lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 06 Sep 2010 17:30:05 +0800 From: Steven <mqyoung@...il.com> To: Hui Zhu <teawater@...il.com> Cc: "gdb@...rceware.org" <gdb@...rceware.org>, linux-kernel@...r.kernel.org, Michael Snyder <msnyder@...are.com>, Marc Khouzam <marc.khouzam@...csson.com>, Thiago Jung Bauermann <thiago.bauermann@...il.com>, "Frank Ch. Eigler" <fche@...hat.com> Subject: Log of Using KGTP Great! Many thanks. I collect all the information and write a howto, hope it could help you. http://dslab.lzu.edu.cn/modules/lifetype/index.php?op=ViewArticle&articleId=31&blogId=22 Best Regards Steven On Mon, 2010-09-06 at 15:50 +0800, Hui Zhu wrote: > cat /sys/module/hello/sections/.bss > 0xf81b92ec > add-symbol-file ~/kernel/tmp/h/hello.ko 0xf81b9000 -s .bss 0xf81b92ec > > (gdb) tstart > (gdb) tstatus > Trace is running on the target. > Collected 0 trace frames. > Trace buffer has 86255744 bytes of 86255744 bytes free (0% full). > Trace will stop if GDB disconnects. > Not looking at any trace frame. > (gdb) tstop > (gdb) tfind > Found trace frame 0, tracepoint 1 > #0 0xf81b9068 in test_thread (data=<value optimized out>) at > /home/teawater/kernel/tmp/h/hello.c:22 > 22 cnt++; > (gdb) p cnt > $1 = 106 > (gdb) p tv > $2 = {tv_sec = 1283760246, tv_usec = 784020} > (gdb) p year > $3 = 2010 > (gdb) > > Looks I need update HOWTO now. > > > To get all the module message with hand is uncool. > I will make it more automated when I have time. > > Thanks, > Hui > > On Mon, Sep 6, 2010 at 15:21, Hui Zhu <teawater@...il.com> wrote: > > Sep 6 15:17:06 teawater kernel: [514552.780031] gtp_kp_pre_handler: > > tracepoint 1 > > Sep 6 15:17:06 teawater kernel: [514552.780034] gtp_parse_x: cmd 23 > > Sep 6 15:17:06 teawater kernel: [514552.780035] gtp_parse_x: cmd 22 > > Sep 6 15:17:06 teawater kernel: [514552.780037] gtp_parse_x: cmd c > > Sep 6 15:17:06 teawater kernel: [514552.780039] > > gtp_action_memory_read: id:1 0000054c 8 > > Sep 6 15:17:06 teawater kernel: [514552.780043] > > gtp_action_memory_read: id:1 read 0000054c 8 get error. > > Sep 6 15:17:06 teawater kernel: [514552.780048] gtp_kp_pre_handler: > > tracepoint 1 stop. > > Sep 6 15:17:06 teawater kernel: [514552.780051] tv_sec: 1283757426 - 2010 > > Sep 6 15:17:06 teawater kernel: [514552.780053] gtp_kp_pre_handler: > > tracepoint 2 > > Sep 6 15:17:06 teawater kernel: [514552.780055] gtp_parse_x: cmd 23 > > Sep 6 15:17:06 teawater kernel: [514552.780056] gtp_parse_x: cmd 22 > > Sep 6 15:17:06 teawater kernel: [514552.780057] gtp_parse_x: cmd c > > Sep 6 15:17:06 teawater kernel: [514552.780058] > > gtp_action_memory_read: id:2 0000054c 8 > > Sep 6 15:17:06 teawater kernel: [514552.780061] > > gtp_action_memory_read: id:2 read 0000054c 8 get error. > > Sep 6 15:17:06 teawater kernel: [514552.780063] gtp_kp_pre_handler: > > tracepoint 2 stop. > > Sep 6 15:17:06 teawater kernel: [514552.780068] gtp_stop: tracepoint 1 > > Sep 6 15:17:06 teawater kernel: [514552.792059] gtp_stop: tracepoint 2 > > > > (gdb) add-symbol-file ~/kernel/tmp/h/hello.ko 0xf81b9000 > > add symbol table from file "/home/teawater/kernel/tmp/h/hello.ko" at > > .text_addr = 0xf81b9000 > > (y or n) y > > Reading symbols from /home/teawater/kernel/tmp/h/hello.ko...done. > > (gdb) p year > > Cannot access memory at address 0x554 > > (gdb) p tv > > Cannot access memory at address 0x54c > > > > Looks GDB didn't