文件->选项->高级->使用智能段落选择,取消复选框。
refer to:
https://blog.csdn.net/mingzhurs/article/details/52295097
euhat
linux驱动备忘录
驱动签名
1 2 3 4 5 | CONFIG_MODULE_SIG=y # CONFIG_MODULE_SIG_FORCE is not set CONFIG_MODULE_SIG_ALL=y ${KERNEL_SRC}/scripts/sign-file sha512 ${KERNEL_SRC}/certs/signing_key.pem ${KERNEL_SRC}/certs/signing_key.x509 hello.ko |
驱动调试
debugee
1 2 3 4 5 6 7 | MOD_NAME=simple_mod insmod ./${MOD_NAME}.ko MOD_TEXT=`cat /sys/module/${MOD_NAME}/sections/.text` MOD_DATA=`cat /sys/module/${MOD_NAME}/sections/.data` MOD_BSS=`cat /sys/module/${MOD_NAME}/sections/.bss` MOD_ADD="add-symbol-file /path/to/${MOD_NAME}.ko ${MOD_TEXT} -s .data ${MOD_DATA} -s .bss ${MOD_BSS}" echo ${MOD_ADD} |
debugger
1 | (gdb) ${MOD_ADD} |
refer to:
https://www.cnblogs.com/rivsidn/p/9481037.html
https://www.cnblogs.com/powerrailgun/p/12161295.html
https://blog.csdn.net/chdhust/article/details/8820628
利用vmware调试kernel
在vmware虚拟机A上
1 2 | apt install libssl-dev apt install libncurses-dev |
从文后链接中下载kernel源码,比如版本4.15.18,解压编译
1 2 3 4 | make menuconfig make make modules_install make install |
A关机,克隆A为B,A的虚拟机设置中增加串口
1 2 3 | 使用命名管道:\\.\pipe\com_1 该端是服务器。 另一端是虚拟机。 |
B的虚拟机设置中增加串口
1 2 3 | 使用命名管道:\\.\pipe\com_1 该端是客户端。 另一端是虚拟机。 |
A以新编译的内核引导,可能事先要加大内存;B以旧内核引导。在B中运行
1 | cat < /dev/ttyS1 |
在A中运行
1 | echo Helloworld > /dev/ttyS1 |
如果B中回显消息,说明串口连通。
编辑A中的/boot/grub/grub.cfg,找到新编译内核启动项,在handoff后加入kgdbwait kgdboc=ttyS1,115200 nokaslr,如
1 | linux /boot/vmlinuz-4.15.18 root=UUID=7ccc722d-2cbd-4597-a367-e0635333ddbf ro quiet splash $vt_handoff kgdbwait kgdboc=ttyS1,115200 nokaslr |
B退出cat程序,A重启以新编译的内核引导到kdb等待状态。在B中kernel源码根目录运行
1 2 3 4 5 | gdb vmlinux set serial baud 115200 target remote /dev/ttyS1 lx-symbols c |
A中进入系统后可用下面语句触发调试
1 2 3 | #echo 1 > /proc/sys/kernel/sysrq #echo kms,kbd > /sys/module/kgdboc/parameters/kgdboc echo g > /proc/sysrq-trigger |
vmware串口调试提速的方法为,关掉此虚拟机,编辑启动文件.vmx,加入
1 | serial1.pipe.charTimePercent = "25" |
其中serial1要因时而变,要查找同文件中是否有同样名称。
运行后很稳定的话,还可将25再改小再试。
注1:因为新内核的KASLR机制,如果在内核启动命令行中不加入nokaslr,调试时看到不到堆栈也下不了断点。Cannot insert breakpoint。
注2:因为源地址无法访问了,有个未尝试的点摘抄下来
1 2 3 | 在没有编译内核的情况下,还可以直接通过修改虚拟机的启动文件.vmx,添加: debugStub.listen.guest32 = "TRUE" 然后在调试机器中通过:target remote ip:8832(8864)来调试,ip为真实机器的IP |
refer to:
https://mirrors.edge.kernel.org/pub/linux/kernel/
https://stackoverflow.com/questions/49360506/in-kgdb-i-cannot-set-the-breakpoint
https://askubuntu.com/questions/964540/gdb-qemu-cant-put-break-point-on-kernel-function-kernel-4-10-0-35
https://www.cnblogs.com/xiaofool/p/5377737.html
https://docs.vmware.com/en/VMware-Workstation-Pro/12.0/com.vmware.ws.using.doc/GUID-B285C62D-1E7E-49E8-81D6-77910B2024A6.html
vim memo
# First, apt install vim-gtk3 vim --version # ensure clipboard feature added, # then copy to system clipboard, "+y # Paste from system clipboard, <Ctrl+R>+ # content of all registers :reg :marks :version :set nocindent :set noexpandtab :set paste # record macro to register a, press q if end qa # replay macro from register a @a # open folder containing current file :Ex # Replace return, space and return chars in a series with one return char, entire file. :%s/\n\ \n/\r/ # In insert mode, # add char like above the cursor <Ctrl+Y> # add char like below the cursor <Ctrl+E> # till after " T" # till before " t" # exchange current window position with others <Ctrl+W>r # or <Ctrl+W>x :all :vertical all :only |
Plugins,
