diff --git a/README.adoc b/README.adoc index c914638..e9a522b 100644 --- a/README.adoc +++ b/README.adoc @@ -1021,6 +1021,23 @@ core_param(panic, panic_timeout, int, 0644); */ .... +==== norandmaps + +Disable userland address space randomization. Test it out by running <> twice: + +.... +./run -F '/rand_check.out;/poweroff.out' +./run -F '/rand_check.out;/poweroff.out' +.... + +If we remove it from our link:run[] script by hacking it up, the addresses shown by `rand_check.out` vary across boots. + +Equivalent to: + +.... +echo 0 > /proc/sys/kernel/randomize_va_space +.... + === insmod alternatives ==== modprobe @@ -6509,6 +6526,10 @@ Unfortunately it is not working in the current QEMU: https://stackoverflow.com/q Patches were merged in post v2.12.0-rc2 but it crashed for me and I opened a minimized bug report: https://bugs.launchpad.net/qemu/+bug/1762179 +We don't expose record and replay on our scripts yet since it was was not very stable, but we will do so when it stabilizes. + +<> is a good way to test out if record and replay is actually deterministic. + Alternatively, https://github.com/mozilla/rr[`mozilla/rr`] claims it is able to run QEMU: but using it would require you to step through QEMU code itself. Likely doable, but do you really want to? ==== QEMU trace multicore @@ -8749,7 +8770,7 @@ Then proceed to do the following tests: * `/count.sh` and `b __x64_sys_write` * `insmod /timer.ko` and `b lkmc_timer_callback` -===== Sanity checks +==== Sanity checks Basic C and C++ hello worlds: @@ -8770,6 +8791,21 @@ Sources: * link:kernel_module/user/hello.c[] * link:kernel_module/user/hello_cpp.c[] +===== rand_check.out + +Print out several parameters that normally change randomly from boot to boot: + +.... +./run -F '/rand_check.out;/poweroff.out' +.... + +Source: link:kernel_module/user/rand_check.c[] + +This can be used to check the determinism of: + +* <> +* <> + === About This project is for people who want to learn and modify low level system components: diff --git a/kernel_module/user/README.adoc b/kernel_module/user/README.adoc index de39aa2..5df750c 100644 --- a/kernel_module/user/README.adoc +++ b/kernel_module/user/README.adoc @@ -1,15 +1,6 @@ https://github.com/cirosantilli/linux-kernel-module-cheat#rootfs_overlay -. link:hello.c[] -. link:hello_cpp.cpp[] . link:sched_getaffinity.c[] . link:usermem.c[] .. link:pagemap_dump.c[] -. inits -... link:sleep_forever.c[] -... link:poweroff.c[] -... link:init_dev_kmsg.c[] . link:uio_read.c[] -. link:rand_check.c[] -. x86_64 -.. link:rdtsc.c[] diff --git a/kernel_module/user/rand_check.c b/kernel_module/user/rand_check.c index 64aa052..7b5a5a5 100644 --- a/kernel_module/user/rand_check.c +++ b/kernel_module/user/rand_check.c @@ -1,10 +1,4 @@ -/* Check if we were able to remove certain sources of randomness - * across boots using different techniques: - * - * - QEMU icount record replay - * - norandmaps boot parameter - * - * You might want to run this as the init process to further remove undeterminism. */ +/* https://github.com/cirosantilli/linux-kernel-module-cheat#rand_check-out */ #include #include diff --git a/run b/run index 1eb05d5..8c7c571 100755 --- a/run +++ b/run @@ -9,7 +9,6 @@ debug_vm= debug=false kgdb=false kvm=false -# norandmaps: Don't use address space randomization. Equivalent to echo 0 > /proc/sys/kernel/randomize_va_space. # nokaslr: # - https://unix.stackexchange.com/questions/397939/turning-off-kaslr-to-debug-linux-kernel-using-qemu-and-gdb # - https://stackoverflow.com/questions/44612822/unable-to-debug-kernel-with-qemu-gdb/49840927#49840927