From: Eugene Surovegin <[email protected]>
Include kASLR offset in VMCOREINFO ELF notes to assist in debugging.
Signed-off-by: Eugene Surovegin <[email protected]>
Signed-off-by: Kees Cook <[email protected]>
---
v2:
- make sure "From:" got sent correctly
---
arch/x86/kernel/machine_kexec_64.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
index 4eabc160696f..679cef0791cd 100644
--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c
@@ -279,5 +279,7 @@ void arch_crash_save_vmcoreinfo(void)
VMCOREINFO_SYMBOL(node_data);
VMCOREINFO_LENGTH(node_data, MAX_NUMNODES);
#endif
+ vmcoreinfo_append_str("KERNELOFFSET=%lx\n",
+ (unsigned long)&_text - __START_KERNEL);
}
--
1.7.9.5
--
Kees Cook
Chrome OS Security
* Kees Cook <[email protected]> wrote:
> From: Eugene Surovegin <[email protected]>
>
> Include kASLR offset in VMCOREINFO ELF notes to assist in debugging.
>
> Signed-off-by: Eugene Surovegin <[email protected]>
> Signed-off-by: Kees Cook <[email protected]>
> ---
> v2:
> - make sure "From:" got sent correctly
> ---
> arch/x86/kernel/machine_kexec_64.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
> index 4eabc160696f..679cef0791cd 100644
> --- a/arch/x86/kernel/machine_kexec_64.c
> +++ b/arch/x86/kernel/machine_kexec_64.c
> @@ -279,5 +279,7 @@ void arch_crash_save_vmcoreinfo(void)
> VMCOREINFO_SYMBOL(node_data);
> VMCOREINFO_LENGTH(node_data, MAX_NUMNODES);
> #endif
> + vmcoreinfo_append_str("KERNELOFFSET=%lx\n",
> + (unsigned long)&_text - __START_KERNEL);
> }
I've Cc:-ed Adrian Hunter, who has sent the following kaslr fixes for
perf yesterday:
http://lkml.org/lkml/2014/1/24/220
Adrian, is this patch the right solution from the perf tooling
perspective?
Thanks,
Ingo
On 25/01/14 09:47, Ingo Molnar wrote:
>
> * Kees Cook <[email protected]> wrote:
>
>> From: Eugene Surovegin <[email protected]>
>>
>> Include kASLR offset in VMCOREINFO ELF notes to assist in debugging.
>>
>> Signed-off-by: Eugene Surovegin <[email protected]>
>> Signed-off-by: Kees Cook <[email protected]>
>> ---
>> v2:
>> - make sure "From:" got sent correctly
>> ---
>> arch/x86/kernel/machine_kexec_64.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
>> index 4eabc160696f..679cef0791cd 100644
>> --- a/arch/x86/kernel/machine_kexec_64.c
>> +++ b/arch/x86/kernel/machine_kexec_64.c
>> @@ -279,5 +279,7 @@ void arch_crash_save_vmcoreinfo(void)
>> VMCOREINFO_SYMBOL(node_data);
>> VMCOREINFO_LENGTH(node_data, MAX_NUMNODES);
>> #endif
>> + vmcoreinfo_append_str("KERNELOFFSET=%lx\n",
>> + (unsigned long)&_text - __START_KERNEL);
>> }
>
> I've Cc:-ed Adrian Hunter, who has sent the following kaslr fixes for
> perf yesterday:
>
> http://lkml.org/lkml/2014/1/24/220
>
> Adrian, is this patch the right solution from the perf tooling
> perspective?
perf tools isn't a consumer of VMCOREINFO although I see VMCOREINFO already
has _stext which would be enough for many purposes.
>
> Thanks,
>
> Ingo
>
>
* Adrian Hunter <[email protected]> wrote:
> On 25/01/14 09:47, Ingo Molnar wrote:
> >
> > * Kees Cook <[email protected]> wrote:
> >
> >> From: Eugene Surovegin <[email protected]>
> >>
> >> Include kASLR offset in VMCOREINFO ELF notes to assist in debugging.
