[lldb][Process/FreeBSDKernelCore] Set kernel displacement

[mchoo7]

Use kvm_kerndisp() on core load to retrieve the kernel displacement, that is the difference between the kernel's
base virtual address at run time and the kernel base virtual address specified in the kernel image file. Currently PowerPC is the only architecture supporting kernel displacement.

[llvmbot]

@llvm/pr-subscribers-lldb

Author: Minsoo Choo (mchoo7)

Changes

When KASLR is enabled, the address passed through kvm_read()/kvm_write() is different from its real address. Thus LLDB should retrieve displacement offset using kvm_kerndisp() and pass the information through SetLoadAddress(). Note that some dump format on specific architectures don't support this, but this is due to kvm implementation and not LLDB's responsibility.

---

Full diff: https://github.com/llvm/llvm-project/pull/183975.diff

2 Files Affected:

• (modified) lldb/source/Plugins/Process/FreeBSD-Kernel-Core/ProcessFreeBSDKernelCore.cpp (+24)
• (modified) lldb/source/Plugins/Process/FreeBSD-Kernel-Core/ProcessFreeBSDKernelCore.h (+2)

diff --git a/lldb/source/Plugins/Process/FreeBSD-Kernel-Core/ProcessFreeBSDKernelCore.cpp b/lldb/source/Plugins/Process/FreeBSD-Kernel-Core/ProcessFreeBSDKernelCore.cpp
index 577d8e0d50cf1..0217177c87dbd 100644
--- a/lldb/source/Plugins/Process/FreeBSD-Kernel-Core/ProcessFreeBSDKernelCore.cpp
+++ b/lldb/source/Plugins/Process/FreeBSD-Kernel-Core/ProcessFreeBSDKernelCore.cpp
@@ -118,6 +118,8 @@ bool ProcessFreeBSDKernelCore::CanDebug(lldb::TargetSP target_sp,
 
 Status ProcessFreeBSDKernelCore::DoLoadCore() {
   // The core is already loaded by CreateInstance().
+  ApplyKASLR();
+
   return Status();
 }
 
@@ -324,6 +326,28 @@ lldb::addr_t ProcessFreeBSDKernelCore::FindSymbol(const char *name) {
   return sym ? sym->GetLoadAddress(&GetTarget()) : LLDB_INVALID_ADDRESS;
 }
 
+void ProcessFreeBSDKernelCore::ApplyKASLR() {
+  kssize_t displacement = kvm_kerndisp(m_kvm);
+
+  if (displacement == 0)
+    return;
+
+  Target &target = GetTarget();
+  lldb::ModuleSP kernel_module_sp = target.GetExecutableModule();
+  if (!kernel_module_sp)
+    return;
+
+  bool changed = false;
+  kernel_module_sp->SetLoadAddress(
+      target, static_cast<lldb::addr_t>(displacement), true, changed);
+
+  if (changed) {
+    ModuleList loaded_module_list;
+    loaded_module_list.Append(kernel_module_sp);
+    target.ModulesDidLoad(loaded_module_list);
+  }
+}
+
 void ProcessFreeBSDKernelCore::PrintUnreadMessage() {
   Target &target = GetTarget();
   Debugger &debugger = target.GetDebugger();
diff --git a/lldb/source/Plugins/Process/FreeBSD-Kernel-Core/ProcessFreeBSDKernelCore.h b/lldb/source/Plugins/Process/FreeBSD-Kernel-Core/ProcessFreeBSDKernelCore.h
index 67cfae13d2a4d..92ddec4696066 100644
--- a/lldb/source/Plugins/Process/FreeBSD-Kernel-Core/ProcessFreeBSDKernelCore.h
+++ b/lldb/source/Plugins/Process/FreeBSD-Kernel-Core/ProcessFreeBSDKernelCore.h
@@ -64,6 +64,8 @@ class ProcessFreeBSDKernelCore : public lldb_private::PostMortemProcess {
   lldb::addr_t FindSymbol(const char *name);
 
 private:
+  void ApplyKASLR();
+
   void PrintUnreadMessage();
 
   const char *GetError();

[DavidSpickett]

I'll let some FreeBSD person be the approver here.

[github-actions]

🐧 Linux x64 Test Results

• 33354 tests passed
• 507 tests skipped

✅ The build succeeded and all tests passed.

[aokblast]

I don't think that we have KASLR. kvm_kerndisp is just compile time offset.

[mchoo7]

I don't think that we have KASLR. kvm_kerndisp is just compile time offset.

Right, I just saw the commit messgae of freebsd/freebsd-src@38cf2a4. Update PR title and description and removed relnotes changes.

[jrtc27]

I don't think that we have KASLR. kvm_kerndisp is just compile time offset.

No? It's 0 for all architectures except PowerPC, which defines RELOCATABLE_KERNEL and has special code in sys/kern/link_elf.c such that kern.base_address and kern.relbase_address are not the same value (and is the only architecture with a non-NULL ka_kerndisp hook for kernel dump parsing).

[jrtc27]

Ok to me subject to resolving the comments. Might also be nice to elaborate a bit in the summary to mention that PowerPC is the only supported architecture this can be non-zero for, as context?