Hi Andreas,
Il 03/mar/2015 14:11 "Andreas Färber" <afaer...@suse.de> ha scritto:
>
> Hi Federico,
>
> Am 03.03.2015 um 13:54 schrieb Federico Maggi:
> > On Tue, Mar 3, 2015 at 12:02 PM, Paul Fertser <fercer...@gmail.com>
wrote:
> >> On Thu, Feb 26, 2015 at 11:27:11AM +0100, Federico Maggi wrote:
> >>>> For the practical purposes if you need tracing right now, I suggest
> >>>> not using OpenOCD at all and instead learn the ETM/ETB configuration
> >>>> and dumping facilities already provided by Linux, the kernel.
> >>>
> >>> This is interesting, although it may lead to artifacts on the host.
The
> >>> assumption of Rodrigo's work (which I'm supervising) is that the
traced process
> >>> may be effectively trying to fingerprint the environment for signs of
being
> >>> monitored. For instance, assuming that I'm working in kernel space,
I'm
> >>> wondering how the collected trace could be transferred outside the
host for
> >>> subsequent analysis, without leaving evidence. As I'm not a kernel
hacker, I see
> >>> that we could write to a serial port or something else and then read
from it
> >>> from a separate machine.
> >>
> >> I think if the traced process is running in its own container (or even
> >> a VM), it has absolutely no way to tell if it's being traced or
> >> not. The trace data can be transferred by whatever means, that might
> >> be an http daemon or netcat or usb mass storage or serial, anything
> >> you want would work about the same afaict, a process inside a
> >> container wouldn't be able to see it anyway.
> >
> > we've been digging in the code, trying to compile a kernel image with
> > ETM/ETB support. More specifically, we're working with
> > https://git.linaro.org/kernel/coresight.git but it seems that the ETM
> > driver is not configurable. So, we switched to
> > git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
> > (found via https://patches.linaro.org/44314/)
> >
> > Do you know of a working branch/tag to recommend?
>
> v3.19.0 was the first release to include Coresight support. If that
> doesn't work, try the latest master branch or linux-next.git (the usual
> suspects).
Thanks! We'll look into this.
> >> Good luck with your research! Feel free to publish a link here once
> >> you have a preprint ready :)
> >
> > will do! :)
>
> As alternative to OpenOCD and Linux kernel, you could try to run your
> software under QEMU emulation. Software might discover that it's running
> in the emulator, but it won't notice whether you're using its gdb stub
> or log file tracing or not. Not sure if ETM is being emulated today or
> whether that is even necessary then.
We already have working prototypes on top of QEMU. We're now investigating
the feasibility of running the analyses on real hardware.
Ciao,
-F
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
OpenOCD-devel mailing list
OpenOCD-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openocd-devel
