[Crash-utility] [PATCH 0/3] Fix KASLR problem on virsh dump and sadump
Takao Indoh
indou.takao at jp.fujitsu.com
Tue Oct 10 09:25:36 UTC 2017
Hi Dave, Hatayama-san,
These patch series fix a problem that crash cannot open a dumpfile which is
captured by "virsh dump --memory-only" or sadump on KASLR enabled kernel.
When KASLR feature is enabled, a kernel is placed on the memory randomly and
therefore crash cannot open a dumpfile because addresses of kernel symbols in
vmlinux are different from actual addresses. In the case of kdump, information
to get actual address is included in the vmcoreinfo, but dumpfile of virsh dump
or sadump does not have such a information.
These patches calculate kaslr offset and phys_base to solve this problem. The
basic idea is getting register (IDTR and CR3) from dump header, and calculate
kaslr_offset/phys_base using them.
Takao Indoh (3):
Introduce x86_64_kvtop_pagetable
Fix a KASLR problem of virsh dump
Fix a KASLR problem of sadump
defs.h | 11 ++
netdump.c | 505 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
netdump.h | 1 +
sadump.c | 60 +++++++-
sadump.h | 4 +
symbols.c | 38 +++++
x86_64.c | 35 ++++-
7 files changed, 652 insertions(+), 2 deletions(-)
--
2.9.5
More information about the Crash-utility
mailing list