[Patch 1/4][kernel][slimdump] Add new elf-note of type NT_NOCOREDUMP to capture slimdump

K.Prasad prasad at linux.vnet.ibm.com
Fri Oct 14 07:30:25 EDT 2011


On Wed, Oct 12, 2011 at 11:51:44AM -0400, Vivek Goyal wrote:
> On Wed, Oct 12, 2011 at 12:14:34AM +0530, K.Prasad wrote:
> > On Mon, Oct 10, 2011 at 09:07:25AM +0200, Borislav Petkov wrote:
> > > On Fri, Oct 07, 2011 at 09:42:19PM +0530, K.Prasad wrote:
[snipped]
> > 
> > ii) Scenario2: System with PG_hwpoison (or landmine!) pages crashes because
> > of a software bug. In this case, kexec kernel would normally reboot because
> > of reading the PG_poison page. I'll soon get a new version of the patchset
> > implementing this.
> > 
> > Solution: Maintain a linked list of PFNs when the corresponding 'struct page'
> > has been marked PG_hwpoison. We could export/put this list to use in
> > quite a few ways.
> 
> What's the need of a list and why do we have to export anything. Can't
> makedumpfile look at the struct page and then just not dump that page if
> hwpoison flag is set.
>

I'll respond to just this part of the comment for now, since I have a
few conflicting thoughts crossing my mind regarding the above suggestion
and thought I'll put it across to the community to get that clarified.

Using makedumpfile to actually identify and sidestep PG_hwpoison sounds
a bit dangerous. Let's for a moment that makedumpfile has this
capability, which is implemented as under.

- The list of nodes (pg_data_t) and all struct page's (through
  node_mem_map) are sent to makedumpfile using VMCOREINFO_SYMBOL().

- makedumpfile would use this information to go to the old kernel's
  memory, look at pg_data_t and then into each element of node_mem_map
  to then lookout for PG_hwpoison inside 'struct page'->flags. (Well,
  this method works for !SPARSEMEM. I'd like to know if I've overlooked
  any other better method. pfn_to_page() wouldn't work either, as it will
  give a 'struct page' of a PFN as seen by the kexec'd kernel and not
  the crashed kernel).

- If PG_hwpoison flag for the corresponding page is clear, then it
  will allow the copy operation.

- The problem comes when we actually land on a page with PG_hwpoison
  while carrying out the above 3 steps. For instance, if the page
  containing the pg_data_t and node_mem_map data structures themselves
  are marked hw-poisoned.

It's analogous to stepping inside a landmine territory to retrieve a map
containing the placement of landmines (we better have a copy of the map
before we enter :-)).

If we agree that this is going to be unsafe, then the question that
needs to be answered: "Is there a need for the kernel to allow read
operations on a page marked PG_hwpoison? If not, why doesn't the kernel
make it a policy to fail/disallow the read operations".

Thanks,
K.Prasad




More information about the kexec mailing list