lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 6 Dec 2007 17:02:14 +0100 (CET)
From:	Bernhard Kaindl <bk@...e.de>
To:	Andi Kleen <ak@...e.de>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: remote debugging via FireWire * __fast__ firedump!

On Tue, 4 Dec 2007, Andi Kleen wrote:
>
>> I have just had the guts to explore __fast__ memory dumping over
>> firewire for full-system dumps [...]
>
> Unfortunately it won't work for >3GB or so AFAIK.

Yes we seem to be limited to 4GB mostly, with 3G mem hole, it's 3GB.

>> Afterwards, the victim was dead (I excluded the low MB of memory,
>> so something else must have caused this), at least the start of
>
> Did you run into the PCI memory hole below 4GB?

Thanks, that was it most likely. I checked and haw that I did
read a 32MB reserved area just below 2GB.

> I suppose the best way would be to require a System.map and
> then read e820.nr_map/e820.map[] and only dump real memory.

Yes, good idea!
Bernhard
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