From nobody Tue Feb 10 22:18:05 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=virtuozzo.com Return-Path: Received: from lists.gnu.org (208.118.235.17 [208.118.235.17]) by mx.zohomail.com with SMTPS id 1526574379577657.2270392074596; Thu, 17 May 2018 09:26:19 -0700 (PDT) Received: from localhost ([::1]:35368 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fJLjG-00080d-0f for importer@patchew.org; Thu, 17 May 2018 12:26:10 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:34460) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fJLhX-0006ab-Jh for qemu-devel@nongnu.org; Thu, 17 May 2018 12:24:24 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fJLhU-0007Jz-Kj for qemu-devel@nongnu.org; Thu, 17 May 2018 12:24:23 -0400 Received: from mail-eopbgr50097.outbound.protection.outlook.com ([40.107.5.97]:20608 helo=EUR03-VE1-obe.outbound.protection.outlook.com) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fJLhU-0007FD-Cr for qemu-devel@nongnu.org; Thu, 17 May 2018 12:24:20 -0400 Received: from localhost.localdomain (93.175.11.132) by VI1PR08MB2862.eurprd08.prod.outlook.com (2603:10a6:802:1f::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.755.16; Thu, 17 May 2018 16:24:17 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtuozzo.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ouU3reyFN/JCwjIFKm/oggICdLCEDOh/b4+BI4CcUXY=; b=DZvoh08lkkXwxc2lM3dEnAAuOJc2aa1BGdQ3DjnloaEAl+A8wT1g0jEoERZo9s8lN3dS9Y8n/LpZg0FxzPAhAtM5QTVvDJQp4xUwP4a5ESS4YKHl5DOmabQSR+nXmMT58AZFZM49fVVQSenjiWDWASLWIPHALAEpwADNiJGHJ4Y= From: Viktor Prutyanov To: qemu-devel@nongnu.org Date: Thu, 17 May 2018 19:23:41 +0300 Message-Id: <20180517162342.4330-4-viktor.prutyanov@virtuozzo.com> X-Mailer: git-send-email 2.14.3 In-Reply-To: <20180517162342.4330-1-viktor.prutyanov@virtuozzo.com> References: <20180517162342.4330-1-viktor.prutyanov@virtuozzo.com> MIME-Version: 1.0 X-Originating-IP: [93.175.11.132] X-ClientProxiedBy: AM0PR06CA0027.eurprd06.prod.outlook.com (2603:10a6:208:ab::40) To VI1PR08MB2862.eurprd08.prod.outlook.com (2603:10a6:802:1f::10) X-MS-PublicTrafficType: Email X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:VI1PR08MB2862; X-Microsoft-Exchange-Diagnostics: 1; VI1PR08MB2862; 3:pX731bMoHjzEbcXmMdT0mlq1QXlqhcu9DbH1wVegX/vLi+HdmREVE7qLEVoXVn37061fWZ2dUA4e7RS73Z3NVw/KAeHZQQZECGmKcfWWKwOKQXBCy/JY86xyt6qxVCR+zVba2JUVI4RWZuV4ZDg88u5k8I0+GnSN72B/UJEXnrMcS4Hw5cuaQVTR+3Pl1FyKJgbVzjmV9qWkxXFgu2kVGAO+aUR7ebzbeE3f0yIWuQqak9hns1OJHSJwIkuOMyR7; 25:JK+IbQfUyG8dVcWyPUiernLMwv5DCRsciWRuvo7FlzC4QjTJSvCIaJrZW3uU10RtmMUQk2pWBy4cuOL6ZQZu5sAXLnrSa1veQ4RkXyF2b2M9u3boi9ivby7uVhRKAk+f+cQVGB+aoD5oUhGBfI4km4PYDzm9Ixr9iu1Vd8kRLffWE6CWUOv3OtTXSbdeFSwJpfySy0S5JwdNGi8qKKFOlm5cdhkChzmPABS9VPfd9bvo2kSo5BMEm+liFmOdokdNZScJkhBAj7NDu9k4Dti03jS5AIxDF6ZfbtgVJ0KRdRs295En2AQ8UiFlDw2eu0e3XZmzGdlsVpZkKbmaOExvAg==; 