Re: [PATCH] Revert "Revert "kdump, vmcoreinfo: report memory sections virtual addresses""
On Thu, Dec 15, 2016 at 10:16 AM, Thomas Garnier <thgar...@google.com> wrote:
> On Thu, Dec 15, 2016 at 9:50 AM, Eric W. Biederman
> <ebied...@xmission.com> wrote:
>> Thomas Garnier <thgar...@google.com> writes:
>>
>>> This reverts commit 49fd897573c97b0eaf10f47d850027d78c456cd7.
>>>
>>> Reverting back to commit 0549a3c because the values are used by crash
>>> and other tools already. I expected this commit would not go through given
>>> the unresolved comments. I want it to be easy to resolve major memory
>>> section positions when KASLR memory randomization is enabled.
>>
>> This patch is broken. The commit referenced is wrong,
>
> Yes, I based them on linux-next. I can update them to linux main tree.
> Sorry about that.
>
>> as is the justification.
>>
>> These values are not in fact widely used by userspace (they are brand new).
>>
>
> They were new and got through to the master tree before and on 4.9. I
> didn't get any feedback on that when it went through.
>
>> This is a very fragile approach relying on kernel implementation
>> details, so if we can do anything else that is more robust it
>> is much more likely to pass the test of time.
>>
>> And yes a more robust implementation has been already discussed.
>>
>
> There were discussed for the PAGE_OFFSET but not VMALLOC_START. What's
> your approach for it?
>
Also with improvement on KASLR memory randomization, I don't think we
should assume memory sections by looking at PT_LOAD first entries. We
will certainly try to randomize the order. That's why I thought
clearly indicating which VA define which memory section was a good
idea.
I also want to find a time proof approach where we can use it no
matter the changes to KASLR.
>> Nacked-by: "Eric W. Biederman" <ebied...@xmission.com>
>>
>>>
>>> Signed-off-by: Thomas Garnier <thgar...@google.com>
>>> ---
>>> arch/x86/kernel/machine_kexec_64.c | 3 +++
>>> include/linux/kexec.h | 6 ++
>>> 2 files changed, 9 insertions(+)
>>>
>>> diff --git a/arch/x86/kernel/machine_kexec_64.c
>>> b/arch/x86/kernel/machine_kexec_64.c
>>> index 2e3c34b..05f3367 100644
>>> --- a/arch/x86/kernel/machine_kexec_64.c
>>> +++ b/arch/x86/kernel/machine_kexec_64.c
>>> @@ -339,6 +339,9 @@ void arch_crash_save_vmcoreinfo(void)
>>> kaslr_offset());
>>> VMCOREINFO_NUMBER(KERNEL_IMAGE_SIZE);
>>> VMCOREINFO_PHYS_BASE(phys_base);
>>> + VMCOREINFO_PAGE_OFFSET(PAGE_OFFSET);
>>> + VMCOREINFO_VMALLOC_START(VMALLOC_START);
>>> + VMCOREINFO_VMEMMAP_START(VMEMMAP_START);
>>> }
>>>
>>> /* arch-dependent functionality related to kexec file-based syscall */
>>> diff --git a/include/linux/kexec.h b/include/linux/kexec.h
>>> index e98e546..ff9c876 100644
>>> --- a/include/linux/kexec.h
>>> +++ b/include/linux/kexec.h
>>> @@ -285,6 +285,12 @@ phys_addr_t paddr_vmcoreinfo_note(void);
>>> vmcoreinfo_append_str("CONFIG_%s=y\n", #name)
>>> #define VMCOREINFO_PHYS_BASE(value) \
>>> vmcoreinfo_append_str("PHYS_BASE=%lx\n", (unsigned long)value)
>>> +#define VMCOREINFO_PAGE_OFFSET(value) \
>>> + vmcoreinfo_append_str("PAGE_OFFSET=%lx\n", (unsigned long)value)
>>> +#define VMCOREINFO_VMALLOC_START(value) \
>>> + vmcoreinfo_append_str("VMALLOC_START=%lx\n", (unsigned long)value)
>>> +#define VMCOREINFO_VMEMMAP_START(value) \
>>> + vmcoreinfo_append_str("VMEMMAP_START=%lx\n", (unsigned long)value)
>>>
>>> extern struct kimage *kexec_image;
>>> extern struct kimage *kexec_crash_image;
>
>
>
> --
> Thomas
--
Thomas
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
Re: [PATCH] Revert "Revert "kdump, vmcoreinfo: report memory sections virtual addresses""
On Thu, Dec 15, 2016 at 9:50 AM, Eric W. Biederman
<ebied...@xmission.com> wrote:
> Thomas Garnier <thgar...@google.com> writes:
>
>> This reverts commit 49fd897573c97b0eaf10f47d850027d78c456cd7.
>>
>> Reverting back to commit 0549a3c because the values are used by crash
>> and other tools already. I expected this commit would not go through given
>> the unresolved comments. I want it to be easy to resolve major memory
>> section positions when KASLR memory randomization is enabled.
>
> This patch is broken. The commit referenced is wrong,
Yes, I based them on linux-next. I can update them to linux main tree.
Sorry about that.
> as is the justification.
>
> These values are not in fact widely used by userspace (they are brand new).
>
They were new and got through to the master tree before and on 4.9. I
didn't get any feedback on that when it went through.
> This is a very fragile approach relying on kernel implementation
> details, so if we can do anything else that is more robust it
> is much more likely to pass the test of time.
>
> And yes a more robust implementation has been already discussed.
>
There were discussed for the PAGE_OFFSET but not VMALLOC_START. What's
your approach for it?
> Nacked-by: "Eric W. Biederman" <ebied...@xmission.com>
>
>>
>> Signed-off-by: Thomas Garnier <thgar...@google.com>
>> ---
>> arch/x86/kernel/machine_kexec_64.c | 3 +++
>> include/linux/kexec.h | 6 ++
>> 2 files changed, 9 insertions(+)
>>
>> diff --git a/arch/x86/kernel/machine_kexec_64.c
>> b/arch/x86/kernel/machine_kexec_64.c
>> index 2e3c34b..05f3367 100644
>> --- a/arch/x86/kernel/machine_kexec_64.c
>> +++ b/arch/x86/kernel/machine_kexec_64.c
>> @@ -339,6 +339,9 @@ void arch_crash_save_vmcoreinfo(void)
>> kaslr_offset());
>> VMCOREINFO_NUMBER(KERNEL_IMAGE_SIZE);
>> VMCOREINFO_PHYS_BASE(phys_base);
>> + VMCOREINFO_PAGE_OFFSET(PAGE_OFFSET);
>> + VMCOREINFO_VMALLOC_START(VMALLOC_START);
>> + VMCOREINFO_VMEMMAP_START(VMEMMAP_START);
>> }
>>
>> /* arch-dependent functionality related to kexec file-based syscall */
>> diff --git a/include/linux/kexec.h b/include/linux/kexec.h
>> index e98e546..ff9c876 100644
>> --- a/include/linux/kexec.h
>> +++ b/include/linux/kexec.h
>> @@ -285,6 +285,12 @@ phys_addr_t paddr_vmcoreinfo_note(void);
>> vmcoreinfo_append_str("CONFIG_%s=y\n", #name)
>> #define VMCOREINFO_PHYS_BASE(value) \
>> vmcoreinfo_append_str("PHYS_BASE=%lx\n", (unsigned long)value)
>> +#define VMCOREINFO_PAGE_OFFSET(value) \
>> + vmcoreinfo_append_str("PAGE_OFFSET=%lx\n", (unsigned long)value)
>> +#define VMCOREINFO_VMALLOC_START(value) \
>> + vmcoreinfo_append_str("VMALLOC_START=%lx\n", (unsigned long)value)
>> +#define VMCOREINFO_VMEMMAP_START(value) \
>> + vmcoreinfo_append_str("VMEMMAP_START=%lx\n", (unsigned long)value)
>>
>> extern struct kimage *kexec_image;
>> extern struct kimage *kexec_crash_image;
--
Thomas
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
[PATCH] Revert "Revert "kdump, vmcoreinfo: report memory sections virtual addresses""
This reverts commit 49fd897573c97b0eaf10f47d850027d78c456cd7.
Reverting back to commit 0549a3c because the values are used by crash
and other tools already. I expected this commit would not go through given
the unresolved comments. I want it to be easy to resolve major memory
section positions when KASLR memory randomization is enabled.
