vmware_guestdump: new input format

vmware_guestdump is extension to vmware_vmss with ability to debug
debug.guest and debug.vmem files.

debug.guest.gz and debug.vmem.gz can be obtained using following
.vmx options from VM running in debug mode:
    monitor.mini-suspend_on_panic = TRUE
    monitor.suspend_on_triplefault = TRUE

guestdump (debug.guest) is simplified version of *.vmss which does
not contain full VM state, but minimal guest state, such as memory
layout and CPUs state, needed for debugger. is_vmware_guestdump()
and vmware_guestdump_init() functions parse guestdump header and
populate vmss data structure (from vmware_vmss.c). As result, all
handlers (except mempry_dump) from vmware_vmss.c can be reused.

How to use: $ crash /path/to/debug_file.guest vmlinux
Companion debug_file.vmem must be present in the same folder as
debug_file.guest. Otherwise crash will shot a message:
 vmw: Open the companion vmem file: /path/to/debug_file.vmem
 crash: vmw: /path/to/debug_file.vmem: No such file or directory

Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>

Makefile

@@ -70,7 +70,7 @@ CFILES=main.c tools.c global_data.c memory.c filesys.c help.c task.c \
 	unwind_x86_32_64.c unwind_arm.c \
 	xen_hyper.c xen_hyper_command.c xen_hyper_global_data.c \
 	xen_hyper_dump_tables.c kvmdump.c qemu.c qemu-load.c sadump.c ipcs.c \
-	ramdump.c vmware_vmss.c \
+	ramdump.c vmware_vmss.c vmware_guestdump.c \
 	xen_dom0.c kaslr_helper.c
 
 SOURCE_FILES=${CFILES} ${GENERIC_HFILES} ${MCORE_HFILES} \
@@ -89,7 +89,7 @@ OBJECT_FILES=main.o tools.o global_data.o memory.o filesys.o help.o task.o \
 	unwind_x86_32_64.o unwind_arm.o \
 	xen_hyper.o xen_hyper_command.o xen_hyper_global_data.o \
 	xen_hyper_dump_tables.o kvmdump.o qemu.o qemu-load.o sadump.o ipcs.o \
-	ramdump.o vmware_vmss.o \
+	ramdump.o vmware_vmss.o vmware_guestdump.o \
 	xen_dom0.o kaslr_helper.o
 
 MEMORY_DRIVER_FILES=memory_driver/Makefile memory_driver/crash.c memory_driver/README
@@ -518,6 +518,9 @@ ramdump.o: ${GENERIC_HFILES} ${REDHAT_HFILES} ramdump.c
 vmware_vmss.o: ${GENERIC_HFILES} ${VMWARE_HFILES} vmware_vmss.c
 	${CC} -c ${CRASH_CFLAGS} vmware_vmss.c ${WARNING_OPTIONS} ${WARNING_ERROR}
 
+vmware_guestdump.o: ${GENERIC_HFILES} ${VMWARE_HFILES} vmware_guestdump.c
+	${CC} -c ${CRASH_CFLAGS} vmware_guestdump.c ${WARNING_OPTIONS} ${WARNING_ERROR}
+
 kaslr_helper.o: ${GENERIC_HFILES} kaslr_helper.c
 	${CC} -c ${CRASH_CFLAGS} kaslr_helper.c ${WARNING_OPTIONS} ${WARNING_ERROR}
 

crash.8

@@ -21,8 +21,9 @@ core dump has been created by the
 .I LKCD,
 .I kdump,
 .I xendump
-or
 .I kvmdump
+or
+.I VMware
 facilities.  It is loosely based on the SVR4 UNIX crash 
 command, but has been significantly enhanced
 by completely merging it with the 
@@ -112,8 +113,9 @@ A kernel core dump file created by the
 .I LKCD
 .I kdump,
 .I xendump
-or
 .I kvmdump
+or
+.I VMware
 facilities.  
 
