[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH 3/4] dump: add fallback KDBG using in Windows dump
|
From: |
Viktor Prutyanov |
|
Subject: |
[Qemu-devel] [PATCH 3/4] dump: add fallback KDBG using in Windows dump |
|
Date: |
Thu, 17 May 2018 19:23:41 +0300 |
KdDebuggerDataBlock may be encrypted in guest memory and dump will be
useless in this case. But guest driver can obtain decrypted KDBG and
expose its address through BugcheckParameter1 field in raw header.
After this patch, QEMU will be able to use fallback KdDebuggerDataBlock.
Signed-off-by: Viktor Prutyanov <address@hidden>
---
win_dump.c | 28 ++++++++++++++++++++++------
1 file changed, 22 insertions(+), 6 deletions(-)
diff --git a/win_dump.c b/win_dump.c
index 7d956ca996..2d9afb514e 100644
--- a/win_dump.c
+++ b/win_dump.c
@@ -144,21 +144,37 @@ static void check_kdbg(WinDumpHeader64 *h, Error **errp)
{
const char OwnerTag[] = "KDBG";
char read_OwnerTag[4];
+ uint64_t KdDebuggerDataBlock = h->KdDebuggerDataBlock;
+ bool try_fallback = true;
+try_again:
if (cpu_memory_rw_debug(first_cpu,
- h->KdDebuggerDataBlock + KDBG_OWNER_TAG_OFFSET64,
+ KdDebuggerDataBlock + KDBG_OWNER_TAG_OFFSET64,
(uint8_t *)&read_OwnerTag, sizeof(read_OwnerTag), 0)) {
error_setg(errp, "win-dump: failed to read OwnerTag");
return;
}
if (memcmp(read_OwnerTag, OwnerTag, sizeof(read_OwnerTag))) {
- error_setg(errp, "win-dump: invalid KDBG OwnerTag,"
- " expected '%.4s', got '%.4s',"
- " KdDebuggerDataBlock seems to be encrypted",
- OwnerTag, read_OwnerTag);
- return;
+ if (try_fallback) {
+ /*
+ * If attempt to use original KDBG failed
+ * (most likely because of its encryption),
+ * we try to use KDBG obtained by guest driver.
+ */
+
+ KdDebuggerDataBlock = h->BugcheckParameter1;
+ try_fallback = false;
+ goto try_again;
+ } else {
+ error_setg(errp, "win-dump: invalid KDBG OwnerTag,"
+ " expected '%.4s', got '%.4s'",
+ OwnerTag, read_OwnerTag);
+ return;
+ }
}
+
+ h->KdDebuggerDataBlock = KdDebuggerDataBlock;
}
void create_win_dump(DumpState *s, Error **errp)
--
2.14.3
- [Qemu-devel] [PATCH 0/4] dump: add Windows crashdump format, Viktor Prutyanov, 2018/05/17
- [Qemu-devel] [PATCH 3/4] dump: add fallback KDBG using in Windows dump,
Viktor Prutyanov <=
- [Qemu-devel] [PATCH 2/4] dump: use system context in Windows dump, Viktor Prutyanov, 2018/05/17
- [Qemu-devel] [PATCH 4/4] dump: add Windows live system dump, Viktor Prutyanov, 2018/05/17
- [Qemu-devel] [PATCH 1/4] dump: add Windows dump format to dump-guest-memory, Viktor Prutyanov, 2018/05/17
- Re: [Qemu-devel] [PATCH 0/4] dump: add Windows crashdump format, no-reply, 2018/05/17
- Re: [Qemu-devel] [PATCH 0/4] dump: add Windows crashdump format, no-reply, 2018/05/17