get the right address of this val. > > > > Export them maybe handle this issue. > > > > Thanks, > > Hui > > > > > > > > On Sun, Sep 5, 2010 at 00:47, Steven <mqyoung@...il.com> wrote: > >> On Sun, 2010-09-05 at 00:42 +0800, Hui Zhu wrote: > >>> Could you post the other part of this code? Then I can try to reproduce on it. > >> > >> hello.c > >> ------------------------------------------------ > >> #include <linux/kthread.h> > >> #include <linux/module.h> > >> #include <linux/init.h> > >> > >> static struct task_struct *test_task; > >> volatile struct timeval tv; > >> int year; > >> > >> int test_thread(void *data) > >> { > >> volatile int cnt = 0; > >> set_current_state(TASK_INTERRUPTIBLE); > >> schedule_timeout(1 * HZ); /* wait for the terminal ready */ > >> > >> while(1){ > >> set_current_state(TASK_INTERRUPTIBLE); /* this is > >> required, or thread never sleep*/ > >> if(kthread_should_stop()) break; > >> > >> year = 2010; > >> do_gettimeofday (&tv); > >> printk("\ntv_sec: %d - %d\n", (int)tv.tv_sec, cnt); > >> cnt++; > >> > >> do_gettimeofday (&tv); > >> printk("tv_sec: %d - %d\n", (int)tv.tv_sec, year); > >> cnt++; > >> > >> //reschedule after 5 seconds(approximately) > >> schedule_timeout(60 * HZ); > >> } > >> > >> return 0; > >> } > >> > >> static int __init mt_init(void) > >> { > >> int err; > >> test_task = kthread_create(test_thread, NULL, "test_task"); > >> if(IS_ERR(test_task)){ > >> printk("Unable to start kernel thread.\n"); > >> printk("Unable to start kernel thread.\n"); > >> err = PTR_ERR(test_task); > >> test_task = NULL; > >> return err; > >> } > >> wake_up_process(test_task); > >> return 0; > >> } > >> > >> > >> static void __exit mt_cleanup(void) > >> { > >> if(test_task){ > >> kthread_stop(test_task); > >> test_task = NULL; > >> } > >> } > >> > >> module_init(mt_init); > >> module_exit(mt_cleanup); > >> > >> MODULE_LICENSE("GPL"); > >> ------------------------------------------------ > >> > >> > >> Makefile > >> ------------------------------------------------ > >> obj-m := hello.o > >> > >> KERNELBUILD := /lib/modules/`uname -r`/build > >> > >> default: > >> make -C $(KERNELBUILD) M=$(shell pwd) modules > >> > >> clean: > >> rm -rf *.o *.cmd *.ko *.mod.c .tmp-versions *.symvers > >> ------------------------------------------------ > >> > >> > >> > >>> Thanks, > >>> Hui > >>> > >>> On Sun, Sep 5, 2010 at 00:01, Steven <mqyoung@...il.com> wrote: > >>> > Dear All, > >>> > > >>> > As I mentioned before, I could collect the variables of kernel function > >>> > such as vfs_readdir(ext3 is built in kernel not module). And I tried I > >>> > could collect variables of kernel's module(such as my ethernet card > >>> > driver 3c59x.ko). I will collect these info later. > >>> > > >>> > BUT, I can not collect the value of my testing module, neither global > >>> > nor local. I think there is some thing wrong with my compile option or > >>> > Makefile, any one know it? Thanks very much. > >>> > > >>> > Program: > >>> > ------------------------------------------------- > >>> > 6 volatile struct timeval tv; > >>> > 7 int year; > >>> > 8 > >>> > 9 int test_thread(void *data) > >>> > 10 { > >>> > 11 volatile int cnt = 0; > >>> > 12 set_current_state(TASK_INTERRUPTIBLE); > >>> > 13 schedule_timeout(1 * HZ); /* wait for the terminal ready */ > >>> > 14 > >>> > 15 while(1){ > >>> > 16 set_current_state(TASK_INTERRUPTIBLE); > >>> > 