Re: [Qemu-devel] [PATCH v4 0/8] KASLR kernel dump support

["Michael S. Tsirkin" <mst@redhat.com>]

On Fri, Jul 14, 2017 at 08:20:03PM +0200, Marc-André Lureau wrote:
> Recent linux kernels enable KASLR to randomize phys/virt memory
> addresses. This series aims to provide enough information in qemu
> dumps so that crash utility can work with randomized kernel too (it
> hasn't been tested on other archs than x86 though, help welcome).
> 
> The vmcoreinfo device is an emulated ACPI device that exposes a 4k
> memory range to the guest to store various informations useful to
> debug the guest OS. (it is greatly inspired by the VMGENID device
> implementation). The version field with value 0 is meant to give
> paddr/size of the VMCOREINFO ELF PT_NOTE, other values can be used for
> different purposes or OSes. (note: some wanted to see pvpanic somehow
> merged with this device, I have no clear idea how to do that, nor do I
> think this is a good idea since the devices are quite different, used
> at different time for different purposes. And it can be done as a
> future iteration if it is appropriate, feel free to send patches)

First, I think you underestimate the difficulty of maintaining
compatibility.

Second, this seems racy - how do you know when is guest done writing out
the data?

Given you have very little data to export (PA, size - do
you even need size?) - how about just using an ACPI method do it,
instead of exporting a physical addess and storing address there.  This
way you can add more methods as you add functionality.

VMGENID has very specific requirements around performance,
and does not care about consistency at all.
This does not apply here.


> Crash 7.1.9 will parse the "phys_base" value from the VMCOREINFO note,
> and thus will work with KASLR-dump produced by this series.
> 
> By priority, VMCOREINFO "phys_base" value is the most accurate. If not
> available, qemu will keep the current guessed value.
> 
> The series implements the VMCOREINFO note addition in qemu ELF/kdump,
> as well as the python scripts/dump-guest-memory.py.
> 
> To test:
> 
> Compile and run a guest kernel with CONFIG_RANDOMIZE_BASE=y.
> 
> Run qemu with -device vmcoreinfo.
> 
> Load the experimental vmcoreinfo module in guest
> https://github.com/elmarco/vmgenid-test/blob/master/qemuvmci-test.c.
> 
> Produce an ELF dump:
> { "execute": "dump-guest-memory", "arguments": { "protocol": "file:dump", "paging": false } }
> 
> Produce a kdump:
> { "execute": "dump-guest-memory", "arguments": { "protocol": "file:dump", "paging": false, "format": "kdump-zlib" } }
> 
> Or with (gdb) dump-guest-memory, with scripts/dump-guest-memory.py script.
> 
> Analyze with crash >= 7.1.9
> $ crash vmlinux dump
> 
> v4: from Laszlo review
> - switch to warn_report*()
> - update test to follow vmgenid and use boot-sector infrastructure
> - fix range checks in the python script
> - add vmcoreinfo_get() stub
> 
> v3: from Laszlo review
> - change vmcoreinfo offset to 36
> - reset err to null after report
> - use PRIu32
> - change name_size and desc_size against MAX_VMCOREINFO_SIZE
> - python code simplification
> - check boundaries of blocks in phys_memory_read()
> - fix some vmgi vs vmci names
> - add more comments in code
> - fix comment indentation
> - add r-b tags
> 
> v2: from Laszlo review
> - vmci: fix guest endianess handling
> - vmci: fix wrong sizeof()
> - vmci: add back reset logic from vmgenid
> - dump: have 1MB size limit for vmcoreinfo
> - dump: fix potential off-by-1 buffer manipulation
> - dump: use temporary variable for qemu_strtou64
> - dump: fixed VMCOREINFO duplication in kdump
> - update gdb script to not call into qemu process
> - update MAINTAINERS with some new files
> 
> Marc-André Lureau (8):
>   vmgenid: replace x-write-pointer-available hack
>   acpi: add vmcoreinfo device
>   stubs: add vmcoreinfo_get() stub
>   tests: add simple vmcoreinfo test
>   dump: add vmcoreinfo ELF note
>   kdump: add vmcoreinfo ELF note
>   scripts/dump-guest-memory.py: add vmcoreinfo
>   MAINTAINERS: add Dump maintainers
> 
>  scripts/dump-guest-memory.py         |  47 ++++++++
>  include/hw/acpi/aml-build.h          |   1 +
>  include/hw/acpi/bios-linker-loader.h |   2 +
>  include/hw/acpi/vmcoreinfo.h         |  37 ++++++
>  include/hw/compat.h                  |   4 -
>  include/sysemu/dump.h                |   2 +
>  dump.c                               | 154 +++++++++++++++++++++++++
>  hw/acpi/aml-build.c                  |   2 +
>  hw/acpi/bios-linker-loader.c         |  10 ++
>  hw/acpi/vmcoreinfo.c                 | 211 +++++++++++++++++++++++++++++++++++
>  hw/acpi/vmgenid.c                    |   9 +-
>  hw/i386/acpi-build.c                 |  14 +++
>  stubs/vmcoreinfo.c                   |   9 ++
>  tests/vmcoreinfo-test.c              | 141 +++++++++++++++++++++++
>  MAINTAINERS                          |   9 ++
>  default-configs/arm-softmmu.mak      |   1 +
>  default-configs/i386-softmmu.mak     |   1 +
>  default-configs/x86_64-softmmu.mak   |   1 +
>  docs/specs/vmcoreinfo.txt            | 138 +++++++++++++++++++++++
>  hw/acpi/Makefile.objs                |   1 +
>  stubs/Makefile.objs                  |   1 +
>  tests/Makefile.include               |   2 +
>  22 files changed, 785 insertions(+), 12 deletions(-)
>  create mode 100644 include/hw/acpi/vmcoreinfo.h
>  create mode 100644 hw/acpi/vmcoreinfo.c
>  create mode 100644 stubs/vmcoreinfo.c
>  create mode 100644 tests/vmcoreinfo-test.c
>  create mode 100644 docs/specs/vmcoreinfo.txt
> 
> -- 
> 2.13.1.395.gf7b71de06
>