Re: [Crash-utility] Crash support for kASLR

Wednesday, 16 October 2013

On Wed, Oct 16, 2013 at 9:02 AM, Andrew Honig <ahonig(a)google.com&gt; wrote:
...
 I'm talking about working with a vmlinux/vmcore pair.  To get
crash
 working with the current version of kASLR that doesn't have the offset
 data specifically in the VMCOREINFO I could use another symbol in the
 VMCOREINFO to calculate the offset.  For example _stext is already in
 the VMCOREINFO.  I could get the offset of _stext from the VMCOREINFO,
 then get the offset of _stext from the vmlinux and subtract them to
 get the ASLR offset. 
Doing this math seems like a good approach. Are there any downsides to
inferring the kASLR offset this way?

-Kees

-- 
Kees Cook
Chrome OS Security

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [Crash-utility] Crash support for kASLR