gfwleak/zhangyang-variable-monitor
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

debug kernel

Browse Source
This commit is contained in:
zy
2023-11-29 16:02:23 +08:00
parent 809f581cef
commit 13ba531c1a
11 changed files with 1490 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@@ -62,6 +62,8 @@ linux-5.17.15/.cocciconfig
linux-5.17.15/.get_maintainer.ignore
linux-5.17.15/.cocciconfig
miniroot
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]

9
.vscode/c_cpp_properties.json vendored
View File

@@ -4,12 +4,12 @@
"name": "Linux",
"includePath": [
"${workspaceFolder}/**",
"../linux-5.17.15/include/**",
"../linux-5.17.15/arch/x86/include/**",
"../linux-5.17.15/arch/x86/include/generated/**"
"${workspaceFolder}/linux-5.17.15/include/**",
"${workspaceFolder}/linux-5.17.15/arch/x86/include/**",
"${workspaceFolder}/linux-5.17.15/arch/x86/include/generated/**"
],
"forcedInclude": [
"../linux-5.17.15/include/generated/autoconf.h"
"${workspaceFolder}/linux-5.17.15/include/generated/autoconf.h"
],
"defines": [
"__GNUC__",
@@ -18,6 +18,7 @@
"__x86_64__",
"_GNU_SOURCE"
],
"compileCommands": "${workspaceFolder}/linux-5.17.15/compile_commands.json",
"compilerPath": "/usr/bin/gcc",
"cStandard": "c89",
"compilerArgs": [],

14
.vscode/launch.json vendored
View File

@@ -31,25 +31,21 @@
]
},
{
"name": "(gdb) linux kernel",
"name": "(gdb) linux Kernel",
"type": "cppdbg",
"request": "launch",
//"preLaunchTask": "centos7",
// socat pty,link=./rootkit.pty,raw,echo=0 EXEC:"/mnt/c/ProgramData/chocolatey/lib/npiperelay/tools/npiperelay.exe -ep -s //./pipe/rootkit",nofork
"preLaunchTask": "run_qemu",
"program": "${workspaceFolder}/linux-5.17.15/vmlinux",
//"miDebuggerServerAddress": "localhost:1234",
//"debugServerPath": "${workspaceFolder}/rootkit.pty",
"miDebuggerPath": "/usr/bin/gdb",
"miDebuggerArgs": "-ex 'set serial baud 115200 target remote ./rootkit.pty'",
"miDebuggerServerAddress": "127.0.0.1:1234",
"args": [],
"stopAtEntry": true,
"cwd": "${workspaceFolder}",
"environment": [],
"externalConsole": false,
"MIMode": "gdb",
//"miDebuggerArgs": "-n",
"miDebuggerArgs": "-n",
"targetArchitecture": "x64",
"setupCommands": [ // 或许在这里添加的 set serial baud 115200 | target remote ./rootkit.pty
"setupCommands": [
{
"text": "set arch i386:x86-64:intel",
"ignoreFailures": false

78
.vscode/settings.json vendored
View File

@@ -1,75 +1,11 @@
{
"files.associations": {
"hrtimer.h": "c",
"ktime.h": "c",
"typeinfo": "c",
"signal.h": "c",
"module.h": "c",
"watch_module.h": "c",
"kernel.h": "c",
"device.h": "c",
"mm.h": "c",
"fs.h": "c",
"sched.h": "c",
"monitor_user.h": "c",
"libunwind.h": "c",
"libunwind-x86_64.h": "c",
"libdwfl.h": "c",
"libunwind-ptrace.h": "c",
"unwind.h": "c",
"*.tcc": "cpp",
"fstream": "cpp",
"array": "cpp",
"deque": "cpp",
"string": "cpp",
"unordered_map": "cpp",
"vector": "cpp",
"string_view": "cpp",
"initializer_list": "cpp",
"atomic": "cpp",
"cctype": "cpp",
"clocale": "cpp",
"cmath": "cpp",
"cstdarg": "cpp",
"cstddef": "cpp",
"cstdint": "cpp",
"cstdio": "cpp",
"cstdlib": "cpp",
"cwchar": "cpp",
"cwctype": "cpp",
"exception": "cpp",
"algorithm": "cpp",
"functional": "cpp",
"iterator": "cpp",
"map": "cpp",
"memory": "cpp",
"memory_resource": "cpp",
"numeric": "cpp",
"optional": "cpp",
"random": "cpp",
"set": "cpp",
"system_error": "cpp",
"tuple": "cpp",
"type_traits": "cpp",
"utility": "cpp",
"iosfwd": "cpp",
"istream": "cpp",
"limits": "cpp",
"new": "cpp",
"ostream": "cpp",
"sstream": "cpp",
"stdexcept": "cpp",
"streambuf": "cpp",
"cinttypes": "cpp",
"kprobes.h": "c"
},
"clangd.arguments": [
"--compile-commands-dir=${workspaceFolder}/linux-5.17.15",
"--background-index",
"--completion-style=detailed",
"--header-insertion=never",
"-log=info"
],
// "clangd.arguments": [
// "--compile-commands-dir=${workspaceFolder}/linux-5.17.15",
// "--background-index",
// "--completion-style=detailed",
// "--header-insertion=never",
// "-log=info"
// ],
"C_Cpp.clang_format_fallbackStyle": "LLVM",
// "C_Cpp.autocomplete": "disabled",
// "C_Cpp.codeFolding": "disabled",