Signed-off-by: Thomas Garnier <thgar...@google.com>
---
arch/x86/kernel/machine_kexec_64.c | 3 +++
include/linux/kexec.h | 6 ++
2 files changed, 9 insertions(+)
diff --git a/arch/x86/kernel/machine_kexec_64.c
b/arch/x86/kernel/machine_kexec_64.c
index 2e3c34b..05f3367 100644
--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c
@@ -339,6 +339,9 @@ void arch_crash_save_vmcoreinfo(void)
kaslr_offset());
VMCOREINFO_NUMBER(KERNEL_IMAGE_SIZE);
VMCOREINFO_PHYS_BASE(phys_base);
+ VMCOREINFO_PAGE_OFFSET(PAGE_OFFSET);
+ VMCOREINFO_VMALLOC_START(VMALLOC_START);
+ VMCOREINFO_VMEMMAP_START(VMEMMAP_START);
}
/* arch-dependent functionality related to kexec file-based syscall */
diff --git a/include/linux/kexec.h b/include/linux/kexec.h
index e98e546..ff9c876 100644
--- a/include/linux/kexec.h
+++ b/include/linux/kexec.h
@@ -285,6 +285,12 @@ phys_addr_t paddr_vmcoreinfo_note(void);
vmcoreinfo_append_str("CONFIG_%s=y\n", #name)
#define VMCOREINFO_PHYS_BASE(value) \
vmcoreinfo_append_str("PHYS_BASE=%lx\n", (unsigned long)value)
+#define VMCOREINFO_PAGE_OFFSET(value) \
+ vmcoreinfo_append_str("PAGE_OFFSET=%lx\n", (unsigned long)value)
+#define VMCOREINFO_VMALLOC_START(value) \
+ vmcoreinfo_append_str("VMALLOC_START=%lx\n", (unsigned long)value)
+#define VMCOREINFO_VMEMMAP_START(value) \
+ vmcoreinfo_append_str("VMEMMAP_START=%lx\n", (unsigned long)value)
extern struct kimage *kexec_image;
extern struct kimage *kexec_crash_image;
--
2.8.0.rc3.226.g39d4020
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
Re: [PATCH v1] kexec/arch/i386: Add support for KASLR memory randomization
On Thu, Sep 22, 2016 at 1:41 AM, Dave Young <dyo...@redhat.com> wrote:
> Hi, Thomas
>
> On 08/17/16 at 09:47am, Thomas Garnier wrote:
>> Multiple changes were made on KASLR (right now in linux-next). One of
>> them is randomizing the virtual address of the physical mapping, vmalloc
>> and vmemmap memory sections. It breaks kdump ability to read physical
>> memory.
>
> What is the user visible behavior without this patch? Could you add more
> in the patch log?
>
> During my testing seems with or without this patch kdump kernel boot
> both fine.
Without this patch, you can't access memory on the generated crash dumps.
>
> My kernel config options is like below, is it enough to test this patch?
> CONFIG_RANDOMIZE_BASE=y
> CONFIG_X86_NEED_RELOCS=y
> CONFIG_PHYSICAL_ALIGN=0x100
> CONFIG_RANDOMIZE_MEMORY=y
> CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING=0x0
>
Should be good enough.
>>
>> This change identifies if KASLR memories randomization is used by
>> checking if the page_offset_base variable exists. It search for the
>> correct PAGE_OFFSET value by looking at the loaded memory section and
>> find the lowest aligned on PUD (the randomization level).
>>
>> Related commits on linux-next:
>> - 0483e1fa6e09d4948272680f691dccb1edb9677f: Base for randomization
>> - 021182e52fe01c1f7b126f97fd6ba048dc4234fd: Enable for PAGE_OFFSET
>>
>> Signed-off-by: Thomas Garnier <thgar...@google.com>
>> ---
>> kexec/arch/i386/crashdump-x86.c | 29 ++---
>> 1 file changed, 22 insertions(+), 7 deletions(-)
>>
>> diff --git a/kexec/arch/i386/crashdump-x86.c
>> b/kexec/arch/i386/crashdump-x86.c
>> index bbc0f35..ab833d4 100644
>> --- a/kexec/arch/i386/crashdump-x86.c
>> +++ b/kexec/arch/i386/crashdump-x86.c
>> @@ -102,11 +102,10 @@ static int get_kernel_paddr(struct kexec_info
>> *UNUSED(info),
>> return -1;
>> }
>>
>> -/* Retrieve kernel _stext symbol virtual address from /proc/kallsyms */
>> -static unsigned long long get_kernel_stext_sym(void)
>> +/* Retrieve kernel symbol virtual address from /proc/kallsyms */
>> +static unsigned long long get_kernel_sym(const char *symbol)
>
> It sounds better to split this to another patch.
>
Why not, that's a very small change though.
