| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 19 Sep 2011 14:36:56 -0400 From: Vivek Goyal <vgoyal@...hat.com> To: Michael Holzheu <holzheu@...ux.vnet.ibm.com> Cc: ebiederm@...ssion.com, mahesh@...ux.vnet.ibm.com, schwidefsky@...ibm.com, heiko.carstens@...ibm.com, kexec@...ts.infradead.org, linux-kernel@...r.kernel.org, linux-s390@...r.kernel.org Subject: Re: [patch 1/2] kdump: Initialize vmcoreinfo note at startup On Fri, Sep 16, 2011 at 10:21:17AM +0200, Michael Holzheu wrote: > Hello Vivek, > > On Thu, 2011-09-15 at 14:46 -0400, Vivek Goyal wrote: > > On Fri, Sep 09, 2011 at 12:27:00PM +0200, Michael Holzheu wrote: > > > From: Michael Holzheu <holzheu@...ux.vnet.ibm.com> > > > > > > Currently the vmcoreinfo note is only initialized in case of kdump. On s390 > > > it is possible to create kernel dumps with other dump mechanisms than kdump > > > (e.g. via hypervisor dump or stand-alone dump tools). > > > > Both of these will be invoked through panic notifiers because kdump kernel > > is not loaded? > > This is only one possibility. The other is that they are invoked > manually or by hypervisor watchdog without any Linux kernel involvement. > > > > > >For those dumps it > > > would also be desirable to include the vmcoreinfo data. > > > > Curious that how these two dump schemes make use vmcoreinfo data? > > We have a tool named zgetdump. With this tool it is possible to convert > dump formats on the fly using fuse. E.g. you can mount a s390 > stand-alone dump as ELF dump. When this is done, the tool finds the > vmcoreinfo in the stand-alone dump via our well known ABI defined > address and it creates the respective VMCOREINFO ELF note in the output > ELF dump. This then can be used e.g. by makedumpfile for dump filtering. > No more need for a vmlinux file with debug information. Ok, so you basically need it so that makedumpfile can do filtering without debug info. Well, if zgetdump is doing everything and you are stashing away an arch specific pointer, I guss you could have saved pointer directly to vmcoreinfo_data and then zgetdump could have made an ELF note out of it for use of makedumpfile. But anyway, having kernel exported the note does not harm. > So this will look like the following: > > # zgetdump --mount standalone.dump -f elf /mnt > # ls /mnt > # dump.elf > # readelf -n /mnt/dump.elf > # ... > VMCOREINFO 0x00000474 Unknown note type: (0x00000000) > # makedumpfile -c -d 31 /mnt/dump.elf dump.kdump If you can do this easily, then you really did not need kdump in kernel? Just use stand alone dump to take dump and then do this to filter dump. But what happens to ELF headers which map kernel virtual address to physical addresses? kexec-tools prepares those. So in this case when you are capturing the dump, who prepares those? IOW, how does zgetdump creates a mapping between kernel virtual and physical addresses? Thanks Vivek -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists