Report #1: Unattended encrypted kernel crash dumps
Konrad Witaszczyk
def at freebsd.org
Tue Jun 25 05:18:48 UTC 2013
During the last week I wanted to create a new format of kernel dump
header and modify savecore to use it. This is the list of tasks that I
finished:
* Extend struct kerneldumpheader (sys/sys/kerneldump.h) to save data in
crash dumps which are required to initialize keyInstance and
cipherInstance for sys/crypto/rijndael.
* Extend struct dumperinfo (sys/sys/conf.h) to encrypt data with
sys/crypto/rijndael.
* Try to read values from the new definition of struct kerneldumpheader
in savecore.
You can see examples in the repository
(http://svnweb.freebsd.org/socsvn/soc2013/def/).
Things worth remembering:
* parity from struct kerneldumpheader should be the last element of the
struct. Otherwise a dump device might stop saving a crash dump with
parity and then savecore will think that the crash dump is correct.
* If I change struct kerneldumpheader then I need to remember that it
has to have TEXTDUMP_BLOCKSIZE-bytes (sys/ddb/ddb.h):
sys/ddb/db_textdump.c
116 CTASSERT(sizeof(struct kerneldumpheader) == TEXTDUMP_BLOCKSIZE);
117 CTASSERT(sizeof(struct ustar_header) == TEXTDUMP_BLOCKSIZE);
In order to follow this rule I had to change lengths of versionstring
and panicstring. Is it the right way to do it or should I change somehow
TEXTDUMP_BLOCKSIZE and struct ustar_header?
This week I will try to import parts of pefs to encrypt data and modify
struct kerneldumpheader to a proper format for pefs. My spring semester
has just finished so there will be more time to work.
More details about the project:
https://wiki.freebsd.org/SummerOfCode2013/UnattendedEncryptedCrashDumps.
Regards,
Konrad Witaszczyk
More information about the soc-status
mailing list