Try   HackMD

2021q3 Homework1 (quiz1)

contributed by <fwfly>

程式編譯後會出現 kallsyms_lookup_name undefine error

2021_summer_q1$ make
make -C /lib/modules/`uname -r`/build M=/home/fwfly/project/2021_summer_q1 modules
make[1]: Entering directory '/usr/src/linux-headers-5.8.0-59-generic'
  CC [M]  main.o
  LD [M]  hideproc.o
  MODPOST Module.symvers
ERROR: modpost: "kallsyms_lookup_name" [hideproc.ko] undefined!
make[2]: *** [scripts/Makefile.modpost:111: Module.symvers] Error 1
make[2]: *** Deleting file 'Module.symvers'
make[1]: *** [Makefile:1698: modules] Error 2
make[1]: Leaving directory '/usr/src/linux-headers-5.8.0-59-generic'
make: *** [Makefile:9: all] Error 2

這個 https://github.com/h33p/kallsyms-mod 提供一個 livepatch 來處理 undefined 問題

使用 livepatch

先 copy 必要檔案到當前目錄

#cp kallsyms.c  kallsyms.h  kallsyms_kp.c  kallsyms_lp.c  ksyms.h  <測驗一目錄>

更改 main.c 檔案 include 的部分

#include <linux/list.h>
#include <linux/module.h>
#include <linux/proc_fs.h>
#include "kallsyms.h"     // 新增 livepatch
#include "ksyms.h"        // 新增 livepatch

MODULE_LICENSE("GPL");
MODULE_AUTHOR("National Cheng Kung University, Taiwan");
...


KSYMDEF(kvm_lock);  // 新增 livepatch
KSYMDEF(vm_list);   // 新增 livepatch

static int _hideproc_init(void)
{   
    int err, dev_major;
    
    /* 以下為新增的 livepatch 部分 */
    int r;                      
    if ((r = init_kallsyms()))  
        return r;
    
    KSYMINIT_FAULT(kvm_lock);   
    KSYMINIT_FAULT(vm_list);    
    /* 到這裡為止 */

    dev_t dev;

...
...

更改 Makefile 來 compile livepatch 檔案

MODULENAME := hideproc
obj-m += $(MODULENAME).o
$(MODULENAME)-y += main.o kallsyms.o //新增 kallsyms.o
...

完整修改可以看這個部分
https://github.com/fwfly/2021_summer_q1/commit/1546cbf845d0d96c7a2f183b152034abef15153d

如果遇到 _hideproc_init crash

雖然 ko 檔 build 成功,但是執行時卻至 print 一個 killed

$ sudo insmod hideproc.ko 
Killed

如果用 dmsg 則會發現 module crash

[34345.866304] hideproc: loading out-of-tree module taints kernel.
[34345.866409] hideproc: module verification failed: signature and/or required key missing - tainting kernel
[34345.867707] @ _hideproc_init
[34345.867930] BUG: kernel NULL pointer dereference, address: 0000000000000000
[34345.867938] #PF: supervisor instruction fetch in kernel mode
[34345.867941] #PF: error_code(0x0010) - not-present page
[34345.867944] PGD 0 P4D 0 
[34345.867952] Oops: 0010 [#1] SMP NOPTI
[34345.867961] CPU: 2 PID: 9801 Comm: insmod Tainted: G           OE     5.8.0-59-generic #66~20.04.1-Ubuntu
[  182.857782] Hardware name: HP HP EliteBook 745 G3/807E, BIOS N73 Ver. 01.20 10/03/2017
[  182.857785] RIP: 0010:0x0
[  182.857789] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.
[  182.857791] RSP: 0018:ffffb46f8215fc30 EFLAGS: 00010246
[  182.857793] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  182.857795] RDX: 0000000000000000 RSI: ffff8db5f5862688 RDI: ffffffffc1139206
[  182.857796] RBP: ffffb46f8215fc38 R08: 0000000000000000 R09: ffffb46f8215f9b8
[  182.857797] R10: ffff8db6752b7bff R11: 0000000000000000 R12: 000000000ed00001
[  182.857799] R13: ffff8db576676b60 R14: 0000000000000000 R15: ffffb46f8215fe70
[  182.857801] FS:  00007efcfa7dd540(0000) GS:ffff8db5faf80000(0000) knlGS:0000000000000000
[  182.857803] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  182.857804] CR2: ffffffffffffffd6 CR3: 0000000131592000 CR4: 00000000001406e0
[  182.857806] Call Trace:
[  182.857812]  kallsyms_lookup_name+0x15/0x20 [hideproc]
[  182.857817]  _hideproc_init+0xc6/0x1bd [hideproc]
[  182.857820]  ? device_read.cold+0x18/0x18 [hideproc]
[  182.857826]  do_one_initcall+0x4a/0x200
[  182.857829]  ? kfree+0x231/0x250
[  182.857836]  ? _cond_resched+0x19/0x30
[  182.857838]  ? kmem_cache_alloc_trace+0x177/0x240
[  182.857843]  do_init_module+0x62/0x250
[  182.857846]  load_module+0x1185/0x1390
[  182.857850]  ? ima_post_read_file+0x108/0x120
[  182.857854]  __do_sys_finit_module+0xc9/0x130
[  182.857857]  ? __do_sys_finit_module+0xc9/0x130
[  182.857860]  __x64_sys_finit_module+0x1a/0x20
[  182.857865]  do_syscall_64+0x49/0xc0
[  182.857868]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  182.857871] RIP: 0033:0x7efcfa3e389d
...

