Re: [Crash-utility] Crash support for kASLR
----- Original Message -----
I'm trying to add crash support for kdumps from kASLR'd
kernels. I've
got it working with a few small changes and I wanted to solicit
comments before sending a patch.
Excellent!
1) The --reloc flag appears to specify an offset to be subtracted
from
the loaded address, when the aslr offset is added. It's annoying to
try to specify negative numbers on the command line, so I'd like to
add another argument --aslr which is the same as --reloc but negates
the value.
Not a problem. In fact, since they really are different concepts, I'd
prefer it. But can you make it --kalsr?
A couple questions -- how would the user know what the offset is?
And I had thought that the upstream discussion was geared towards
making it work automatically -- at least with kdump dumpfiles -- such
that the kASLR offset would be made a VMCOREINFO item?
2) There are some symbols which should not be relocated.
Specifically
the per_cpu section symbols are zero based offsets which should not
have the offset apply. Additionally there are VDSO symbols which are
fixed even with kASLR enabled. To fix this I'd like to add code to
iterate through the section and find the end of the last section and
only apply the relocation value to values after the start of text but
before the end of the last section.
Right...
thanks,
Andy
Good to hear from you -- I figured that when I saw your subscription
request, with it being the first/only "google.com" address ever, that
something interesting was forthcoming...
Thanks,
Dave Anderson