LXR linux/fs/coredump.c

   1#include <linux/slab.h>
   2#include <linux/file.h>
   3#include <linux/fdtable.h>
   4#include <linux/mm.h>
   5#include <linux/stat.h>
   6#include <linux/fcntl.h>
   7#include <linux/swap.h>
   8#include <linux/string.h>
   9#include <linux/init.h>
  10#include <linux/pagemap.h>
  11#include <linux/perf_event.h>
  12#include <linux/highmem.h>
  13#include <linux/spinlock.h>
  14#include <linux/key.h>
  15#include <linux/personality.h>
  16#include <linux/binfmts.h>
  17#include <linux/coredump.h>
  18#include <linux/utsname.h>
  19#include <linux/pid_namespace.h>
  20#include <linux/module.h>
  21#include <linux/namei.h>
  22#include <linux/mount.h>
  23#include <linux/security.h>
  24#include <linux/syscalls.h>
  25#include <linux/tsacct_kern.h>
  26#include <linux/cn_proc.h>
  27#include <linux/audit.h>
  28#include <linux/tracehook.h>
  29#include <linux/kmod.h>
  30#include <linux/fsnotify.h>
  31#include <linux/fs_struct.h>
  32#include <linux/pipe_fs_i.h>
  33#include <linux/oom.h>
  34#include <linux/compat.h>
  35
  36#include <asm/uaccess.h>
  37#include <asm/mmu_context.h>
  38#include <asm/tlb.h>
  39#include <asm/exec.h>
  40
  41#include <trace/events/task.h>
  42#include "internal.h"
  43#include "coredump.h"
  44
  45#include <trace/events/sched.h>
  46
  47int core_uses_pid;
  48char core_pattern[CORENAME_MAX_SIZE] = "core";
  49unsigned int core_pipe_limit;
  50
  51struct core_name {
  52        char *corename;
  53        int used, size;
  54};
  55static atomic_t call_count = ATOMIC_INIT(1);
  56
  57/* The maximal length of core_pattern is also specified in sysctl.c */
  58
  59static int expand_corename(struct core_name *cn)
  60{
  61        char *old_corename = cn->corename;
  62
  63        cn->size = CORENAME_MAX_SIZE * atomic_inc_return(&call_count);
  64        cn->corename = krealloc(old_corename, cn->size, GFP_KERNEL);
  65
  66        if (!cn->corename) {
  67                kfree(old_corename);
  68                return -ENOMEM;
  69        }
  70
  71        return 0;
  72}
  73
  74static int cn_printf(struct core_name *cn, const char *fmt, ...)
  75{
  76        char *cur;
  77        int need;
  78        int ret;
  79        va_list arg;
  80
  81        va_start(arg, fmt);
  82        need = vsnprintf(NULL, 0, fmt, arg);
  83        va_end(arg);
  84
  85        if (likely(need < cn->size - cn->used - 1))
  86                goto out_printf;
  87
  88        ret = expand_corename(cn);
  89        if (ret)
  90                goto expand_fail;
  91
  92out_printf:
  93        cur = cn->corename + cn->used;
  94        va_start(arg, fmt);
  95        vsnprintf(cur, need + 1, fmt, arg);
  96        va_end(arg);
  97        cn->used += need;
  98        return 0;
  99
 100expand_fail:
 101        return ret;
 102}
 103
 104static void cn_escape(char *str)
 105{
 106        for (; *str; str++)
 107                if (*str == '/')
 108                        *str = '!';
 109}
 110
 111static int cn_print_exe_file(struct core_name *cn)
 112{
 113        struct file *exe_file;
 114        char *pathbuf, *path;
 115        int ret;
 116
 117        exe_file = get_mm_exe_file(current->mm);
 118        if (!exe_file) {
 119                char *commstart = cn->corename + cn->used;
 120                ret = cn_printf(cn, "%s (path unknown)", current->comm);
 121                cn_escape(commstart);
 122                return ret;
 123        }
 124
 125        pathbuf = kmalloc(PATH_MAX, GFP_TEMPORARY);
 126        if (!pathbuf) {
 127                ret = -ENOMEM;
 128                goto put_exe_file;
 129        }
 130
 131        path = d_path(&exe_file->f_path, pathbuf, PATH_MAX);
 132        if (IS_ERR(path)) {
 133                ret = PTR_ERR(path);
 134                goto free_buf;
 135        }
 136
 137        cn_escape(path);
 138
 139        ret = cn_printf(cn, "%s", path);
 140
 141free_buf:
 142        kfree(pathbuf);
 143put_exe_file:
 144        fput(exe_file);
 145        return ret;
 146}
 147
 148/* format_corename will inspect the pattern parameter, and output a
 149 * name into corename, which must have space for at least
 150 * CORENAME_MAX_SIZE bytes plus one byte for the zero terminator.
