Sergio, > -----Original Message----- > From: Sergio Lopez [mailto:slp@xxxxxxxxxx] > Sent: Tuesday, March 27, 2018 7:10 PM > To: crash-utility@xxxxxxxxxx > Cc: anderson@xxxxxxxxxx; Indoh, Takao > <indou.takao@xxxxxxxxxxxxxx>; Hatayama, Daisuke > <d.hatayama@xxxxxxxxxxxxxx>; Sergio Lopez <slp@xxxxxxxxxx> > Subject: [PATCH v4 0/6] Generalize KASLR calculation and use it for KDUMPs > > Commit 45b74b89530d611b3fa95a1041e158fbb865fa84 added support for > calculating phys_base and kernel offset for KASLR-enabled kernels on > SADUMPs by using a technique developed by Takao Indoh. Originally, the > patchset included support for KDUMPs, but this was dropped in v2, as it > was deemed unnecessary due to the implementation of the vmcoreinfo > device in QEMU. > > Sadly, there are many reasons for which the vmcoreinfo device may not be > present in the moment of taking the memory dump from a VM, ranging from > a Host running older QEMU/libvirt versions, to misconfigured VMs or > environments running Hypervisors that doesn't support this device. > > This patchset generalizes the kaslr related functions from sadump.c > moving them to kaslr_helper.c, and makes KDUMP analysis fallback to > KASLR offset calculation if vmcoreinfo data is missing. > > These changes have been successfully tested with a 3.10.0-830.el7.x86_64 > under the following conditions: > > - kdump with KASLR and vmcoreinfo > > - kdump with KASLR but no vmcoreinfo > > - kdump without KASLR ("nokaslr" kernel command line option) > > It was also tested that a "crash" patched with these changes still > builds and runs (live and kdump debugging) on an aarch64 machine. > > changelog: > > v4: > - Add missing brackets in map_cpus_to_prstatus_kdump_cmprs (thanks > Dave) > - Apply coding style suggestions. > - Add support for VMWARE VMSS dumps (vmware_vmss) > - Update copyright and authors on kaslr_helper.c and vmware_vmss.c > > v3: > - Merge *get_cr3 and *get_idtr functions and move them to > kaslr_helper.c > - diskdump: drop kaslr_phys_base addition and use > sub_header_kdump->phys_base instead. > - Unconditionally call x86_64_virt_phys_base after grabbing phys_base > > v2: > - Limit application to QEMU ELF and QEMU COMPRESSED dumps (thanks Dave) > - Add support for QEMU COMPRESSED dumps (diskdump) Sorry for delayed response. I had been out of office till today due to a cold. The patch set seems good to me, and I tested your patch set on sadump dump files using the following 3 kinds of kernel versions with/without KASLR: - RHEL7.5 RC3 - RHEL7.4 GA - 4.16.0-rc7 and result was OK. Thanks for your work. > > Sergio Lopez (6): > Move kaslr related functions from sadump.c to kaslr_helper.c > Move QEMUCPU* structs from netdump.h to defs.h > netdump: infer kaslr offset for QEMU ELF dumps without vmcoreinfo > diskdump: infer kaslr offset for QEMU COMPRESSED dumps without > vmcoreinfo > vmware_vmss: infer kaslr offset for VMSS dumps > kaslr_helper/vmware_vmss: update copyright and authors > > Makefile | 7 +- > defs.h | 43 +++++ > diskdump.c | 66 +++++++- > kaslr_helper.c | 494 > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > netdump.c | 57 +++++++ > netdump.h | 24 +-- > sadump.c | 486 > ++++---------------------------------------------------- > symbols.c | 30 +++- > vmware_vmss.c | 32 +++- > vmware_vmss.h | 1 + > x86_64.c | 34 +++- > 11 files changed, 788 insertions(+), 486 deletions(-) > create mode 100644 kaslr_helper.c > > -- > 2.14.3 > > -- Crash-utility mailing list Crash-utility@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/crash-utility
