3rd-party/linux-kernel-module-cheat
1
0
Fork 0
mirror of https://github.com/cirosantilli/linux-kernel-module-cheat.git synced 2026-01-27 04:01:36 +01:00
Code Issues Releases Wiki Activity

make overlay scripts use kernel modules and executables relative to pwd in preparison for 9p

Browse Source
This commit is contained in:
Ciro Santilli 六四事件 法轮功
2018-10-13 00:00:00 +00:00
parent cd9c22f451
commit ddecb1bf5d
27 changed files with 59 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
README.adoc
View File

@@ -74,9 +74,10 @@ git clone https://github.com/cirosantilli/linux-kernel-module-cheat
cd linux-kernel-module-cheat cd linux-kernel-module-cheat
./configure --qemu && \ ./configure --qemu && \
./build-qemu && \ ./build-qemu && \
./build-buildroot && \
./build-linux && \ ./build-linux && \
./build-modules && \ ./build-modules && \
./build-userland && \
./build-buildroot && \
./run ./run
.... ....
@@ -100,7 +101,15 @@ see this: https://askubuntu.com/questions/496549/error-you-must-put-some-source-
It does not work if you just download the `.zip` from GitHub because we use link:.gitmodules[Git submodules], you must clone this repo. `./configure` then fetches only the required submodules for you. It does not work if you just download the `.zip` from GitHub because we use link:.gitmodules[Git submodules], you must clone this repo. `./configure` then fetches only the required submodules for you.
QEMU opens up and you can start playing with the kernel modules inside the simulated system: TODO fix path to 9p: The order of build commands matters:
* `./build-linux` must come before `./build-modules` because the kernel modules depend on the Linux kernel build. We could lessen this need by calling `make modules_prepare` on the kernel tree, which does not require a full build, but this is not currently done
* `./build-modules` and `./build-userland` must come before `./build-buildroot` because generate files that will be placed in the root filesystem. If you don't call them before, the generated files will not be in the root filesystem.
* `build-qemu` must come before `./build-buildroot` because it builds the `qemu-img` tool that we use to convert the raw disk image into link:https://en.wikipedia.org/wiki/Qcow[qcow2] format that QEMU boots from in our setup
If you mess up the order, just build things again in the right order and you will be fine.
After `./run`, QEMU opens up and you can start playing with the kernel modules inside the simulated system:
.... ....
insmod /hello.ko insmod /hello.ko

21
build-buildroot
View File

@@ -179,17 +179,24 @@ def main(args, extra_args=None):
if not args.baseline: if not args.baseline:
buildroot_configs.extend([ buildroot_configs.extend([
'BR2_GLOBAL_PATCH_DIR="{}"'.format( 'BR2_GLOBAL_PATCH_DIR="{}"'.format(
path_relative_to_buildroot(os.path.join(common.root_dir, 'patches', 'global'))), path_relative_to_buildroot(os.path.join(common.root_dir, 'patches', 'global'))
),
'BR2_PACKAGE_BUSYBOX_CONFIG_FRAGMENT_FILES="{}"'.format( 'BR2_PACKAGE_BUSYBOX_CONFIG_FRAGMENT_FILES="{}"'.format(
path_relative_to_buildroot(os.path.join(common.root_dir, 'busybox_config_fragment'))), path_relative_to_buildroot(os.path.join(common.root_dir, 'busybox_config_fragment'))
),
'BR2_PACKAGE_OVERRIDE_FILE="{}"'.format( 'BR2_PACKAGE_OVERRIDE_FILE="{}"'.format(
path_relative_to_buildroot(os.path.join(common.root_dir, 'buildroot_override'))), path_relative_to_buildroot(os.path.join(common.root_dir, 'buildroot_override'))
'BR2_ROOTFS_OVERLAY="{}"'.format( ),
path_relative_to_buildroot(common.rootfs_overlay_dir)), 'BR2_ROOTFS_OVERLAY="{} {}"'.format(
path_relative_to_buildroot(common.rootfs_overlay_dir),
path_relative_to_buildroot(common.out_rootfs_overlay_dir),
),
'BR2_ROOTFS_POST_BUILD_SCRIPT="{}"'.format( 'BR2_ROOTFS_POST_BUILD_SCRIPT="{}"'.format(
path_relative_to_buildroot(os.path.join(common.root_dir, 'rootfs-post-build-script'))), path_relative_to_buildroot(os.path.join(common.root_dir, 'rootfs-post-build-script'))
),
'BR2_ROOTFS_USERS_TABLES="{}"'.format( 'BR2_ROOTFS_USERS_TABLES="{}"'.format(
path_relative_to_buildroot(os.path.join(common.root_dir, 'user_table'))), path_relative_to_buildroot(os.path.join(common.root_dir, 'user_table'))
),
]) ])
if args.kernel_modules: if args.kernel_modules:
buildroot_configs.append('BR2_PACKAGE_LKMC=y') buildroot_configs.append('BR2_PACKAGE_LKMC=y')

