Kernel Debugging with QEMU

Revision as of 15:30, 21 March 2020 by imported>Luis-Hebendanz (Created page with "= QEMU Kernel Debugging Setup = == Setup == Clone the repository <syntaxhighlight lang="console"> $ git clone https://github.com/torvalds/linux.git </syntaxhighlight> Kernel...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

QEMU Kernel Debugging Setup

Setup

Clone the repository

$ git clone https://github.com/torvalds/linux.git

Kernel dependencies Create a shell.nix file in the cloned repo

{ pkgs ? import <nixpkgs> {} }:

(pkgs.buildFHSUserEnv {
  name = "linux-kernel-build";
  targetPkgs = pkgs: (with pkgs;
  [
    getopt
    flex
    bison
    libelf
    ncurses.dev
    openssl.dev
    gcc
    gnumake
    bc

  ]);
  runScript = "bash";
}).env

Generate a config for KVM

$ nix-shell shell.nix
$ make x86_64_defconfig
$ make kvmconfig
$ scripts/config --set-val DEBUG_INFO y # For gdb debug symbols
$ make -j <number-cpu-cores>

Create a bootable debian image with replaceable kernel

 $ nix-shell -p debootstrap
 $ qemu-img create qemu-image.img
 $ mkfs.ext2 qemu-image.img
 $ mkdir mount-point.dir
 $ sudo mount -o loop qemu-image.img mount-point.dir
 $ sudo debootstrap --arch amd64 buster mount-point.dir
 $ sudo chroot mount-point.dir /bin/bash -i
 $ export PATH=$PATH:/bin
 $ passwd # Set root password
 $ exit
 $ sudo umount mount-point.dir
 $ rmdir mount-point.dir

Launch qemu

#!/bin/sh

qemu-system-x86_64 -s -S \
    -kernel ../arch/x86_64/boot/bzImage \
    -hda qemu-img.img \
    -append "root=/dev/sda console=ttyS0 nokaslr" \
    --enable-kvm \
    -nographic

Connect with gdb

 $ gdb ./vmlinux
 (gdb) target remote :1234
 (gdb) continue