SrcExpl https://www.vim.org/scripts/script.php?script_id=2179 https://github.com/wenlongche/SrcExpl taglist.vim https://www.vim.org/scripts/script.php?script_id=273 https://github.com/yegappan/taglist |
refer to:
https://www.imooc.com/wenda/detail/588162
https://www.cnblogs.com/bwangel23/p/4421957.html
https://blog.csdn.net/Coppa/article/details/108026080
国密备忘录
1 2 3 4 | SM2用于替换RSA/Diffie-Hellman/ECDSA/ECDH等 SM3用于替代MD5/SHA-1/SHA-256等 SM4用于替代DES/AES等 SM9用于替代PKI/CA |
gmssl编译指定路径
1 | ./config --prefix=`pwd`/installed no-shared |
refer to:
http://gmssl.org
https://ai-science-ape.blog.csdn.net/article/details/113551179
https://www.jianshu.com/p/e41bc1eb1d81
gdb备忘录
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | save breakpoints file-name-to-save source file-name-to-save dprintf /dir/to/file.c:2368,"err is %d\n",err x /8xw key info files info source info variables info locals info args set python print-stack full dump binary memory ./file_path_to_save $from_addr $to_addr cond 1 $rdi==0x0 thread apply all bt set print elements 0 set follow-fork-mode [parent|child] set logging file <file name> set logging on info functions set logging off |
refer to:
https://www.wenjiangs.com/doc/gdb-save-breakpoints
https://gist.github.com/nmcv/212250dc8eb865a5282e
possibly undefined macro: AC_DISABLE_STATIC
1 | sudo apt install automake libtool m4 autoconf |
输出
1 2 3 4 5 6 | The following additional packages will be installed: libltdl-dev Suggested packages: libtool-doc gfortran | fortran95-compiler gcj-jdk The following NEW packages will be installed: libltdl-dev libtool |
数论备忘录
1 2 3 4 5 6 7 | 本原元=原根=生成元 quadratic extension: 二次扩域 quadratic residue: 平方剩余 二次互反律 φ(n): 小于或等于n并与n互质的正整数个数 欧拉定理: 若a,n为正整数,且两者互素,则a^φ(n) mod n = 1 |
StrongSwan PSK RSA
四台虚拟机ABCD,三段Host Only虚拟网络vmnet2、vmnet3、vmnet4,DHCP都禁掉。
1 2 3 4 5 6 7 8 9 10 | A vmnet2: 10.1.0.10/24 gw 10.1.0.2 B vmnet2: 10.1.0.2/24 vmnet3: 192.168.0.2/24 C vmnet3: 192.168.0.3/24 vmnet4: 10.2.0.2/24 D vmnet4: 10.2.0.10/24 gw 10.2.0.2 |
BC两台上下载编译安装strongswan 5.4.0,其版本信息可在config.h中辨认。
1 2 3 4 5 6 | wget http://download.strongswan.org/strongswan-5.4.0.tar.bz2 apt-get install libgmp-dev apt-get install libssl-dev tar -jxvf strongswan-5.4.0.tar.bz2 ./configure --sysconfdir=/etc --enable-openssl --enable-gmp --prefix=`pwd`/installed make && make install |
BC两虚拟机都指向同一个共享文件夹share。
在B中生成证书
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | mkdir cert && cd cert ipsec pki --gen --outform pem > ca.pem ipsec pki --self --in ca.pem --dn "C=CN, O=NetworkLab, CN=NetworkLab CA" --ca --outform pem > ca.cert.pem ipsec pki --gen --outform pem > sun.server.pem ipsec pki --pub --in sun.server.pem | ipsec pki --issue --cacert ca.cert.pem --cakey ca.pem --dn "C=CN, O=NetworkLab, CN=sun.com" --san="sun.com" --flag serverAuth --flag ikeIntermediate --outform pem > sun.server.cert.pem ipsec pki --gen --outform pem > moon.server.pem ipsec pki --pub --in moon.server.pem | ipsec pki --issue --cacert ca.cert.pem --cakey ca.pem --dn "C=CN, O=NetworkLab, CN=moon.com" --san="moon.com" --flag serverAuth --flag ikeIntermediate --outform pem > moon.server.cert.pem ipsec pki --gen --outform pem > sun.client.pem ipsec pki --pub --in sun.client.pem | ipsec pki --issue --cacert ca.cert.pem --cakey ca.pem --dn "C=CN, O=NetworkLab, CN=client" --outform pem > sun.client.cert.pem ipsec pki --gen --outform pem > moon.client.pem ipsec pki --pub --in moon.client.pem | ipsec pki --issue --cacert ca.cert.pem --cakey ca.pem --dn "C=CN, O=NetworkLab, CN=client" --outform pem > moon.client.cert.pem mv cert /mnt/hgfs/share/ |