>> {
>> const char *kallsyms = "/proc/kallsyms";
>> - const char *stext = "_stext";
>> char sym[128];
>> char line[128];
>> FILE *fp;
>> @@ -122,13 +121,13 @@ static unsigned long long get_kernel_stext_sym(void)
>> while(fgets(line, sizeof(line), fp) != NULL) {
>> if (sscanf(line, "%Lx %c %s", , , sym) != 3)
>> continue;
>> - if (strcmp(sym, stext) == 0) {
>> - dbgprintf("kernel symbol %s vaddr = %16llx\n", stext,
>> vaddr);
>> + if (strcmp(sym, symbol) == 0) {
>> + dbgprintf("kernel symbol %s vaddr = %16llx\n", symbol,
>> vaddr);
>> return vaddr;
>> }
>> }
>>
>> - fprintf(stderr, "Cannot get kernel %s symbol address\n", stext);
>> + fprintf(stderr, "Cannot get kernel %s symbol address\n", symbol);
>> return 0;
>> }
>>
>> @@ -151,6 +150,8 @@ static int get_kernel_vaddr_and_size(struct kexec_info
>> *UNUSED(info),
>> off_t size;
>> uint32_t elf_flags = 0;
>> uint64_t stext_sym;
>> + const unsigned long long pud_mask = ~((1 << 30) - 1);
>> + unsigned long long vaddr, lowest_vaddr = 0;
>>
>> if (elf_info->machine != EM_X86_64)
>> return 0;
>> @@ -180,9 +181,23 @@ static int get_kernel_vaddr_and_size(struct kexec_info
>> *UNUSED(info),
>>
>> end_phdr = _phdr[ehdr.e_phnum];
>>
>> + /* Search for the real PAGE_OFFSET when KASLR memory randomization
>> + * is enabled */
>> + if (get_kernel_sym("page_offset_base") != 0) {
>> + for(phdr = ehdr.e_phdr; phdr != end_phdr; phdr++) {
>> + if (phdr->p_type == PT_LOAD) {
>> + vaddr = phdr->p_vaddr & pud_mask;
>> + if (lowest_vaddr == 0 || lowest_vaddr > vaddr)
>> + lowest_vaddr = vaddr;
>> + }
>> + }
>> + if (lowest_vaddr != 0)
>> + elf_in
Re: [PATCH v1] kdump, vmcoreinfo: report memory sections virtual addresses
On Tue, Sep 6, 2016 at 11:17 PM, Baoquan He <b...@redhat.com> wrote:
> On 09/07/16 at 03:09pm, AKASHI Takahiro wrote:
>> On Mon, Aug 29, 2016 at 06:11:37PM +0800, Baoquan He wrote:
>> > Hi Thomas,
>> >
>> > I used below code and it works. Since using VMCOREINFO_NUMBER can reuse
>> > the existing struct number_table to import the data. It makes change
>> > easier. But the place could be next to KERNEL_IMAGE_SIZE, or as your
>> > patch did, both is fine.
>>
>> I think we'd better avoid adding arch-specific code in generic code
>> if possible, especially in this case, since there is a dedicated interface,
>> arch_crash_save_vmcoreinfo().
>
> Yes, agree. Previously the reason I put KERNEL_IMAGE_SIZE in
> crash_save_vmcoreinfo_init is kernel text randomization could be a
> generic method for all ARCHes. Then it can be taken out from the #ifdef
> scope. Now seeing it again, it's better to be put in
> arch_crash_save_vmcoreinfo, at least for the time being.
>
> Hi Thomas,
>
> By the way, will you repost with the VMCOREINFO_NUMBER format? If not, I
> can repost after I test all kexec/makedumpfile changes.
I think you should repost it.
>
> Thanks
> Baoquan
>
>>
>> -Takahiro AKASHI
>>
>> > ---
>> > kernel/kexec_core.c | 3 +++
>> > 1 file changed, 3 insertions(+)
>> >
>> > diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c
>> > index 5616755..81bde86 100644
>> > --- a/kernel/kexec_core.c
>> > +++ b/kernel/kexec_core.c
>> > @@ -1469,6 +1469,9 @@ static int __init crash_save_vmcoreinfo_init(void)
>> > VMCOREINFO_NUMBER(PAGE_BUDDY_MAPCOUNT_VALUE);
>> > #ifdef CONFIG_X86
>> > VMCOREINFO_NUMBER(KERNEL_IMAGE_SIZE);
>> > + VMCOREINFO_NUMBER(PAGE_OFFSET);
>> > + VMCOREINFO_NUMBER(VMALLOC_START);
>> > + VMCOREINFO_NUMBER(VMEMMAP_START);
>> > #endif
>> > #ifdef CONFIG_HUGETLB_PAGE
>> > VMCOREINFO_NUMBER(HUGETLB_PAGE_DTOR);
>> > --
>> > 2.5.5
>> >
>> > On 08/18/16 at 07:47am, Thomas Garnier wrote:
>> > > KASLR memory randomization can randomize the base of the physical memory
>> > > mapping (PAGE_OFFSET), vmalloc (VMALLOC_START) and vmemmap
>> > > (VMEMMAP_START). Adding these variables on VMCOREINFO so tools can
>> > > easily identify the base of each memory section.
