lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1283765405.1662.5.camel@steven>
Date:	Mon, 06 Sep 2010 17:30:05 +0800
From:	Steven <mqyoung@...il.com>
To:	Hui Zhu <teawater@...il.com>
Cc:	"gdb@...rceware.org" <gdb@...rceware.org>,
	linux-kernel@...r.kernel.org, Michael Snyder <msnyder@...are.com>,
	Marc Khouzam <marc.khouzam@...csson.com>,
	Thiago Jung Bauermann <thiago.bauermann@...il.com>,
	"Frank Ch. Eigler" <fche@...hat.com>
Subject: Log of  Using KGTP

Great! Many thanks. I collect all the information and write a howto, 
hope it could help you.

http://dslab.lzu.edu.cn/modules/lifetype/index.php?op=ViewArticle&articleId=31&blogId=22

Best Regards
Steven

On Mon, 2010-09-06 at 15:50 +0800, Hui Zhu wrote:
> cat /sys/module/hello/sections/.bss
> 0xf81b92ec
> add-symbol-file ~/kernel/tmp/h/hello.ko 0xf81b9000 -s .bss 0xf81b92ec
> 
> (gdb) tstart
> (gdb) tstatus
> Trace is running on the target.
> Collected 0 trace frames.
> Trace buffer has 86255744 bytes of 86255744 bytes free (0% full).
> Trace will stop if GDB disconnects.
> Not looking at any trace frame.
> (gdb) tstop
> (gdb) tfind
> Found trace frame 0, tracepoint 1
> #0  0xf81b9068 in test_thread (data=<value optimized out>) at
> /home/teawater/kernel/tmp/h/hello.c:22
> 22	               cnt++;
> (gdb) p cnt
> $1 = 106
> (gdb) p tv
> $2 = {tv_sec = 1283760246, tv_usec = 784020}
> (gdb) p year
> $3 = 2010
> (gdb)
> 
> Looks I need update HOWTO now.
> 
> 
> To get all the module message with hand is uncool.
> I will make it more automated when I have time.
> 
> Thanks,
> Hui
> 
> On Mon, Sep 6, 2010 at 15:21, Hui Zhu <teawater@...il.com> wrote:
> > Sep  6 15:17:06 teawater kernel: [514552.780031] gtp_kp_pre_handler:
> > tracepoint 1
> > Sep  6 15:17:06 teawater kernel: [514552.780034] gtp_parse_x: cmd 23
> > Sep  6 15:17:06 teawater kernel: [514552.780035] gtp_parse_x: cmd 22
> > Sep  6 15:17:06 teawater kernel: [514552.780037] gtp_parse_x: cmd c
> > Sep  6 15:17:06 teawater kernel: [514552.780039]
> > gtp_action_memory_read: id:1 0000054c 8
> > Sep  6 15:17:06 teawater kernel: [514552.780043]
> > gtp_action_memory_read: id:1 read 0000054c 8 get error.
> > Sep  6 15:17:06 teawater kernel: [514552.780048] gtp_kp_pre_handler:
> > tracepoint 1 stop.
> > Sep  6 15:17:06 teawater kernel: [514552.780051] tv_sec: 1283757426 - 2010
> > Sep  6 15:17:06 teawater kernel: [514552.780053] gtp_kp_pre_handler:
> > tracepoint 2
> > Sep  6 15:17:06 teawater kernel: [514552.780055] gtp_parse_x: cmd 23
> > Sep  6 15:17:06 teawater kernel: [514552.780056] gtp_parse_x: cmd 22
> > Sep  6 15:17:06 teawater kernel: [514552.780057] gtp_parse_x: cmd c
> > Sep  6 15:17:06 teawater kernel: [514552.780058]
> > gtp_action_memory_read: id:2 0000054c 8
> > Sep  6 15:17:06 teawater kernel: [514552.780061]
> > gtp_action_memory_read: id:2 read 0000054c 8 get error.
> > Sep  6 15:17:06 teawater kernel: [514552.780063] gtp_kp_pre_handler:
> > tracepoint 2 stop.
> > Sep  6 15:17:06 teawater kernel: [514552.780068] gtp_stop: tracepoint 1
> > Sep  6 15:17:06 teawater kernel: [514552.792059] gtp_stop: tracepoint 2
> >
> > (gdb) add-symbol-file ~/kernel/tmp/h/hello.ko 0xf81b9000
> > add symbol table from file "/home/teawater/kernel/tmp/h/hello.ko" at
> >        .text_addr = 0xf81b9000
> > (y or n) y
> > Reading symbols from /home/teawater/kernel/tmp/h/hello.ko...done.
> > (gdb) p year
> > Cannot access memory at address 0x554
> > (gdb) p tv
> > Cannot access memory at address 0x54c
> >
> > Looks GDB didn't get the right address of this val.