2
rootfs_overlay/anonymous_inode.sh
View File

@@ -1,5 +1,5 @@
#!/bin/sh #!/bin/sh
set -e set -e
insmod /anonymous_inode.ko insmod anonymous_inode.ko
[ "$(/anonymous_inode.out /sys/kernel/debug/lkmc_anonymous_inode 3)" = "$(printf '1\n10\n100')" ] [ "$(/anonymous_inode.out /sys/kernel/debug/lkmc_anonymous_inode 3)" = "$(printf '1\n10\n100')" ]
rmmod anonymous_inode rmmod anonymous_inode

2
rootfs_overlay/character_device.sh
View File

@@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
set -e set -e
insmod /character_device.ko insmod character_device.ko
/mknoddev.sh lkmc_character_device /mknoddev.sh lkmc_character_device
[ "$(cat /dev/lkmc_character_device)" = 'abcd' ] [ "$(cat /dev/lkmc_character_device)" = 'abcd' ]
rm /dev/lkmc_character_device rm /dev/lkmc_character_device

2
rootfs_overlay/character_device_create.sh
View File

@@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
set -e set -e
insmod /character_device_create.ko insmod character_device_create.ko
dev='/dev/lkmc_character_device_create_dev' dev='/dev/lkmc_character_device_create_dev'
[ "$(cat "$dev")" = abcd ] [ "$(cat "$dev")" = abcd ]
rmmod character_device_create rmmod character_device_create

2
rootfs_overlay/debugfs.sh
View File

@@ -3,7 +3,7 @@ set -e
d=/debugfs d=/debugfs
mkdir -p "$d" mkdir -p "$d"
mount -t debugfs none "$d" mount -t debugfs none "$d"
insmod /debugfs.ko insmod debugfs.ko
[ "$(cat "${d}/lkmc_debugfs/myfile")" = 42 ] [ "$(cat "${d}/lkmc_debugfs/myfile")" = 42 ]
echo 13 > "${d}/lkmc_debugfs/myfile" echo 13 > "${d}/lkmc_debugfs/myfile"
[ "$(cat "${d}/lkmc_debugfs/myfile")" = 13 ] [ "$(cat "${d}/lkmc_debugfs/myfile")" = 13 ]

8
rootfs_overlay/dep.sh
View File

@@ -3,8 +3,8 @@ set -e
f=/sys/kernel/debug/lkmc_dep f=/sys/kernel/debug/lkmc_dep
f2=/sys/kernel/debug/lkmc_dep2 f2=/sys/kernel/debug/lkmc_dep2
insmod /dep.ko insmod dep.ko
insmod /dep2.ko insmod dep2.ko
# Initial value. # Initial value.
[ "$(cat "$f")" = 0 ] [ "$(cat "$f")" = 0 ]
@@ -20,8 +20,8 @@ printf 2 > "$f"
# sysfs shows us that the module has dependants. # sysfs shows us that the module has dependants.
[ "$(cat /sys/module/dep/refcnt)" = 1 ] [ "$(cat /sys/module/dep/refcnt)" = 1 ]
[ "$(ls /sys/module/dep/holders)" = dep2 ] [ "$(ls /sys/module/dep/holders)" = dep2 ]
rmmod /dep2.ko rmmod dep2.ko
[ "$(cat /sys/module/dep/refcnt)" = 0 ] [ "$(cat /sys/module/dep/refcnt)" = 0 ]
[ -z "$(ls /sys/module/dep/holders)" ] [ -z "$(ls /sys/module/dep/holders)" ]
rmmod /dep.ko rmmod dep.ko

2
rootfs_overlay/eval.sh
View File

@@ -11,7 +11,7 @@ eval "$lkmc_eval"
# However, the kernel CLI parsing is crap, and the 4.14 docs lie. # However, the kernel CLI parsing is crap, and the 4.14 docs lie.
# #
# In particular, not all that is passed after "-" goes to an argument to init, # In particular, not all that is passed after "-" goes to an argument to init,
# e.g. stuff with dots like "- /poweroff.out" still gets treated specially and # e.g. stuff with dots like "- ./poweroff.out" still gets treated specially and
# does not go to init. # does not go to init.
# #
# This also likely means that the above solution is also unreliable in some cases, # This also likely means that the above solution is also unreliable in some cases,

