----- Original Message ----- > On Wed, May 18, 2011 at 01:29:06AM +0530, Mahesh J Salgaonkar wrote: > > Hi All, > > > > Please find the version 2 of makedumpfile enhancement patchset that introduces > > a data filtering feature which enables makedumpfile to filter out desired kernel > > symbol data and it's members from the specified VMCORE file. The data to be > > filtered out is poisoned with character 'X' (58 in Hex). > > > > This feature will be very useful for the customers who wants to erase the > > customer sensitive data like security keys and other confidential data, in > > DUMPFILE before sending it to support team for analysis. > > Mahesh, > > Apart from security keys, what are the other examples of data which needs > to be removed? > > By erasing the data, you mean you set it to zero? Will it make sense to > poison it with some specific pattern so that if crash or other tool > are looking into it they know it has been posioned and it is not a > case of corruption. This might help if a user erased a symbol which was > required by crash for some analysis etc. > > Thanks > Vivek As I said when the first patch-set was proposed, there is no way that I am going to put code into the crash utility that will somehow "work around" memory that has been poisoned. The only thing I plan to do is to check whether the new segments exist in the compressed kdump or ELF kdump headers -- and if they do, print a warning message during invocation informing the user of that fact. If Mahesh wants to dump the contents of the sections, he can post a patch to the crash-utility list. And then, whatever breaks, breaks -- it is not the crash utility's problem to handle. Just looking at the examples in the documentation made me nervous -- IIRC the kernel "vmlist" pointer, and "vm_struct.addr" are shown -- both of which would cripple the crash utility. Dave
