nokaslr, thanks to @dakami at close #12

Author: cirosantilli

gdb-step-debugging.md

@@ -34,7 +34,10 @@ which counts to infinity to stdout, and then in GDB:
 
 And you now control the counting from GDB.
 
-See also: <http://stackoverflow.com/questions/11408041/how-to-debug-the-linux-kernel-with-gdb-and-qemu>
+See also:
+
+- <http://stackoverflow.com/questions/11408041/how-to-debug-the-linux-kernel-with-gdb-and-qemu/33203642#33203642>
+- <http://stackoverflow.com/questions/4943857/linux-kernel-live-debugging-how-its-done-and-what-tools-are-used/42316607#42316607>
 
 `O=0` is an impossible dream, `O=2` being the default: <https://stackoverflow.com/questions/29151235/how-to-de-optimize-the-linux-kernel-to-and-compile-it-with-o0> So get ready for some weird jumps, and `<value optimized out>` fun. Why, Linux, why.
 
@@ -73,6 +76,8 @@ Just don't forget to remove your breakpoints after `rmmod`, or they will point t
 
 TODO: why does `break work_func` for `insmod kthread.ko` not break the first time I `insmod`, but breaks the second time?
 
+See also: <http://stackoverflow.com/questions/28607538/how-to-debug-linux-kernel-modules-with-qemu/44095831#44095831>
+
 ### Bypassing lx-symbols
 
 Useless, but a good way to show how hardcore you are. From inside QEMU:

run

@@ -10,7 +10,9 @@ kgdb=false
 nographic=false
 # norandmaps: Don't use address space randomization. Equivalent to echo 0 > /proc/sys/kernel/randomize_va_space.
 # printk.time=y: log in format: "[time ] msg" for all printk messages.
-extra_append='norandmaps printk.devkmsg=on printk.time=y'
+# nokaslr: https://unix.stackexchange.com/questions/397939/turning-off-kaslr-to-debug-linux-kernel-using-qemu-and-gdb
+#   Turned on by default since v4.12
+extra_append='nokaslr norandmaps printk.devkmsg=on printk.time=y'
 extra_flags=''
 while getopts a:de:knqt:x OPT; do
   case "$OPT" in

rungdb

@@ -42,32 +42,29 @@ if "$kgdb"; then
 else
   case "$arch" in
     'x86_64')
-      # http://stackoverflow.com/questions/11408041/how-to-debug-the-linux-kernel-with-gdb-and-qemu/33203642#33203642
-      # http://stackoverflow.com/questions/4943857/linux-kernel-live-debugging-how-its-done-and-what-tools-are-used/42316607#42316607
-      # http://stackoverflow.com/questions/28607538/how-to-debug-linux-kernel-modules-with-qemu/44095831#44095831
       cmd="$gdb \
-        -q \
-        -ex 'add-auto-load-safe-path $(pwd)' \
-        -ex 'file vmlinux' \
-        -ex 'set arch i386:x86-64:intel' \
-        -ex 'target remote localhost:1234' \
-        $brk \
-        -ex 'continue' \
-        -ex 'disconnect' \
-        -ex 'set arch i386:x86-64' \
-        -ex 'target remote localhost:1234' \
-        -ex 'lx-symbols ../kernel_module-1.0/' \
-      "
+-q \
+-ex 'add-auto-load-safe-path $(pwd)' \
+-ex 'file vmlinux' \
+-ex 'set arch i386:x86-64:intel' \
+-ex 'target remote localhost:1234' \
+$brk \
+-ex 'continue' \
+-ex 'disconnect' \
+-ex 'set arch i386:x86-64' \
+-ex 'target remote localhost:1234' \
+-ex 'lx-symbols ../kernel_module-1.0/' \
+"
     ;;
     'arm'|'aarch64'|'mips64')
       cmd="$gdb \
-        -q \
-        -ex 'add-auto-load-safe-path $(pwd)' \
-        -ex 'file vmlinux' \
-        -ex 'target remote localhost:1234' \
-        -ex 'lx-symbols ../kernel_module-1.0/' \
-        $brk \
-      "
+-q \
+-ex 'add-auto-load-safe-path $(pwd)' \
+-ex 'file vmlinux' \
+-ex 'target remote localhost:1234' \
+-ex 'lx-symbols ../kernel_module-1.0/' \
+$brk \
+"
     ;;
   esac
 fi