技术 – Page 17

kprobe and uprobe

June 1, 2021 by euhat

kprobe

cd /sys/kernel/debug/tracing
echo 'p:myprobe do_sys_open' > kprobe_events
echo 'r:myretprobe do_sys_open $retval' > kprobe_events
echo 'r:myprobe getname +0($retval):string' > kprobe_events
echo 1 > tracing_on
echo 1 > events/kprobes/myprobe/enable
echo '-:myprobe' > kprobe_events
cat trace

uprobe

cd /sys/kernel/debug/tracing
echo 'p:do_sth /home/kernel_test/loop_print:0x52d %ip %ax' > uprobe_events
echo 'r:do_sth_exit /home/kernel_test/loop_print:0x52d %ip %ax' >> uprobe_events
echo 1 > events/uprobes/enable
cat trace

refer to:
https://blog.csdn.net/melody157398/article/details/113764679
https://blog.csdn.net/daiq531/article/details/52749673

asn.1中的方括号

October 10, 2021May 20, 2021 by euhat

asn.1编码以tag + length + value为基本单元，IMPLICIT模式是用context-specific tag替换后面通常是universal的tag；EXPLICIT模式是用context-specific tag的tlv包裏里层的universal tag的tlv。

ber编码时，会默认为EXPLICIT模式。

在bnf范式语法中

圆括号(): 相当于C语言算术表达式中圆括号()的作用。
尖括号<>: 内包含的为必选项。 
方括号[]: 内包含的为可选项。 
花括号{}: 内包含的为可重复0至无数次的项。 
|: 或or的意思；若要表示并and的意思，直接两个符号之间空白间隔。

而在asn.1语法中，方括号[Index]指示的是context-specific tag值，即0xA0 + Index；花括号{}用于SEQUENCE，SET或CHOICE的定义。如

1 2	Number2 ::= [7] IMPLICIT [1] INTEGER AccountedClosed ::= [2] EXPLICIT BOOLEAN

这里Number2的tag值为0xA7；而对于AccountedClosed，当其值为true时其ber编码为

1	0xA2 0x3 0x1 0x1 0xFF

refer to:
https://blog.csdn.net/sever2012/article/details/7767867
https://www.cnblogs.com/qook/p/5957436.html

数字证书备忘录

October 21, 2021May 20, 2021 by euhat

ca: certification authority
pem: privacy enhanced mail, "begin"+base64+"end"
der: distinguished encoding rules, binary
crt: certificate
cer: certificate
csr: certificate signing request
pkcs: public key cryptography standard
ietf: internet engineering task force
pkcs#12/pfx/p12: file format encoding private keys, certificates and etc, rfc7292
pkcs#7: cryptographic message syntex standard
pkcs#10/p10: certification request syntax specification, rfc2986
x.509: public key certificates format standard
ber: basic encoding rules
per: packed encoding rules
crl: certificate revocation list
dsa: digital signature algorithm

refer to:
http://www.360doc.com/content/15/0520/10/21412_471902987.shtml
https://baike.baidu.com/item/BER/19940289?fr=aladdin
https://blog.csdn.net/mao834099514/article/details/109074661
https://datatracker.ietf.org/doc/html/rfc7292

转载: linux下的多国语言解决方案

December 13, 2021May 13, 2021 by euhat

hello.c

#include <stdio.h>
#include <libintl.h> // gettext
#include <locale.h>
 
#define _(STRING) gettext(STRING)
#define PACKAGE "hello"
#define LOCALEDIR "/usr/share/locale/"
 
int main(int argv, char* argc[])
{
	setlocale(LC_ALL, "");
	bindtextdomain(PACKAGE, LOCALEDIR);
	textdomain(PACKAGE);
	printf(_("Hello, World\n"));
	printf(_("This is a example.\n"));
	return 0;
}

提取字符串

1	xgettext --keyword=_ hello.c -o hello.pot

编辑hello.pot

...
msgid "Hello, World\n"
msgstr "大家好！\n"
msgid "This is a example.\n"
msgstr "This is a example.\n"
...

将hello.pot编译为字节码

1 2	msgmerge zh_CN.po hello.pot msgfmt zh_CN.po -o hello.mo

refer to:
https://leedd.com/linux-c-i18n-l10n-xgettext-msgfmt-rpmbuild/

64位ubuntu编译32位程序

April 27, 2021 by euhat

1	apt-get install gcc-multilib g++-multilib module-assistant

wireshark禁止更新提示

April 23, 2021 by euhat

首选项->Advanced->gui.update.enabled->FALSE

linux驱动备忘录

October 21, 2021April 13, 2021 by euhat

驱动签名

CONFIG_MODULE_SIG=y
# CONFIG_MODULE_SIG_FORCE is not set
CONFIG_MODULE_SIG_ALL=y
 
${KERNEL_SRC}/scripts/sign-file sha512 ${KERNEL_SRC}/certs/signing_key.pem ${KERNEL_SRC}/certs/signing_key.x509 hello.ko