2
rootfs_overlay/fops.sh
View File

@@ -3,7 +3,7 @@ set -e
# Setup # Setup
f=/sys/kernel/debug/lkmc_fops f=/sys/kernel/debug/lkmc_fops
insmod /fops.ko insmod fops.ko
# read # read
[ "$(cat "$f")" = abcd ] [ "$(cat "$f")" = abcd ]

2
rootfs_overlay/init_module.sh
View File

@@ -1,4 +1,4 @@
#!/bin/sh #!/bin/sh
set -e set -e
insmod /init_module.ko insmod init_module.ko
rmmod init_module rmmod init_module

2
rootfs_overlay/ioctl.sh
View File

@@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
set -e set -e
f=/sys/kernel/debug/lkmc_ioctl f=/sys/kernel/debug/lkmc_ioctl
insmod /ioctl.ko insmod ioctl.ko
[ "$(/ioctl.out "$f" 0 1)" = 2 ] [ "$(/ioctl.out "$f" 0 1)" = 2 ]
[ "$(/ioctl.out "$f" 1 1 1)" = '2 0' ] [ "$(/ioctl.out "$f" 1 1 1)" = '2 0' ]
rmmod ioctl rmmod ioctl

2
rootfs_overlay/kgdb-mod.sh
View File

@@ -1,5 +1,5 @@
#!/bin/sh #!/bin/sh
insmod /fops.ko insmod fops.ko
cd /sys/kernel/debug/lkmc_fops cd /sys/kernel/debug/lkmc_fops
i=0 i=0
while true; do while true; do

2
rootfs_overlay/kstrto.sh
View File

@@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
set -e set -e
f=/sys/kernel/debug/lkmc_kstrto f=/sys/kernel/debug/lkmc_kstrto
insmod /kstrto.ko insmod kstrto.ko
printf 123 > "$f" printf 123 > "$f"
[ "$(cat "$f")" = 124 ] [ "$(cat "$f")" = 124 ]
echo foobar > "$f" && exit 1 echo foobar > "$f" && exit 1

6
rootfs_overlay/mmap.sh
View File

@@ -1,5 +1,5 @@
#!/bin/sh #!/bin/sh
set -e set -e
insmod /mmap.ko insmod mmap.ko
/mmap.out /proc/lkmc_mmap 2>&1 1>/dev/null ./mmap.out /proc/lkmc_mmap 2>&1 1>/dev/null
rmmod /mmap.ko rmmod mmap.ko

2
rootfs_overlay/netlink.sh
View File

@@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
set -e set -e
insmod /netlink.ko insmod netlink.ko
[ "$(/netlink.out)" = 0 ] [ "$(/netlink.out)" = 0 ]
[ "$(/netlink.out)" = 1 ] [ "$(/netlink.out)" = 1 ]
[ "$(/netlink.out)" = 2 ] [ "$(/netlink.out)" = 2 ]

4
rootfs_overlay/params.sh
View File

@@ -5,7 +5,7 @@ i="${d}/i"
j="${d}/j" j="${d}/j"
f=/sys/kernel/debug/lkmc_params f=/sys/kernel/debug/lkmc_params
insmod /params.ko insmod params.ko
[ "$(cat "$i")" = 0 ] [ "$(cat "$i")" = 0 ]
[ "$(cat "$j")" = 0 ] [ "$(cat "$j")" = 0 ]
[ "$(cat "$f")" = '0 0' ] [ "$(cat "$f")" = '0 0' ]
@@ -15,6 +15,6 @@ printf 2 > "$j"
[ "$(cat "$f")" = '1 2' ] [ "$(cat "$f")" = '1 2' ]
rmmod params rmmod params
insmod /params.ko i=3 j=4 insmod params.ko i=3 j=4
[ "$(cat "$f")" = '3 4' ] [ "$(cat "$f")" = '3 4' ]
rmmod params rmmod params

2
rootfs_overlay/pmccntr.sh
View File

@@ -1,4 +1,4 @@
#!/bin/sh #!/bin/sh
insmod /pmccntr.ko insmod pmccntr.ko
cd /sys/kernel/debug cd /sys/kernel/debug
cat lkmc_pmccntr cat lkmc_pmccntr

4
rootfs_overlay/poll.sh
View File

@@ -1,5 +1,5 @@
#!/bin/sh #!/bin/sh
set -e set -e
insmod /poll.ko insmod poll.ko
/poll.out /sys/kernel/debug/lkmc_poll ./poll.out /sys/kernel/debug/lkmc_poll
#rmmod poll #rmmod poll

2
rootfs_overlay/procfs.sh
View File

@@ -1,5 +1,5 @@
#!/bin/sh #!/bin/sh
set -e set -e
insmod /procfs.ko insmod procfs.ko
[ "$(cat "/proc/lkmc_procfs")" = abcd ] [ "$(cat "/proc/lkmc_procfs")" = abcd ]
rmmod procfs rmmod procfs

2
rootfs_overlay/qemu_edu.sh
View File

@@ -10,7 +10,7 @@ lspci -k
cat /proc/interrupts cat /proc/interrupts
# Setup. # Setup.
insmod /pci.ko insmod pci.ko
/mknoddev.sh lkmc_pci /mknoddev.sh lkmc_pci
# Shows that this module owns the PCI device. # Shows that this module owns the PCI device.

