|
 |
608733 |
commit 28fa7bd09013455b5ddc020dea4706278cda0d65
|
|
|
608733 |
Author: Dave Anderson <anderson@redhat.com>
|
|
|
608733 |
Date: Tue Jun 19 16:31:54 2018 -0400
|
|
|
608733 |
|
|
|
608733 |
Fix for PPC64 kernel virtual address translation in Linux 4.17 and
|
|
|
608733 |
later kernels with commit c2b4d8b7417a59b7f9a52d0d8402f5257cbbd398,
|
|
|
608733 |
titled "powerpc/mm/hash64: Increase the VA range", in which the
|
|
|
608733 |
maximum virtual address value has been increased to 4PB. Without
|
|
|
608733 |
the patch, the translation/access of high vmalloc space addresses
|
|
|
608733 |
fails; for example, the "kmem -[sS]" option fails the translation
|
|
|
608733 |
of per-cpu kmem_cache_cpu addresses located in vmalloc space, with
|
|
|
608733 |
the error messages "kmem: invalid kernel virtual address: <address>
|
|
|
608733 |
type: kmem_cache_cpu.freelist" and "kmem: invalid kernel virtual
|
|
|
608733 |
address: <address> type: kmem_cache_cpu.page", and the "vtop"
|
|
|
608733 |
command shows the addresses as "(not mapped)".
|
|
|
608733 |
(hbathini@linux.ibm.com)
|
|
|
608733 |
|
|
|
608733 |
diff --git a/defs.h b/defs.h
|
|
|
608733 |
index 6e6f6be..e6e3850 100644
|
|
|
608733 |
--- a/defs.h
|
|
|
608733 |
+++ b/defs.h
|
|
|
608733 |
@@ -3977,6 +3977,7 @@ struct efi_memory_desc_t {
|
|
|
608733 |
#define PMD_INDEX_SIZE_L4_64K_4_12 10
|
|
|
608733 |
#define PUD_INDEX_SIZE_L4_64K_4_12 7
|
|
|
608733 |
#define PGD_INDEX_SIZE_L4_64K_4_12 8
|
|
|
608733 |
+#define PUD_INDEX_SIZE_L4_64K_4_17 10
|
|
|
608733 |
#define PTE_INDEX_SIZE_RADIX_64K 5
|
|
|
608733 |
#define PMD_INDEX_SIZE_RADIX_64K 9
|
|
|
608733 |
#define PUD_INDEX_SIZE_RADIX_64K 9
|
|
|
608733 |
diff --git a/ppc64.c b/ppc64.c
|
|
|
608733 |
index 0dd8a2a..f5d0dac 100644
|
|
|
608733 |
--- a/ppc64.c
|
|
|
608733 |
+++ b/ppc64.c
|
|
|
608733 |
@@ -451,7 +451,10 @@ ppc64_init(int when)
|
|
|
608733 |
|
|
|
608733 |
if (THIS_KERNEL_VERSION >= LINUX(4,12,0)) {
|
|
|
608733 |
m->l2_index_size = PMD_INDEX_SIZE_L4_64K_4_12;
|
|
|
608733 |
- m->l3_index_size = PUD_INDEX_SIZE_L4_64K_4_12;
|
|
|
608733 |
+ if (THIS_KERNEL_VERSION >= LINUX(4,17,0))
|
|
|
608733 |
+ m->l3_index_size = PUD_INDEX_SIZE_L4_64K_4_17;
|
|
|
608733 |
+ else
|
|
|
608733 |
+ m->l3_index_size = PUD_INDEX_SIZE_L4_64K_4_12;
|
|
|
608733 |
m->l4_index_size = PGD_INDEX_SIZE_L4_64K_4_12;
|
|
|
608733 |
} else {
|
|
|
608733 |
m->l2_index_size = PMD_INDEX_SIZE_L4_64K_4_6;
|
|
|
608733 |
|
|
|
608733 |
commit e5df29d54bbdb8b84cb1661233ed186b153be746
|
|
|
608733 |
Author: Dave Anderson <anderson@redhat.com>
|
|
|
608733 |
Date: Wed Jun 20 11:15:38 2018 -0400
|
|
|
608733 |
|
|
|
608733 |
Fix for the x86_64 "bt" command in which a legitimate exception
|
|
|
608733 |
frame is appended with the message "bt: WARNING: possibly bogus
|
|
|
608733 |
exception frame". This only happens in KASLR-enabled kernels when
|
|
|
608733 |
the text address that was executing when the exception occurred
|
|
|
608733 |
is marked as a "weak" symbol (type "W") instead of a text symbol
|
|
|
608733 |
(type "T" or "t"). As a result, the exception frame's RIP is not
|
|
|
608733 |
recognized as a text symbol, and the warning message is displayed.
