[Crash-utility] [PATCH 0/2] Generalize KASLR calculation and use it for KDUMPs

Dave Anderson anderson at redhat.com
Thu Mar 15 14:06:57 UTC 2018 

Hi Sergio,

I have one obvious question.  Throughout the patch-set you are using
KDUMP_DUMPFILE() as a qualifier, which is restricted to ELF vmcores
only.  While the use of ELF vmcores is an option, it's far more likely
that the output format of "virsh dump --memory-only" will utilize one
of the compressed kdump formats, using zlib, lzo or snappy. 

Dave



----- Original Message -----
> Commit 45b74b89530d611b3fa95a1041e158fbb865fa84 added support for
> calculating phys_base and kernel offset for KASLR-enabled kernels on
> SADUMPs by using a technique developed by Takao Indoh. Originally, the
> patchset included support for KDUMPs, but this was dropped in v2, as it
> was deemed unnecessary due to the implementation of the vmcoreinfo
> device in QEMU.
> 
> Sadly, there are many reasons for which the vmcoreinfo device may not be
> present in the moment of taking the memory dump from a VM, ranging from
> a Host running older QEMU/libvirt versions, to misconfigured VMs or
> environments running Hypervisors that doesn't support this device.
> 
> This patchset generalizes the kaslr related functions from sadump.c
> moving them to kaslr_helper.c, and makes KDUMP analysis fallback to
> KASLR offset calculation if vmcoreinfo data is missing.
> 
> These changes have been successfully tested with a 3.10.0-830.el7.x86_64
> under the following conditions:
> 
>  - kdump with KASLR and vmcoreinfo
> 
>  - kdump with KASLR but no vmcoreinfo
> 
>  - kdump without KASLR ("nokaslr" kernel command line option)
> 
> It was also tested that a "crash" patched with these changes still
> builds and runs (live and kdump debugging) on an aarch64 machine.
> 
> Sergio Lopez (2):
>   Move kaslr related functions from sadump.c to kaslr_helper.c
>   kdump: if vmcoreinfo is missing, try to infer kaslr offset
> 
>  Makefile       |   7 +-
>  defs.h         |  15 ++
>  kaslr_helper.c | 466 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  netdump.c      |  73 +++++++++
>  netdump.h      |   1 +
>  sadump.c       | 487
>  +++++----------------------------------------------------
>  symbols.c      |  29 ++--
>  x86_64.c       |  14 +-
>  8 files changed, 629 insertions(+), 463 deletions(-)
>  create mode 100644 kaslr_helper.c
> 
> --
> 2.14.3
> 
>

More information about the Crash-utility mailing list