 151 */
 152static int format_corename(struct core_name *cn, struct coredump_params *cprm)
 153{
 154        const struct cred *cred = current_cred();
 155        const char *pat_ptr = core_pattern;
 156        int ispipe = (*pat_ptr == '|');
 157        int pid_in_pattern = 0;
 158        int err = 0;
 159
 160        cn->size = CORENAME_MAX_SIZE * atomic_read(&call_count);
 161        cn->corename = kmalloc(cn->size, GFP_KERNEL);
 162        cn->used = 0;
 163
 164        if (!cn->corename)
 165                return -ENOMEM;
 166
 167        /* Repeat as long as we have more pattern to process and more output
 168           space */
 169        while (*pat_ptr) {
 170                if (*pat_ptr != '%') {
 171                        if (*pat_ptr == 0)
 172                                goto out;
 173                        err = cn_printf(cn, "%c", *pat_ptr++);
 174                } else {
 175                        switch (*++pat_ptr) {
 176                        /* single % at the end, drop that */
 177                        case 0:
 178                                goto out;
 179                        /* Double percent, output one percent */
 180                        case '%':
 181                                err = cn_printf(cn, "%c", '%');
 182                                break;
 183                        /* pid */
 184                        case 'p':
 185                                pid_in_pattern = 1;
 186                                err = cn_printf(cn, "%d",
 187                                              task_tgid_vnr(current));
 188                                break;
 189                        /* global pid */
 190                        case 'P':
 191                                err = cn_printf(cn, "%d",
 192                                              task_tgid_nr(current));
 193                                break;
 194                        case 'i':
 195                                err = cn_printf(cn, "%d",
 196                                              task_pid_vnr(current));
 197                                break;
 198                        case 'I':
 199                                err = cn_printf(cn, "%d",
 200                                              task_pid_nr(current));
 201                                break;
 202                        /* uid */
 203                        case 'u':
 204                                err = cn_printf(cn, "%d", cred->uid);
 205                                break;
 206                        /* gid */
 207                        case 'g':
 208                                err = cn_printf(cn, "%d", cred->gid);
 209                                break;
 210                        case 'd':
 211                                err = cn_printf(cn, "%d",
 212                                        __get_dumpable(cprm->mm_flags));
 213                                break;
 214                        /* signal that caused the coredump */
 215                        case 's':
 216                                err = cn_printf(cn, "%ld", cprm->siginfo->si_signo);
 217                                break;
 218                        /* UNIX time of coredump */
 219                        case 't': {
 220                                struct timeval tv;
 221                                do_gettimeofday(&tv);
 222                                err = cn_printf(cn, "%lu", tv.tv_sec);
 223                                break;
 224                        }
 225                        /* hostname */
 226                        case 'h': {
 227                                char *namestart = cn->corename + cn->used;
 228                                down_read(&uts_sem);
 229                                err = cn_printf(cn, "%s",
 230                                              utsname()->nodename);
 231                                up_read(&uts_sem);
 232                                cn_escape(namestart);
 233                                break;
 234                        }
 235                        /* executable */
 236                        case 'e': {
 237                                char *commstart = cn->corename + cn->used;
 238                                err = cn_printf(cn, "%s", current->comm);
 239                                cn_escape(commstart);
 240                                break;
 241                        }
 242                        case 'E':
 243                                err = cn_print_exe_file(cn);
 244                                break;
 245                        /* core limit size */
 246                        case 'c':
 247                                err = cn_printf(cn, "%lu",
 248                                              rlimit(RLIMIT_CORE));
 249                                break;
 250                        default:
 251                                break;
 252                        }
 253                        ++pat_ptr;
 254                }
 255
 256                if (err)
 257                        return err;
 258        }
 259
 260        /* Backward compatibility with core_uses_pid:
 261         *
 262         * If core_pattern does not include a %p (as is the default)
 263         * and core_uses_pid is set, then .%pid will be appended to
 264         * the filename. Do not do this for piped commands. */
 265        if (!ispipe && !pid_in_pattern && core_uses_pid) {
