diff options
| author | johannst <johannst@users.noreply.github.com> | 2022-03-15 17:05:22 +0000 |
|---|---|---|
| committer | johannst <johannst@users.noreply.github.com> | 2022-03-15 17:05:22 +0000 |
| commit | bc55732c55a0c854f6e3c3cc40efd603907ecdcb (patch) | |
| tree | 267813fb06d985e2047aa54224781740e965e130 /print.html | |
| parent | 78b3836acf005c33ec4cdcb453f518b6e099c346 (diff) | |
| download | notes-bc55732c55a0c854f6e3c3cc40efd603907ecdcb.tar.gz notes-bc55732c55a0c854f6e3c3cc40efd603907ecdcb.zip | |
deploy: 33d74c3b33394769a2040ff451fbfdfd58e9bf92
Diffstat (limited to 'print.html')
| -rw-r--r-- | print.html | 189 |
1 files changed, 185 insertions, 4 deletions
@@ -83,7 +83,7 @@ <nav id="sidebar" class="sidebar" aria-label="Table of contents"> <div id="sidebar-scrollbox" class="sidebar-scrollbox"> - <ol class="chapter"><li class="expanded affix "><a href="intro.html">Introduction</a></li><li class="expanded "><a href="tools/index.html"><strong aria-hidden="true">1.</strong> Tools</a></li><li><ol class="section"><li class="expanded "><a href="tools/zsh.html"><strong aria-hidden="true">1.1.</strong> zsh</a></li><li class="expanded "><a href="tools/bash.html"><strong aria-hidden="true">1.2.</strong> bash</a></li><li class="expanded "><a href="tools/fish.html"><strong aria-hidden="true">1.3.</strong> fish</a></li><li class="expanded "><a href="tools/tmux.html"><strong aria-hidden="true">1.4.</strong> tmux</a></li><li class="expanded "><a href="tools/git.html"><strong aria-hidden="true">1.5.</strong> git</a></li><li class="expanded "><a href="tools/awk.html"><strong aria-hidden="true">1.6.</strong> awk</a></li><li class="expanded "><a href="tools/emacs.html"><strong aria-hidden="true">1.7.</strong> emacs</a></li><li class="expanded "><a href="tools/gpg.html"><strong aria-hidden="true">1.8.</strong> gpg</a></li><li class="expanded "><a href="tools/gdb.html"><strong aria-hidden="true">1.9.</strong> gdb</a></li><li class="expanded "><a href="tools/gdbserver.html"><strong aria-hidden="true">1.10.</strong> gdbserver</a></li><li class="expanded "><a href="tools/radare2.html"><strong aria-hidden="true">1.11.</strong> radare2</a></li><li class="expanded "><a href="tools/qemu.html"><strong aria-hidden="true">1.12.</strong> qemu</a></li><li class="expanded "><a href="tools/pacman.html"><strong aria-hidden="true">1.13.</strong> pacman</a></li></ol></li><li class="expanded "><a href="monitor/index.html"><strong aria-hidden="true">2.</strong> Resource analysis & monitor</a></li><li><ol class="section"><li class="expanded "><a href="monitor/lsof.html"><strong aria-hidden="true">2.1.</strong> lsof</a></li><li class="expanded "><a href="monitor/ss.html"><strong aria-hidden="true">2.2.</strong> ss</a></li><li class="expanded "><a href="monitor/pidstat.html"><strong aria-hidden="true">2.3.</strong> pidstat</a></li><li class="expanded "><a href="monitor/pgrep.html"><strong aria-hidden="true">2.4.</strong> pgrep</a></li><li class="expanded "><a href="monitor/pmap.html"><strong aria-hidden="true">2.5.</strong> pmap</a></li><li class="expanded "><a href="monitor/pstack.html"><strong aria-hidden="true">2.6.</strong> pstack</a></li></ol></li><li class="expanded "><a href="trace_profile/index.html"><strong aria-hidden="true">3.</strong> Trace and Profile</a></li><li><ol class="section"><li class="expanded "><a href="trace_profile/strace.html"><strong aria-hidden="true">3.1.</strong> strace</a></li><li class="expanded "><a href="trace_profile/ltrace.html"><strong aria-hidden="true">3.2.</strong> ltrace</a></li><li class="expanded "><a href="trace_profile/perf.html"><strong aria-hidden="true">3.3.</strong> perf</a></li><li class="expanded "><a href="trace_profile/oprofile.html"><strong aria-hidden="true">3.4.</strong> OProfile</a></li><li class="expanded "><a href="trace_profile/time.html"><strong aria-hidden="true">3.5.</strong> time</a></li></ol></li><li class="expanded "><a href="binary/index.html"><strong aria-hidden="true">4.</strong> Binary</a></li><li><ol class="section"><li class="expanded "><a href="binary/od.html"><strong aria-hidden="true">4.1.</strong> od</a></li><li class="expanded "><a href="binary/xxd.html"><strong aria-hidden="true">4.2.</strong> xxd</a></li><li class="expanded "><a href="binary/readelf.html"><strong aria-hidden="true">4.3.