1 files changed, 153 insertions, 0 deletions
diff --git a/md/writeup/kernel_debug_messages.md b/md/writeup/kernel_debug_messages.md
new file mode 100644
index 0000000..38b566a
--- /dev/null
+++ b/md/writeup/kernel_debug_messages.md
@@ -0,0 +1,153 @@
+# Kernel debug messages
+
+## Intro
+
+Usaul way how to debug in kernel is by printing messages all over suspicioiuse 
+places and figure out where is the problem.
+
+## Loglevel errors
+
+Here is defintions of log levels from __include/linux/kern_levels.h__ 
+
+```c
+#define KERN_SOH        "\001" /* ASCII Start Of Header */
+#define KERN_SOH_ASCII  '\001'
+```
+
+| Name | Value | Descriptop |
+| --- | --- | --- |
+| KERN_EMERG	| KERN_SOH "0"	| system is unusable |
+| KERN_ALERT	| KERN_SOH "1"	| action must be taken immediately |
+| KERN_CRIT	| KERN_SOH "2"	| critical conditions |
+| KERN_ERR	| KERN_SOH "3"	| error conditions |
+| KERN_WARNING	| KERN_SOH "4"	| warning conditions |
+| KERN_NOTICE	| KERN_SOH "5"	| normal but significant condition |
+| KERN_INFO	| KERN_SOH "6"	| informational |
+| KERN_DEBUG	| KERN_SOH "7"	| debug-level messages |
+| KERN_DEFAULT	| KERN_SOH "d"	| the default kernel loglevel |
+
+As we can see kernel printk level is detemined from first bytes from begining of
+printed string. Basic usage of log level
+
+```
+printk(KERN_ERR"Error division by 0\n");
+```
+
+No need to write comma after log level as it will just concatenated with string.
+[Source](https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/include/linux/printk.h?id=HEAD#n13)
+
+## Set loging level
+
+To see messages in userspace you can use 
+```
+dmesg
+```
+Loged messages you can see in __/proc/sys/kernel/printk__
+```
+$ cat /proc/sys/kernel/printk
+	7       4       1       7
+```
+Column values are
+* current - 7
+* default - 4
+* minimum - 1
+* boot-time-default - 7
+
+If one does not specify the log level then the default log level of KERN_WARNING is used. For example, enable all levels of console message:
+
+```
+echo 7 > /proc/sys/kernel/printk
+```
+
+If you are working on some device all output also could go to /dev/ttyUSB0 and 
+if you conected to that device with serial interface then you can see log 
+messages in your console. Sometime also /dev/tty1 could be as default output
+for log messages.
+
+### Timing information
+Timing information could be added to printk messages you need to enable in 
+menuconfig 
+__Kernel Hacking > printk and dmesg options >__ 
+
+```
+CONFIG_PRINTK_TIME=y
+```
+
+### Loglevel at kernel boot
+There is possible to set loglevel at bootup as kernel parametr
+```
+loglevel=
+```
+| Value | Name | Desc |
+| --- | --- | --- |
+| 0 | (KERN_EMERG)   | system is unusable
+| 1 | (KERN_ALERT)   | action must be taken immediately
+| 2 | (KERN_CRIT)    | critical conditions
+| 3 | (KERN_ERR)     | error conditions
+| 4 | (KERN_WARNING) | warning conditions
+| 5 | (KERN_NOTICE)  | normal but significant condition
+| 6 | (KERN_INFO)    | informational
+| 7 | (KERN_DEBUG)   | debug-level messages
+
+### Printk formating
+
+Here is defined formating specifiers __Documentation/printk-formats.txt__
+
+| Type | printk format specifier |
+| --- | --- |
+| int                |%d or %x|
+| unsigned int       |%u or %x|
+| long               |%ld or %lx|
+| unsigned long      |%lu or %lx|
+| long long          |%lld or %llx|
+| unsigned long long |%llu or %llx|
+| size_t             |%zu or %zx|
+| ssize_t            |%zd or %zx|
+| s32                |%d or %x|
+| u32                |%u or %x|
+| s64                |%lld or %llx|
+| u64                |%llu or %llx|
+| pointer            |%p|
+| function pointer with offset      |%pF|
+| function pointer without offset |%pf|
+| symbol name with offset |%pS|
+| symbol name without offset |%ps|
+| symbol name with (with __builtin_extract_return_addr() translation) |%pSR|
+| symbol name for printing backtraces |%pB|
+| printing kernel pointers which should be hidden from unprivilege users |%pk|
+| struct resources |%pr|
+| struct resources with decoded flags member |%pR|
+| phys_addr_t |%pa[p]|
+| dma_addr_t |%pad|
+| raw buffer as an escaped string |%*pE[achnops]|
+| |a - ESCAPE_ANY|
+| |c - ESCAPE_SPECIAL|
+| |h - ESCAPE_HEX|
+| |n - ESCAPE_NULL|
+| |o - ESCAPE_OCTAL|
+| |p - ESCAPE_NP|
+| |s - ESCAPE_SPACE|
+| Raw buffer as a hex string | %*ph, %*ph[CDN] |
+| MAC/FDDI addresses | %p[M&#124;MR&#124;MF&#124;m&#124;mR] |
+| IPv4 addresses | %p[Ii]4[hnbl] |
+| IPv6 addresses | %p[I6&#124;i6&#124;I6c] |
+| IPv4/IPv6 addresses (generic, with port, flowinfo, scope) | %p[Ii]S[pfschnbl] |
+| UUID/GUID addresses | %pU[b&#124;B&#124;l&#124;L] |
+| dentry names | %pd{,2,3,4},%pD{,2,3,4} |
+| block_device names | %pg |
+| struct va_format | %pV |
+| struct clk | %pC[nr] |
+| bitmap,bitmap,nodemask | %*pb[l] |
+| bitfields such as page flags, gfp_flags | %pG[pgv] |
+| netdev_features_t | %pNF |
+
+## Links
+
+1. http://elinux.org/Debugging_by_printing
+2. http://elinux.org/Kernel_Debugging_Tips
+3. https://wiki.ubuntu.com/Kernel/KernelDebuggingTricks
+4. [Documentation/printk-formats.txt](https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/printk-formats.txt?id=HEAD)
+5. [include/linux/printk.h](https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/include/linux/printk.h?id=HEAD)
+6. [include/linux/kern_levels.h](https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/include/linux/kern_levels.h?id=HEAD)
+7. [lib/Kconfig.debug](https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/lib/Kconfig.debug?id=HEAD)
+8. [Documentation/kernel-parameters.txt](https://www.kernel.org/doc/Documentation/kernel-parameters.txt)
+\ No newline at end of file