On Sat, Oct 27, 2018 at 04:13:43PM +0800, Baoquan He wrote:
> Yes, agree. So sme_me_mask itself or the encryption bit number, both is
> fine.
You need the encryption bit position and it better be properly formatted
and extracted into a vmcoreinfo-specific variable because we don't
expose arch-specific details like sme_me_mask to the outside.
> we may use cp to copy /proc/vmcore to a file directly, then analyze
> it in another compupter. This often happen when there's something
> wrong with makedumpfile, we need debug makedumpfile with the complete
> copied file.
So for the analyze-on-another-computer scenario you absolutely must copy
anything from the first kernel decrypted because you can't decrypt it on
the other machine.
Which means, in a sensitive environment, you probably should copy and
*encrypt* the dump again with gpg or so.
--
Regards/Gruss,
Boris.
ECO tip #101: Trim your mails when you reply.
--
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