4
rootfs_overlay/rand_check_poweroff.sh
View File

@@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
set -ex set -ex
/rand_check.out ./rand_check.out
# Check if network is being replayed. # Check if network is being replayed.
# https://superuser.com/questions/635020/how-to-know-current-time-from-internet-from-command-line-in-linux # https://superuser.com/questions/635020/how-to-know-current-time-from-internet-from-command-line-in-linux
@@ -9,4 +9,4 @@ set -ex
# busybox's poweroff panics, TODO why. Likely tries to kill shell. # busybox's poweroff panics, TODO why. Likely tries to kill shell.
# So just use our super raw command. # So just use our super raw command.
/poweroff.out ./poweroff.out

2
rootfs_overlay/seq_file.sh
View File

@@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
set -e set -e
f=/sys/kernel/debug/lkmc_seq_file f=/sys/kernel/debug/lkmc_seq_file
insmod /seq_file.ko insmod seq_file.ko
[ "$(cat "$f")" = "$(printf '0\n1\n2\n')" ] [ "$(cat "$f")" = "$(printf '0\n1\n2\n')" ]
[ "$(cat "$f")" = "$(printf '0\n1\n2\n')" ] [ "$(cat "$f")" = "$(printf '0\n1\n2\n')" ]
[ "$(dd if="$f" bs=1 count=2 skip=0 status=none)" = "$(printf '0\n')" ] [ "$(dd if="$f" bs=1 count=2 skip=0 status=none)" = "$(printf '0\n')" ]

2
rootfs_overlay/seq_file_single_open.sh
View File

@@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
set -e set -e
f=/sys/kernel/debug/lkmc_seq_file_single_open f=/sys/kernel/debug/lkmc_seq_file_single_open
insmod /seq_file_single_open.ko insmod seq_file_single_open.ko
[ "$(cat "$f")" = "$(printf 'ab\ncd\n')" ] [ "$(cat "$f")" = "$(printf 'ab\ncd\n')" ]
[ "$(dd if="$f" bs=1 count=3 skip=1)" = "$(printf "b\nc\n")" ] [ "$(dd if="$f" bs=1 count=3 skip=1)" = "$(printf "b\nc\n")" ]
rmmod seq_file_single_open rmmod seq_file_single_open

2
rootfs_overlay/sysfs.sh
View File

@@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
set -e set -e
insmod /sysfs.ko insmod sysfs.ko
f=/sys/kernel/lkmc_sysfs/foo f=/sys/kernel/lkmc_sysfs/foo
# write # write
printf 12345 > "$f" printf 12345 > "$f"

4
rootfs_overlay/uio_read.sh
View File

@@ -4,9 +4,9 @@ set -e
modprobe uio_pci_generic modprobe uio_pci_generic
# pci_min device # pci_min device
echo '1234 11e9' > /sys/bus/pci/drivers/uio_pci_generic/new_id echo '1234 11e9' > /sys/bus/pci/drivers/uio_pci_generic/new_id
/uio_read.out & ./uio_read.out &
# Helper to observe interrupts. # Helper to observe interrupts.
insmod /irq.ko insmod irq.ko
base="$(setpci -d 1234:11e9 BASE_ADDRESS_0)" base="$(setpci -d 1234:11e9 BASE_ADDRESS_0)"
# Start generating interrupt. # Start generating interrupt.
devmem "0x${base}" w 0x12345678 devmem "0x${base}" w 0x12345678

2
rootfs_overlay/vermagic.sh
View File

@@ -1,4 +1,4 @@
#!/bin/sh #!/bin/sh
set -e set -e
insmod /vermagic.ko insmod vermagic.ko
rmmod vermagic rmmod vermagic

2
rootfs_overlay/virt_to_phys.sh
View File

@@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
set -ex set -ex
insmod /virt_to_phys.ko insmod virt_to_phys.ko
cd /sys/kernel/debug cd /sys/kernel/debug
cat lkmc_virt_to_phys cat lkmc_virt_to_phys
# k = 0x12345678 # k = 0x12345678