lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 3 Feb 2010 21:32:29 -0800
From:	"Lu, Hongjiu" <hongjiu.lu@...el.com>
To:	Roland McGrath <roland@...hat.com>
CC:	"Siddha, Suresh B" <suresh.b.siddha@...el.com>,
	Oleg Nesterov <oleg@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>, Ingo Molnar <mingo@...e.hu>,
	Thomas Gleixner <tglx@...utronix.de>,
	LKML <linux-kernel@...r.kernel.org>,
	"Lachner, Peter" <peter.lachner@...el.com>
Subject: RE: [patch] x86: ptrace and core-dump extensions for xstate

> 
> > > Suresh's patch puts this value in the xsave block, in what Suresh calls
> > > "sw_usable_bytes".  See the asm/ptrace-abi.h comment in the patch you
> > > signed off on.
> > >
> > > How is that not sufficient?  If it is indeed not sufficient to usefully
> > > interpret the xsave block, then how could an xsave block in a core dump
> > > file ever possibly be examined if it might not have been generated on the
> > > same system and kernel where the debugger is doing the examination?  If
> > > the NT_X86_XSTATE note as implemented in Suresh's patch is indeed not
> > > entirely self-contained in this way, then NAK on that new note format.
> > >
> >
> > I use it when reading core dump, which doesn't involve a system call.
> > I can analyze it on a totally different machine.
> 
> You did not answer any of my questions.
> Perhaps Suresh can be more helpful in explaining the situation.
> 

When gdb reads a core section, it only processes up to the maximum
xsave size it supports and ignores the rest. It also reads the first 8
byte in sw_usable_bytes for xcr0. It only exams the xcr0 bits it supports.
With this info, gdb can exams xsave core dump up to the state it supports.

When it calls ptrace with XSTATE, it uses a buffer of the
size returned by cpuid. But it only reads up to the xsave size
it supports.

The difference here is the size of core dump is recorded in core
dump and I have to use cpuid returned size to make a ptrace call.

H.J.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