lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 23 Nov 2017 13:46:48 +0100
From:   Petr Mladek <>
To:     Thomas Gleixner <>
Cc:     LKML <>,
        Linus Torvalds <>,
        Prarit Bhargava <>,
        Mark Salyzyn <>,
        Ingo Molnar <>,
        "H. Peter Anvin" <>,
        Peter Zijlstra <>,
        Andrew Morton <>,
        Sergey Senozhatsky <>,
        Steven Rostedt <>,
        Joe Perches <>,
        Linus Torvalds <>
Subject: Re: [RFC patch 5/7] crash: Add VMCOREINFO_FIELD_AND_OFFSET()

On Wed 2017-11-15 19:15:36, Thomas Gleixner wrote:
> Changing the time stamp storage in the printk ringbuffer entries would
> break existing tools which rely on the availability of the 'ts_nsec' field
> in vmcore info.
> Provide a new macro which allows to store the offset of a member of struct
> printk_log with a different name. This allows to change the underlying
> storage and without breaking tools.

It seems that this cheating is not enough. I tried to use it in printk
(6th patch in this patch set) and the "crash" tool complained:

===== cut =====
WARNING: log buf data structure(s) have changed

log: invalid structure member offset: log_ts_nsec
     FILE: kernel.c  LINE: 5055  FUNCTION: dump_log_entry()
===== cut =====

The crash tool get this value using the following code:

  MEMBER_OFFSET_INIT(log_ts_nsec, "printk_log", "ts_nsec");
    + datatype_info((X), (Y), NULL)

, where the last function does something like:

datatype_info(char *name, char *member, struct datatype_member *dm)
	struct gnu_request *req;

	req->command = GNU_GET_DATATYPE;
	req->name = name;
	req->member = member;


I am not completely sure what it does. I guess that gdb
is able to get information about the real types either
from vmlinux binary or vmcore. It is not able to
find "ts_nsec" in the struct "printk_log" and fails.

I am afraid that we would need to fix crash for
the modified struct printk_log. Then this hack
will not be needed.

Best Regards,

Powered by blists - more mailing lists