Linux: is there a way to use ptrace without stopping/pausing the process (SIGSTOP)?
来源: https://stackoverflow.com/questions/38676995/linux-is-there-a-way-to-use-ptrace-without-stopping-pausing-the-process-sigsto
ptrace
Linux: is there a way to use ptrace without stopping/pausing the process (SIGSTOP)?
来源: https://stackoverflow.com/questions/38676995/linux-is-there-a-way-to-use-ptrace-without-stopping-pausing-the-process-sigsto
How to prevent another process to debug syscall with ptrace
问题 In ptrace I can debug another process to print all the syscall numver that the remote process call.l , with this steps. Attach to process with PTRACE_ATTACH. waitpid (with `__WALL flags) to be sure the remote process has been stopped. In while (cond) print on register that store the syscall number with PTRACE_PEEKUSER How the remote process can prevent that ?is there any signal that it can to register and print "stop debug me!!"?? PTRACE_ATTACH send SIGSTOP for remote process,but process can
How to prevent another process to debug syscall with ptrace
问题 In ptrace I can debug another process to print all the syscall numver that the remote process call.l , with this steps. Attach to process with PTRACE_ATTACH. waitpid (with `__WALL flags) to be sure the remote process has been stopped. In while (cond) print on register that store the syscall number with PTRACE_PEEKUSER How the remote process can prevent that ?is there any signal that it can to register and print "stop debug me!!"?? PTRACE_ATTACH send SIGSTOP for remote process,but process can
ptrace doesnt show the same as objdump
问题 I am writing a C program thats shows instructions using ptrace. This is the code: #include<stdio.h> #include <stdint.h> #include <stdlib.h> #include <unistd.h> #include <sys/wait.h> #include <sys/ptrace.h> #include <sys/user.h> #include <sys/types.h> #include <sys/syscall.h> #include <string.h> void run_target() { ptrace(PTRACE_TRACEME, 0, 0, 0); execl("./test", "test", NULL); } void debugger(pid_t pid) { int status; wait(&status); while(WIFSTOPPED(status)) { struct user_regs_struct regs;
Disable AppArmor for Docker for ptrace_scope
问题 Is it possible to disable AppArmor for a particular Docker container? I want to make ptrace accessible so I can attach gdb to a running process but run into the following issue when I want to change the setting: root@fbf728150308:/gopath# echo 0 > /proc/sys/kernel/yama/ptrace_scope bash: /proc/sys/kernel/yama/ptrace_scope: Read-only file system 回答1: AppArmor can be disabled either by running unconfined, or as a privileged container: --security-opt apparmor=unconfined (or apparmor:unconfined
Disable AppArmor for Docker for ptrace_scope
问题 Is it possible to disable AppArmor for a particular Docker container? I want to make ptrace accessible so I can attach gdb to a running process but run into the following issue when I want to change the setting: root@fbf728150308:/gopath# echo 0 > /proc/sys/kernel/yama/ptrace_scope bash: /proc/sys/kernel/yama/ptrace_scope: Read-only file system 回答1: AppArmor can be disabled either by running unconfined, or as a privileged container: --security-opt apparmor=unconfined (or apparmor:unconfined
Disable AppArmor for Docker for ptrace_scope
问题 Is it possible to disable AppArmor for a particular Docker container? I want to make ptrace accessible so I can attach gdb to a running process but run into the following issue when I want to change the setting: root@fbf728150308:/gopath# echo 0 > /proc/sys/kernel/yama/ptrace_scope bash: /proc/sys/kernel/yama/ptrace_scope: Read-only file system 回答1: AppArmor can be disabled either by running unconfined, or as a privileged container: --security-opt apparmor=unconfined (or apparmor:unconfined
gdb docker
gdb调python: https://wiki.python.org/moin/DebuggingWithGdb ========== docker中进行gdb 因为ptrace被Docker默认禁止的问题。考虑到应用分析的需要,可以有以下几种方法解决: 1、关闭seccomp docker run --security-opt seccomp=unconfined 2、采用超级权限模式 docker run --privileged 3、仅开放ptrace限制 docker run --cap-add sys_ptrace gdb使用方法:https://blog.csdn.net/awm_kar98/article/details/82840811 来源: https://www.cnblogs.com/testzcy/p/12655899.html
GDB在ARM板中的应用
GDB的下载: http://www.gnu.org/software/gdb/ 下载gdb-7.4.tar.bz2 1.解压: tar xjf gdb-7.4.tar.bz2 2.编译gdb和gdbserver 2.1 编译gdb: cd gdb-7.4/ .configure -- target=arm-linux //配置 make //编译 make install //安装,注意如果直接运行make install的话,直接撞到pc机的usr/bin中去了。我不想这么直接安装,想看看安装时生成什么东西? vi makefile,然后搜索prefix,这prefix就是指代安装的路径。因此我可以自定义我的安装路径 mkdir tmp make install prefix = $PWD / tmp 此时可以去tmp目录下,看一下都生成了什么东西。你会看到有bin include lib share目录。进入bin目录,你会看到arm-linux-gdb的程序。 2.2 编译gdbserver cd gdb / gdbserver .configure --host = arm-linux make 编译的过程中会出现错误:PTRACE GETSIGINFO没有定义。-I表示头文件在哪里。在