[PATCH v1 0/6] makedumpfile: makedumpfile enhancement to filter out kernel data from vmcore
Reinhard Buendgen
BUENDGEN at de.ibm.com
Mon Mar 14 04:51:35 EDT 2011
Hi,
I do not think the list of erased symbols must be secret. After all we use
a special value to do most of the erasing. Thus hinting at what was
erased.
The intention of this item is certainly not to unduly confuse service.
this work shall increase the customers confidence that no sensitive data
may leak through a dump - clearly at the cost with very low probability
some problems may no longer be analyzed. - But that's all you can do if
sensitive data is really needed to analyze a problem.
Mit freundlichen Grüßen/Best Regards/Cordialement
Reinhard
Dr. Reinhard Bündgen
RAS & Crypto Architect for Linux on System z
Virtualization and Systems Management
Mail:buendgen at de.ibm.com
Phone: ++49-(0)7031-16-1130
Fax: ++49-(0)7031-16-3456
IBM Deutschland Research & Development GmbH
Vorsitzender des Aufsichtsrats: Martin Jetter
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen
Registergericht: Amtsgericht Stuttgart, HRB 243294
From: "Ken'ichi Ohmichi" <oomichi at mxs.nes.nec.co.jp>
To: Mahesh Jagannath Salgaonkar <mahesh at linux.vnet.ibm.com>
Cc: Dave Anderson <anderson at redhat.com>, V Srivatsa
<vsrivatsa at in.ibm.com>, kexec at lists.infradead.org, Ananth N
Mavinakayanahalli <ananth at in.ibm.com>, Reinhard Buendgen/Germany/IBM at IBMDE
Date: 14.03.2011 08:08
Subject: Re: [PATCH v1 0/6] makedumpfile: makedumpfile enhancement
to filter out kernel data from vmcore
Hi Mahesh,
On Mon, 14 Mar 2011 11:48:19 +0530
Mahesh Jagannath Salgaonkar <mahesh at linux.vnet.ibm.com> wrote:
> >
> >
> > ----- Original Message -----
> >> Hi All,
> >>
> >> Please find the makedumpfile enhancement patchset that introduces a
data
> >> filtering feature which enables makedumpfile to filter out desired
kernel
> >> symbol data and it's members from the specified VMCORE file. The data
to be
> >> filtered out is poisoned with character 'X' (58 in Hex).
> >>
> >> This feature will be very useful for the customers who wants to erase
the
> >> customer sensitive data like security keys and other confidential
data, in
> >> DUMPFILE before sending it to support team for analysis.
> >>
> >> This feature introduces a filter config file where, using filter
commands,
> >> user can specify desired kernel data symbols and it's members that
need to be
> >> filtered out while creating o/p DUMPFILE. The Syntax for filter
commands are
> >> provided in the filter.conf(8) man page.
> >>
> >> The first 4 patches prepares the base work for filtering framework.
The last 2
> >> patches implements the generic filtering framework to erase desired
kernel
> >> data.
> >>
> >> I have tested these patches on x86_64 and s390x architecture against
RHEL6 GA
> >> kernel. The feature supports filtering data from ELF as well as
kdump-compressed
> >> formatted dump.
> >>
> >> Please review the patchset and let me know your comments.
> >>
> >> Thanks,
> >> -Mahesh.
> >
> > Hi Mahesh,
> >
> > Is there any notation in the filtered ELF kdump or compressed kdump
file
> > that filtering has been done? Given that there may be potential
ramifications
> > in crash utility behavior (or outright failure?), the crash utility
should
> > display a warning message early on during invocation.
>
> Hmm... I did not think about it. I am thinking of following approach:
>
> - Set a bit in dump_level (DL_FILTER_KERNEL_DATA => 0x800) that will
> denote that filtering has been done.
> - For compressed kdump file we anyway have dump_level available in kdump
> sub header
> - For ELF kdump, currently we do not have any way to convey dump_level
> info to crash utility (Ken'chi, correct me if I am wrong). How about
> introducing an additional ELF note (NT_DUMP_LEVEL) that will include
> dump_level info.
On your above approach, a member of support team for analysis cannot
know what symbols are erased.
And he/she will not believe the received dumpfile from a customer site.
I have one question, do you think it is better not to inform support
team of the erased symbols ?
Is also the list of the erased symbols secret ?
Thanks
Ken'ichi Ohmichi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.infradead.org/pipermail/kexec/attachments/20110314/1c4d8a88/attachment-0001.html>
More information about the kexec
mailing list