17 if(kthread_should_stop()) break; > >>> > 18 > >>> > 19 year = 2010; > >>> > 20 do_gettimeofday (&tv); > >>> > 21 printk("\ntv_sec: %d - %d\n", (int)tv.tv_sec, cnt); > >>> > 22 cnt++; > >>> > 23 > >>> > 24 do_gettimeofday (&tv); > >>> > 25 printk("tv_sec: %d - %d\n", (int)tv.tv_sec, year); > >>> > 26 cnt++; > >>> > 27 > >>> > 28 //reschedule after 5 seconds(approximately) > >>> > 29 schedule_timeout(60 * HZ); > >>> > 30 } > >>> > 31 > >>> > 32 return 0; > >>> > 33 } > >>> > ------------------------------------------------- > >>> > > >>> > Makefile > >>> > ------------------------------------------------- > >>> > obj-m := hello.o > >>> > > >>> > KERNELBUILD := /lib/modules/`uname -r`/build > >>> > > >>> > default: > >>> > make -C $(KERNELBUILD) M=$(shell pwd) modules > >>> > ------------------------------------------------- > >>> > > >>> > > >>> > Screen log > >>> > ------------------------------------------------- > >>> > debian:/home/linux-2.6.33.6# /usr/local/bin/gdb vmlinux > >>> > GNU gdb (GDB) 7.2 > >>> > Copyright (C) 2010 Free Software Foundation, Inc. > >>> > License GPLv3+: GNU GPL version 3 or later > >>> > <http://gnu.org/licenses/gpl.html> > >>> > This is free software: you are free to change and redistribute it. > >>> > There is NO WARRANTY, to the extent permitted by law. Type "show > >>> > copying" > >>> > and "show warranty" for details. > >>> > This GDB was configured as "i686-pc-linux-gnu". > >>> > For bug reporting instructions, please see: > >>> > <http://www.gnu.org/software/gdb/bugs/>... > >>> > Reading symbols from /home/linux-2.6.33.6/vmlinux...[ 3909.310118] > >>> > [ 3909.310124] tv_sec: 1283648666 - 16 > >>> > [ 3909.315385] tv_sec: 1283648666 - 2010 > >>> > done. > >>> > (gdb) target remote /proc/gtp > >>> > Remote debugging using /proc/gtp > >>> > 0x00000000 in ?? () > >>> > (gdb) add-symbol-file /home/steven/hello/hello.ko 0xc8b2b000 > >>> > add symbol table from file "/home/steven/hello/hello.ko" at > >>> > .text_addr = 0xc8b2b000 > >>> > (y or n) y > >>> > Reading symbols from /home/steven/hello/hello.ko...done. > >>> > (gdb) trace /home/steven/hello/hello.c:22 > >>> > Tracepoint 1 at 0xc8b2b094: file /home/steven/hello/hello.c, line 22. > >>> > (gdb) trace /home/steven/hello/hello.c:26 > >>> > Tracepoint 2 at 0xc8b2b0c1: file /home/steven/hello/hello.c, line 26. > >>> > (gdb) actions 1 > >>> > Enter actions for tracepoint 1, one per line. > >>> > End with a line saying just "end". > >>> >> > >>> >>collect tv, year, cnt > >>> >>end > >>> > (gdb) actions 2 > >>> > Enter actions for tracepoint 2, one per line. > >>> > End with a line saying just "end". > >>> >>collect tv, year, cnt > >>> >>end > >>> > (gdb) tstart > >>> > [ 4029.328129] > >>> > [ 4029.328136] tv_sec: 1283648786 - 20 > >>> > [ 4029.333456] tv_sec: 1283648786 - 2010 > >>> > tstop > >>> > (gdb) tfind > >>> > Found trace frame 0, tracepoint 1 > >>> > #0 0xc8b2b095 in test_thread (data=0x0) > >>> > at /home/steven/hello/hello.c:22 > >>> > 22 cnt++; > >>> > (gdb) p tv > >>> > $1 = {tv_sec = 0, tv_usec = 0} > >>> > (gdb) p cnt > >>> > $2 = 0 > >>> > (gdb) p year > >>> > $3 = 0 > >>> > (gdb) tfind > >>> > Found trace frame 1, tracepoint 2 > >>> > 0xc8b2b0c2 26 cnt++; > >>> > (gdb) p cnt > >>> > $4 = 0 > >>> > (gdb) p tv > >>> > $5 = {tv_sec = 0, tv_usec = 0} > >>> > (gdb) p year > >>> > $6 = 0 > >>> > ------------------------------------------------- > >>> > > >>> > Thanks, > >>> > Steven > >>> > > >>> > On Sat, 2010-09-04 at 22:58 +0800, Hui Zhu wrote: > >>> >> On Sat, Sep 4, 2010 at 17:26, Steven <mqyoung@...il.com> wrote: > >>> >> > On Sat, 2010-09-04 at 17:17 +0800, Hui Zhu wrote: > >>> >> >> On Sat, Sep 4, 2010 at 16:56, Steven <mqyoung@...il.com> wrote: > >>> >> >> > On Sat, 2010-09-04 at 11:41 +0800, Hui Zhu wrote: > >>> >> >> >> BTW, looks GCC and GDB don't want handle the optimization debug > >>> >> >> >> trouble (all they want is rewrite the GCC in C++ :P). > >>> >> >> >> So I think make linux kernel can close optimization is better idea, do > >>> >> >> >> you know some way or some patch to do it? > >>> >> >> >> > >>> >> >> > > >>> >> >> > Just disable CONFIG_CC_OPTIMIZE_FOR_SIZE and modify the Makefile of > >>> >> >> > kernel: > >>> >> >> > KBUILD_CFLAGS += -O2 > >>> >> >> > to > >>> >> >> > KBUILD_CFLAGS += -O0 > >>> >> >> > >>> >> >> Cool, :) > >>> >> >> > >>> >> >> I try just change the compile option of readdir.c to without -O2, it > >>> >> >> works OK. I think maybe it's a GDB bug too. > >>> >> >> Could you try the second issue with gdb 7.2? > >>> >> > > >>> >> > I have covered the two issues in the previous mail that I could collect > >>> >> > both global variables and locals(-O0 kernel + gdb7.2): > >>> >> > > >>> >> > -------- > >>> >> > (gdb) trace vfs_readdir > >>> >> > Tracepoint 3 at 0xc11756a0: file fs/readdir.c, line 24. > >>> >> > (gdb) actions > >>> >> > Enter actions for tracepoint 3, one per line. > >>> >> > End with a line saying just "end". > >>> >> > >collect *file > >>> >> > >end > >>> >> > (gdb) trace fs/readdir.c:29 > >>> >> > Tracepoint 4 at 0xc11756ca: file fs/readdir.c, line 29. > >>> >> > (gdb) actions > >>> >> > Enter actions for tracepoint 4, one per line. > >>> >> > End with a line saying just "end". > >>> >> > >collect res > >>> >> > >end > >>> >> > (gdb) tstart > >>> >> > (gdb) tstop > >>> >> > (gdb) tfind > >>> >> > Found trace frame 0, tracepoint 3 > >>> >> > #0 0xc11756a1 in vfs_readdir (file=0xc7b2cf00, filler=0, > >>> >> > buf=0x0) > >>> >> > at fs/readdir.c:24 > >>> >> > 24 struct inode *inode = > >>> >> > file->f_path.dentry->d_inode; > >>> >> > (gdb) p *file > >>> >> > $4 = {f_u = {fu_list = {next = 0xc6dca500, prev = 0xc7ade480}, > >>> >> > fu_rcuhead = { > >>> >> > next = 0xc6dca500, func = 0xc7ade480}}, f_path = {mnt = > >>> >> > 0xc6c05300, > >>> >> > dentry = 0xc761d440}, f_op = 0xc1709a20, f_lock = {{rlock = > >>> >> > {raw_lock = { > >>> >> > slock = 0}}}}, f_count = {counter = 2}, f_flags = > >>> >> > 624640, > >>> >> > f_mode = 29, f_pos = 0, f_owner = {lock = {raw_lock = {lock = > >>> >> > 16777216}}, > >>> >> > = 0start = 0, size = 0, async_size = 0, > >>> >> > ra_pages = 32, mmap_miss = 0, prev_pos = -1}, f_version = > >>> >> > 0, > >>> >> > f_security = 0xc7b30120, private_data = 0x0, f_ep_links = { > >>> >> > next = 0xc7b2cf74, prev = 0xc7b2cf74}, f_mapping = > >>> >> > 0xc761c74c} > >>> >> > (gdb) p res > >>> >> > $5 = 0 > >>> >> > (gdb) tfind > >>> >> > Found trace frame 1, tracepoint 4 > >>> >> > 0xc11756cb 29 res = > >>> >> > security_file_permission(file, MAY_READ); > >>> >> > (gdb) p res > >>> >> > $6 = -20 > >>> >> > -------- > >>> >> > > >>> >> > > >>> >> > > >>> >> > >>> >> Great. :) > >>> >> > >>> >> Hui > >>> > > >>> > > >> > >> > >> > > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists