On 03/11/2011 07:37 PM, Dave Anderson wrote: > > > ----- Original Message ----- >> Hi All, >> >> Please find the makedumpfile enhancement patchset that introduces a data >> filtering feature which enables makedumpfile to filter out desired kernel >> symbol data and it's members from the specified VMCORE file. The data to be >> filtered out is poisoned with character 'X' (58 in Hex). >> >> This feature will be very useful for the customers who wants to erase the >> customer sensitive data like security keys and other confidential data, in >> DUMPFILE before sending it to support team for analysis. >> >> This feature introduces a filter config file where, using filter commands, >> user can specify desired kernel data symbols and it's members that need to be >> filtered out while creating o/p DUMPFILE. The Syntax for filter commands are >> provided in the filter.conf(8) man page. >> >> The first 4 patches prepares the base work for filtering framework. The last 2 >> patches implements the generic filtering framework to erase desired kernel >> data. >> >> I have tested these patches on x86_64 and s390x architecture against RHEL6 GA >> kernel. The feature supports filtering data from ELF as well as kdump-compressed >> formatted dump. >> >> Please review the patchset and let me know your comments. >> >> Thanks, >> -Mahesh. > > Hi Mahesh, > > Is there any notation in the filtered ELF kdump or compressed kdump file > that filtering has been done? Given that there may be potential ramifications > in crash utility behavior (or outright failure?), the crash utility should > display a warning message early on during invocation. Hmm... I did not think about it. I am thinking of following approach: - Set a bit in dump_level (DL_FILTER_KERNEL_DATA => 0x800) that will denote that filtering has been done. - For compressed kdump file we anyway have dump_level available in kdump sub header - For ELF kdump, currently we do not have any way to convey dump_level info to crash utility (Ken'chi, correct me if I am wrong). How about introducing an additional ELF note (NT_DUMP_LEVEL) that will include dump_level info. Any other suggestions are welcome. Thanks, -Mahesh. > > Thanks, > Dave > > >> --- >> >> Mahesh Salgaonkar (6): >> makedumpfile: Add '--config' option to specify filter config file. >> makedumpfile: Apply relocation while loading module debuginfo. >> makedumpfile: Load the module symbol data from vmcore. >> makedumpfile: Introduce routines to get type name from debuginfo. >> makedumpfile: Read and process filter commands from config file. >> makedumpfile: Read and process 'for' command from config file. >> >> >> Makefile | 8 >> filter.conf | 149 ++++ >> filter.conf.8 | 419 +++++++++++ >> makedumpfile.8 | 20 + >> makedumpfile.c | 2113 >> ++++++++++++++++++++++++++++++++++++++++++++++++++++++-- >> makedumpfile.h | 152 ++++ >> 6 files changed, 2782 insertions(+), 79 deletions(-) >> create mode 100644 filter.conf >> create mode 100644 filter.conf.8 >> >> -- >> Signature