> >
> > Export them maybe handle this issue.
> >
> > Thanks,
> > Hui
> >
> >
> >
> > On Sun, Sep 5, 2010 at 00:47, Steven <mqyoung@...il.com> wrote:
> >> On Sun, 2010-09-05 at 00:42 +0800, Hui Zhu wrote:
> >>> Could you post the other part of this code?  Then I can try to reproduce on it.
> >>
> >> hello.c
> >> ------------------------------------------------
> >> #include <linux/kthread.h>
> >> #include <linux/module.h>
> >> #include <linux/init.h>
> >>
> >> static struct task_struct *test_task;
> >> volatile struct timeval tv;
> >> int year;
> >>
> >> int test_thread(void *data)
> >> {
> >>        volatile int cnt = 0;
> >>        set_current_state(TASK_INTERRUPTIBLE);
> >>        schedule_timeout(1 * HZ); /* wait for the terminal ready */
> >>
> >>        while(1){
> >>                set_current_state(TASK_INTERRUPTIBLE); /* this is
> >> required, or thread never sleep*/
> >>                if(kthread_should_stop()) break;
> >>
> >>                year = 2010;
> >>                do_gettimeofday (&tv);
> >>                printk("\ntv_sec: %d - %d\n", (int)tv.tv_sec, cnt);
> >>                cnt++;
> >>
> >>                do_gettimeofday (&tv);
> >>                printk("tv_sec: %d - %d\n", (int)tv.tv_sec, year);
> >>                cnt++;
> >>
> >>                //reschedule after 5 seconds(approximately)
> >>                schedule_timeout(60 * HZ);
> >>        }
> >>
> >>        return 0;
> >> }
> >>
> >> static int __init mt_init(void)
> >> {
> >>        int err;
> >>        test_task = kthread_create(test_thread, NULL, "test_task");
> >>        if(IS_ERR(test_task)){
> >>                printk("Unable to start kernel thread.\n");
> >>                printk("Unable to start kernel thread.\n");
> >>                err = PTR_ERR(test_task);
> >>                test_task = NULL;
> >>                return err;
> >>        }
> >>        wake_up_process(test_task);
> >>        return 0;
> >> }
> >>
> >>
> >> static void __exit mt_cleanup(void)
> >> {
> >>        if(test_task){
> >>                kthread_stop(test_task);
> >>                test_task = NULL;
> >>        }
> >> }
> >>
> >> module_init(mt_init);
> >> module_exit(mt_cleanup);
> >>
> >> MODULE_LICENSE("GPL");
> >> ------------------------------------------------
> >>
> >>
> >> Makefile
> >> ------------------------------------------------
> >> obj-m := hello.o
> >>
> >> KERNELBUILD := /lib/modules/`uname -r`/build
> >>
> >> default:
> >>        make -C $(KERNELBUILD) M=$(shell pwd) modules
> >>
> >> clean:
> >>        rm -rf *.o *.cmd *.ko *.mod.c .tmp-versions *.symvers
> >> ------------------------------------------------
> >>
> >>
> >>
> >>> Thanks,
> >>> Hui
> >>>
> >>> On Sun, Sep 5, 2010 at 00:01, Steven <mqyoung@...il.com> wrote:
> >>> > Dear All,
> >>> >
> >>> > As I mentioned before, I could collect the variables of kernel function
> >>> > such as vfs_readdir(ext3 is built in kernel not module). And I tried I
> >>> > could collect variables of kernel's module(such as my ethernet card
> >>> > driver 3c59x.ko). I will collect these info later.
> >>> >
> >>> > BUT, I can not collect the value of my testing module, neither global
> >>> > nor local. I think there is some thing wrong with my compile option or
> >>> > Makefile, any one know it? Thanks very much.
