Shulou(Shulou.com)06/01 Report--

This article focuses on "how to use cgdb + qemu to debug the linux kernel module", interested friends may wish to take a look. The method introduced in this paper is simple, fast and practical. Now let the editor take you to learn how to debug the linux kernel module using cgdb + qemu.

How to debug linux kernel module preface with cgdb + qemu

The Linux code is huge and complicated, just looking at the code will make people dizzy. If you can debug its code execution process through debugging tools, it will be of great help to learn Linux kernel and solve the problems you usually encounter. This article will explain how to debug Linux kernel code using cgdb + qemu. The operating system version of the test machine is CentOS Linux release 7.2.1511 (Core).

1. Compile the kernel 1) get the kernel code

Kernel code download address: [https://www.kernel.org/] (https://www.kernel.org/)), this article uses version 4.9.153 as a demonstration. As shown in the figure below, click the tarball link of the corresponding version to download.

When the download is complete, copy the tar file to the tester / root directory and extract it.

# cd / root# tar xf linux-4.9.153.tar.xz2) compiles the kernel configuration compilation option # cd linux-4.9.153# make menuconfig that supports debugging

Navigate to Enable loadable module support:

Press the spacebar to remove the option Module signature verification to prevent the following error when loading the module:

Module verification failed: signature and/or required key missing-tainting kernel

Navigate to the Exit button and return to the superior menu.

Navigate to File systems and press enter:

Select EXT4 debugging support and JBD2 (ext4) debugging support:

Navigate to the Exit button and return to the superior menu.

Navigate to Kernel hacking and press enter:

Navigate to Kernel debugging and press the spacebar to select.

Navigate to Compile-time checks and compiler options and press enter.

Navigate to Compile the kernel with debug info and Provide GDB scripts for kernel debugging, respectively, and press the spacebar to select.

Save, exit

Start compiling make-j 30

-j 30 indicates the number of CPU cores compiled in parallel

two。 Build the initramfs root file system

Here with the help of Busybox to build minimalist initramfs to provide basic user-mode executable programs.

1) compile Busybox

[download busybox-1.28.0] (https://busybox.net/downloads/busybox-1.28.0.tar.bz2), and copy it to the tester / root directory to decompress.

The static version of Busybox can be compiled by configuring CONFIG_STATIC parameters, so that the executable files of Busybox do not depend on dynamic libraries, and it is convenient to build initramfs.

# cd / root/busybox-1.28.0# make menuconfig

Select Settings and press enter.

Select Build static binary (no shared libs) and press enter.

Exit, prompt to save, select Yes

Start compilation

# yum install glibc-static-y # gcc-- version gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-4) # make-j 3 creating make install2) create initramfs

Create an initramfs that contains the BusyBox executable, necessary device files, startup script init, and modules that need to be debugged. Only the virtual file systems procfs and sysfs are mounted in the init script, and the disk root file system is not mounted. All debugging operations are performed in memory and do not read or write to the disk. The ext4.ko module is used as a demonstration in this example, so you need to put ext4.ko and its dependent modules into initramfs together.

# mkdir initramfs# cd initramfs# cp.. / _ install/*-rf. / # mkdir dev proc sys# sudo cp-a / dev/ {null, console, tty1, tty2, tty3 Tty4} dev/# rm linuxrc# touch init# chmod astatx init# mkdir-p lib/modules/4.9.153/# cp / root/linux-4.9.153/fs/ext4/ext4.ko lib/modules/4.9.153/# cp / root/linux-4.9.153/fs/jbd2/jbd2.ko lib/modules/4.9.153/# cp / root/linux-4.9.153/fs/mbcache.ko lib/modules/4.9.153/# lsbin dev init lib proc sbin sys usr

Contents of the init file

#! / bin/busybox shmount-t proc mone / procmount-t sysfs none / sysmdev-sexec / sbin/init

Package initramfs:

# find. -print0 | cpio-- null-ov-- format=newc | gzip-9 >.. / initramfs.cpio.gz3. Start the virtual machine # yum install qemu-system-x86-2.0.1g cd.. # pwd/root/busybox-1.28.0# qemu-system-x86_64-s-kernel / root/linux-4.9.153/arch/x86_64/boot/bzImage-initrd initramfs.cpio.gz-nographic-append "console=ttyS0"-m 1G

The parameters used by the qemu-system-x86_64 command are described:

-s is the abbreviation of-gdb tcp::1234, which means to listen on port 1234, which can be connected through target remote localhost:1234 in gdb.

-kernel specifies the compiled debug kernel

-initrd specifies the finished initramfs

-nographic cancels the graphics output window, making QEMU a simple command line program

-append console=ttyS0 redirects the output to console, which will be displayed in stdio in standard output. Note: here the uppercase S in ttyS0

-m 1G sets the virtual machine memory size.

After startup, press enter to enter the command line interface

[1.645828] Freeing unused kernel memory: 836K [1.659842] Freeing unused kernel memory: 748Kcan't run'/ etc/init.d/rcS': No such file or directoryPlease press Enter to activate this console. [2.144752] tsc: Refined TSC clocksource calibration: 2194.896 MHz [2.145315] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x1fa35d3c521, max_idle_ns: 440795261667 ns [2.377779] input: ImExPS/2 Generic Explorer Mouse as / devices/platform/i8042/serio1/input/input3 [3.153834] clocksource: Switched to clocksource tsc/ # lsbin dev init proc root sbin sys usr/ # 4. Debugging with cgdb

Cgdb is an enhanced version of gdb, and the code looks much better when debugging. We will log in to the test machine in another window and run cgdb to debug the kernel.

# yum install cgdb-y # cgdb-v CGDB 0.6.The cd / root/linux-4.9.153# cgdb vmlinux

Enter target remote: 1234 in the gdb command line for remote debugging, set the breakpoint in the function register_filesystem, enter c enter, and then run the command modprobe ext4 in the virtual machine to load the ext4 file system module to enter the function register_filesystem hit breakpoint. After hitting the breakpoint, we print fs- > name and find that it is ext3, because register_as_ext3 () is called first in ext4's module initialization function ext4_init_fs, followed by register_as_ext2 (); and register_filesystem (& ext4_fs_type).

(gdb) target remote: 1234Remote debugging using: 1234native_safe_halt () at. / arch/x86/include/asm/irqflags.h:57 (gdb) b register_filesystemBreakpoint 1 at 0xffffffff81257dd0: file fs/filesystems.c, line 70. (gdb) cContinuing.Breakpoint 1, register_filesystem (fs=0xffffffffa00a0ac0) at fs/filesystems.c:70 (gdb) p fs- > name$1 = 0xffffffffa0095cc0 "ext3" (gdb)

At this point, I believe you have a deeper understanding of "how to use cgdb + qemu to debug the linux kernel module". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.