k: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
  MIPS: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
  nios2: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
    names
  openrisc: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
    names
  parisc: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
    names
  powerpc/ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
    names
  riscv: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
    names
  s390/ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
  sh: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
  sparc: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
    names
  x86/ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
  um: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
  xtensa: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
    names
  binfmt_elf: Warn on missing or suspicious regset note names

 arch/arc/kernel/ptrace.c                 |  4 +-
 arch/arm/kernel/ptrace.c                 |  6 +-
 arch/arm64/kernel/ptrace.c               | 52 ++++++++---------
 arch/csky/kernel/ptrace.c                |  4 +-
 arch/hexagon/kernel/ptrace.c             |  2 +-
 arch/loongarch/kernel/ptrace.c           | 16 ++---
 arch/m68k/kernel/ptrace.c                |  4 +-
 arch/mips/kernel/ptrace.c                | 20 +++----
 arch/nios2/kernel/ptrace.c               |  2 +-
 arch/openrisc/kernel/ptrace.c            |  4 +-
 arch/parisc/kernel/ptrace.c              |  8 +--
 arch/powerpc/kernel/ptrace/ptrace-view.c | 74 ++++++++++++------------
 arch/riscv/kernel/ptrace.c               | 12 ++--
 arch/s390/kernel/ptrace.c                | 42 +++++++-------
 arch/sh/kernel/ptrace_32.c               |  4 +-
 arch/sparc/kernel/ptrace_32.c            |  4 +-
 arch/sparc/kernel/ptrace_64.c            |  8 +--
 arch/x86/kernel/ptrace.c                 | 22 +++----
 arch/x86/um/ptrace.c                     | 10 ++--
 arch/xtensa/kernel/ptrace.c              |  4 +-
 fs/binfmt_elf.c                          | 36 +++++++-----
 fs/binfmt_elf_fdpic.c                    | 17 +++---
 include/linux/regset.h                   | 12 +++-
 23 files changed, 194 insertions(+), 173 deletions(-)


base-commit: 86731a2a651e58953fc949573895f2fa6d456841
-- 
2.34.1

On Tue, 01 Jul 2025 14:55:53 +0100, Dave Martin wrote:
> This series aims to clean up an aspect of coredump generation:
> 
> ELF coredumps contain a set of notes describing the state of machine
> registers and other information about the dumped process.
> 
> Notes are identified by a numeric identifier n_type and a "name"
> string, although this terminology is somewhat misleading.  Officially,
> the "name" of a note is really an "originator" or namespace identifier
> that indicates how to interpret n_type [1], although in practice it is
> often used more loosely.
> 
> [...]

Applied to for-next/execve, thanks!

[01/23] regset: Fix kerneldoc for struct regset_get() in user_regset
        https://git.kernel.org/kees/c/6fd9e1aa0784
[02/23] regset: Add explicit core note name in struct user_regset
        https://git.kernel.org/kees/c/85a7f9cbf8a8
[03/23] binfmt_elf: Dump non-arch notes with strictly matching name and type
        https://git.kernel.org/kees/c/9674a1be4dd5
[04/23] ARC: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/237dc8d79627
[05/23] ARM: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/49b849d11cd1
[06/23] arm64: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/87b0d081dc98
[07/23] csky: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/2c2fb861fc59
[08/23] hexagon: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/55821111b1b3
[09/23] LoongArch: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/1260e3b13584
[10/23] m68k: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/e572168e8d2a
[11/23] MIPS: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/18bd88faa246
[12/23] nios2: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/8368cd0e4636
[13/23] openrisc: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/10cd957a895f
[14/23] parisc: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/92acdd819b5d
[15/23] powerpc/ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/307035acefbd
[16/23] riscv: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/c9502cc7bef5
[17/23] s390/ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/d6a883cb40fc
[18/23] sh: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/afe74eecd88f
[19/23] sparc: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/c9d4cb25e94e
[20/23] x86/ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/3de0414dec7b
[21/23] um: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/40d3a88594b5
[22/23] xtensa: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
        https://git.kernel.org/kees/c/cb32fb722f4b
[23/23] binfmt_elf: Warn on missing or suspicious regset note names
        https://git.kernel.org/kees/c/a55128d392e8

Take care,

-- 
Kees Cook

On Mon, Jul 14, 2025 at 10:37:11PM -0700, Kees Cook wrote:
> On Tue, 01 Jul 2025 14:55:53 +0100, Dave Martin wrote:
> > This series aims to clean up an aspect of coredump generation:
> > 
> > ELF coredumps contain a set of notes describing the state of machine
> > registers and other information about the dumped process.
> > 
> > Notes are identified by a numeric identifier n_type and a "name"
> > string, although this terminology is somewhat misleading.  Officially,
> > the "name" of a note is really an "originator" or namespace identifier
> > that indicates how to interpret n_type [1], although in practice it is
> > often used more loosely.
> > 
> > [...]
> 
> Applied to for-next/execve, thanks!
> 
> [01/23] regset: Fix kerneldoc for struct regset_get() in user_regset
>         https://git.kernel.org/kees/c/6fd9e1aa0784

[...]

> [23/23] binfmt_elf: Warn on missing or suspicious regset note names
>         https://git.kernel.org/kees/c/a55128d392e8
> 
> Take care,
> 
> -- 
> Kees Cook

Thanks!

Assuming nobody screams about things going wrong in next, I'll plan to
water down the paranoid check in binfmt_elf.c:fill_thread_core_info().

