[Crash-utility] [PATCH v5] arm64: fix kernel memory map handling for kaslr-enabled

Dave Anderson anderson at redhat.com
Tue Jun 14 14:08:25 UTC 2016 


----- Original Message -----
> Dave,
> 
> On Mon, Jun 13, 2016 at 04:06:22PM -0400, Dave Anderson wrote:
> > 
> > 
> > ----- Original Message -----
> > > In my next version of kdump patch, the following VMCOREINFO will be
> > > added:
> > >     NUMBER(VA_BITS)
> > >     NUMBER(kimage_voffset)
> > >     NUMBER(PHYS_OFFSET)
> > >     KERNELOFFSET
> 
> Is "KERNELOFFSET" useful for arm64?
> As you said, this value is used as a trigger of KASLR_CHECK,
> but the current kernel doesn't have "randomize_modules".

Right, so AIUI, this crash-7.0.7 update is not valid for Linux 4.1 and later
kernels where "randomize_modules" was removed:

         - Linux 3.15 and later kernels configured with CONFIG_RANDOMIZE_BASE
           can be now be readily identified because of new kernel symbols that
           have been added.  For those kernels, the new "--kaslr=<offset>" 
           and/or "--kaslr=auto" options are not necessary for ELF or compressed
           kdump vmcores, or for live systems that have /proc/kallsyms showing
           the relocated symbol values.  A new KASLR initialization function
           called kaslr_init() is now called by symtab_init() prior to the 
           initial symbol-sorting operation.  If kaslr_init() determines that
           KASLR may be in effect, it will trigger a search for the relevant
           vmlinux symbols during the sorting operation, which in turn will
           cause the relocation value to be automatically calculated.
           (anderson at redhat.com)

So for those kernels, --kaslr would be required.  

But it appears that I can just change crash to look for "module_load_offset", 
which went into the kernel at the same time as "randomize_modules":

  +#ifdef CONFIG_RANDOMIZE_BASE
  +static unsigned long module_load_offset;
  +static int randomize_modules = 1;
  +

and still exists after it was removed from arch/x86/kernel/module.c:

  #ifdef CONFIG_RANDOMIZE_BASE
  static unsigned long module_load_offset;
  -static int randomize_modules = 1;

For arm64 in the crash utility, I see that you would never use KASLR_CHECK because 
(RELOC_AUTO|KASLR) gets set by default if NEW_VMEMMAP is set.    

Would it be useful for makedumpfile?  And while I understand you're dead set against
adding anything that could be considered superfluous, but since it does exist for x86_64,
it seems natural to include it for arm64. 

Dave
 



 
> Thanks,
> -Takahiro AKASHI
>

More information about the Crash-utility mailing list