 266                err = cn_printf(cn, ".%d", task_tgid_vnr(current));
 267                if (err)
 268                        return err;
 269        }
 270out:
 271        return ispipe;
 272}
 273
 274static int zap_process(struct task_struct *start, int exit_code)
 275{
 276        struct task_struct *t;
 277        int nr = 0;
 278
 279        start->signal->group_exit_code = exit_code;
 280        start->signal->group_stop_count = 0;
 281
 282        t = start;
 283        do {
 284                task_clear_jobctl_pending(t, JOBCTL_PENDING_MASK);
 285                if (t != current && t->mm) {
 286                        sigaddset(&t->pending.signal, SIGKILL);
 287                        signal_wake_up(t, 1);
 288                        nr++;
 289                }
 290        } while_each_thread(start, t);
 291
 292        return nr;
 293}
 294
 295static int zap_threads(struct task_struct *tsk, struct mm_struct *mm,
 296                        struct core_state *core_state, int exit_code)
 297{
 298        struct task_struct *g, *p;
 299        unsigned long flags;
 300        int nr = -EAGAIN;
 301
 302        spin_lock_irq(&tsk->sighand->siglock);
 303        if (!signal_group_exit(tsk->signal)) {
 304                mm->core_state = core_state;
 305                nr = zap_process(tsk, exit_code);
 306                tsk->signal->group_exit_task = tsk;
 307                /* ignore all signals except SIGKILL, see prepare_signal() */
 308                tsk->signal->flags = SIGNAL_GROUP_COREDUMP;
 309                clear_tsk_thread_flag(tsk, TIF_SIGPENDING);
 310        }
 311        spin_unlock_irq(&tsk->sighand->siglock);
 312        if (unlikely(nr < 0))
 313                return nr;
 314
 315        tsk->flags |= PF_DUMPCORE;
 316        if (atomic_read(&mm->mm_users) == nr + 1)
 317                goto done;
 318        /*
 319         * We should find and kill all tasks which use this mm, and we should
 320         * count them correctly into ->nr_threads. We don't take tasklist
 321         * lock, but this is safe wrt:
 322         *
 323         * fork:
 324         *      None of sub-threads can fork after zap_process(leader). All
 325         *      processes which were created before this point should be
 326         *      visible to zap_threads() because copy_process() adds the new
 327         *      process to the tail of init_task.tasks list, and lock/unlock
 328         *      of ->siglock provides a memory barrier.
 329         *
 330         * do_exit:
 331         *      The caller holds mm->mmap_sem. This means that the task which
 332         *      uses this mm can't pass exit_mm(), so it can't exit or clear
 333         *      its ->mm.
 334         *
 335         * de_thread:
 336         *      It does list_replace_rcu(&leader->tasks, &current->tasks),
 337         *      we must see either old or new leader, this does not matter.
 338         *      However, it can change p->sighand, so lock_task_sighand(p)
 339         *      must be used. Since p->mm != NULL and we hold ->mmap_sem
 340         *      it can't fail.
 341         *
 342         *      Note also that "g" can be the old leader with ->mm == NULL
 343         *      and already unhashed and thus removed from ->thread_group.
 344         *      This is OK, __unhash_process()->list_del_rcu() does not
 345         *      clear the ->next pointer, we will find the new leader via
 346         *      next_thread().
 347         */
 348        rcu_read_lock();
 349        for_each_process(g) {
 350                if (g == tsk->group_leader)
 351                        continue;
 352                if (g->flags & PF_KTHREAD)
 353                        continue;
 354                p = g;
 355                do {
 356                        if (p->mm) {
 357                                if (unlikely(p->mm == mm)) {
 358                                        lock_task_sighand(p, &flags);
 359                                        nr += zap_process(p, exit_code);
 360                                        p->signal->flags = SIGNAL_GROUP_EXIT;
 361                                        unlock_task_sighand(p, &flags);
 362                                }
 363                                break;
 364                        }
 365                } while_each_thread(g, p);
 366        }
 367        rcu_read_unlock();
 368done:
 369        atomic_set(&core_state->nr_threads, nr);
 370        return nr;
 371}
 372
 373static int coredump_wait(int exit_code, struct core_state *core_state)
 374{
 375        struct task_struct *tsk = current;
 376        struct mm_struct *mm = tsk->mm;
 377        int core_waiters = -EBUSY;
 378
 379        init_completion(&core_state->startup);
 380        core_state->dumper.task = tsk;
 381        core_state->dumper.next = NULL;
 382
 383        down_write(&mm->mmap_sem);
 384        if (!mm->core_state)
 385                core_waiters = zap_threads(tsk, mm, core_state, exit_code);
 386        up_write(&mm->mmap_sem);
 387
 388        if (core_waiters > 0) {
 389                struct core_thread *ptr;
 390
 391                wait_for_completion(&core_state->startup);
 392                /*
 393                 * Wait for all the threads to become inactive, so that
 394                 * all the thread context (extended register state, like
 395                 * fpu etc) gets copied to the memory.
