Linux kernel debugging environment MenuOS system
I. Introduction experiment
In this paper, the way you set up the environment for gdb simulated.
(1) tool Introduction
1 ) Introduction QEMU
QEMU is a VMM (virtual machine monitor) on a host CPU to simulate the dynamic binary translation, and provide a range of hardware model, the guest os think they deal directly with the hardware and, in fact, is the same QEMU simulated hardware deal, QEMU these instructions are then translated to the real hardware to operate. , Guest os can interact and hard drives, network cards, CPU, CD-ROM, audio devices and USB devices on the host through this mode.
2 ) Introduction BusyBox
Busybox included in many of the linux command, Busybox is an open source project, follow the GPL v2 protocol. The Busybox many UNIX command set into a small executable program may be used instead GNU fileutils, shellutils other tools. Busybox in various commands compared to the corresponding GNU tools, options can provide relatively small, but sufficient for most of the applications.
(2) the establishment of several important steps environment
1) install the compiler tool chain.
2) Installation emulator qemu
3) compile the kernel architecture arm
4) test whether the normal start qemu
5) Preparation of the file system used in this experiment root file system downloaded
6) start the system, test the gdb server and client.
Embedded development is done by the following steps.
(3) gdbServer principle
The target machine to run the program and gdbserver, host machine need to compile environmental code and gdb. When complete the setup, gdbserver start listening port 1234, the port number and the host should be used to communicate.
Embedded Linux GDB debugging environment consists of two parts consisting of Host and Target, Host end use arm-linux-gdb, Target Board end use gdbserver. When debugging an application running on an embedded target system, and gdb debugger in the Host side. gdb when debugging, gdb on the pc-board gdbserver issued to develop command, while the development board gdbserver will send a signal to the application, the application to stop or do some other work.
host machine is running gdb
target machine is running gdbserver
gdbserver provide a network service, gdb remote debugging after the gdbserver
Second, configure the kernel
1, download linux kernel
Use a mirror image of the linux kernel source, you can take advantage of faster download.
https://mirror.bjtu.edu.cn/kernel/linux/kernel/
For the downloaded file decompression process
xz -d linux 5.0 . 1 .tar.xz takes -xvf linux 5.0 . 1 tar cd linux - 5.0 . 1
Requires a corresponding build environment when you install the kernel, install the kernel compilation tools.
sudo apt install build-essential flex bison libssl-dev libelf-dev libncurses-dev 对内核进行设置并编译。 make defconfig make menuconfig Kernel hacking—>Compile-time checks and compiler options ---> [*] Compile the kernel with debug info make编译。
Here /etc/apt/sources.list can be configured using the updated replacement source sudo apt-get update.
Finally qemu start using configuration files, boot the kernel, the kernel can be compiled but found not normal initialization.
Third, the production root file system
1 , a method of: making a good MenuOS
make defconfig # .config generated according to the default values
make i386_defconfig # generate a 32-bit x86 profile, x86_64_defconfig 64 is arranged
The original root file system for the corresponding version of linuxkernel 3.18, we need to modify it to the corresponding version 5.1.0.
cd menu
sudo apt-get install libc6-dev-i386 # compiled in 32-bit 64-bit environment to be installed
When you modify qemu configure, you need to configure qemu file.
Which was modified for the makefile:
Vi makefile qemu -kernel ./linux-5.0.1/arch/x86/boot/bzImage -initrd ./rootfs.img -s -S qemu -kernel LinuxKernel/linux-5.0.1/arch/x86/boot/bzImage -initrd ../rootfs.img make rootfs##制作根文件系统。 qemu-system-x86_64 -kernel linux-5.0.1/arch/x86_64/boot/bzImage -initrd rootfs.img
发现QEMU正常启动。
2、方法二:采用Busybox并制作根文件系统影像
下载对应的包
wget https://busybox.net/downloads/busybox-1.30.1.tar.bz2 tar -xvf busybox-1.30.1.tar.bz2 make help可以得到一些编译busybox的帮助信息 make defconfig
make menuconfig修改如下配置:
enable:Settings –> build options –> build busybox as a static binary(no share libs)
make dd if=/dev/zero of=rootfs.img bs=1M count=128 mkfs.ext4 rootfs.img mkdir rootfs sudo mount -o loop rootfs.img rootfs
在busybox目录下
sudo make CONFIG_PREFIX=../rootfs/ install
在../rootfs/etc/network/interfaces添加lo设备,可以直接拷贝ubuntu下的/etc/network/interfaces
sudo umount rootfs qemu-system-x86_64 -kernel linux-5.0.1/arch/x86_64/boot/bzImage -hda rootfs.img -append "root=/dev/sda init=/bin/ash"
此方法与方法一得到的结果相同
四、构建Linux内核的gdb调试环境
创建客户端
qemu-system-x86_64 -kernel linux-5.0.1/arch/x86_64/boot/bzImage -hda rootfs.img -append "root=/dev/sda init=/init nokaslr" -s -S
可以看到在新打开的qemu虚拟机上,整个是一个黑屏,此时qemu在等待gdb的连接
关于-s和-S选项的说明
-S freeze CPU at startup (use ’c’ to start execution)
-s shorthand for -gdb tcp::1234 若不想使用1234端口,则可以使用-gdb tcp:xxxx来取代-s选项
nokaslr KASLR是kernel address space layout randomization的缩写
Gdb server在需安装的开发版上配置信息
在gdb界面中targe remote之前加载符号表
file linux-5.0.1/vmlinux
当按下c进行控制时,qemu显示界面如图所示。
在gdb界面中设置断点
break start_kernel #断点的设置可以在target remote之前,也可以在之后
在设置好start_kernel处断点并且target remote之后可以继续运行,则在运行到start_kernel的时候会停下来,等待gdb调试命令的输入,可以使用list来显示断点处相关的源代码
此后可以继续设置新的断点,...
下面在在start_kernel、sys_socketcall位置设置了断点。
五、测试hello hi程序
安装具有hello 和hi 项目的git文件git clone https://github.com/mengning/linuxnet.git
设置linux-5.0.1然后进入 menu,我们写了一个脚本 rootfs,运行 make rootfs,脚本就可以帮助我们自动编译、自动生成根文件系统,还会帮我们运行起来 MenuOS 系统。
详细命令如下:
cd ~/LinuxKernel git clone https://github.com/mengning/linuxnet.git cd linuxnet/lab2 make cd ../../menu/ make rootfs
其中lab2是已编辑好的tcp程序,包含一个hello和hi文件。
此时观察makefile文件,发现其中存在hello.c文件已经被静态链接。
qemu -kernel ./linux-5.0.1/arch/x86/boot/bzImage -initrd rootfs.img -s –S
其中我们增加了命令 replyhi,功能是回复 hi 的 TCP 服务。gdbserver在等待客户端(host)发送信息
参考:GDBserver的使用https://www.cnblogs.com/blogs-of-lxl/p/10462262.html