[PATCH v1 0/6] makedumpfile: makedumpfile enhancement to filter out kernel data from vmcore
Mahesh Jagannath Salgaonkar
mahesh at linux.vnet.ibm.com
Mon Mar 14 02:18:19 EDT 2011
On 03/11/2011 07:37 PM, Dave Anderson wrote:
>
>
> ----- Original Message -----
>> Hi All,
>>
>> Please find the makedumpfile enhancement patchset that introduces a data
>> filtering feature which enables makedumpfile to filter out desired kernel
>> symbol data and it's members from the specified VMCORE file. The data to be
>> filtered out is poisoned with character 'X' (58 in Hex).
>>
>> This feature will be very useful for the customers who wants to erase the
>> customer sensitive data like security keys and other confidential data, in
>> DUMPFILE before sending it to support team for analysis.
>>
>> This feature introduces a filter config file where, using filter commands,
>> user can specify desired kernel data symbols and it's members that need to be
>> filtered out while creating o/p DUMPFILE. The Syntax for filter commands are
>> provided in the filter.conf(8) man page.
>>
>> The first 4 patches prepares the base work for filtering framework. The last 2
>> patches implements the generic filtering framework to erase desired kernel
>> data.
>>
>> I have tested these patches on x86_64 and s390x architecture against RHEL6 GA
>> kernel. The feature supports filtering data from ELF as well as kdump-compressed
>> formatted dump.
>>
>> Please review the patchset and let me know your comments.
>>
>> Thanks,
>> -Mahesh.
>
> Hi Mahesh,
>
> Is there any notation in the filtered ELF kdump or compressed kdump file
> that filtering has been done? Given that there may be potential ramifications
> in crash utility behavior (or outright failure?), the crash utility should
> display a warning message early on during invocation.
Hmm... I did not think about it. I am thinking of following approach:
- Set a bit in dump_level (DL_FILTER_KERNEL_DATA => 0x800) that will
denote that filtering has been done.
- For compressed kdump file we anyway have dump_level available in kdump
sub header
- For ELF kdump, currently we do not have any way to convey dump_level
info to crash utility (Ken'chi, correct me if I am wrong). How about
introducing an additional ELF note (NT_DUMP_LEVEL) that will include
dump_level info.
Any other suggestions are welcome.
Thanks,
-Mahesh.
>
> Thanks,
> Dave
>
>
>> ---
>>
>> Mahesh Salgaonkar (6):
>> makedumpfile: Add '--config' option to specify filter config file.
>> makedumpfile: Apply relocation while loading module debuginfo.
>> makedumpfile: Load the module symbol data from vmcore.
>> makedumpfile: Introduce routines to get type name from debuginfo.
>> makedumpfile: Read and process filter commands from config file.
>> makedumpfile: Read and process 'for' command from config file.
>>
>>
>> Makefile | 8
>> filter.conf | 149 ++++
>> filter.conf.8 | 419 +++++++++++
>> makedumpfile.8 | 20 +
>> makedumpfile.c | 2113
>> ++++++++++++++++++++++++++++++++++++++++++++++++++++++--
>> makedumpfile.h | 152 ++++
>> 6 files changed, 2782 insertions(+), 79 deletions(-)
>> create mode 100644 filter.conf
>> create mode 100644 filter.conf.8
>>
>> --
>> Signature
More information about the kexec
mailing list