 396                 */
 397                ptr = core_state->dumper.next;
 398                while (ptr != NULL) {
 399                        wait_task_inactive(ptr->task, 0);
 400                        ptr = ptr->next;
 401                }
 402        }
 403
 404        return core_waiters;
 405}
 406
 407static void coredump_finish(struct mm_struct *mm, bool core_dumped)
 408{
 409        struct core_thread *curr, *next;
 410        struct task_struct *task;
 411
 412        spin_lock_irq(&current->sighand->siglock);
 413        if (core_dumped && !__fatal_signal_pending(current))
 414                current->signal->group_exit_code |= 0x80;
 415        current->signal->group_exit_task = NULL;
 416        current->signal->flags = SIGNAL_GROUP_EXIT;
 417        spin_unlock_irq(&current->sighand->siglock);
 418
 419        next = mm->core_state->dumper.next;
 420        while ((curr = next) != NULL) {
 421                next = curr->next;
 422                task = curr->task;
 423                /*
 424                 * see exit_mm(), curr->task must not see
 425                 * ->task == NULL before we read ->next.
 426                 */
 427                smp_mb();
 428                curr->task = NULL;
 429                wake_up_process(task);
 430        }
 431
 432        mm->core_state = NULL;
 433}
 434
 435static bool dump_interrupted(void)
 436{
 437        /*
 438         * SIGKILL or freezing() interrupt the coredumping. Perhaps we
 439         * can do try_to_freeze() and check __fatal_signal_pending(),
 440         * but then we need to teach dump_write() to restart and clear
 441         * TIF_SIGPENDING.
 442         */
 443        return signal_pending(current);
 444}
 445
 446static void wait_for_dump_helpers(struct file *file)
 447{
 448        struct pipe_inode_info *pipe = file->private_data;
 449
 450        pipe_lock(pipe);
 451        pipe->readers++;
 452        pipe->writers--;
 453        wake_up_interruptible_sync(&pipe->wait);
 454        kill_fasync(&pipe->fasync_readers, SIGIO, POLL_IN);
 455        pipe_unlock(pipe);
 456
 457        /*
 458         * We actually want wait_event_freezable() but then we need
 459         * to clear TIF_SIGPENDING and improve dump_interrupted().
 460         */
 461        wait_event_interruptible(pipe->wait, pipe->readers == 1);
 462
 463        pipe_lock(pipe);
 464        pipe->readers--;
 465        pipe->writers++;
 466        pipe_unlock(pipe);
 467}
 468
 469/*
 470 * umh_pipe_setup
 471 * helper function to customize the process used
 472 * to collect the core in userspace.  Specifically
 473 * it sets up a pipe and installs it as fd 0 (stdin)
 474 * for the process.  Returns 0 on success, or
 475 * PTR_ERR on failure.
 476 * Note that it also sets the core limit to 1.  This
 477 * is a special value that we use to trap recursive
 478 * core dumps
 479 */
 480static int umh_pipe_setup(struct subprocess_info *info, struct cred *new)
 481{
 482        struct file *files[2];
 483        struct coredump_params *cp = (struct coredump_params *)info->data;
 484        int err = create_pipe_files(files, 0);
 485        if (err)
 486                return err;
 487
 488        cp->file = files[1];
 489
 490        err = replace_fd(0, files[0], 0);
 491        fput(files[0]);
 492        /* and disallow core files too */
 493        current->signal->rlim[RLIMIT_CORE] = (struct rlimit){1, 1};
 494
 495        return err;
 496}
 497
 498void do_coredump(siginfo_t *siginfo)
 499{
 500        struct core_state core_state;
 501        struct core_name cn;
 502        struct mm_struct *mm = current->mm;
 503        struct linux_binfmt * binfmt;
 504        const struct cred *old_cred;
 505        struct cred *cred;
 506        int retval = 0;
 507        int flag = 0;
 508        int ispipe;
 509        struct files_struct *displaced;
 510        bool need_nonrelative = false;
 511        bool core_dumped = false;
 512        static atomic_t core_dump_count = ATOMIC_INIT(0);
 513        struct coredump_params cprm = {
 514                .siginfo = siginfo,
 515                .regs = signal_pt_regs(),
 516                .limit = rlimit(RLIMIT_CORE),
 517                /*
 518                 * We must use the same mm->flags while dumping core to avoid
 519                 * inconsistency of bit flags, since this flag is not protected
 520                 * by any locks.