</strong> readelf</a></li><li class="expanded "><a href="binary/objdump.html"><strong aria-hidden="true">4.4.</strong> objdump</a></li><li class="expanded "><a href="binary/nm.html"><strong aria-hidden="true">4.5.</strong> nm</a></li></ol></li><li class="expanded "><a href="development/index.html"><strong aria-hidden="true">5.</strong> Development</a></li><li><ol class="section"><li class="expanded "><a href="development/c++filt.html"><strong aria-hidden="true">5.1.</strong> c++filt</a></li><li class="expanded "><a href="development/c++.html"><strong aria-hidden="true">5.2.</strong> c++</a></li><li class="expanded "><a href="development/glibc.html"><strong aria-hidden="true">5.3.</strong> glibc</a></li><li class="expanded "><a href="development/gcc.html"><strong aria-hidden="true">5.4.</strong> gcc</a></li><li class="expanded "><a href="development/make.html"><strong aria-hidden="true">5.5.</strong> make</a></li><li class="expanded "><a href="development/ld.so.html"><strong aria-hidden="true">5.6.</strong> ld.so</a></li><li class="expanded "><a href="development/symbolver.html"><strong aria-hidden="true">5.7.</strong> symbol versioning</a></li><li class="expanded "><a href="development/python.html"><strong aria-hidden="true">5.8.</strong> python</a></li></ol></li><li class="expanded "><a href="arch/index.html"><strong aria-hidden="true">6.</strong> Arch</a></li><li><ol class="section"><li class="expanded "><a href="arch/x86_64.html"><strong aria-hidden="true">6.1.</strong> x86_64</a></li><li class="expanded "><a href="arch/arm64.html"><strong aria-hidden="true">6.2.</strong> arm64</a></li><li class="expanded "><a href="arch/armv7.html"><strong aria-hidden="true">6.3.</strong> armv7</a></li></ol></li></ol> + <ol class="chapter"><li class="expanded affix "><a href="intro.html">Introduction</a></li><li class="expanded "><a href="tools/index.html"><strong aria-hidden="true">1.</strong> Tools</a></li><li><ol class="section"><li class="expanded "><a href="tools/zsh.html"><strong aria-hidden="true">1.1.</strong> zsh</a></li><li class="expanded "><a href="tools/bash.html"><strong aria-hidden="true">1.2.</strong> bash</a></li><li class="expanded "><a href="tools/fish.html"><strong aria-hidden="true">1.3.</strong> fish</a></li><li class="expanded "><a href="tools/tmux.html"><strong aria-hidden="true">1.4.</strong> tmux</a></li><li class="expanded "><a href="tools/git.html"><strong aria-hidden="true">1.5.</strong> git</a></li><li class="expanded "><a href="tools/awk.html"><strong aria-hidden="true">1.6.</strong> awk</a></li><li class="expanded "><a href="tools/emacs.html"><strong aria-hidden="true">1.7.</strong> emacs</a></li><li class="expanded "><a href="tools/gpg.html"><strong aria-hidden="true">1.8.</strong> gpg</a></li><li class="expanded "><a href="tools/gdb.html"><strong aria-hidden="true">1.9.</strong> gdb</a></li><li class="expanded "><a href="tools/gdbserver.html"><strong aria-hidden="true">1.10.</strong> gdbserver</a></li><li class="expanded "><a href="tools/radare2.html"><strong aria-hidden="true">1.11.</strong> radare2</a></li><li class="expanded "><a href="tools/qemu.html"><strong aria-hidden="true">1.12.</strong> qemu</a></li><li class="expanded "><a href="tools/pacman.html"><strong aria-hidden="true">1.13.</strong> pacman</a></li></ol></li><li class="expanded "><a href="monitor/index.html"><strong aria-hidden="true">2.</strong> Resource analysis & monitor</a></li><li><ol class="section"><li class="expanded "><a href="monitor/lsof.html"><strong aria-hidden="true">2.1.</strong> lsof</a></li><li class="expanded "><a href="monitor/ss.html"><strong aria-hidden="true">2.2.</strong> ss</a></li><li class="expanded "><a href="monitor/pidstat.html"><strong aria-hidden="true">2.3.</strong> pidstat</a></li><li class="expanded "><a href="monitor/pgrep.html"><strong aria-hidden="true">2.4.</strong> pgrep</a></li><li class="expanded "><a href="monitor/pmap.html"><strong aria-hidden="true">2.5.</strong> pmap</a></li><li class="expanded "><a href="monitor/pstack.html"><strong aria-hidden="true">2.6.</strong> pstack</a></li></ol></li><li class="expanded "><a href="trace_profile/index.html"><strong aria-hidden="true">3.</strong> Trace and Profile</a></li><li><ol class="section"><li class="expanded "><a href="trace_profile/strace.html"><strong aria-hidden="true">3.1.