I’m trying to do understand the kernel network stack for a security research for my university. That’s why I try to debug the linux kernel.
So far I’m doing quite well but I ran in a problem when trying to use qemu and gdb for debugging.
The problem is as follows:
I boot my linux system: make boot
boot:
@qemu-system-x86_64
-kernel ${KERNEL_IMAGE}
-drive file=${DRIVE_IMAGE},index=0,media=disk,format=raw
-append "root=/dev/sda rw console=ttyS0 nokaslr gdbwait"
-m ${RAM}
--nographic
--enable-kvm
-s
And connect with gdb: make debug
debug:
@gdb -iex "target remote localhost:1234" ${KERNEL_DIRECTORY}/vmlinux
I set a breakpoint e.g. at icmp_rcv and continue
b icmp_rcv Breakpoint 1 at 0xffffffff81808910: file net/ipv4/icmp.c, line 989. c
Know I ping myself -> breakpoint hit:
Breakpoint 1, icmp_rcv (skb=0xffff88007c24ee00) at net/ipv4/icmp.c:989
Great so far everything worked as expected. Know I press n/s (next or step) and instead of net/ipv4/icmp.c:990 It says:
native_apic_mem_write (reg=896, v=52414) at ./arch/x86/include/asm/apic.h:99
Know I press n until I come back to icmp_rcv:989. I tried to set a breakpoint to icmp_rcv_990 but gdb never stops there. Has anybody an idea how to fix this?
Thank you!
Yours
Advertisement
Answer
Honestly I have no glue why but removing --enable-kvm from my Makefile helped to get it working. I hope this helps other people.