31:IU24OB8wYejo+DyyMsURghp4xmy/jDHA717pd5mymLGrtLCzpH+T7AqbcV9PP3OQbljIir2Dj90R6Zf7roKgxBKWMG1vGe2PJZW28z9UzKJaEGwuJQeE93pU9d+tfrMb9rUwphE0LbUi8cVUdV5G4U4R1k9fOVAANe9ritLqOryoTVI3pgSNYkAruE4BAb6aO6HzvbpqcLnzvO3egyBe7EoMp9pYgiRR8opY+5M7V/A= X-MS-TrafficTypeDiagnostic: VI1PR08MB2862: X-Microsoft-Exchange-Diagnostics: 1; VI1PR08MB2862; 20:u4rAtLC9ajwGZ5pgwGEyfcojsYpAYRLieVmeMAxY2hNv4wMa49iagRjzQlAAs900j19DmY68heRjwyDWOrDQlwEIsz5WqKSmt0CisHQB476+I57V+AUqa+i4o/9jp9L6trSLmZB3MJbzWOyLLLDWbMgR/XAkOb8JVLPQGZFDlnHSO2UJP7muwTn0JTxM1e3yzgQfWe1gyulbnGqJ91DqLwzTN/KBjax88F4jDeIkufcl1R+UX2ajWppm4PRSq7UrOLEQoUYWckgaSy1SWhW6aw2oOW9x0gDvY1pUFI5Gsr6M0DI2zVMYABju7GQfMYJcVjhLN921Q16TwgB9p8ialbRaP9Oz9jJ2JUuV/zJskJFslSOITvHrKsA9ubT2juLmX2o8F2czgldCT879PiggpYytVXa1GDv5o8ZvY+aqRXtCQbksjr2DpFpPiyLueomodt61x9tqiqy2+XP+gyGh5IsG6lw60gX7LfRyHulKJ8KkkXK7IzQOyGT5xG1NK0eX; 4:aPmHaDiX1dZScrMn9txoPaU9XCYu2qC5Vklwx88PeTiOS0Wfctni7cBkgMNqoBzn6K6HxSjJp6/PxW0sfsTdPw4UC0VNGj9g72iutzTAjRPMMRT0sgKNo7eNXIKWPcSG0cUNVu6T8cqpLrECSamz6wBlIBdVu5irGvVM/09t1m0N+ppYTWk97DmTYNk0h5ZMr5enQ8xKhdsoI82H3xkwk0Y2FWUSaCQxOS+jLfzRu6ltLm/Z4c424ynvVBy34viTtcddFB7r4a2TkUfALd431g== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(5005006)(8121501046)(93006095)(93001095)(3231254)(944501410)(52105095)(10201501046)(3002001)(149027)(150027)(6041310)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(20161123562045)(20161123558120)(20161123560045)(6072148)(201708071742011)(7699016); SRVR:VI1PR08MB2862; BCL:0; PCL:0; RULEID:; SRVR:VI1PR08MB2862; X-Forefront-PRVS: 067553F396 X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(6069001)(366004)(396003)(39850400004)(346002)(39380400002)(376002)(189003)(199004)(8676002)(47776003)(956004)(2616005)(81166006)(81156014)(51416003)(6486002)(6666003)(6916009)(7736002)(486006)(446003)(44832011)(6116002)(3846002)(1076002)(97736004)(11346002)(36756003)(76176011)(476003)(25786009)(53936002)(6512007)(478600001)(86362001)(107886003)(2351001)(106356001)(16586007)(2361001)(386003)(66066001)(2906002)(5660300001)(316002)(68736007)(8936002)(52116002)(50466002)(186003)(48376002)(305945005)(6506007)(50226002)(26005)(6346003)(16526019)(4326008)(105586002); DIR:OUT; SFP:1102; SCL:1; SRVR:VI1PR08MB2862; H:localhost.localdomain; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: None (protection.outlook.com: virtuozzo.com does not designate permitted sender hosts) Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=viktor.prutyanov@virtuozzo.com; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; VI1PR08MB2862; 23:jeolvyYXHcRFeCMDb5AcKw0maQk0tium/htBUgilA?= =?us-ascii?Q?MCK5knBgrIUQNsf/L9NI86lz8Llo5QFH9KGojpwTuhe2Q3chKJvrAQIIgcRT?= =?us-ascii?Q?/dmF7lM2E4o56beCvOY+GwZigvQGLnLlpTqkCU2y6NJ2ZBQjG35cA7DUWqAg?