往下看 call stack 可以看到問題是在 kallsyms_lookup_name

[  182.857812]  kallsyms_lookup_name+0x15/0x20 [hideproc]
[  182.857817]  _hideproc_init+0xc6/0x1bd [hideproc]

而其實問題是出在沒有把 init_kallsyms 的程式碼放上去(更先前的版本),修改後 insmod 就確認可以安裝上去

新增部分

KSYMDEF(kvm_lock);  // 新增 livepatch
KSYMDEF(vm_list);   // 新增 livepatch

static int _hideproc_init(void)
{   
    int err, dev_major;
    
    /* 以下為新增的 livepatch 部分 */
    int r;                      
    if ((r = init_kallsyms()))  
        return r;
    
    KSYMINIT_FAULT(kvm_lock);   
    KSYMINIT_FAULT(vm_list);    
    /* 到這裡為止 */

kallsyms-compat

嘗試的把 kallsyms patch 的 function 改成 static inline 放到 kallsysms-compact.h 裡面.

但是編譯卻會得到以下錯誤

$ make
make -C /lib/modules/`uname -r`/build M=/home/fwfly/project/kallsyms-compat modules
make[1]: Entering directory '/usr/src/linux-headers-5.8.0-63-generic'
  CC [M]  /home/fwfly/project/kallsyms-compat/main.o
In file included from /home/fwfly/project/kallsyms-compat/main.c:1:
/home/fwfly/project/kallsyms-compat/kallasys-compat.h:91:29: error: static declaration of ‘kallsyms_lookup_name’ follows non-static declaration
   91 | static inline unsigned long kallsyms_lookup_name(const char *name)
      |                             ^~~~~~~~~~~~~~~~~~~~
In file included from ./include/linux/ftrace.h:11,
                 from ./include/linux/livepatch.h:13,
                 from /home/fwfly/project/kallsyms-compat/kallasys-compat.h:59,
                 from /home/fwfly/project/kallsyms-compat/main.c:1:
./include/linux/kallsyms.h:76:15: note: previous declaration of ‘kallsyms_lookup_name’ was here
   76 | unsigned long kallsyms_lookup_name(const char *name);
      |               ^~~~~~~~~~~~~~~~~~~~

將上面的 kallsyms_lookup_name (inline static 函式) 改為 __kallsyms_lookup_name,然後再定義:

#define kallsyms_lookup_name(x) __kallsyms_lookup_name(x)

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →
jserv

Reference

Last changed by 
Sheng-Wen Wang
0
858

Read more

Technical docs

Most of them are Mandarin, but they all have example code or experiement resutls.I&#39;d like to discuss more about what I&#39;ve done.

Dec 9, 2024
Ultimate AWS Certified Solutions Architect Associate - 筆記

2/9:Create a user account on IAM.

Nov 15, 2023
virsh VM 指令

建立一個 20G 的虛擬硬碟空間

Oct 23, 2023
DNS

&lt; 4.2.0

Oct 10, 2023
Read more from Sheng-Wen Wang
Published on HackMD