[Crash-utility] Not compatible with d52888aa2753 ("x86/mm: Move LDT remap out of KASLR region on 5-level paging")
WANG Chao
chao.wang at ucloud.cn
Mon Jan 21 02:52:59 UTC 2019
On 01/18/19 at 02:24P, Dave Anderson wrote:
>
> Hello WANG,
>
> I've applied a patch upstream that addresses the issue automatically
> for 4.20 and later kernels, but requires a command line option for
> kernels that contain a backport of kernel commit d52888aa2753. As
> mentioned in the commit message, that requirement may be revisited
> in the future -- I will entertain any patches that can cleanly make
> the PAGE_OFFSET determination in a fail-safe manner:
>
> https://github.com/crash-utility/crash/commit/c63d678798c21a5379f132f124181715bb1d63d4
>
> The patch is untested as I don't have any recent kernels that are not
> configured with CONFIG_RANDOMIZE_BASE.
This patch works for me (tested with CONFIG_RANDOMIZE_BASE=n build). Thanks.
>
> Thanks,
> Dave
>
>
> ----- Original Message -----
> >
> >
> > ----- Original Message -----
> > > commit d52888aa2753 ("x86/mm: Move LDT remap out of KASLR region on
> > > 5-level paging") changed PAGE_OFFSET from 0xffff880000000000 to
> > > 0xffff888000000000.
> > >
> > > crash can't open such with CONFIG_RANDOMIZE_BASE=n:
> > >
> > > crash: read error: kernel virtual address: ffff888ffe605024 type:
> > > "tss_struct ist array"
> > >
> > > Edit defs.h:
> > >
> > > -#define PAGE_OFFSET_2_6_27 0xffff880000000000
> > > +#define PAGE_OFFSET_2_6_27 0xffff888000000000
> > >
> > > And this works for me.
> > >
> > > (d52888aa2753 has also been included in 4.14.84)
> >
> > Ah, so your kernel does not have "page_offset_base", which simplifies
> > things for KASLR kernels. I don't have any sample vmcores that are not
> > configured with CONFIG_RANDOMIZE_BASE.
> >
> > Obviously just changing PAGE_OFFSET_2_6_27 in the crash utility as above
> > cannot be done for backwards compatibility purposes.
> >
> > There would have to be 2 adjustments in the crash utility for the
> > kernel change:
> >
> > -#define __PAGE_OFFSET_BASE_L5 _AC(0xff10000000000000, UL)
> > -#define __PAGE_OFFSET_BASE_L4 _AC(0xffff880000000000, UL)
> > +#define __PAGE_OFFSET_BASE_L5 _AC(0xff11000000000000, UL)
> > +#define __PAGE_OFFSET_BASE_L4 _AC(0xffff888000000000, UL)
> >
> > where the crash utility uses PAGE_OFFSET_2_6_27 and PAGE_OFFSET_5LEVEL
> >
> > #define PAGE_OFFSET_2_6_27 0xffff880000000000
> > and
> > #define PAGE_OFFSET_5LEVEL 0xff10000000000000
> >
> > >
> > > (d52888aa2753 has also been included in 4.14.84)
> > >
> >
> > And that's a problem. We could gate the setting of
> > machdep->machspec->page_offset
> > on LINUX(4, 20, 0), but since it's been backported, there needs to be another
> > way
> > to best determine which PAGE_OFFSET value to use when KASLR is not in effect.
> >
> > Dave
> >
> >
> >
> > >
> > > Thanks
> > > WANG Chao
> > >
> > > --
> > > Crash-utility mailing list
> > > Crash-utility at redhat.com
> > > https://www.redhat.com/mailman/listinfo/crash-utility
> > >
> >
> > --
> > Crash-utility mailing list
> > Crash-utility at redhat.com
> > https://www.redhat.com/mailman/listinfo/crash-utility
> >
>
> --
> Crash-utility mailing list
> Crash-utility at redhat.com
> https://www.redhat.com/mailman/listinfo/crash-utility
>
More information about the Crash-utility
mailing list