[Makedumpfile PATCH 0/2] Fix refiltering when kaslr enabled

[Baoquan He]

Usually we can use gdb to debug the running kernel like this:
gdb vmlinux /proc/kcore

However now it doesn't work any more since those kernel symbols are got
at compiling time, while kaslr-ed kernel do relocation on them. Don't
know if this will impact anything else.

On 04/27/17 at 11:45am, Pratyush Anand wrote:
> Hi All,
> 
> We came across another failure in makedumpfile when kaslr is enabled. This
> failure occurs when we try re-filtering. We try to erase some symbol from a
> dumpfile which was copied/compressed from /proc/vmcore using makedumpfile.
> 
> We have very limited symbol information in vmcoreinfo. So symbols to be
> erased may not be available in vmcoreinfo and we look for it in vmlinux.
> However,  symbol address from vmlinux is a static address which differs
> from run time address with KASLR_OFFSET. Therefore, reading any "virtual
> address of vmlinux" from vmcore is not possible. 
> 
> These patches finds runtime  KASLR offset and then calculates run time
> address of symbols read from vmlinux.
> 
> Since, I am not an expert of x86, and these patches touch x86 part of
> makedumpfile, therefore I have CCed x86 experts. Please, provide your
> review comment and let me know if you think there could have been a better
> way to resolve this issue.
> 
> thanks
> 
> ~Pratyush
> 
> Pratyush Anand (2):
>   makedumpfile: add runtime kaslr offset if it exists
>   x86_64: calculate page_offset in case of re-filtering
> 
>  arch/x86_64.c  | 45 +++++++++++++++++++++++++++++++++++++++++++--
>  erase_info.c   |  1 +
>  makedumpfile.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
>  makedumpfile.h | 15 +++++++++++++++
>  4 files changed, 103 insertions(+), 2 deletions(-)
> 
> -- 
> 2.9.3
> 
> 
> _______________________________________________
> kexec mailing list
> kexec at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/kexec