Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem using vmcore from kernel 4.19.21 #38

Closed
iattilagy opened this issue Aug 15, 2019 · 4 comments
Closed

Problem using vmcore from kernel 4.19.21 #38

iattilagy opened this issue Aug 15, 2019 · 4 comments

Comments

@iattilagy
Copy link

iattilagy commented Aug 15, 2019
edited
Loading

I am trying to open a vmcore generated by kernel 4.19.21, crash tool fails and I get the following error:
crash: seek error: kernel virtual address: ffff888627a14d00 type: "current_task (per_cpu)"
crash: seek error: kernel virtual address: ffff888627a54d00 type: "current_task (per_cpu)"
crash: seek error: kernel virtual address: ffff888627a94d00 type: "current_task (per_cpu)"
crash: seek error: kernel virtual address: ffff888627ad4d00 type: "current_task (per_cpu)"
crash: seek error: kernel virtual address: ffff888627b14d00 type: "current_task (per_cpu)"
crash: seek error: kernel virtual address: ffff888627b54d00 type: "current_task (per_cpu)"
crash: seek error: kernel virtual address: ffff888627b94d00 type: "current_task (per_cpu)"
crash: seek error: kernel virtual address: ffff888627bd4d00 type: "current_task (per_cpu)"
crash: seek error: kernel virtual address: ffff888627a05024 type: "tss_struct ist array"

This patch seems to fix the issue, but it is obviously only checked on a specific config and version of kernel.

git diff x86_64.c
diff --git a/x86_64.c b/x86_64.c
index d57b602..601350f 100644
--- a/x86_64.c
+++ b/x86_64.c
@@ -382,7 +382,8 @@ x86_64_init(int when)
 
        case POST_GDB:
                if (!(machdep->flags & RANDOMIZED) &&
-                   ((THIS_KERNEL_VERSION >= LINUX(4,20,0)) || 
+                   ((THIS_KERNEL_VERSION >= LINUX(4,20,0)) ||
+                         (THIS_KERNEL_VERSION == LINUX(4,19,21)) ||
                    ((THIS_KERNEL_VERSION >= LINUX(4,14,84)) && 
                     (THIS_KERNEL_VERSION < LINUX(4,15,0))))) {
                        machdep->machspec->page_offset = machdep->flags & VM_5LEVEL ?
@crash-utility
Copy link
Collaborator

crash-utility commented Oct 18, 2019
edited
Loading

Somehow I missed this issue entirely.

As you determined, it looks like this 4.20 commit was backported to 4.19.21:

commit d52888aa2753e3063a9d3a0c9f72f94aa9809c15
Author: Kirill A. Shutemov [email protected]
Date: Fri Oct 26 15:28:54 2018 +0300

x86/mm: Move LDT remap out of KASLR region on 5-level paging

which has this:

-#define __PAGE_OFFSET_BASE_L5 _AC(0xff10000000000000, UL)
-#define __PAGE_OFFSET_BASE_L4 _AC(0xffff880000000000, UL)
+#define __PAGE_OFFSET_BASE_L5 _AC(0xff11000000000000, UL)
+#define __PAGE_OFFSET_BASE_L4 _AC(0xffff888000000000, UL)

If so, it looks like the patch could simply change:

THIS_KERNEL_VERSION >= LINUX(4,20,0) to THIS_KERNEL_VERSION >= LINUX(4,19,21)

But it's not clear whether the backport went into 4.19.21 or into an earlier 4.19.xx?
Do you happen to know exactly when it happened?

@crash-utility
Copy link
Collaborator

Hmmm, looks like it went into 4.19.15:

https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.15

where this commit seems to have included it:

commit 56769ef90b83a803ece304d57c397eb74c9bf50a
Author: Kirill A. Shutemov [email protected]
Date: Fri Nov 30 23:23:28 2018 +0300

x86/dump_pagetables: Fix LDT remap address marker

[ Upstream commit 254eb5505ca0ca749d3a491fc6668b6c16647a99 ]

The LDT remap placement has been changed. It's now placed before the direct
mapping in the kernel virtual address space for both paging modes.

Change address markers order accordingly.

Fixes: d52888aa2753 ("x86/mm: Move LDT remap out of KASLR region on 5-level paging")
...

@crash-utility
Copy link
Collaborator

Nope, it originally went into 4.19.5:

https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.5 contains:

commit 4074ca7d8a1832921c865d250bbd08f3441b3657
Author: Kirill A. Shutemov [email protected]
Date: Fri Oct 26 15:28:54 2018 +0300

x86/mm: Move LDT remap out of KASLR region on 5-level paging

$ diff linux-4.19.4/arch/x86/include/asm/page_64_types.h linux-4.19.5/arch/x86/include/asm/page_64_types.h
36,38c36,40
< * PGDIR_SIZE*16 (pgd slot 272). The gap is to allow a space for a
< * hypervisor to fit. Choosing 16 slots here is arbitrary, but it's
< * what Xen requires.

  • PGDIR_SIZE*17 (pgd slot 273).
  • The gap is to allow a space for LDT remap for PTI (1 pgd slot) and space for
  • a hypervisor (16 slots). Choosing 16 slots for a hypervisor is arbitrary,
  • but it's what Xen requires.
    40,41c42,43
    < #define __PAGE_OFFSET_BASE_L5 _AC(0xff10000000000000, UL)
    < #define __PAGE_OFFSET_BASE_L4 _AC(0xffff880000000000, UL)

#define __PAGE_OFFSET_BASE_L5 _AC(0xff11000000000000, UL)
#define __PAGE_OFFSET_BASE_L4 _AC(0xffff888000000000, UL)
$

I'll put a patch for crash-7.2.8 that verifies that checks for
THIS_KERNEL_VERSION >= LINUX(4,19,5)

@crash-utility
Copy link
Collaborator

1f9e0ac

@JoeyJiao JoeyJiao mentioned this issue Nov 29, 2019
Closed
@cjl20062529 cjl20062529 mentioned this issue Jun 3, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@iattilagy