 521                 */
 522                .mm_flags = mm->flags,
 523        };
 524
 525        audit_core_dumps(siginfo->si_signo);
 526
 527        binfmt = mm->binfmt;
 528        if (!binfmt || !binfmt->core_dump)
 529                goto fail;
 530        if (!__get_dumpable(cprm.mm_flags))
 531                goto fail;
 532
 533        cred = prepare_creds();
 534        if (!cred)
 535                goto fail;
 536        /*
 537         * We cannot trust fsuid as being the "true" uid of the process
 538         * nor do we know its entire history. We only know it was tainted
 539         * so we dump it as root in mode 2, and only into a controlled
 540         * environment (pipe handler or fully qualified path).
 541         */
 542        if (__get_dumpable(cprm.mm_flags) == SUID_DUMP_ROOT) {
 543                /* Setuid core dump mode */
 544                flag = O_EXCL;          /* Stop rewrite attacks */
 545                cred->fsuid = GLOBAL_ROOT_UID;  /* Dump root private */
 546                need_nonrelative = true;
 547        }
 548
 549        retval = coredump_wait(siginfo->si_signo, &core_state);
 550        if (retval < 0)
 551                goto fail_creds;
 552
 553        old_cred = override_creds(cred);
 554
 555        ispipe = format_corename(&cn, &cprm);
 556
 557        if (ispipe) {
 558                int dump_count;
 559                char **helper_argv;
 560                struct subprocess_info *sub_info;
 561
 562                if (ispipe < 0) {
 563                        printk(KERN_WARNING "format_corename failed\n");
 564                        printk(KERN_WARNING "Aborting core\n");
 565                        goto fail_corename;
 566                }
 567
 568                if (cprm.limit == 1) {
 569                        /* See umh_pipe_setup() which sets RLIMIT_CORE = 1.
 570                         *
 571                         * Normally core limits are irrelevant to pipes, since
 572                         * we're not writing to the file system, but we use
 573                         * cprm.limit of 1 here as a speacial value, this is a
 574                         * consistent way to catch recursive crashes.
 575                         * We can still crash if the core_pattern binary sets
 576                         * RLIM_CORE = !1, but it runs as root, and can do
 577                         * lots of stupid things.
 578                         *
 579                         * Note that we use task_tgid_vnr here to grab the pid
 580                         * of the process group leader.  That way we get the
 581                         * right pid if a thread in a multi-threaded
 582                         * core_pattern process dies.
 583                         */
 584                        printk(KERN_WARNING
 585                                "Process %d(%s) has RLIMIT_CORE set to 1\n",
 586                                task_tgid_vnr(current), current->comm);
 587                        printk(KERN_WARNING "Aborting core\n");
 588                        goto fail_unlock;
 589                }
 590                cprm.limit = RLIM_INFINITY;
 591
 592                dump_count = atomic_inc_return(&core_dump_count);
 593                if (core_pipe_limit && (core_pipe_limit < dump_count)) {
 594                        printk(KERN_WARNING "Pid %d(%s) over core_pipe_limit\n",
 595                               task_tgid_vnr(current), current->comm);
 596                        printk(KERN_WARNING "Skipping core dump\n");
 597                        goto fail_dropcount;
 598                }
 599
 600                helper_argv = argv_split(GFP_KERNEL, cn.corename+1, NULL);
 601                if (!helper_argv) {
 602                        printk(KERN_WARNING "%s failed to allocate memory\n",
 603                               __func__);
 604                        goto fail_dropcount;
 605                }
 606
 607                retval = -ENOMEM;
 608                sub_info = call_usermodehelper_setup(helper_argv[0],
 609                                                helper_argv, NULL, GFP_KERNEL,
 610                                                umh_pipe_setup, NULL, &cprm);
 611                if (sub_info)
 612                        retval = call_usermodehelper_exec(sub_info,
 613                                                          UMH_WAIT_EXEC);
 614
 615                argv_free(helper_argv);
 616                if (retval) {
 617                        printk(KERN_INFO "Core dump to %s pipe failed\n",