|
|
|
608733 |
(anderson@redhat.com)
|
|
|
608733 |
|
|
|
608733 |
diff --git a/symbols.c b/symbols.c
|
|
|
608733 |
index bb4ae3a..bf55319 100644
|
|
|
608733 |
--- a/symbols.c
|
|
|
608733 |
+++ b/symbols.c
|
|
|
608733 |
@@ -2755,9 +2755,14 @@ is_kernel_text(ulong value)
|
|
|
608733 |
section);
|
|
|
608733 |
end = start + (ulong)bfd_section_size(st->bfd,
|
|
|
608733 |
section);
|
|
|
608733 |
+
|
|
|
608733 |
+ if (kt->flags2 & KASLR) {
|
|
|
608733 |
+ start += (kt->relocate * -1);
|
|
|
608733 |
+ end += (kt->relocate * -1);
|
|
|
608733 |
+ }
|
|
|
608733 |
|
|
|
608733 |
- if ((value >= start) && (value < end))
|
|
|
608733 |
- return TRUE;
|
|
|
608733 |
+ if ((value >= start) && (value < end))
|
|
|
608733 |
+ return TRUE;
|
|
|
608733 |
}
|
|
|
608733 |
}
|
|
|
608733 |
}
|
|
|
608733 |
@@ -2833,7 +2838,16 @@ is_kernel_text_offset(ulong value)
|
|
|
608733 |
int
|
|
|
608733 |
is_symbol_text(struct syment *sp)
|
|
|
608733 |
{
|
|
|
608733 |
- return ((sp->type == 'T') || (sp->type == 't'));
|
|
|
608733 |
+ if ((sp->type == 'T') || (sp->type == 't'))
|
|
|
608733 |
+ return TRUE;
|
|
|
608733 |
+
|
|
|
608733 |
+ if ((sp->type == 'W') || (sp->type == 'w')) {
|
|
|
608733 |
+ if ((sp->value >= kt->stext) &&
|
|
|
608733 |
+ (sp->value < kt->etext))
|
|
|
608733 |
+ return TRUE;
|
|
|
608733 |
+ }
|
|
|
608733 |
+
|
|
|
608733 |
+ return FALSE;
|
|
|
608733 |
}
|
|
|
608733 |
|
|
|
608733 |
/*
|
|
|
608733 |
|
|
|
608733 |
commit a7e5b90757bb41ad5e148177c5b3aaf5d892243d
|
|
|
608733 |
Author: Dave Anderson <anderson@redhat.com>
|
|
|
608733 |
Date: Wed Jun 20 16:33:43 2018 -0400
|
|
|
608733 |
|
|
|
608733 |
Fix for the x86_64 "bt" command in Linux 4.16 and later kernels
|
|
|
608733 |
containing commit 3aa99fc3e708b9cd9b4cfe2df0b7a66cf293e3cf, titled
|
|
|
608733 |
"x86/entry/64: Remove 'interrupt' macro". Without the patch, the
|
|
|
608733 |
exception frame display generated by an interrupt exception will
|
|
|
608733 |
show incorrect contents, and be followed by the message "bt: WARNING:
|
|
|
608733 |
possibly bogus exception frame".