Anyone copy-pasting a new arch after this is in mainline shouldn't fall
foul of this.

Cheers
---Dave

On 2025/07/01 22:55, Dave Martin wrote:
> This series aims to clean up an aspect of coredump generation:
> 
> ELF coredumps contain a set of notes describing the state of machine
> registers and other information about the dumped process.
> 
> Notes are identified by a numeric identifier n_type and a "name"
> string, although this terminology is somewhat misleading.  Officially,
> the "name" of a note is really an "originator" or namespace identifier
> that indicates how to interpret n_type [1], although in practice it is
> often used more loosely.
> 
> Either way, each kind of note needs _both_ a specific "name" string and
> a specific n_type to identify it robustly.
> 
> To centralise this knowledge in one place and avoid the need for ad-hoc
> code to guess the correct name for a given note, commit 7da8e4ad4df0
> ("elf: Define note name macros") [2] added an explicit NN_<foo> #define
> in elf.h to give the name corresponding to each named note type
> NT_<foo>.
> 
> Now that the note name for each note is specified explicitly, the
> remaining guesswork for determining the note name for common and
> arch-specific regsets in ELF core dumps can be eliminated.
> 
> This series aims to do just that:
> 
>   * Patch 2 adds a user_regset field to specify the note name, and a
>     helper macro to populate it correctly alongside the note type.
> 
>   * Patch 3 ports away the ad-hoc note names in the common coredump
>     code.
> 
>   * Patches 4-22 make the arch-specific changes.  (This is pretty
>     mechanical for most arches.)
> 
>   * The final patch adds a WARN() when no note name is specified,
>     and simplifies the fallback guess.  This should only be applied
>     when all arches have ported across.
> 
> See the individual patches for details.
> 
> 
> Testing:
> 
>   * x86, arm64: Booted in a VM and triggered a core dump with no WARN(),
>     and verified that the dumped notes are the same.
> 
>   * arm: Build-tested only (for now).
> 
>   * Other arches: not tested yet
> 
> Any help with testing is appreciated.  If the following generates the
> same notes (as dumped by readelf -n core) and doesn't trigger a WARN,
> then we are probably good.
> 
> $ sleep 60 &
> $ kill -QUIT $!
> 
> (Register content might differ between runs, but it should be safe to
> ignore that -- this series only deals with the note names and types.)
> 
> Cheers
> ---Dave
> 
> 
> [1] System V Application Binary Interface, Edition 4.1,
> Section 5 (Program Loading and Dynamic Linking) -> "Note Section"
> 
> https://refspecs.linuxfoundation.org/elf/gabi41.pdf
> 
> [2] elf: Define note name macros
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/include/uapi/linux/elf.h?id=7da8e4ad4df0dd12f37357af62ce1b63e75ae2e6
> 
> 
> Dave Martin (23):
>    regset: Fix kerneldoc for struct regset_get() in user_regset
>    regset: Add explicit core note name in struct user_regset
>    binfmt_elf: Dump non-arch notes with strictly matching name and type
>    ARC: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
>    ARM: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
>    arm64: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
>      names
>    csky: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
>    hexagon: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
>      names
>    LoongArch: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
>      names
>    m68k: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
>    MIPS: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
>    nios2: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
>      names
>    openrisc: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
>      names
>    parisc: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
>      names
>    powerpc/ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
>      names
>    riscv: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
>      names
>    s390/ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
>    sh: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
>    sparc: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
>      names
>    x86/ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
>    um: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note names
>    xtensa: ptrace: Use USER_REGSET_NOTE_TYPE() to specify regset note
>      names
>    binfmt_elf: Warn on missing or suspicious regset note names
> 
>   arch/arc/kernel/ptrace.c                 |  4 +-
>   arch/arm/kernel/ptrace.c                 |  6 +-
>   arch/arm64/kernel/ptrace.c               | 52 ++++++++---------
>   arch/csky/kernel/ptrace.c                |  4 +-
>   arch/hexagon/kernel/ptrace.c             |  2 +-
>   arch/loongarch/kernel/ptrace.c           | 16 ++---
>   arch/m68k/kernel/ptrace.c                |  4 +-
>   arch/mips/kernel/ptrace.c                | 20 +++----
>   arch/nios2/kernel/ptrace.c               |  2 +-
>   arch/openrisc/kernel/ptrace.c            |  4 +-
>   arch/parisc/kernel/ptrace.c              |  8 +--
>   arch/powerpc/kernel/ptrace/ptrace-view.c | 74 ++++++++++++------------
>   arch/riscv/kernel/ptrace.c               | 12 ++--
>   arch/s390/kernel/ptrace.c                | 42 +++++++-------
>   arch/sh/kernel/ptrace_32.c               |  4 +-
>   arch/sparc/kernel/ptrace_32.c            |  4 +-
>   arch/sparc/kernel/ptrace_64.c            |  8 +--
>   arch/x86/kernel/ptrace.c                 | 22 +++----
>   arch/x86/um/ptrace.c                     | 10 ++--
>   arch/xtensa/kernel/ptrace.c              |  4 +-
>   fs/binfmt_elf.c                          | 36 +++++++-----
>   fs/binfmt_elf_fdpic.c                    | 17 +++---
>   include/linux/regset.h                   | 12 +++-
>   23 files changed, 194 insertions(+), 173 deletions(-)
> 
> 
> base-commit: 86731a2a651e58953fc949573895f2fa6d456841

For the whole series:
Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>

Regards,
Akihiko Odaki