>> > >
>> > > Signed-off-by: Thomas Garnier <thgar...@google.com>
>> > > ---
>> > > Based on next-20160817
>> > > ---
>> > > arch/x86/kernel/machine_kexec_64.c | 3 +++
>> > > include/linux/kexec.h | 6 ++
>> > > 2 files changed, 9 insertions(+)
>> > >
>> > > diff --git a/arch/x86/kernel/machine_kexec_64.c
>> > > b/arch/x86/kernel/machine_kexec_64.c
>> > > index fc3389f..b1f15a2 100644
>> > > --- a/arch/x86/kernel/machine_kexec_64.c
>> > > +++ b/arch/x86/kernel/machine_kexec_64.c
>> > > @@ -338,6 +338,9 @@ void arch_crash_save_vmcoreinfo(void)
>> > > vmcoreinfo_append_str("KERNELOFFSET=%lx\n",
>> > > kaslr_offset());
>> > > VMCOREINFO_PHYS_BASE(phys_base);
>> > > + VMCOREINFO_PAGE_OFFSET(PAGE_OFFSET);
>> > > + VMCOREINFO_VMALLOC_START(VMALLOC_START);
>> > > + VMCOREINFO_VMEMMAP_START(VMEMMAP_START);
>> > > }
>> > >
>> > > /* arch-dependent functionality related to kexec file-based syscall */
>> > > diff --git a/include/linux/kexec.h b/include/linux/kexec.h
>> > > index d3ae429..cd3874c 100644
>> > > --- a/include/linux/kexec.h
>> > > +++ b/include/linux/kexec.h
>> > > @@ -261,6 +261,12 @@ phys_addr_t paddr_vmcoreinfo_note(void);
>> > > vmcoreinfo_append_str("CONFIG_%s=y\n", #name)
>> > > #define VMCOREINFO_PHYS_BASE(value) \
>> > > vmcoreinfo_append_str("PHYS_BASE=%lx\n", (unsigned long)value)
>> > > +#define VMCOREINFO_PAGE_OFFSET(value) \
>> > > + vmcoreinfo_append_str("PAGE_OFFSET=%lx\n", (unsigned long)value)
>> > > +#define VMCOREINFO_VMALLOC_START(value) \
>> > > + vmcoreinfo_append_str("VMALLOC_START=%lx\n", (unsigned long)value)
>> > > +#define VMCOREINFO_VMEMMAP_START(value) \
>> > > + vmcoreinfo_append_str("VMEMMAP_START=%lx\n", (unsigned long)value)
>> > >
>> > > extern struct kimage *kexec_image;
>> > > extern struct kimage *kexec_crash_image;
>> > > --
>> > > 2.8.0.rc3.226.g39d4020
>> > >
>> > >
>> > > ___
>> > > kexec mailing list
>> > > kexec@lists.infradead.org
>> > > http://lists.infradead.org/mailman/listinfo/kexec
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
Re: [PATCH v1] kdump, vmcoreinfo: report memory sections virtual addresses
Great, thanks Baoquan.
On Mon, Aug 29, 2016 at 3:11 AM, Baoquan He <b...@redhat.com> wrote:
> Hi Thomas,
>
> I used below code and it works. Since using VMCOREINFO_NUMBER can reuse
> the existing struct number_table to import the data. It makes change
> easier. But the place could be next to KERNEL_IMAGE_SIZE, or as your
> patch did, both is fine.
>
> ---
> kernel/kexec_core.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c
> index 5616755..81bde86 100644
> --- a/kernel/kexec_core.c
> +++ b/kernel/kexec_core.c
> @@ -1469,6 +1469,9 @@ static int __init crash_save_vmcoreinfo_init(void)
> VMCOREINFO_NUMBER(PAGE_BUDDY_MAPCOUNT_VALUE);
> #ifdef CONFIG_X86
> VMCOREINFO_NUMBER(KERNEL_IMAGE_SIZE);
> + VMCOREINFO_NUMBER(PAGE_OFFSET);
> + VMCOREINFO_NUMBER(VMALLOC_START);
> + VMCOREINFO_NUMBER(VMEMMAP_START);
> #endif
> #ifdef CONFIG_HUGETLB_PAGE
> VMCOREINFO_NUMBER(HUGETLB_PAGE_DTOR);
> --
> 2.5.5
>
> On 08/18/16 at 07:47am, Thomas Garnier wrote:
>> KASLR memory randomization can randomize the base of the physical memory
>> mapping (PAGE_OFFSET), vmalloc (VMALLOC_START) and vmemmap
>> (VMEMMAP_START). Adding these variables on VMCOREINFO so tools can
>> easily identify the base of each memory section.