> >>> >
> >>> > Program:
> >>> > -------------------------------------------------
> >>> >  6 volatile struct timeval tv;
> >>> >  7 int year;
> >>> >  8
> >>> >  9 int test_thread(void *data)
> >>> >  10 {
> >>> >  11         volatile int cnt = 0;
> >>> >  12         set_current_state(TASK_INTERRUPTIBLE);
> >>> >  13         schedule_timeout(1 * HZ); /* wait for the terminal ready */
> >>> >  14
> >>> >  15         while(1){
> >>> >  16                 set_current_state(TASK_INTERRUPTIBLE);
> >>> >  17                 if(kthread_should_stop()) break;
> >>> >  18
> >>> >  19                 year = 2010;
> >>> >  20                 do_gettimeofday (&tv);
> >>> >  21                 printk("\ntv_sec: %d - %d\n", (int)tv.tv_sec, cnt);
> >>> >  22                 cnt++;
> >>> >  23
> >>> >  24                 do_gettimeofday (&tv);
> >>> >  25                 printk("tv_sec: %d - %d\n", (int)tv.tv_sec, year);
> >>> >  26                 cnt++;
> >>> >  27
> >>> >  28                 //reschedule after 5 seconds(approximately)
> >>> >  29                 schedule_timeout(60 * HZ);
> >>> >  30         }
> >>> >  31
> >>> >  32         return 0;
> >>> >  33 }
> >>> > -------------------------------------------------
> >>> >
> >>> > Makefile
> >>> > -------------------------------------------------
> >>> > obj-m := hello.o
> >>> >
> >>> > KERNELBUILD := /lib/modules/`uname -r`/build
> >>> >
> >>> > default:
> >>> >        make -C $(KERNELBUILD) M=$(shell pwd) modules
> >>> > -------------------------------------------------
> >>> >
> >>> >
> >>> > Screen log
> >>> > -------------------------------------------------
> >>> > debian:/home/linux-2.6.33.6# /usr/local/bin/gdb vmlinux
> >>> > GNU gdb (GDB) 7.2
> >>> > Copyright (C) 2010 Free Software Foundation, Inc.
> >>> > License GPLv3+: GNU GPL version 3 or later
> >>> > <http://gnu.org/licenses/gpl.html>
> >>> > This is free software: you are free to change and redistribute it.
> >>> > There is NO WARRANTY, to the extent permitted by law.  Type "show
> >>> > copying"
> >>> > and "show warranty" for details.
> >>> > This GDB was configured as "i686-pc-linux-gnu".
> >>> > For bug reporting instructions, please see:
> >>> > <http://www.gnu.org/software/gdb/bugs/>...
> >>> > Reading symbols from /home/linux-2.6.33.6/vmlinux...[ 3909.310118]
> >>> > [ 3909.310124] tv_sec: 1283648666 - 16
> >>> > [ 3909.315385] tv_sec: 1283648666 - 2010
> >>> > done.
> >>> > (gdb) target remote /proc/gtp
> >>> > Remote debugging using /proc/gtp
> >>> > 0x00000000 in ?? ()
> >>> > (gdb) add-symbol-file /home/steven/hello/hello.ko 0xc8b2b000
> >>> > add symbol table from file "/home/steven/hello/hello.ko" at
> >>> >        .text_addr = 0xc8b2b000
> >>> > (y or n) y
> >>> > Reading symbols from /home/steven/hello/hello.ko...done.
> >>> > (gdb) trace /home/steven/hello/hello.c:22
> >>> > Tracepoint 1 at 0xc8b2b094: file /home/steven/hello/hello.c, line 22.
> >>> > (gdb) trace /home/steven/hello/hello.c:26
> >>> > Tracepoint 2 at 0xc8b2b0c1: file /home/steven/hello/hello.c, line 26.
> >>> > (gdb) actions 1
> >>> > Enter actions for tracepoint 1, one per line.
> >>> > End with a line saying just "end".
> >>> >>
> >>> >>collect tv, year, cnt
> >>> >>end
> >>> > (gdb) actions 2
> >>> > Enter actions for tracepoint 2, one per line.
> >>> > End with a line saying just "end".
> >>> >>collect tv, year, cnt
> >>> >>end
> >>> > (gdb) tstart
> >>> > [ 4029.328129]
> >>> > [ 4029.328136] tv_sec: 1283648786 - 20
> >>> > [ 4029.333456] tv_sec: 1283648786 - 2010
> >>> > tstop
> >>> > (gdb) tfind
> >>> > Found trace frame 0, tracepoint 1
> >>> > #0  0xc8b2b095 in test_thread (data=0x0)
> >>> > at /home/steven/hello/hello.c:22
> >>> > 22                      cnt++;
> >>> > (gdb) p tv
> >>> > $1 = {tv_sec = 0, tv_usec = 0}
> >>> > (gdb) p cnt
> >>> > $2 = 0
> >>> > (gdb) p year
> >>> > $3 = 0
> >>> > (gdb) tfind
> >>> > Found trace frame 1, tracepoint 2
> >>> > 0xc8b2b0c2      26                      cnt++;
> >>> > (gdb) p cnt
> >>> > $4 = 0
> >>> > (gdb) p tv
> >>> > $5 = {tv_sec = 0, tv_usec = 0}
> >>> > (gdb) p year
> >>> > $6 = 0
> >>> > -------------------------------------------------
> >>> >
> >>> > Thanks,
> >>> > Steven
> >>> >
> >>> > On Sat, 2010-09-04 at 22:58 +0800, Hui Zhu wrote:
> >>> >> On Sat, Sep 4, 2010 at 17:26, Steven <mqyoung@...il.com> wrote:
> >>> >> > On Sat, 2010-09-04 at 17:17 +0800, Hui Zhu wrote:
> >>> >> >> On Sat, Sep 4, 2010 at 16:56, Steven <mqyoung@...il.com> wrote:
> >>> >> >> > On Sat, 2010-09-04 at 11:41 +0800, Hui Zhu wrote:
> >>> >> >> >> BTW, looks GCC and GDB don't want handle the optimization debug
> >>> >> >> >> trouble (all they want is rewrite the GCC in C++ :P).