28
.vscode/tasks.json vendored
View File

@@ -93,6 +93,34 @@
}
],
},
{
"label": "run_qemu",
"type": "shell",
"command": "./run_qemu.sh",
"presentation": {
"echo": true,
"clear": true,
"group": "vm"
},
"isBackground": true,
"problemMatcher": [
{
"pattern": [
{
"regexp": ".",
"file": 1,
"location": 2,
"message": 3
}
],
"background": {
"activeOnStart": true,
"beginsPattern": ".",
"endsPattern": ".",
}
}
]
},
],
"version": "2.0.0"
}

24
run_qemu.sh Executable file
View File

@@ -0,0 +1,24 @@
#!/bin/bash
pwd="/home/zy/Git/variable_monitor"
box=/home/zy/qemu_uintr/initramfs/initramfs-busybox-x86_64.cpio.gz
busybox=$pwd/miniroot/busybox.cpio.gz
ubuntu=$pwd/miniroot/ubuntu.cpio.gz
PORT=2222
QEMU=qemu-system-x86_64
KERNEL=$pwd/linux-5.17.15/arch/x86_64/boot/bzImage
$QEMU -smp 4 \
-machine q35,kernel_irqchip=split \
-m 4096M -nographic -cpu qemu64 \
-kernel $KERNEL \
-initrd $ubuntu \
-append "root=/dev/ram0 rw rootfstype=ext4 console=ttyS0 init=/linuxrc" \
-net user,hostfwd=tcp::${PORT}-:22 -net nic,model=e1000e \
-serial mon:stdio \
-virtfs local,path=$pwd/build,mount_tag=test,security_model=passthrough,id=test \
-s -S
# -D none
# 等待gdb连接
# -s -S

1231
script/.config_busybox Normal file
View File

File diff suppressed because it is too large Load Diff

73
script/busybox.sh Executable file
View File

@@ -0,0 +1,73 @@
#!/bin/bash
# 由 busybox 创建一个最小的文件系统 | 不含编译部分
# 创建目录并拷贝文件
set -e
set -x
cp ./.config_busybox ../miniroot
cp ./init_busybox ../miniroot
cd .. || exit
# 工作目录改动到 miniroot
cd miniroot
if [ -e "./busybox" ]; then
read -r -t 10 -p "./busybox\" 已存在,是否删除? (回车确认,其他键取消,10s 超时)" confirm
if [[ $confirm == "" ]]; then
rm -rf "./busybox/*"
else
exit 1
fi
fi
# 如果 busybox 不存在则下载
if [ ! -e "./busybox-1.36.1.tar.bz2" ]; then
wget https://busybox.net/downloads/busybox-1.36.1.tar.bz2
fi
if [ ! -e "./busybox-1.36.1" ]; then
tar -xjf busybox-1.36.1.tar.bz2
fi
cd busybox-1.36.1
if [ ! -e "./build" ]; then
mkdir build
fi
# make O=build menuconfig
# 在 settings Build Options 中选择 # [*] Build static binary (no sharedd libs)
if [ ! -e "./build/.config" ]; then
mv ../.config_busybox ./build/.config
fi
if [ -z "$(ls -A build/_install/)" ]; then
# build/_install/ is empty"
cd build
make -j8 V=1
make install
fi
cd .. || exit
mkdir -pv busybox
cd busybox || exit
mkdir -pv {bin,sbin,etc,proc,sys,usr/{bin,sbin}}
cp -av ../busybox-1.36.1/build/_install/* .
# 写入 init 文件并设置权限
mv ../init_busybox init
chroot . /bin/sh -c "chmod u+x /init" # 可能需要 sudo
echo "最小化 Busybox 系统创建成功!"
# 打包文件系统
if read -r -t 10 -p "打包镜像? (10秒 超时取消)" confirm; then
find . -print0 | cpio --null -ov --format=newc | gzip -9 >../busybox.cpio.gz
echo "打包完毕"
else
echo "取消打包"
fi

