From c052a832050b53ad919393fbc6961059333e1225 Mon Sep 17 00:00:00 2001 From: Ciro Santilli Date: Thu, 1 Feb 2018 20:20:35 +0000 Subject: [PATCH] nokaslr, thanks to @dakami at close #12 --- gdb-step-debugging.md | 7 ++++++- run | 4 +++- rungdb | 41 +++++++++++++++++++---------------------- 3 files changed, 28 insertions(+), 24 deletions(-) diff --git a/gdb-step-debugging.md b/gdb-step-debugging.md index 92f4507..1e3dd85 100644 --- a/gdb-step-debugging.md +++ b/gdb-step-debugging.md @@ -34,7 +34,10 @@ which counts to infinity to stdout, and then in GDB: And you now control the counting from GDB. -See also: +See also: + +- +- `O=0` is an impossible dream, `O=2` being the default: So get ready for some weird jumps, and `` fun. Why, Linux, why. @@ -73,6 +76,8 @@ Just don't forget to remove your breakpoints after `rmmod`, or they will point t TODO: why does `break work_func` for `insmod kthread.ko` not break the first time I `insmod`, but breaks the second time? +See also: + ### Bypassing lx-symbols Useless, but a good way to show how hardcore you are. From inside QEMU: diff --git a/run b/run index a3e5b3d..a3cf263 100755 --- a/run +++ b/run @@ -10,7 +10,9 @@ kgdb=false nographic=false # norandmaps: Don't use address space randomization. Equivalent to echo 0 > /proc/sys/kernel/randomize_va_space. # printk.time=y: log in format: "[time ] msg" for all printk messages. -extra_append='norandmaps printk.devkmsg=on printk.time=y' +# nokaslr: https://unix.stackexchange.com/questions/397939/turning-off-kaslr-to-debug-linux-kernel-using-qemu-and-gdb +# Turned on by default since v4.12 +extra_append='nokaslr norandmaps printk.devkmsg=on printk.time=y' extra_flags='' while getopts a:de:knqt:x OPT; do case "$OPT" in diff --git a/rungdb b/rungdb index 398d617..25efe9e 100755 --- a/rungdb +++ b/rungdb @@ -42,32 +42,29 @@ if "$kgdb"; then else case "$arch" in 'x86_64') - # http://stackoverflow.com/questions/11408041/how-to-debug-the-linux-kernel-with-gdb-and-qemu/33203642#33203642 - # http://stackoverflow.com/questions/4943857/linux-kernel-live-debugging-how-its-done-and-what-tools-are-used/42316607#42316607 - # http://stackoverflow.com/questions/28607538/how-to-debug-linux-kernel-modules-with-qemu/44095831#44095831 cmd="$gdb \ - -q \ - -ex 'add-auto-load-safe-path $(pwd)' \ - -ex 'file vmlinux' \ - -ex 'set arch i386:x86-64:intel' \ - -ex 'target remote localhost:1234' \ - $brk \ - -ex 'continue' \ - -ex 'disconnect' \ - -ex 'set arch i386:x86-64' \ - -ex 'target remote localhost:1234' \ - -ex 'lx-symbols ../kernel_module-1.0/' \ - " +-q \ +-ex 'add-auto-load-safe-path $(pwd)' \ +-ex 'file vmlinux' \ +-ex 'set arch i386:x86-64:intel' \ +-ex 'target remote localhost:1234' \ +$brk \ +-ex 'continue' \ +-ex 'disconnect' \ +-ex 'set arch i386:x86-64' \ +-ex 'target remote localhost:1234' \ +-ex 'lx-symbols ../kernel_module-1.0/' \ +" ;; 'arm'|'aarch64'|'mips64') cmd="$gdb \ - -q \ - -ex 'add-auto-load-safe-path $(pwd)' \ - -ex 'file vmlinux' \ - -ex 'target remote localhost:1234' \ - -ex 'lx-symbols ../kernel_module-1.0/' \ - $brk \ - " +-q \ +-ex 'add-auto-load-safe-path $(pwd)' \ +-ex 'file vmlinux' \ +-ex 'target remote localhost:1234' \ +-ex 'lx-symbols ../kernel_module-1.0/' \ +$brk \ +" ;; esac fi