----- Original Message -----
> Automatically detext kernel aslr offset
>
> This patch improves support for kernel aslr, to automatically find the
> aslr offset based on the location of the _stext symbol in the vmcore
> info.
>
> Signed-off-by: Andrew Honig <ahonig@xxxxxxxxxx>
This patch was created from some interim test version, or
something like that:
$ patch -p1 < kaslr.patch
patching file netdump.c
Hunk #1 FAILED at 411.
1 out of 1 hunk FAILED -- saving rejects to file netdump.c.rej
patching file symbols.c
Hunk #1 succeeded at 556 (offset 3 lines).
Hunk #2 FAILED at 625.
1 out of 2 hunks FAILED -- saving rejects to file symbols.c.rej
$
In netdump.c, it's removing stuff that doesn't exist in crash-7.0.5:
> ---
> netdump.c | 19 ++++++++-----------
> symbols.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++---
> 2 files changed, 54 insertions(+), 14 deletions(-)
>
> diff --git a/netdump.c b/netdump.c
> index 8e7ec15..b327649 100644
> --- a/netdump.c
> +++ b/netdump.c
> @@ -411,18 +411,15 @@ is_netdump(char *file, ulong source_query)
> get_log_from_vmcoreinfo(file, vmcoreinfo_read_string);
> }
>
> - // This is the code where I should read the aslr offset.
> + /*
> + *We may need the _stext_SYMBOL from the vmcore_info to adjust for
> + * kaslr and we may not have gotten it elsewhere.
> + */
> if (source_query == KDUMP_LOCAL) {
> - long aslr_offset = 0;
> - char *aslr_string = vmcoreinfo_read_string("KERNELOFFSET");
> - if (aslr_string) {
> - aslr_offset = strtoul(aslr_string, NULL, 16);
> - free (aslr_string);
> - }
> - if (!(kt->flags & RELOC_SET) && aslr_offset > 0) {
> - kt->flags |= RELOC_SET;
> - kt->relocate=aslr_offset * -1;
> - }
> + char *tmpstring = vmcoreinfo_read_string("SYMBOL(_stext)");
> + kt->vmcoreinfo._stext_SYMBOL =
> + htol(tmpstring, RETURN_ON_ERROR, NULL);
> + free(tmpstring);
> }
Same thing here in store_symbols():
> @@ -588,15 +625,21 @@ store_symbols(bfd *abfd, int dynamic, void *minisyms,
> long symcount,
> st->symcnt = 0;
> sp = st->symtable;
>
> + first = 0;
> + from = (bfd_byte *) minisyms;
> + fromend = from + symcount * size;
> +
> if (machine_type("X86") || machine_type("X86_64")) {
> + /* If kernel aslr offset has not been set, try to guess it. */
> + if (kt->relocate == 0)
> + derive_kaslr_offset(abfd, dynamic, from,
> + fromend, size, store);
> +
> if (!(kt->flags & RELOC_SET))
> kt->flags |= RELOC_FORCE;
> } else
> kt->flags &= ~RELOC_SET;
>
> - first = 0;
> - from = (bfd_byte *) minisyms;
> - fromend = from + symcount * size;
> for (; from < fromend; from += size)
> {
> if ((sym = bfd_minisymbol_to_symbol(abfd, dynamic, from, store))
> --
Please redo it against crash-7.0.5.
Thanks,
Dave
--
Crash-utility mailing list
Crash-utility@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/crash-utility
