----- Original Message ----- > On Wed, Jan 22, 2014 at 10:42 AM, Dave Anderson <[email protected]> wrote: > > > > > > ----- Original Message ----- > >> >> > > >> >> > Then, my questions are: > >> >> > > >> >> > (1) on a live system, how would a root user determine the offset > >> >> > from userspace? > >> >> > >> >> AFAICT, it can be calculated from /proc/kallsyms. > >> > > >> > Will /proc/kallsyms contain the relocated addresses? Andy had mentioned > >> > that > >> > the offset would be in the dmesg buffer but that can be overwritten. > >> > >> Yeah, kallsyms should show the current actual locations. It should > >> only show up in dmesg on a crash. > >> > >> >> > (2) given a random vmlinux/vmcore pair, how would any user determine > >> >> > the offset? > >> >> > >> >> It'd be nice for the vmcore to contain offset details. > >> > > >> > Right -- Andy mentioned that it would be put in a VMCOREINFO item: > >> > > >> > > >> > https://www.redhat.com/archives/crash-utility/2013-October/msg00043.html > >> > > >> > But I'm presuming that wasn't part of your patchset. > >> > >> It was not, no. What's needed to get that added? > > > > Since kASLR is x86 only (right?), I believe it would simply require an > > addition to "arch/x86/kernel/machine_kexec_64.c" here: > > > > void arch_crash_save_vmcoreinfo(void) > > { > > VMCOREINFO_SYMBOL(phys_base); > > VMCOREINFO_SYMBOL(init_level4_pgt); > > > > #ifdef CONFIG_NUMA > > VMCOREINFO_SYMBOL(node_data); > > VMCOREINFO_LENGTH(node_data, MAX_NUMNODES); > > #endif > > } > > > > Since it's the offset value that we're interested in, something > > like this should suffice: > > > > VMCOREINFO_NUMBER(<name_of_symbol_containing_offset_value>) > > > > with an appropriate header inclusion that declares the symbol, > > and enclosed by whatever "CONFIG_<kASLR>" you've got in place. > > > > The macro looks like this: > > > > #define VMCOREINFO_NUMBER(name) \ > > vmcoreinfo_append_str("NUMBER(%s)=%ld\n", #name, (long)name) > > > > Of course that presumes you've got a symbol in place that holds the offset? > > > > On a related note, the VMCOREINFO_SYMBOL(phys_base) above is completely > > useless, and should also have been introduced as > > VMCOREINFO_NUMBER(phys_base). > > The makedumpfile maintainers on this list can confirm it, but I > > don't believe that they use it either, but just pass it on to the > > crash utility to ignore. Both the crash utility and makedumpfile > > jump through hoops to figure out the phys_base value when it could > > simply be passed in the vmcoreinfo data. > > FWIW, the offset reported during a panic to dmesg is: > (unsigned long)&_text - __START_KERNEL > > I think this is what Andrew was looking at for pushing into the vmcore info. > > -Kees
OK good. Since VMCOREINFO_NUMBER() won't work without a variable, maybe Andrew was planning to create something like a new VMCOREINFO_KASLR_OFFSET() in include/linux/kexec.h? BTW, is he still going to work on this or has he moved on to other things? Dave -- Crash-utility mailing list [email protected] https://www.redhat.com/mailman/listinfo/crash-utility