> >>
> >> Signed-off-by: Eugene Surovegin <[email protected]>
> >> Signed-off-by: Kees Cook <[email protected]>
> >> ---
> >> v2:
> >> - make sure "From:" got sent correctly
> >> ---
> >> arch/x86/kernel/machine_kexec_64.c | 2 ++
> >> 1 file changed, 2 insertions(+)
> >>
> >> diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
> >> index 4eabc160696f..679cef0791cd 100644
> >> --- a/arch/x86/kernel/machine_kexec_64.c
> >> +++ b/arch/x86/kernel/machine_kexec_64.c
> >> @@ -279,5 +279,7 @@ void arch_crash_save_vmcoreinfo(void)
> >> VMCOREINFO_SYMBOL(node_data);
> >> VMCOREINFO_LENGTH(node_data, MAX_NUMNODES);
> >> #endif
> >> + vmcoreinfo_append_str("KERNELOFFSET=%lx\n",
> >> + (unsigned long)&_text - __START_KERNEL);
> >> }
> >
> > I've Cc:-ed Adrian Hunter, who has sent the following kaslr fixes for
> > perf yesterday:
> >
> > http://lkml.org/lkml/2014/1/24/220
> >
> > Adrian, is this patch the right solution from the perf tooling
> > perspective?
>
> perf tools isn't a consumer of VMCOREINFO although I see VMCOREINFO
> already has _stext which would be enough for many purposes.
Yes - but let me explain where I'm coming from: I'd like the recent
KASLR related perf /proc/kcore based annotation bug to be fixed
properly.
Currently I'm not sure about the status of it. In your fixes
submission:
Date: Fri, 24 Jan 2014 17:10:10 +0200
From: Adrian Hunter <[email protected]>
Subject: [PATCH 0/8] perf tools: kaslr fixes
you mentioned the following:
"- mustn't use kcore if the kernel has moved"
Does this that /proc/kcore annotation will not work if KASLR is
active?
If yes then given that I expect most distros to turn on KASLR this
would essentially make /proc/kcore useless on a large set of Linux
systems. That would be suboptimal.
Thanks,
Ingo
On 27/01/14 17:25, Ingo Molnar wrote:
>
> * Adrian Hunter <[email protected]> wrote:
>
>> On 25/01/14 09:47, Ingo Molnar wrote:
>>>
>>> * Kees Cook <[email protected]> wrote:
>>>
>>>> From: Eugene Surovegin <[email protected]>
>>>>
>>>> Include kASLR offset in VMCOREINFO ELF notes to assist in debugging.
>>>>
>>>> Signed-off-by: Eugene Surovegin <[email protected]>
>>>> Signed-off-by: Kees Cook <[email protected]>
>>>> ---
>>>> v2:
>>>> - make sure "From:" got sent correctly
>>>> ---
>>>> arch/x86/kernel/machine_kexec_64.c | 2 ++
>>>> 1 file changed, 2 insertions(+)
>>>>
>>>> diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
>>>> index 4eabc160696f..679cef0791cd 100644
>>>> --- a/arch/x86/kernel/machine_kexec_64.c
>>>> +++ b/arch/x86/kernel/machine_kexec_64.c
>>>> @@ -279,5 +279,7 @@ void arch_crash_save_vmcoreinfo(void)
>>>> VMCOREINFO_SYMBOL(node_data);
>>>> VMCOREINFO_LENGTH(node_data, MAX_NUMNODES);
>>>> #endif
>>>> + vmcoreinfo_append_str("KERNELOFFSET=%lx\n",
>>>> + (unsigned long)&_text - __START_KERNEL);
>>>> }
>>>
>>> I've Cc:-ed Adrian Hunter, who has sent the following kaslr fixes for
>>> perf yesterday:
>>>
>>> http://lkml.org/lkml/2014/1/24/220
>>>
>>> Adrian, is this patch the right solution from the perf tooling
>>> perspective?
>>
>> perf tools isn't a consumer of VMCOREINFO although I see VMCOREINFO
>> already has _stext which would be enough for many purposes.
>
> Yes - but let me explain where I'm coming from: I'd like the recent
> KASLR related perf /proc/kcore based annotation bug to be fixed
> properly.
>
> Currently I'm not sure about the status of it. In your fixes
> submission:
>
> Date: Fri, 24 Jan 2014 17:10:10 +0200
> From: Adrian Hunter <[email protected]>
> Subject: [PATCH 0/8] perf tools: kaslr fixes
>
> you mentioned the following:
>
> "- mustn't use kcore if the kernel has moved"
>
> Does this that /proc/kcore annotation will not work if KASLR is
> active?
No. In fact annotation works now with kcore. Linus' problem was with vmlinux.
Kcore won't be used with kaslr in the case:
1. record data with 'perf record'
2. reboot
3. use annotation on the previously recorded data
As I noted in the commit message, you can still use kcore if you made a copy
(with perf buildid-cache) at the time the data was recorded.