 618                               cn.corename);
 619                        goto close_fail;
 620                }
 621        } else {
 622                struct inode *inode;
 623
 624                if (cprm.limit < binfmt->min_coredump)
 625                        goto fail_unlock;
 626
 627                if (need_nonrelative && cn.corename[0] != '/') {
 628                        printk(KERN_WARNING "Pid %d(%s) can only dump core "\
 629                                "to fully qualified path!\n",
 630                                task_tgid_vnr(current), current->comm);
 631                        printk(KERN_WARNING "Skipping core dump\n");
 632                        goto fail_unlock;
 633                }
 634
 635                cprm.file = filp_open(cn.corename,
 636                                 O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag,
 637                                 0600);
 638                if (IS_ERR(cprm.file))
 639                        goto fail_unlock;
 640
 641                inode = file_inode(cprm.file);
 642                if (inode->i_nlink > 1)
 643                        goto close_fail;
 644                if (d_unhashed(cprm.file->f_path.dentry))
 645                        goto close_fail;
 646                /*
 647                 * AK: actually i see no reason to not allow this for named
 648                 * pipes etc, but keep the previous behaviour for now.
 649                 */
 650                if (!S_ISREG(inode->i_mode))
 651                        goto close_fail;
 652                /*
 653                 * Dont allow local users get cute and trick others to coredump
 654                 * into their pre-created files.
 655                 */
 656                if (!uid_eq(inode->i_uid, current_fsuid()))
 657                        goto close_fail;
 658                if (!cprm.file->f_op || !cprm.file->f_op->write)
 659                        goto close_fail;
 660                if (do_truncate(cprm.file->f_path.dentry, 0, 0, cprm.file))
 661                        goto close_fail;
 662        }
 663
 664        /* get us an unshared descriptor table; almost always a no-op */
 665        retval = unshare_files(&displaced);
 666        if (retval)
 667                goto close_fail;
 668        if (displaced)
 669                put_files_struct(displaced);
 670        if (!dump_interrupted()) {
 671                file_start_write(cprm.file);
 672                core_dumped = binfmt->core_dump(&cprm);
 673                file_end_write(cprm.file);
 674        }
 675        if (ispipe && core_pipe_limit)
 676                wait_for_dump_helpers(cprm.file);
 677close_fail:
 678        if (cprm.file)
 679                filp_close(cprm.file, NULL);
 680fail_dropcount:
 681        if (ispipe)
 682                atomic_dec(&core_dump_count);
 683fail_unlock:
 684        kfree(cn.corename);
 685fail_corename:
 686        coredump_finish(mm, core_dumped);
 687        revert_creds(old_cred);
 688fail_creds:
 689        put_cred(cred);
 690fail:
 691        return;
 692}
 693
 694/*
 695 * Core dumping helper functions.  These are the only things you should
 696 * do on a core-file: use only these functions to write out all the
 697 * necessary info.
 698 */
 699int dump_write(struct file *file, const void *addr, int nr)
 700{
 701        return !dump_interrupted() &&
 702                access_ok(VERIFY_READ, addr, nr) &&
 703                file->f_op->write(file, addr, nr, &file->f_pos) == nr;
 704}
 705EXPORT_SYMBOL(dump_write);
 706
 707int dump_seek(struct file *file, loff_t off)
 708{
 709        int ret = 1;
 710
 711        if (file->f_op->llseek && file->f_op->llseek != no_llseek) {
 712                if (dump_interrupted() ||
 713                    file->f_op->llseek(file, off, SEEK_CUR) < 0)
 714                        return 0;
 715        } else {
 716                char *buf = (char *)get_zeroed_page(GFP_KERNEL);
 717
 718                if (!buf)
 719                        return 0;
 720                while (off > 0) {
 721                        unsigned long n = off;
 722
 723                        if (n > PAGE_SIZE)
 724                                n = PAGE_SIZE;
 725                        if (!dump_write(file, buf, n)) {
 726                                ret = 0;
 727                                break;
 728                        }
 729                        off -= n;
 730                }
 731                free_page((unsigned long)buf);
 732        }
 733        return ret;
 734}
 735EXPORT_SYMBOL(dump_seek);
 736