时间戳

首页 > 解决方案 > SystemTap 中的嵌入式 C - 取消引用指向不完整类型的指针

c - SystemTap 中的嵌入式 C - 取消引用指向不完整类型的指针

问题描述

我正在关注本教程:https ://blog.lexfo.fr/cve-2017-11176-linux-kernel-exploitation-part1.html

当我尝试查看netlink_sock状态中包含的内容时,我使用了这个嵌入式 C 代码:

%{
    #include <net/sock.h>
    #include <linux/netlink.h>
%}

function dump_netlink_sock:long (arg_sock:long)
%{
    struct sock *sk = (void*) STAP_ARG_arg_sock;
    struct netlink_sock * nlk = (void*) sk;

    _stp_printf("-={ dump_netlink_sock: %p }=-\n", nlk);
    _stp_printf("- sk = %p\n", sk);
    _stp_printf("- sk->sk_rmem_alloc = %d\n", sk->sk_rmem_alloc);
    _stp_printf("- sk->sk_rcvbuf = %d\n", sk->sk_rcvbuf);
    _stp_printf("- sk->sk_refcnt = %d\n", sk->sk_refcnt); 

    _stp_printf("- nlk->state = %x\n", (nlk->state & 0x1));

    _stp_printf("-={ dump_netlink_sock: END}=-\n");
%}

probe kernel.function("netlink_attachskb")
{
    if (execname() == "exploit")
    {
        printf("(%d - %d) >>> netlink_attachskb (%s)\n", pid(), tid(), $$parms)
    }
    dump_netlink_sock($sk);
}

我自己确保在 Linux 内核源代码中 -state存在于netlink_sock.

这是我的结果:

shahar@debian:~/exploitation$ sudo stap -v -g mq_notify.stp
[sudo] password for shahar:
Pass 1: parsed user script and 95 library script(s) using 83352virt/28420res/4880shr/24252data kb, in 0usr/80sys/78real ms.
Pass 2: analyzed script: 699 probe(s), 15 function(s), 5 embed(s), 0 global(s) using 278348virt/102604res/6696shr/97036data kb, in 420usr/730sys/1153real ms.
Pass 3: translated to C into "/tmp/stapFmyHer/stap_cc49251867b5bd20ade8fc721d5f8895_209103_src.c" using 275848virt/102252res/6468shr/97036data kb, in 20usr/10sys/33real ms.
/tmp/stapFmyHer/stap_cc49251867b5bd20ade8fc721d5f8895_209103_src.c: In function ‘function_dump_netlink_sock’:
/tmp/stapFmyHer/stap_cc49251867b5bd20ade8fc721d5f8895_209103_src.c:2517:41: error: dereferencing pointer to incomplete type
  _stp_printf("- nlk->state = %x\n", (nlk->state & 0x1));
                                         ^
make[3]: *** [/tmp/stapFmyHer/stap_cc49251867b5bd20ade8fc721d5f8895_209103_src.o] Error 1
make[2]: *** [_module_/tmp/stapFmyHer] Error 2
make[1]: *** [sub-make] Error 2
make: *** [all] Error 2
WARNING: kbuild exited with status: 2
Pass 4: compiled C into "stap_cc49251867b5bd20ade8fc721d5f8895_209103.ko" in 130usr/380sys/740real ms.
Pass 4: compilation failed.  [man error::pass4]
Tip: /usr/share/doc/systemtap/README.Debian should help you get started.

此外,我尝试创建自己的结构(基本上是netlink_sock从 Linux 源代码复制的,但我无法编译它 - 我不确定将我的结构放在 .stp 文件中的哪个位置。

标签: clinuxlinux-kernelnetlinksystemtap

解决方案

推荐阅读