B中安装证书
1 2 3 4 5 | cp -r /mnt/hgfs/share/cert/ca.cert.pem /etc/ipsec.d/cacerts/ cp -r /mnt/hgfs/share/cert/moon.server.cert.pem /etc/ipsec.d/certs/ cp -r /mnt/hgfs/share/cert/moon.server.pem /etc/ipsec.d/private/ cp -r /mnt/hgfs/share/cert/sun.client.cert.pem /etc/ipsec.d/certs/ cp -r /mnt/hgfs/share/cert/sun.client.pem /etc/ipsec.d/private/ |
C中安装证书
1 2 3 4 5 | cp -r /mnt/hgfs/share/cert/ca.cert.pem /etc/ipsec.d/cacerts/ cp -r /mnt/hgfs/share/cert/sun.server.cert.pem /etc/ipsec.d/certs/ cp -r /mnt/hgfs/share/cert/sun.server.pem /etc/ipsec.d/private/ cp -r /mnt/hgfs/share/cert/moon.client.cert.pem /etc/ipsec.d/certs/ cp -r /mnt/hgfs/share/cert/moon.client.pem /etc/ipsec.d/private/ |
B中配置
/etc/ipsec.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | config setup # strictcrlpolicy=yes # uniqueids = no conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 keyexchange=ikev2 mobike=no conn net-net-rsa left=192.168.0.2 leftcert=moon.server.cert.pem leftsubnet=10.1.0.0/24 leftid=@moon.com leftfirewall=yes right=192.168.0.3 rightsubnet=10.2.0.0/24 rightid=@sun.com auto=add conn net-net-psk keyexchange=ikev1 authby=secret left=192.168.0.2 leftsubnet=10.1.0.0/16 leftid=@xxx.server.com leftfirewall=yes right=192.168.0.3 rightsubnet=10.2.0.0/16 rightid=@yyy.server.com ike=aes-sha1-modp1024 esp=aes-sha1-modp1024 auto=route type=tunnel |
/etc/ipsec.secrets
1 2 | @xxx.server.com @yyy.server.com : PSK hello : RSA moon.server.pem |
/etc/strongswan.conf
1 2 3 4 5 6 7 | charon { load_modular = yes plugins { include strongswan.d/charon/*.conf } } include strongswan.d/*.conf |
C中配置
/etc/ipsec.conf
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | config setup # strictcrlpolicy=yes # uniqueids = no conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 keyexchange=ikev2 mobike=no conn net-net-rsa left=192.168.0.3 leftcert=sun.server.cert.pem leftsubnet=10.2.0.0/24 leftid=@sun.com leftfirewall=yes right=192.168.0.2 rightsubnet=10.1.0.0/24 rightid=@moon.com auto=add conn net-net-psk keyexchange=ikev1 authby=secret left=192.168.0.3 leftsubnet=10.2.0.0/16 leftid=@yyy.server.com leftfirewall=yes right=192.168.0.2 rightsubnet=10.1.0.0/16 rightid=@xxx.server.com ike=aes-sha1-modp1024 esp=aes-sha1-modp1024 auto=route type=tunnel |
/etc/ipsec.secrets
1 2 | @xxx.server.com @yyy.server.com : PSK hello : RSA sun.server.pem |
/etc/strongswan.conf
1 2 3 4 5 6 7 | charon { load_modular = yes plugins { include strongswan.d/charon/*.conf } } include strongswan.d/*.conf |
到此,BC两台机器中都运行
1 2 3 4 5 6 | echo 1 > /proc/sys/net/ipv4/ip_forward ipsec restart --nofork #如果要以rsa方式 ipsec up net-net-rsa #如果要以psk方式 ipsec up net-net-psk |
最后在A中ping机器D。
refer to:
https://www.strongswan.org/
https://blog.csdn.net/puppylpg/article/details/64918562
http://www.hqyman.cn/post/543.html
https://www.cnblogs.com/hugetong/p/10150992.html
dpdk备忘录
1 2 3 4 | nic: network interface card kni: kernel nic interface pmd: poll mode driver eal: environment abstraction layer |
refer to:
http://vinllen.com/tun-tap/