>
> If yes then given that I expect most distros to turn on KASLR this
> would essentially make /proc/kcore useless on a large set of Linux
> systems. That would be suboptimal.
>
> Thanks,
>
> Ingo
>
>
On Mon, Jan 27, 2014 at 05:56:38PM +0200, Adrian Hunter wrote:
> No. In fact annotation works now with kcore. Linus' problem was with vmlinux.
>
> Kcore won't be used with kaslr in the case:
> 1. record data with 'perf record'
> 2. reboot
> 3. use annotation on the previously recorded data
>
> As I noted in the commit message, you can still use kcore if you made a copy
> (with perf buildid-cache) at the time the data was recorded.
Not that I care much about this particular case; but you could also save
the offset at record time and do double offset correction assuming its
still the same kernel you booted into but at a different location.
Do _NOT_ cross post to moderated lists!!
The purpose of this patch to make it easier for processing offline
kdump files for crash analysis. For context on the see this thread
for a patch in progress
(http://www.mail-archive.com/[email protected]/msg04640.html)
_stext doesn't quite work for this purpose because in my testing it
doesn't exactly match the kaslr offset, for some reason _stext is a
few hundred bytes after the kaslr offset. The number doesn't appear
consistent and I would prefer not to take a dependency on that.
On Mon, Jan 27, 2014 at 8:22 AM, Peter Zijlstra <[email protected]> wrote:
>
>
> Do _NOT_ cross post to moderated lists!!
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing in e-mail?
On Thu, Jan 23, 2014 at 9:31 AM, Kees Cook <[email protected]> wrote:
> From: Eugene Surovegin <[email protected]>
>
> Include kASLR offset in VMCOREINFO ELF notes to assist in debugging.
>
> Signed-off-by: Eugene Surovegin <[email protected]>
> Signed-off-by: Kees Cook <[email protected]>
> ---
> v2:
> - make sure "From:" got sent correctly
> ---
> arch/x86/kernel/machine_kexec_64.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
> index 4eabc160696f..679cef0791cd 100644
> --- a/arch/x86/kernel/machine_kexec_64.c
> +++ b/arch/x86/kernel/machine_kexec_64.c
> @@ -279,5 +279,7 @@ void arch_crash_save_vmcoreinfo(void)
> VMCOREINFO_SYMBOL(node_data);
> VMCOREINFO_LENGTH(node_data, MAX_NUMNODES);
> #endif
> + vmcoreinfo_append_str("KERNELOFFSET=%lx\n",
> + (unsigned long)&_text - __START_KERNEL);
> }
>
> --
> 1.7.9.5
Ping on this patch. The crash-utils folks would like to be using this feature.
-Kees
--
Kees Cook
Chrome OS Security
Commit-ID: b6085a865762236bb84934161273cdac6dd11c2d
Gitweb: http://git.kernel.org/tip/b6085a865762236bb84934161273cdac6dd11c2d
Author: Eugene Surovegin <[email protected]>
AuthorDate: Thu, 23 Jan 2014 09:31:20 -0800
Committer: H. Peter Anvin <[email protected]>
CommitDate: Tue, 25 Feb 2014 16:57:47 -0800
x86, kaslr: export offset in VMCOREINFO ELF notes
Include kASLR offset in VMCOREINFO ELF notes to assist in debugging.
[ hpa: pushing this for v3.14 to avoid having a kernel version with
kASLR where we can't debug output. ]
Signed-off-by: Eugene Surovegin <[email protected]>
Link: http://lkml.kernel.org/r/[email protected]
Signed-off-by: Kees Cook <[email protected]>
Signed-off-by: H. Peter Anvin <[email protected]>
---
arch/x86/kernel/machine_kexec_64.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/arch/x86/kernel/machine_kexec_64.c b/arch/x86/kernel/machine_kexec_64.c
index 4eabc16..679cef0 100644
--- a/arch/x86/kernel/machine_kexec_64.c
+++ b/arch/x86/kernel/machine_kexec_64.c
@@ -279,5 +279,7 @@ void arch_crash_save_vmcoreinfo(void)
VMCOREINFO_SYMBOL(node_data);
VMCOREINFO_LENGTH(node_data, MAX_NUMNODES);
#endif
+ vmcoreinfo_append_str("KERNELOFFSET=%lx\n",
+ (unsigned long)&_text - __START_KERNEL);
}