commit 4a64af9700fd7bb8f759a1f9cd556b4889945500 parent e8522194c0eff314704ec29f9793155766f7ca00 Author: Tizian Leonhardt <tizianleonhardt@web.de> Date: Sun, 7 Feb 2021 23:09:51 +0100 Add small user guide Diffstat:
| A | project/README.md | | | 37 | +++++++++++++++++++++++++++++++++++++ |
1 file changed, 37 insertions(+), 0 deletions(-)
diff --git a/project/README.md b/project/README.md @@ -0,0 +1,37 @@ +# LiveDM - Proof of Concept + +This a small user's guide to supplement the slides. + + + +## Usage + +### Up-front Setup + +1. Clone the kernel sources. The version has to match that of the running kernel (including the sublevel)! +2. Run `occ.sh`. It takes the path the the kernel sources as its argument and generates all occurrences of our functions of interest. +3. Fire up the VM, attach GDB, and source `type_dict.py`. This will, based on the results of `occ.sh`, generate the dictionary. (Note: this will take ~5 min) +4. The setup is now ready + +### Memory Tracing + +Simply source `extract_sizeret.py` from within GDB. All memory allocations / frees for selected defined functions will now be tracked. + +Commands available: + +```c +rk-print-mem Prints the currently allocated memory +rk-debug Toggle between different output levels* +rk-data <addr> Output the data inside a buffer/struct; argument is address of rk-print-mem output +``` + + + +Output levels:* + +``` +WARN # warn when critical fields (in this case task_struct->cred.uid) change to suspicious values +INFO # also print tracepoint additions +TRACE # also print every memory allocation +``` +