From 1d307431912f03d18c7fc2a0ca6aadd8b09bb5de Mon Sep 17 00:00:00 2001
From: FreeArtMan <dos21h@gmail.com>
Date: Wed, 14 Sep 2016 22:45:11 +0100
Subject: Added article about kernel printk2
---
md/writeup/kernel_debug_messages.md | 153 ++++++++++++++++++++++++++++++++++++
1 file changed, 153 insertions(+)
create mode 100644 md/writeup/kernel_debug_messages.md
(limited to 'md/writeup')
diff --git a/md/writeup/kernel_debug_messages.md b/md/writeup/kernel_debug_messages.md
new file mode 100644
index 0000000..38b566a
--- /dev/null
+++ b/md/writeup/kernel_debug_messages.md
@@ -0,0 +1,153 @@
+# Kernel debug messages
+
+## Intro
+
+Usaul way how to debug in kernel is by printing messages all over suspicioiuse
+places and figure out where is the problem.
+
+## Loglevel errors
+
+Here is defintions of log levels from __include/linux/kern_levels.h__
+
+```c
+#define KERN_SOH "\001" /* ASCII Start Of Header */
+#define KERN_SOH_ASCII '\001'
+```
+
+| Name | Value | Descriptop |
+| --- | --- | --- |
+| KERN_EMERG | KERN_SOH "0" | system is unusable |
+| KERN_ALERT | KERN_SOH "1" | action must be taken immediately |
+| KERN_CRIT | KERN_SOH "2" | critical conditions |
+| KERN_ERR | KERN_SOH "3" | error conditions |
+| KERN_WARNING | KERN_SOH "4" | warning conditions |
+| KERN_NOTICE | KERN_SOH "5" | normal but significant condition |
+| KERN_INFO | KERN_SOH "6" | informational |
+| KERN_DEBUG | KERN_SOH "7" | debug-level messages |
+| KERN_DEFAULT | KERN_SOH "d" | the default kernel loglevel |
+
+As we can see kernel printk level is detemined from first bytes from begining of
+printed string. Basic usage of log level
+
+```
+printk(KERN_ERR"Error division by 0\n");
+```
+
+No need to write comma after log level as it will just concatenated with string.
+[Source](https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/include/linux/printk.h?id=HEAD#n13)
+
+## Set loging level
+
+To see messages in userspace you can use
+```
+dmesg
+```
+Loged messages you can see in __/proc/sys/kernel/printk__
+```
+$ cat /proc/sys/kernel/printk
+ 7 4 1 7
+```
+Column values are
+* current - 7
+* default - 4
+* minimum - 1
+* boot-time-default - 7
+
+If one does not specify the log level then the default log level of KERN_WARNING is used. For example, enable all levels of console message:
+
+```
+echo 7 > /proc/sys/kernel/printk
+```
+
+If you are working on some device all output also could go to /dev/ttyUSB0 and
+if you conected to that device with serial interface then you can see log
+messages in your console. Sometime also /dev/tty1 could be as default output
+for log messages.
+
+### Timing information
+Timing information could be added to printk messages you need to enable in
+menuconfig
+__Kernel Hacking > printk and dmesg options >__
+
+```
+CONFIG_PRINTK_TIME=y
+```
+
+### Loglevel at kernel boot
+There is possible to set loglevel at bootup as kernel parametr
+```
+loglevel=
+```
+| Value | Name | Desc |
+| --- | --- | --- |
+| 0 | (KERN_EMERG) | system is unusable
+| 1 | (KERN_ALERT) | action must be taken immediately
+| 2 | (KERN_CRIT) | critical conditions
+| 3 | (KERN_ERR) | error conditions
+| 4 | (KERN_WARNING) | warning conditions
+| 5 | (KERN_NOTICE) | normal but significant condition
+| 6 | (KERN_INFO) | informational
+| 7 | (KERN_DEBUG) | debug-level messages
+
+### Printk formating
+
+Here is defined formating specifiers __Documentation/printk-formats.txt__
+
+| Type | printk format specifier |
+| --- | --- |
+| int |%d or %x|
+| unsigned int |%u or %x|
+| long |%ld or %lx|
+| unsigned long |%lu or %lx|
+| long long |%lld or %llx|
+| unsigned long long |%llu or %llx|
+| size_t |%zu or %zx|
+| ssize_t |%zd or %zx|
+| s32 |%d or %x|
+| u32 |%u or %x|
+| s64 |%lld or %llx|
+| u64 |%llu or %llx|
+| pointer |%p|
+| function pointer with offset |%pF|
+| function pointer without offset |%pf|
+| symbol name with offset |%pS|
+| symbol name without offset |%ps|
+| symbol name with (with __builtin_extract_return_addr() translation) |%pSR|
+| symbol name for printing backtraces |%pB|
+| printing kernel pointers which should be hidden from unprivilege users |%pk|
+| struct resources |%pr|
+| struct resources with decoded flags member |%pR|
+| phys_addr_t |%pa[p]|
+| dma_addr_t |%pad|
+| raw buffer as an escaped string |%*pE[achnops]|
+| |a - ESCAPE_ANY|
+| |c - ESCAPE_SPECIAL|
+| |h - ESCAPE_HEX|
+| |n - ESCAPE_NULL|
+| |o - ESCAPE_OCTAL|
+| |p - ESCAPE_NP|
+| |s - ESCAPE_SPACE|
+| Raw buffer as a hex string | %*ph, %*ph[CDN] |
+| MAC/FDDI addresses | %p[M|MR|MF|m|mR] |
+| IPv4 addresses | %p[Ii]4[hnbl] |
+| IPv6 addresses | %p[I6|i6|I6c] |
+| IPv4/IPv6 addresses (generic, with port, flowinfo, scope) | %p[Ii]S[pfschnbl] |
+| UUID/GUID addresses | %pU[b|B|l|L] |
+| dentry names | %pd{,2,3,4},%pD{,2,3,4} |
+| block_device names | %pg |
+| struct va_format | %pV |
+| struct clk | %pC[nr] |
+| bitmap,bitmap,nodemask | %*pb[l] |
+| bitfields such as page flags, gfp_flags | %pG[pgv] |
+| netdev_features_t | %pNF |
+
+## Links
+
+1. http://elinux.org/Debugging_by_printing
+2. http://elinux.org/Kernel_Debugging_Tips
+3. https://wiki.ubuntu.com/Kernel/KernelDebuggingTricks
+4. [Documentation/printk-formats.txt](https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/printk-formats.txt?id=HEAD)
+5. [include/linux/printk.h](https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/include/linux/printk.h?id=HEAD)
+6. [include/linux/kern_levels.h](https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/include/linux/kern_levels.h?id=HEAD)
+7. [lib/Kconfig.debug](https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/lib/Kconfig.debug?id=HEAD)
+8. [Documentation/kernel-parameters.txt](https://www.kernel.org/doc/Documentation/kernel-parameters.txt)
\ No newline at end of file
--
cgit v1.2.3