Hi Andy,
This patch fails immediately on non-kaslr kernels if _stext is aligned on
a page boundary. Here's why:
----- Original Message -----
... [ cut ] ...
+static void
+derive_kaslr_offset(bfd *abfd, int dynamic, bfd_byte *start, bfd_byte *end,
+ unsigned int size, asymbol *store)
+{
+ symbol_info syminfo;
+ asymbol *sym;
+ char *name;
+ unsigned long relocate;
+ char buf[BUFSIZE];
+
+ for (; start < end; start += size) {
+ sym = bfd_minisymbol_to_symbol(abfd, dynamic, start, store);
+ if (sym == NULL)
+ error(FATAL, "bfd_minisymbol_to_symbol() failed\n");
+
+ bfd_get_symbol_info(abfd, sym, &syminfo);
+ name = strip_symbol_end(syminfo.name, buf);
+ if (strcmp("_stext", name) == 0) {
+ relocate = syminfo.value - kt->vmcoreinfo._stext_SYMBOL;
+ /*
+ *To avoid mistaking an mismatched kernel version with
+ * a kaslr offset, we make sure that the offset is
+ * aligned by 0x1000, as it always will be for
+ * kaslr.
+ */
+ if ((relocate & 0xFFF) == 0) {
+ kt->relocate = relocate;
+ kt->flags |= RELOC_SET;
+ }
+ }
+ }
+}
This function is a waste of time if kt->vmcoreinfo._stext_SYMBOL was never set, say
when running on a live system, or on a dumpfile that has no vmcoreinfo. And what's
worse in those cases, if _stext is aligned on a page boundary, then kt->relocate is
set to the _stext symbol value, and all hell breaks loose.
And also, if kt->relocate/RELOC_SET does get set legitimately, the function should
return immediately rather than cycling through the remaining symbols.
BTW, even though the kernel code seems to indicate that this feature would be
applicable to 32-bit x86, should I restrict the man page and help data to indicate
it only applies to x86_64?
Thanks,
Dave