= =?us-ascii?Q?GSJIJJ6Ra8Mic80+z477aeWncXMSwEOTcc3CQVqZRra/XTKr5YBthl8BCvJf?= =?us-ascii?Q?6oocS9RGIWV/18YLAlx6WqMjGLOyD3F/bY8mrsA7GnrgWEYQVs6gVN04hqz8?= =?us-ascii?Q?frbaQW9C3DLdpwnAY+6UqWywVlux9e7Jt8iGTX5OfuMCUPMmGcR22b/a60eJ?= =?us-ascii?Q?NwHWDfa27YH+TJoJMcoVG9Xkm32UpbMtA/ayLIkmHdLAJwUGREM1CrE0OTqx?= =?us-ascii?Q?vNntX7izD9hO0FyzZj/KQ/C6Q8D3htpAoZZMxPcIL++RAHUDZixBSqgXfymM?= =?us-ascii?Q?EadXHaYRH/DF5QST8nAafSZydh8gGEtB3/+djKl5t54MPzsexfw0KrMm7agj?= =?us-ascii?Q?D9Cvi94gYZYT8031jU6Y4cet+iWBcmXeCWajPUGYooI5/vNqKhbyzqb52Kpb?= =?us-ascii?Q?uMS/Bagc64/MaQk7KKjhOCJ2QlYakQvyjB75VYqUl/4CwV8OWYGplPFshior?= =?us-ascii?Q?32CUOaTnNihvlmi0xajbT26ACw/Eq6rCqX0S31ImzmBhR6ar2IwWiqZb/AgJ?= =?us-ascii?Q?WvqCGpviIIHq5UGjbJ0jWz//OIS+87hbO0e4xa8o7A6Ugb6ffnkYMWonzruk?= =?us-ascii?Q?Hg6kzB4X75YF2e2PGYVCmJ8rgADxpmm1jFL41GpFHncJNPyeHHxYXibQT9G8?= =?us-ascii?Q?alJtpfUH3JoUu31oCDHWHq17b5WOXna/2FgKI/CkDqVOV6/7vI8gxbvozVCr?= =?us-ascii?Q?UjxHB5doO+yBjb7ymJhas9F9X9DDSLy7f0ypqqcT600wP3Bmcxyz4IFOTvNp?= =?us-ascii?Q?Xj1KyFszNR5BMfl8D/qj4nX7sn+OP6GPhreGojPch97q/7oQ15kTs59p7nLc?= =?us-ascii?Q?52MME0bKYQ+tsnee+sIWFPisvYdjRqpv/RENz4vZ9ZUJnfOZfAUS3+/DoO05?= =?us-ascii?Q?/8Nrj7/cW02YUyxXqxZq7KABLTj7v+8y6ECN6+b1jX8/zQUsjWTmWx+W2rMV?= =?us-ascii?Q?1K6mnmB2Q2CvTMvBdYgFwaNqx8XL9Jl9ccOQ72rHPArWo8OKxOPLw1JQmRCc?= =?us-ascii?Q?ybs9bXfqR4Z5st57p03UaxXw/oWeIKeogOpmq66TTieEgynP4IK/Y7db0Bfq?= =?us-ascii?Q?rMZWNBZbqgf1nWT6pKwX9SFtp92Ccq+q5C3LR5nXjqyQOuTVgzf040xPf/9F?= =?us-ascii?Q?GdlCOyUAug3D7l07nyBy7E=3D?= X-Microsoft-Antispam-Message-Info: CvUXsJ64KEcSw/vE6GPrs143N068cXsJZtYyx1aCpCOktcM4Wj+LWS/YEhWPa7MLDDSMP+qXhIU9dwERFLeoAxFW/ce+b2aNXKVpL0CGStGvYY51gU7W1C3Ljg0wGoPZGR27M8h+Ga51Q2z1qDo5SWYj2xE629dIPoZ6iyoIHpQ94L3DtORzIJi69hVHELYn X-Microsoft-Exchange-Diagnostics: 1; VI1PR08MB2862; 6:UqHh/799PhiBZleDyEnbOVCeimvvrPQTCFDygHPsfDmGlakwSv5DttywTDF9sx3gHsc3Bz3F83CY2w7Ws7gvM5tIAGDIeNYZ14YVL6Xi5m71voyAs+0Ga3S5brSYRYDq9p1IoZ5V9YrfZAT0P2ns0353Db1kvFBo60AI9jgXPnKAuzvj2xfFyFOI0LXUSAYPXnZJSVrGs2uleKl5S2bcrUr4tLguHRPJnToUhW+3XfIANkUiJXULplfkG4F3y2rPl+dBp+MbLXmjV8oCsVYiY941VQQRNOVqViXQs/0Ga04WsbS+eNDs3PH/KGiQmklrsuEylurlTtK2LEQMCbpI60enA78hpmuQQ4JReqjXaB0vnXkp2OOYuXgVae9SEB0eyYrj03jqQxqIsvv96kpeoC0r4g+38S0SGcms0CcCbdQQ1e58RUy67D+LTeZUQsPqg1+708H/I7EW7nZEkTRObw==; 5:zIODTuRFlEFY5wzPfEfhJLJks9HT+hCizcfJK2/570hM19d8oRhDuyv2ILSVKLXlL/n3RxLrg8JKEwF5HaJ0U94Tt/LWgdtQHI24njYfs4okyUsgI7YONTBsL7oTijILKbAsxgSbZ0D9qiJ7ugvsyEgsvXsTD4vvdErAhltaoQI=; 24:0qJIrf66Nij/dHvnlRS59RvJkO0332Ddl4p4nBV6TgQxjNxNuav1wHA6u5P2uHFriN5vyqYjeBNHF7+kFhHgtUnW51QhVP1CCuE9y7b+wo8= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; VI1PR08MB2862; 7:Lqj+tFUYOmJAY8x/lYDKE+ijNWKhOoWwI4kIPRUDIDaSibj6SbIeR9hAhyFyymBfmfd6NNxH887ax0ritk3l5cFA4R2iSOpUVDlZgAPtZi7glF49KaAVKwj69nthePESemzK+h1XPKt7w3jfxLNWVNqP7qrom5zIVkrjCd6qdpZGJjwW/ao1aoigK1+YQT9fUTNOJQ3fsD6GQ+1IWyJARXYuNQEZeBbQb62KieHC8PJVoE4vEtjpbf+6F8CCgT1w; 