> >>> >> >> >> So I think make linux kernel can close optimization is better idea, do
> >>> >> >> >> you know some way or some patch to do it?
> >>> >> >> >>
> >>> >> >> >
> >>> >> >> > Just disable CONFIG_CC_OPTIMIZE_FOR_SIZE and modify the Makefile of
> >>> >> >> > kernel:
> >>> >> >> > KBUILD_CFLAGS   += -O2
> >>> >> >> > to
> >>> >> >> > KBUILD_CFLAGS   += -O0
> >>> >> >>
> >>> >> >> Cool,  :)
> >>> >> >>
> >>> >> >> I try just change the compile option of readdir.c to without -O2, it
> >>> >> >> works OK.  I think maybe it's a GDB bug too.
> >>> >> >> Could you try the second issue with gdb 7.2?
> >>> >> >
> >>> >> > I have covered the two issues in the previous mail that I could collect
> >>> >> > both global variables and locals(-O0 kernel + gdb7.2):
> >>> >> >
> >>> >> >        --------
> >>> >> >        (gdb) trace vfs_readdir
> >>> >> >        Tracepoint 3 at 0xc11756a0: file fs/readdir.c, line 24.
> >>> >> >        (gdb) actions
> >>> >> >        Enter actions for tracepoint 3, one per line.
> >>> >> >        End with a line saying just "end".
> >>> >> >        >collect *file
> >>> >> >        >end
> >>> >> >        (gdb) trace fs/readdir.c:29
> >>> >> >        Tracepoint 4 at 0xc11756ca: file fs/readdir.c, line 29.
> >>> >> >        (gdb) actions
> >>> >> >        Enter actions for tracepoint 4, one per line.
> >>> >> >        End with a line saying just "end".
> >>> >> >        >collect res
> >>> >> >        >end
> >>> >> >        (gdb) tstart
> >>> >> >        (gdb) tstop
> >>> >> >        (gdb) tfind
> >>> >> >        Found trace frame 0, tracepoint 3
> >>> >> >        #0  0xc11756a1 in vfs_readdir (file=0xc7b2cf00, filler=0,
> >>> >> >        buf=0x0)
> >>> >> >            at fs/readdir.c:24
> >>> >> >        24              struct inode *inode =
> >>> >> >        file->f_path.dentry->d_inode;
> >>> >> >        (gdb) p *file
> >>> >> >        $4 = {f_u = {fu_list = {next = 0xc6dca500, prev = 0xc7ade480},
> >>> >> >        fu_rcuhead = {
> >>> >> >              next = 0xc6dca500, func = 0xc7ade480}}, f_path = {mnt =
> >>> >> >        0xc6c05300,
> >>> >> >            dentry = 0xc761d440}, f_op = 0xc1709a20, f_lock = {{rlock =
> >>> >> >        {raw_lock = {
> >>> >> >                  slock = 0}}}}, f_count = {counter = 2}, f_flags =
> >>> >> >        624640,
> >>> >> >          f_mode = 29, f_pos = 0, f_owner = {lock = {raw_lock = {lock =
> >>> >> >        16777216}},
> >>> >> >           = 0start = 0, size = 0, async_size = 0,
> >>> >> >            ra_pages = 32, mmap_miss = 0, prev_pos = -1}, f_version =
> >>> >> >        0,
> >>> >> >          f_security = 0xc7b30120, private_data = 0x0, f_ep_links = {
> >>> >> >            next = 0xc7b2cf74, prev = 0xc7b2cf74}, f_mapping =
> >>> >> >        0xc761c74c}
> >>> >> >        (gdb) p res
> >>> >> >        $5 = 0
> >>> >> >        (gdb) tfind
> >>> >> >        Found trace frame 1, tracepoint 4
> >>> >> >        0xc11756cb      29              res =
> >>> >> >        security_file_permission(file, MAY_READ);
> >>> >> >        (gdb) p res
> >>> >> >        $6 = -20
> >>> >> >        --------
> >>> >> >
> >>> >> >
> >>> >> >
> >>> >>
> >>> >> Great.  :)
> >>> >>
> >>> >> Hui
> >>> >
> >>> >
> >>
> >>
> >>
> >


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