>>
>> Signed-off-by: Thomas Garnier <thgar...@google.com>
>> ---
>> Based on next-20160817
>> ---
>> arch/x86/kernel/machine_kexec_64.c | 3 +++
>> include/linux/kexec.h | 6 ++
>> 2 files changed, 9 insertions(+)
>>
>> diff --git a/arch/x86/kernel/machine_kexec_64.c
>> b/arch/x86/kernel/machine_kexec_64.c
>> index fc3389f..b1f15a2 100644
>> --- a/arch/x86/kernel/machine_kexec_64.c
>> +++ b/arch/x86/kernel/machine_kexec_64.c
>> @@ -338,6 +338,9 @@ void arch_crash_save_vmcoreinfo(void)
>> vmcoreinfo_append_str("KERNELOFFSET=%lx\n",
>> kaslr_offset());
>> VMCOREINFO_PHYS_BASE(phys_base);
>> + VMCOREINFO_PAGE_OFFSET(PAGE_OFFSET);
>> + VMCOREINFO_VMALLOC_START(VMALLOC_START);
>> + VMCOREINFO_VMEMMAP_START(VMEMMAP_START);
>> }
>>
>> /* arch-dependent functionality related to kexec file-based syscall */
>> diff --git a/include/linux/kexec.h b/include/linux/kexec.h
>> index d3ae429..cd3874c 100644
>> --- a/include/linux/kexec.h
>> +++ b/include/linux/kexec.h
>> @@ -261,6 +261,12 @@ phys_addr_t paddr_vmcoreinfo_note(void);
>> vmcoreinfo_append_str("CONFIG_%s=y\n", #name)
>> #define VMCOREINFO_PHYS_BASE(value) \
>> vmcoreinfo_append_str("PHYS_BASE=%lx\n", (unsigned long)value)
>> +#define VMCOREINFO_PAGE_OFFSET(value) \
>> + vmcoreinfo_append_str("PAGE_OFFSET=%lx\n", (unsigned long)value)
>> +#define VMCOREINFO_VMALLOC_START(value) \
>> + vmcoreinfo_append_str("VMALLOC_START=%lx\n", (unsigned long)value)
>> +#define VMCOREINFO_VMEMMAP_START(value) \
>> + vmcoreinfo_append_str("VMEMMAP_START=%lx\n", (unsigned long)value)
>>
>> extern struct kimage *kexec_image;
>> extern struct kimage *kexec_crash_image;
>> --
>> 2.8.0.rc3.226.g39d4020
>>
>>
>> ___
>> kexec mailing list
>> kexec@lists.infradead.org
>> http://lists.infradead.org/mailman/listinfo/kexec
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
Re: [PATCH v1] kexec/arch/i386: Add support for KASLR memory randomization
On Wed, Aug 17, 2016 at 9:59 PM, Baoquan He <b...@redhat.com> wrote:
> On 08/17/16 at 09:47am, Thomas Garnier wrote:
>> Multiple changes were made on KASLR (right now in linux-next). One of
>> them is randomizing the virtual address of the physical mapping, vmalloc
>> and vmemmap memory sections. It breaks kdump ability to read physical
>> memory.
>>
>> This change identifies if KASLR memories randomization is used by
>> checking if the page_offset_base variable exists. It search for the
>> correct PAGE_OFFSET value by looking at the loaded memory section and
>> find the lowest aligned on PUD (the randomization level).
>>
>> Related commits on linux-next:
>> - 0483e1fa6e09d4948272680f691dccb1edb9677f: Base for randomization
>> - 021182e52fe01c1f7b126f97fd6ba048dc4234fd: Enable for PAGE_OFFSET
>
> Seems above two commits have been inside Linus's tree, while vmemmap
> not yet.
>
>>
>> Signed-off-by: Thomas Garnier <thgar...@google.com>
>> ---
>> kexec/arch/i386/crashdump-x86.c | 29 ++---
>> 1 file changed, 22 insertions(+), 7 deletions(-)
>>
>> diff --git a/kexec/arch/i386/crashdump-x86.c
>> b/kexec/arch/i386/crashdump-x86.c
>> index bbc0f35..ab833d4 100644
>> --- a/kexec/arch/i386/crashdump-x86.c
>> +++ b/kexec/arch/i386/crashdump-x86.c
>> @@ -102,11 +102,10 @@ static int get_kernel_paddr(struct kexec_info
>> *UNUSED(info),
>> return -1;
>> }
>>
>> -/* Retrieve kernel _stext symbol virtual address from /proc/kallsyms */
>> -static unsigned long long get_kernel_stext_sym(void)
>> +/* Retrieve kernel symbol virtual address from /proc/kallsyms */
>> +static unsigned long long get_kernel_sym(const char *symbol)
>> {
>> const char *kallsyms = "/proc/kallsyms";
>> - const char *stext = "_stext";
>> char sym[128];
>> char line[128];
>> FILE *fp;
>> @@ -122,13 +121,13 @@ static unsigned long long get_kernel_stext_sym(void)
>> while(fgets(line, sizeof(line), fp) != NULL) {
>> if (sscanf(line, "%Lx %c %s", , , sym) != 3)
>> continue;
>> - if (strcmp(sym, stext) == 0) {
>> - dbgprintf("kernel symbol %s vaddr = %16llx\n", stext,
>> vaddr);
>> + if (strcmp(sym, symbol) == 0) {
>> + dbgprintf("kernel symbol %s vaddr = %16llx\n", symbol,
>> vaddr);
>> return vaddr;
>> }
>> }
>>
>> - fprintf(stderr, "Cannot get kernel %s symbol address\n", stext);
>> + fprintf(stderr, "Cannot get kernel %s symbol address\n", symbol);
>> return 0;
>> }
>>
>> @@ -151,6 +150,8 @@ static int get_kernel_vaddr_and_size(struct kexec_info
>> *UNUSED(info),
>> off_t size;
>> uint32_t elf_flags = 0;
>> uint64_t stext_sym;
>> + const unsigned long long pud_mask = ~((1 << 30) - 1);
>> + unsigned long long vaddr, lowest_vaddr = 0;
>>
>> if (elf_info->machine != EM_X86_64)
>> return 0;
>> @@ -180,9 +181,23 @@ static int get_kernel_vaddr_and_size(struct kexec_info
>> *UNUSED(info),
>>
>> end_phdr = _phdr[ehdr.e_phnum];
>>
>> + /* Search for the real PAGE_OFFSET when KASLR memory randomization
>> + * is enabled */
>
> Yeah, this is necessary. That would be great if it can be put into
> get_kernel_page_offset. But then it need parse kcore elf file again,
> seems no better way.
>
I agree.
Simon: Do you have any comments?
>> + if (get_kernel_sym("page_offset_base") != 0) {
>> + for(phdr = ehdr.e_phdr; phdr != end_phdr; phdr++) {
>> + if (phdr->p_type == PT_LOAD) {
>> + vaddr = phdr->p_vaddr & pud_mask;
>> + if (lowest_vaddr == 0 || lowest_vaddr > vaddr)
>> + lowest_vaddr = vaddr;
>> + }
>> + }
>> + if (lowest_vaddr != 0)
>> + elf_info->page_offset = lowest_vaddr;
>> + }
>> +
>> /* Traverse through the Elf headers and find the region where
>>* _stext symbol is located in. That's where kernel is mapped */
>> - stext_sym = get_kernel_stext_sym();
>> + stext_sym = get_kernel_sym("_stext");
>> for(phdr = ehdr.e_phdr; stext_sym && phdr != end_phdr; phdr++) {
>> if (phdr->p_type == PT_LOAD) {
>> unsigned long long saddr = phdr->p_vaddr;
>> --
>> 2.8.0.rc3.226.g39d4020
>>
>>
>> ___
>> kexec mailing list
>> kexec@lists.infradead.org
>> http://lists.infradead.org/mailman/listinfo/kexec
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
[PATCH v1] kdump, vmcoreinfo: report memory sections virtual addresses
KASLR memory randomization can randomize the base of the physical memory
mapping (PAGE_OFFSET), vmalloc (VMALLOC_START) and vmemmap
(VMEMMAP_START). Adding these variables on VMCOREINFO so tools can
easily identify the base of each memory section.
Signed-off-by: Thomas Garnier <thgar...@google.com>
---
Based on next-20160817
---
arch/x86/kernel/machine_kexec_64.c | 3 +++
include/linux/kexec.h | 6 ++
2 files changed, 9 insertions(+)
diff --git a/arch/x86/kernel/machine_kexec_64.c
b/arch/x86/kernel/machine_kexec_64.c
index fc3389f..b1f15a2 100644
--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c
@@ -338,6 +338,9 @@ void arch_crash_save_vmcoreinfo(void)
vmcoreinfo_append_str("KERNELOFFSET=%lx\n",
kaslr_offset());
VMCOREINFO_PHYS_BASE(phys_base);
+ VMCOREINFO_PAGE_OFFSET(PAGE_OFFSET);
+ VMCOREINFO_VMALLOC_START(VMALLOC_START);
+ VMCOREINFO_VMEMMAP_START(VMEMMAP_START);
}
/* arch-dependent functionality related to kexec file-based syscall */
diff --git a/include/linux/kexec.h b/include/linux/kexec.h
index d3ae429..cd3874c 100644
--- a/include/linux/kexec.h
+++ b/include/linux/kexec.h
@@ -261,6 +261,12 @@ phys_addr_t paddr_vmcoreinfo_note(void);
vmcoreinfo_append_str("CONFIG_%s=y\n", #name)
#define VMCOREINFO_PHYS_BASE(value) \
vmcoreinfo_append_str("PHYS_BASE=%lx\n", (unsigned long)value)
+#define VMCOREINFO_PAGE_OFFSET(value) \
+ vmcoreinfo_append_str("PAGE_OFFSET=%lx\n", (unsigned long)value)
+#define VMCOREINFO_VMALLOC_START(value) \
+ vmcoreinfo_append_str("VMALLOC_START=%lx\n", (unsigned long)value)
+#define VMCOREINFO_VMEMMAP_START(value) \
+ vmcoreinfo_append_str("VMEMMAP_START=%lx\n", (unsigned long)value)
extern struct kimage *kexec_image;
extern struct kimage *kexec_crash_image;
--
2.8.0.rc3.226.g39d4020
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
[PATCH v1] kexec/arch/i386: Add support for KASLR memory randomization
Multiple changes were made on KASLR (right now in linux-next). One of
them is randomizing the virtual address of the physical mapping, vmalloc
and vmemmap memory sections. It breaks kdump ability to read physical
memory.