20:tvdWmRoeLWWct3AxcUNX3h7SUTvloEL8vwIU8JqwaVUuAl3PI4Qp/Cox+D2OUBkYeHKcZywGh8Q01I9Srr+Vv4jkWMrM3y56mg5yws/oAKMTUtpy6a0SwkgydIUINlnybhix/z89/QiHoVH45U5My5nRyCVq4nCnTVlxQk00TIA= X-MS-Office365-Filtering-Correlation-Id: d43ebfd4-528b-4de7-4d1e-08d5bc12a34d X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 May 2018 16:24:17.2197 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d43ebfd4-528b-4de7-4d1e-08d5bc12a34d X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR08MB2862 X-detected-operating-system: by eggs.gnu.org: Windows 7 or 8 [fuzzy] X-Received-From: 40.107.5.97 Subject: [Qemu-devel] [PATCH 3/4] dump: add fallback KDBG using in Windows dump X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: marcandre.lureau@redhat.com, Viktor Prutyanov , rkagan@virtuozzo.com, armbru@redhat.com, dgilbert@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZohoMail: RDKM_2 RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" KdDebuggerDataBlock may be encrypted in guest memory and dump will be useless in this case. But guest driver can obtain decrypted KDBG and expose its address through BugcheckParameter1 field in raw header. After this patch, QEMU will be able to use fallback KdDebuggerDataBlock. Signed-off-by: Viktor Prutyanov --- win_dump.c | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/win_dump.c b/win_dump.c index 7d956ca996..2d9afb514e 100644 --- a/win_dump.c +++ b/win_dump.c @@ -144,21 +144,37 @@ static void check_kdbg(WinDumpHeader64 *h, Error **er= rp) { const char OwnerTag[] =3D "KDBG"; char read_OwnerTag[4]; + uint64_t KdDebuggerDataBlock =3D h->KdDebuggerDataBlock; + bool try_fallback =3D true; =20 +try_again: if (cpu_memory_rw_debug(first_cpu, - h->KdDebuggerDataBlock + KDBG_OWNER_TAG_OFFSET64, + KdDebuggerDataBlock + KDBG_OWNER_TAG_OFFSET64, (uint8_t *)&read_OwnerTag, sizeof(read_OwnerTag), 0)) { error_setg(errp, "win-dump: failed to read OwnerTag"); return; } =20 if (memcmp(read_OwnerTag, OwnerTag, sizeof(read_OwnerTag))) { - error_setg(errp, "win-dump: invalid KDBG OwnerTag," - " expected '%.4s', got '%.4s'," - " KdDebuggerDataBlock seems to be encrypted", - OwnerTag, read_OwnerTag); - return; + if (try_fallback) { + /* + * If attempt to use original KDBG failed + * (most likely because of its encryption), + * we try to use KDBG obtained by guest driver. + */ + + KdDebuggerDataBlock =3D h->BugcheckParameter1; + try_fallback =3D false; + goto try_again; + } else { + error_setg(errp, "win-dump: invalid KDBG OwnerTag," + " expected '%.4s', got '%.4s'", + OwnerTag, read_OwnerTag); + return; + } } + + h->KdDebuggerDataBlock =3D KdDebuggerDataBlock; } =20 void create_win_dump(DumpState *s, Error **errp) --=20 2.14.3