|
|
|
608733 |
(anderson@redhat.com)
|
|
|
608733 |
|
|
|
608733 |
diff --git a/x86_64.c b/x86_64.c
|
|
|
608733 |
index e01082b..6d1ae2f 100644
|
|
|
608733 |
--- a/x86_64.c
|
|
|
608733 |
+++ b/x86_64.c
|
|
|
608733 |
@@ -4285,6 +4285,12 @@ x86_64_exception_frame(ulong flags, ulong kvaddr, char *local,
|
|
|
608733 |
long err;
|
|
|
608733 |
char buf[BUFSIZE];
|
|
|
608733 |
|
|
|
608733 |
+ if (flags == EFRAME_VERIFY) {
|
|
|
608733 |
+ if (!accessible(kvaddr) ||
|
|
|
608733 |
+ !accessible(kvaddr + SIZE(pt_regs) - sizeof(long)))
|
|
|
608733 |
+ return FALSE;
|
|
|
608733 |
+ }
|
|
|
608733 |
+
|
|
|
608733 |
ms = machdep->machspec;
|
|
|
608733 |
sp = NULL;
|
|
|
608733 |
|
|
|
608733 |
@@ -6283,6 +6289,9 @@ x86_64_irq_eframe_link(ulong stkref, struct bt_info *bt, FILE *ofp)
|
|
|
608733 |
{
|
|
|
608733 |
ulong irq_eframe;
|
|
|
608733 |
|
|
|
608733 |
+ if (x86_64_exception_frame(EFRAME_VERIFY, stkref, 0, bt, ofp))
|
|
|
608733 |
+ return stkref;
|
|
|
608733 |
+
|
|
|
608733 |
irq_eframe = stkref - machdep->machspec->irq_eframe_link;
|
|
|
608733 |
|
|
|
608733 |
if (x86_64_exception_frame(EFRAME_VERIFY, irq_eframe, 0, bt, ofp))
|
|
|
608733 |
|
|
|
608733 |
commit 02efd0838f05ef8a7fe21b0b8ba6cad729270645
|
|
|
608733 |
Author: Dave Anderson <anderson@redhat.com>
|
|
|
608733 |
Date: Fri Jun 22 11:00:01 2018 -0400
|
|
|
608733 |
|
|
|
608733 |
Fix for the failure of several "kmem" command options, most notably
|
|
|
608733 |
seen if the command is piped directly into a crash session, or if
|
|
|
608733 |
the command is contained in an input file. For examples:
|
|
|
608733 |
$ echo "kmem -i" | crash ...
|
|
|
608733 |
$ crash -i <input-file> ...
|
|
|
608733 |
Without the patch, the kmem command may fail with the error message
|
|
|
608733 |
"<segmentation violation in gdb>". While the bug is due to a buffer
|
|
|
608733 |
overflow that has always existed, it only is triggered by certain
|
|
|
608733 |
kernel configurations.
|
|
|
608733 |
(anderson@redhat.com)
|
|
|
608733 |
|
|
|
608733 |
diff --git a/memory.c b/memory.c
|
|
|
608733 |
index 2f568d5..5c0a853 100644
|
|
|
608733 |
--- a/memory.c
|
|
|
608733 |
+++ b/memory.c
|
|
|
608733 |
@@ -17498,13 +17498,12 @@ vm_stat_init(void)
|
|
|
608733 |
STREQ(arglist[0], "NR_VM_ZONE_STAT_ITEMS")) {
|
|
|
608733 |
continue;
|
|
|
608733 |
} else {
|
|
|
608733 |
- stringlen += strlen(arglist[0]);
|
|
|
608733 |
+ stringlen += strlen(arglist[0]) + 1;
|
|
|
608733 |
count++;
|
|
|
608733 |
}
|
|
|
608733 |
}
|
|
|
608733 |
|
|
|
608733 |
- total = stringlen + vt->nr_vm_stat_items +
|
|
|
608733 |
- (sizeof(void *) * vt->nr_vm_stat_items);
|
|
|
608733 |
+ total = stringlen + (sizeof(void *) * vt->nr_vm_stat_items);
|
|
|
608733 |
if (!(vt->vm_stat_items = (char **)malloc(total))) {
|
|
|
608733 |
close_tmpfile();
|
|
|
608733 |
error(FATAL, "cannot malloc vm_stat_items cache\n");
|