Linux early injection: Use early injection across execve() invocations

[derekbruening]

From rnk@google.com on September 19, 2012 13:14:15

Currently for Linux early injection we do nothing special when the app or one of it's children that we've followed across a fork calls execve(), which means we end up using LD_PRELOAD injection.

Instead we should just swap in our own filename for the first parameter to execve and leave the environment alone.

Original issue: http://code.google.com/p/dynamorio/issues/detail?id=909

[derekbruening]

From bruen...@google.com on September 19, 2012 10:18:48

Instead we should just swap in our own filename for the first parameter to execve and leave the environment alone.

You can't leave the environment alone: you have to put in the options in order to support anonymous (i.e., not pre-configured) follow children

[derekbruening]

We hit an interesting problem when this is implemented: ld.so thinks it was invoked directly b/c it can't find AT_ENTRY. The auxv gets messed up by this call:

        unsetenv(DYNAMORIO_VAR_EXECVE);

b/c it shifts the env vars down and leaves 2 NULLs in a row, causing ld.so to not find auxv.

We also do:
unsetenv(DYNAMORIO_VAR_EXECVE_LOGDIR);

Soln: clobber name and leave in place instead of shifting.