Commit 2ababfcc authored by Viktor Prutyanov's avatar Viktor Prutyanov Committed by Paolo Bonzini
Browse files

dump: add fallback KDBG using in Windows dump 



KdDebuggerDataBlock may be encrypted in guest memory and dump will be
useless in this case. But guest driver can obtain decrypted KDBG and
expose its address through BugcheckParameter1 field in raw header.
After this patch, QEMU will be able to use fallback KdDebuggerDataBlock.

Signed-off-by: default avatarViktor Prutyanov <viktor.prutyanov@virtuozzo.com>
Message-Id: <20180517162342.4330-4-viktor.prutyanov@virtuozzo.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent 92d1b3d5

win_dump.c

+22 −6
Original line number Diff line number Diff line
@@ -144,23 +144,39 @@ static void check_kdbg(WinDumpHeader64 *h, Error **errp) 
{

    const char OwnerTag[] = "KDBG";

    char read_OwnerTag[4];

    uint64_t KdDebuggerDataBlock = h->KdDebuggerDataBlock;

    bool try_fallback = true;



try_again:

    if (cpu_memory_rw_debug(first_cpu,

            h->KdDebuggerDataBlock + KDBG_OWNER_TAG_OFFSET64,

            KdDebuggerDataBlock + KDBG_OWNER_TAG_OFFSET64,

            (uint8_t *)&read_OwnerTag, sizeof(read_OwnerTag), 0)) {

        error_setg(errp, "win-dump: failed to read OwnerTag");

        return;

    }



    if (memcmp(read_OwnerTag, OwnerTag, sizeof(read_OwnerTag))) {

        if (try_fallback) {

            /*

             * If attempt to use original KDBG failed

             * (most likely because of its encryption),

             * we try to use KDBG obtained by guest driver.

             */



            KdDebuggerDataBlock = h->BugcheckParameter1;

            try_fallback = false;

            goto try_again;

        } else {

            error_setg(errp, "win-dump: invalid KDBG OwnerTag,"

                         " expected '%.4s', got '%.4s',"

                         " KdDebuggerDataBlock seems to be encrypted",

                             " expected '%.4s', got '%.4s'",

                             OwnerTag, read_OwnerTag);

            return;

        }

    }



    h->KdDebuggerDataBlock = KdDebuggerDataBlock;

}



void create_win_dump(DumpState *s, Error **errp)

{

    WinDumpHeader64 *h = (WinDumpHeader64 *)(s->guest_note +