10
script/init_busybox Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/sh
mount -t proc none /proc
mount -t sysfs none /sys
# 挂载共享文件夹
mount -t 9p -o trans=virtio,version=9p2000.L test /root
mknod -m 666 /dev/ttyS0 c 4 64
echo -e "\nBoot took $(cut -d' ' -f1 /proc/uptime) seconds\n"
setsid cttyhack sh
exec /bin/sh

19
script/init_debian Normal file
View File

@@ -0,0 +1,19 @@
#!/bin/sh
mount -t proc none /proc
mount -t sysfs none /sys
echo -e "\nBoot took $(cut -d' ' -f1 /proc/uptime) seconds\n"
mount -t devtmpfs none /dev
mount -t devpts none /dev/pts
/sbin/mdev -s
# Start the network interface
/sbin/ifconfig eth0 up
/sbin/dhclient eth0
# 挂载共享文件夹
mkdir -p /mnt/test
mount -t 9p -o trans=virtio,version=9p2000.L test /mnt/test
exec /sbin/init
exec /bin/bash

86
script/ubuntu.sh Executable file
View File

@@ -0,0 +1,86 @@
#!/bin/bash
# 该脚本用于在当前目录下创建一个 ubuntu20 系统文件夹,并在其中安装 ssh 服务。
# 如果当前目录下已经存在名为 "ubuntu" 的文件夹,则脚本会退出。
# 运行脚本需要管理员权限。
# 依赖项debootstrap 工具、apt-get 命令。
# 使用清华大学的 Ubuntu20 镜像源
set -e
set -x
cp ./init_debian ../miniroot
# 进入根目录
cd .. || exit
# 工作目录改动到 miniroot
cd miniroot
if [ -e "./ubuntu" ]; then
read -r -p "./ubuntu\" 已存在,是否删除? (回车确认,其他键取消)" confirm
if [[ $confirm == "" ]]; then
rm -rf "./ubuntu"
else
exit 1
fi
fi
# 创建并进入目标文件夹
mkdir ubuntu
cd ubuntu
# 安装 debootstrap 工具
if ! apt-get -qy install debootstrap; then
echo "无法安装 debootstrap 工具"
exit 1
fi
# 使用 debootstrap 创建 ubuntu 系统文件
if ! debootstrap --components=main,universe focal ./ "http://mirrors.tuna.tsinghua.edu.cn/ubuntu"; then
echo "创建 Ubuntu 系统文件时出错"
exit 1
fi
# 进入新创建的 Ubuntu 系统
if ! chroot . /bin/bash -c "apt-get update"; then
echo "无法进入新创建的 Ubuntu 系统"
exit 1
fi
# 进入 chroot 环境, 初始化系统
chroot . /bin/bash <<EOF
set -e
export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# 安装 ssh 服务
apt-get update
apt-get install -qy openssh-server sudo net-tools bash-completion ssh
# 设置 root 用户的密码
echo "root:root" | chpasswd
# 配置 ssh 登录
# sed -i 's/.*Port.*/Port 22/' /etc/ssh/sshd_config
sed -i 's/^#Port 22/Port 22/' /etc/ssh/sshd_config
# sed -i 's/.*ListenAddress.*/ListenAddress 0.0.0.0/' /etc/ssh/sshd_config
sed -i 's/.*PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config
sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
# 重启 ssh 服务
service ssh restart
apt clean
EOF
# 写入 init 文件并设置权限
mv ../init_debian init
chroot . /bin/bash -c "chmod u+x /init"
echo "最小化 Ubuntu 系统创建成功!"
if read -r -t 10 -p "打包镜像? (10秒 超时取消)" confirm; then
find . -print0 | cpio --null -ov --format=newc | gzip -9 >../ubuntu.cpio.gz
echo "打包完毕"
else
echo "取消打包"
fi