 If a MEMORY-IMAGE argument is not entered, the session will be invoked on
@@ -144,6 +146,12 @@ in /var/tmp, which will only exist during the crash session.  If a raw RAM
 dumpile represents a live memory source, such as that specified by the QEMU
 mem-path argument of a memory-backend-file object, then "live:" must be
 prepended to the MEMORY-IMAGE name.
+
+As VMware facility, the
+.B crash
+utility is able to process VMware VM memory dump generated by VM suspend
+or guest core dump. In that case, .vmss or .guest file should be used as
+a MEMORY-IMAGE and .vmem file must be located in the same folder.
 .TP
 .BI mapfile
 If the NAMELIST file is not the same kernel that is

defs.h

@@ -544,6 +544,7 @@ struct program_context {
 #define is_excluded_vmemmap() (pc->flags2 & EXCLUDED_VMEMMAP)
 #define MEMSRC_LOCAL         (0x80000ULL)
 #define REDZONE             (0x100000ULL)
+#define VMWARE_VMSS_GUESTDUMP (0x200000ULL)
 	char *cleanup;
 	char *namelist_orig;
 	char *namelist_debug_orig;
@@ -6679,6 +6680,13 @@ int vmware_vmss_get_cr3_idtr(ulong *, ulong *);
 int vmware_vmss_phys_base(ulong *phys_base);
 int vmware_vmss_set_phys_base(ulong);
 
+/*
+ * vmware_guestdump.c
+ */
+int is_vmware_guestdump(char *filename);
+int vmware_guestdump_init(char *filename, FILE *ofp);
+int vmware_guestdump_memory_dump(FILE *);
+
 /*
  * kaslr_helper.c
  */

filesys.c

@@ -253,9 +253,15 @@ memory_source_init(void)
 				error(FATAL, "%s: initialization failed\n",
                                         pc->dumpfile);
 		} else if (pc->flags & VMWARE_VMSS) {
-			if (!vmware_vmss_init(pc->dumpfile, fp))
-				error(FATAL, "%s: initialization failed\n",
-                                        pc->dumpfile);
+			if (pc->flags2 & VMWARE_VMSS_GUESTDUMP) {
+				if (!vmware_guestdump_init(pc->dumpfile, fp))
+					error(FATAL, "%s: initialization failed\n",
+						pc->dumpfile);
+			} else {
+				if (!vmware_vmss_init(pc->dumpfile, fp))
+					error(FATAL, "%s: initialization failed\n",
+						pc->dumpfile);
+			}
 		}
 	}
 }

main.c

@@ -671,6 +671,18 @@ main(int argc, char **argv)
 				pc->readmem = read_vmware_vmss;
 				pc->writemem = write_vmware_vmss;
 
+			} else if (is_vmware_guestdump(argv[optind])) {
+                                if (pc->flags & MEMORY_SOURCES) {
+                                        error(INFO,
+                                            "too many dumpfile arguments\n");
+                                        program_usage(SHORT_FORM);
+                                }
+				pc->flags |= VMWARE_VMSS;
+				pc->flags2 |= VMWARE_VMSS_GUESTDUMP;
+				pc->dumpfile = argv[optind];
+				pc->readmem = read_vmware_vmss;
+				pc->writemem = write_vmware_vmss;
+
 			} else { 
 				error(INFO, 
 				    "%s: not a supported file format\n",
@@ -1486,6 +1498,8 @@ dump_program_context(void)
 		fprintf(fp, "%sMEMSRC_LOCAL", others++ ? "|" : "");
 	if (pc->flags2 & REDZONE)
 		fprintf(fp, "%sREDZONE", others++ ? "|" : "");
+	if (pc->flags2 & VMWARE_VMSS_GUESTDUMP)
+		fprintf(fp, "%sVMWARE_VMSS_GUESTDUMP", others++ ? "|" : "");
 	fprintf(fp, ")\n");
 
 	fprintf(fp, "         namelist: %s\n", pc->namelist);

memory.c

@@ -17115,8 +17115,12 @@ dumpfile_memory(int cmd)
                         retval = kcore_memory_dump(fp);
 		else if (pc->flags & SADUMP)
 			retval = sadump_memory_dump(fp);
-		else if (pc->flags & VMWARE_VMSS)
-			retval = vmware_vmss_memory_dump(fp);
+		else if (pc->flags & VMWARE_VMSS) {
+			if (pc->flags2 & VMWARE_VMSS_GUESTDUMP)
+				retval = vmware_guestdump_memory_dump(fp);
+			else
+				retval = vmware_vmss_memory_dump(fp);
+		}
 		break;
 
 	case DUMPFILE_ENVIRONMENT: