[Crash-utility] Re: Google Container OS and crash 8.0.4

Is there an update available for this? Thanks, From: Matt Suiche <matt.suiche(a)magnetforensics.com&gt; Date: Wednesday, November 29, 2023 at 3:26 PM To: HAGIO KAZUHITO(萩尾　一仁) <k-hagio-ab(a)nec.com&gt;, devel(a)lists.crash-utility.osci.io <devel(a)lists.crash-utility.osci.io&gt; Subject: Re: [Crash-utility] Google Container OS and crash 8.0.4 Apparently, CONFIG_KALLSYMS_ALL is not set in COS kernel Sent from my mobile device. ________________________________ From: Matt Suiche <matt.suiche(a)magnetforensics.com&gt; Sent: Wednesday, November 29, 2023 4:40:55 PM To: HAGIO KAZUHITO(萩尾　一仁) <k-hagio-ab(a)nec.com>; devel(a)lists.crash-utility.osci.io <devel(a)lists.crash-utility.osci.io&gt; Subject: Re: [Crash-utility] Google Container OS and crash 8.0.4 Yes, it would probably make more sense. You can also probably use _stext instead of module_load_offset too to compare the values as an assertion check. Sent from my mobile device. ________________________________ From: HAGIO KAZUHITO(萩尾　一仁) <k-hagio-ab(a)nec.com&gt; Sent: Wednesday, November 29, 2023 4:29 AM To: Matt Suiche <matt.suiche(a)magnetforensics.com>; devel(a)lists.crash-utility.osci.io <devel(a)lists.crash-utility.osci.io&gt; Subject: Re: [Crash-utility] Google Container OS and crash 8.0.4 On 2023/11/22 18:04, Matt Suiche wrote: Yes, but I don't see the reason why it's not present in /proc/kallsyms, although it's present in the vmlinux.. Recent kernels have vmcoreinfo in /proc/kcore, maybe we can use the KERNELOFFSET value instead of the module_load_offset symbol to determine whether KASLR is enabled. I might try it when I have time. Thanks, Kazu This email including any attachments may contain confidential material for the sole use of the intended recipient. If you are not the intended recipient please immediately notify the sender by reply email, permanently delete this message and do not forward it or any part of it to anyone else.