[PATCH v2 0/8] makedumpfile: makedumpfile enhancement to filter out kernel data from vmcore
anderson at redhat.com
Tue May 24 16:47:32 EDT 2011
----- Original Message -----
> On Wed, May 18, 2011 at 01:29:06AM +0530, Mahesh J Salgaonkar wrote:
> > Hi All,
> > Please find the version 2 of makedumpfile enhancement patchset that introduces
> > a data filtering feature which enables makedumpfile to filter out desired kernel
> > symbol data and it's members from the specified VMCORE file. The data to be
> > filtered out is poisoned with character 'X' (58 in Hex).
> > This feature will be very useful for the customers who wants to erase the
> > customer sensitive data like security keys and other confidential data, in
> > DUMPFILE before sending it to support team for analysis.
> Apart from security keys, what are the other examples of data which needs
> to be removed?
> By erasing the data, you mean you set it to zero? Will it make sense to
> poison it with some specific pattern so that if crash or other tool
> are looking into it they know it has been posioned and it is not a
> case of corruption. This might help if a user erased a symbol which was
> required by crash for some analysis etc.
As I said when the first patch-set was proposed, there is no way
that I am going to put code into the crash utility that will somehow
"work around" memory that has been poisoned. The only thing I plan to
do is to check whether the new segments exist in the compressed
kdump or ELF kdump headers -- and if they do, print a warning message
during invocation informing the user of that fact. If Mahesh wants to
dump the contents of the sections, he can post a patch to the crash-utility
And then, whatever breaks, breaks -- it is not the crash utility's
problem to handle. Just looking at the examples in the documentation
made me nervous -- IIRC the kernel "vmlist" pointer, and "vm_struct.addr"
are shown -- both of which would cripple the crash utility.
More information about the kexec