This change identifies if KASLR memories randomization is used by
checking if the page_offset_base variable exists. It search for the
correct PAGE_OFFSET value by looking at the loaded memory section and
find the lowest aligned on PUD (the randomization level).
Related commits on linux-next:
- 0483e1fa6e09d4948272680f691dccb1edb9677f: Base for randomization
- 021182e52fe01c1f7b126f97fd6ba048dc4234fd: Enable for PAGE_OFFSET
Signed-off-by: Thomas Garnier <thgar...@google.com>
---
kexec/arch/i386/crashdump-x86.c | 29 ++---
1 file changed, 22 insertions(+), 7 deletions(-)
diff --git a/kexec/arch/i386/crashdump-x86.c b/kexec/arch/i386/crashdump-x86.c
index bbc0f35..ab833d4 100644
--- a/kexec/arch/i386/crashdump-x86.c
+++ b/kexec/arch/i386/crashdump-x86.c
@@ -102,11 +102,10 @@ static int get_kernel_paddr(struct kexec_info
*UNUSED(info),
return -1;
}
-/* Retrieve kernel _stext symbol virtual address from /proc/kallsyms */
-static unsigned long long get_kernel_stext_sym(void)
+/* Retrieve kernel symbol virtual address from /proc/kallsyms */
+static unsigned long long get_kernel_sym(const char *symbol)
{
const char *kallsyms = "/proc/kallsyms";
- const char *stext = "_stext";
char sym[128];
char line[128];
FILE *fp;
@@ -122,13 +121,13 @@ static unsigned long long get_kernel_stext_sym(void)
while(fgets(line, sizeof(line), fp) != NULL) {
if (sscanf(line, "%Lx %c %s", , , sym) != 3)
continue;
- if (strcmp(sym, stext) == 0) {
- dbgprintf("kernel symbol %s vaddr = %16llx\n", stext,
vaddr);
+ if (strcmp(sym, symbol) == 0) {
+ dbgprintf("kernel symbol %s vaddr = %16llx\n", symbol,
vaddr);
return vaddr;
}
}
- fprintf(stderr, "Cannot get kernel %s symbol address\n", stext);
+ fprintf(stderr, "Cannot get kernel %s symbol address\n", symbol);
return 0;
}
@@ -151,6 +150,8 @@ static int get_kernel_vaddr_and_size(struct kexec_info
*UNUSED(info),
off_t size;
uint32_t elf_flags = 0;
uint64_t stext_sym;
+ const unsigned long long pud_mask = ~((1 << 30) - 1);
+ unsigned long long vaddr, lowest_vaddr = 0;
if (elf_info->machine != EM_X86_64)
return 0;
@@ -180,9 +181,23 @@ static int get_kernel_vaddr_and_size(struct kexec_info
*UNUSED(info),
end_phdr = _phdr[ehdr.e_phnum];
+ /* Search for the real PAGE_OFFSET when KASLR memory randomization
+* is enabled */
+ if (get_kernel_sym("page_offset_base") != 0) {
+ for(phdr = ehdr.e_phdr; phdr != end_phdr; phdr++) {
+ if (phdr->p_type == PT_LOAD) {
+ vaddr = phdr->p_vaddr & pud_mask;
+ if (lowest_vaddr == 0 || lowest_vaddr > vaddr)
+ lowest_vaddr = vaddr;
+ }
+ }
+ if (lowest_vaddr != 0)
+ elf_info->page_offset = lowest_vaddr;
+ }
+
/* Traverse through the Elf headers and find the region where
* _stext symbol is located in. That's where kernel is mapped */
- stext_sym = get_kernel_stext_sym();
+ stext_sym = get_kernel_sym("_stext");
for(phdr = ehdr.e_phdr; stext_sym && phdr != end_phdr; phdr++) {
if (phdr->p_type == PT_LOAD) {
unsigned long long saddr = phdr->p_vaddr;
--
2.8.0.rc3.226.g39d4020
___
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