驱动调试

debugee

MOD_NAME=simple_mod
insmod ./${MOD_NAME}.ko
MOD_TEXT=`cat /sys/module/${MOD_NAME}/sections/.text`
MOD_DATA=`cat /sys/module/${MOD_NAME}/sections/.data`
MOD_BSS=`cat /sys/module/${MOD_NAME}/sections/.bss`
MOD_ADD="add-symbol-file /path/to/${MOD_NAME}.ko ${MOD_TEXT} -s .data ${MOD_DATA} -s .bss ${MOD_BSS}"
echo ${MOD_ADD}

debugger

1	(gdb) ${MOD_ADD}

refer to:
https://www.cnblogs.com/rivsidn/p/9481037.html
https://www.cnblogs.com/powerrailgun/p/12161295.html
https://blog.csdn.net/chdhust/article/details/8820628

利用vmware调试kernel

August 17, 2021April 12, 2021 by euhat

在vmware虚拟机A上

1 2	apt install libssl-dev apt install libncurses-dev

从文后链接中下载kernel源码，比如版本4.15.18，解压编译

make menuconfig
make
make modules_install
make install

A关机，克隆A为B，A的虚拟机设置中增加串口

1
2
3

使用命名管道：\\.\pipe\com_1
该端是服务器。
另一端是虚拟机。

B的虚拟机设置中增加串口

1
2
3

使用命名管道：\\.\pipe\com_1
该端是客户端。
另一端是虚拟机。

A以新编译的内核引导，可能事先要加大内存；B以旧内核引导。在B中运行

1	cat < /dev/ttyS1

在A中运行

1	echo Helloworld > /dev/ttyS1

如果B中回显消息，说明串口连通。
编辑A中的/boot/grub/grub.cfg，找到新编译内核启动项，在handoff后加入kgdbwait kgdboc=ttyS1,115200 nokaslr，如

1	linux /boot/vmlinuz-4.15.18 root=UUID=7ccc722d-2cbd-4597-a367-e0635333ddbf ro quiet splash $vt_handoff kgdbwait kgdboc=ttyS1,115200 nokaslr

B退出cat程序，A重启以新编译的内核引导到kdb等待状态。在B中kernel源码根目录运行

gdb vmlinux
set serial baud 115200
target remote /dev/ttyS1
lx-symbols
c

A中进入系统后可用下面语句触发调试

1
2
3

#echo 1 > /proc/sys/kernel/sysrq
#echo kms,kbd > /sys/module/kgdboc/parameters/kgdboc
echo g > /proc/sysrq-trigger

vmware串口调试提速的方法为，关掉此虚拟机，编辑启动文件.vmx，加入

1	serial1.pipe.charTimePercent = "25"

其中serial1要因时而变，要查找同文件中是否有同样名称。
运行后很稳定的话，还可将25再改小再试。

注1：因为新内核的KASLR机制，如果在内核启动命令行中不加入nokaslr，调试时看到不到堆栈也下不了断点。Cannot insert breakpoint。

注2：因为源地址无法访问了，有个未尝试的点摘抄下来

1
2
3

在没有编译内核的情况下，还可以直接通过修改虚拟机的启动文件.vmx，添加：
debugStub.listen.guest32 = "TRUE"
然后在调试机器中通过:target remote ip:8832(8864)来调试，ip为真实机器的IP

refer to:
https://mirrors.edge.kernel.org/pub/linux/kernel/
https://stackoverflow.com/questions/49360506/in-kgdb-i-cannot-set-the-breakpoint
https://askubuntu.com/questions/964540/gdb-qemu-cant-put-break-point-on-kernel-function-kernel-4-10-0-35
https://www.cnblogs.com/xiaofool/p/5377737.html
https://docs.vmware.com/en/VMware-Workstation-Pro/12.0/com.vmware.ws.using.doc/GUID-B285C62D-1E7E-49E8-81D6-77910B2024A6.html

vim memo

June 14, 2023April 7, 2021 by euhat

# First,
apt install vim-gtk3
vim --version
# ensure clipboard feature added,
# then copy to system clipboard,
"+y
# Paste from system clipboard,
<Ctrl+R>+
# content of all registers
:reg
 
:marks
 
:version
:set nocindent
:set noexpandtab
:set paste
 
# record macro to register a, press q if end
qa
# replay macro from register a
@a
 
# open folder containing current file
:Ex
 
# Replace return, space and return chars in a series with one return char, entire file.
:%s/\n\ \n/\r/
 
# In insert mode,
# add char like above the cursor
<Ctrl+Y>
# add char like below the cursor
<Ctrl+E>
 
# till after "
T"
# till before "
t"
 
# exchange current window position with others
<Ctrl+W>r
# or
<Ctrl+W>x
:all
:vertical all
:only

Plugins,

SrcExpl
	https://www.vim.org/scripts/script.php?script_id=2179
	https://github.com/wenlongche/SrcExpl
taglist.vim
	https://www.vim.org/scripts/script.php?script_id=273
	https://github.com/yegappan/taglist

refer to:
https://www.imooc.com/wenda/detail/588162
https://www.cnblogs.com/bwangel23/p/4421957.html
https://blog.csdn.net/Coppa/article/details/108026080

国密备忘录

October 21, 2021April 7, 2021 by euhat

SM2用于替换RSA/Diffie-Hellman/ECDSA/ECDH等
SM3用于替代MD5/SHA-1/SHA-256等
SM4用于替代DES/AES等
SM9用于替代PKI/CA

gmssl编译指定路径

1	./config --prefix=`pwd`/installed no-shared

refer to:
http://gmssl.org
https://ai-science-ape.blog.csdn.net/article/details/113551179
https://www.jianshu.com/p/e41bc1eb1d81