The function we use to copy data out of the target process currently relies on ptrace::read() (see here). While this guarantees compatibility with versions of Linux as old as 2.6 it is a bit slow as we're doing one syscall per every memory word read.
One way to speed this up would be to pread64() the data from /proc/<pid>/mem. This should work on pretty much any version of Linux but would require a fallback to ptrace::read() as it might fail due to lack of appropriate credentials. The second approach would be to use process_vm_readv(). This would be even faster if we could read several chunks in a single call (like all the stacks for example) but would fail on very old versions of Linux and if appropriate credentials aren't available. Thus it would also need a fallpack to ptrace::read().
The function we use to copy data out of the target process currently relies on
ptrace::read()(see here). While this guarantees compatibility with versions of Linux as old as 2.6 it is a bit slow as we're doing one syscall per every memory word read.One way to speed this up would be to
pread64()the data from/proc/<pid>/mem. This should work on pretty much any version of Linux but would require a fallback toptrace::read()as it might fail due to lack of appropriate credentials. The second approach would be to useprocess_vm_readv(). This would be even faster if we could read several chunks in a single call (like all the stacks for example) but would fail on very old versions of Linux and if appropriate credentials aren't available. Thus it would also need a fallpack toptrace::read().