</strong> strace</a></li><li class="expanded "><a href="trace_profile/ltrace.html"><strong aria-hidden="true">3.2.</strong> ltrace</a></li><li class="expanded "><a href="trace_profile/perf.html"><strong aria-hidden="true">3.3.</strong> perf</a></li><li class="expanded "><a href="trace_profile/oprofile.html"><strong aria-hidden="true">3.4.</strong> OProfile</a></li><li class="expanded "><a href="trace_profile/time.html"><strong aria-hidden="true">3.5.</strong> time</a></li></ol></li><li class="expanded "><a href="binary/index.html"><strong aria-hidden="true">4.</strong> Binary</a></li><li><ol class="section"><li class="expanded "><a href="binary/od.html"><strong aria-hidden="true">4.1.</strong> od</a></li><li class="expanded "><a href="binary/xxd.html"><strong aria-hidden="true">4.2.</strong> xxd</a></li><li class="expanded "><a href="binary/readelf.html"><strong aria-hidden="true">4.3.</strong> readelf</a></li><li class="expanded "><a href="binary/objdump.html"><strong aria-hidden="true">4.4.</strong> objdump</a></li><li class="expanded "><a href="binary/nm.html"><strong aria-hidden="true">4.5.</strong> nm</a></li></ol></li><li class="expanded "><a href="development/index.html"><strong aria-hidden="true">5.</strong> Development</a></li><li><ol class="section"><li class="expanded "><a href="development/c++filt.html"><strong aria-hidden="true">5.1.</strong> c++filt</a></li><li class="expanded "><a href="development/c++.html"><strong aria-hidden="true">5.2.</strong> c++</a></li><li class="expanded "><a href="development/glibc.html"><strong aria-hidden="true">5.3.</strong> glibc</a></li><li class="expanded "><a href="development/gcc.html"><strong aria-hidden="true">5.4.</strong> gcc</a></li><li class="expanded "><a href="development/make.html"><strong aria-hidden="true">5.5.</strong> make</a></li><li class="expanded "><a href="development/ld.so.html"><strong aria-hidden="true">5.6.</strong> ld.so</a></li><li class="expanded "><a href="development/symbolver.html"><strong aria-hidden="true">5.7.</strong> symbol versioning</a></li><li class="expanded "><a href="development/python.html"><strong aria-hidden="true">5.8.</strong> python</a></li></ol></li><li class="expanded "><a href="linux/index.html"><strong aria-hidden="true">6.</strong> Linux</a></li><li><ol class="section"><li class="expanded "><a href="linux/systemd.html"><strong aria-hidden="true">6.1.</strong> systemd</a></li><li class="expanded "><a href="linux/coredump.html"><strong aria-hidden="true">6.2.</strong> coredump</a></li><li class="expanded "><a href="linux/ptrace_scope.html"><strong aria-hidden="true">6.3.</strong> ptrace_scope</a></li></ol></li><li class="expanded "><a href="network/index.html"><strong aria-hidden="true">7.</strong> Network</a></li><li><ol class="section"><li class="expanded "><a href="network/tcpdump.html"><strong aria-hidden="true">7.1.</strong> tcpdump</a></li></ol></li><li class="expanded "><a href="arch/index.html"><strong aria-hidden="true">8.</strong> Arch</a></li><li><ol class="section"><li class="expanded "><a href="arch/x86_64.html"><strong aria-hidden="true">8.1.</strong> x86_64</a></li><li class="expanded "><a href="arch/arm64.html"><strong aria-hidden="true">8.2.</strong> arm64</a></li><li class="expanded "><a href="arch/armv7.html"><strong aria-hidden="true">8.3.</strong> armv7</a></li></ol></li></ol> </div> <div id="sidebar-resize-handle" class="sidebar-resize-handle"></div> </nav> @@ -1384,6 +1384,7 @@ delkey delete selected subkey </code></pre> <h2><a class="header" href="#export--import-keys" id="export--import-keys">Export & Import Keys</a></h2> <pre><code class="language-bash">gpg --export --armor --output <KEY.PUB> <KEY ID> +gpg --export-secret-key --armor --output <KEY.PUB> <KEY ID> gpg --import <FILE> </code></pre> <h2><a class="header" href="#search--send-keys" id="search--send-keys">Search & Send keys</a></h2> @@ -2931,6 +2932,186 @@ def sum(a: int, b: int) -> int: <p>Micro benchmarking.</p> <pre><code class="language-bash">python -m timeit '[x.strip() for x in ["a ", " b"]]' </code></pre> +<h1><a class="header" href="#linux" id="linux">Linux</a></h1> +<ul> +<li><a href="linux/./systemd.html">systemd</a></li> +<li><a href="linux/./coredump.html">coredump</a></li> +<li><a href="linux/./ptrace_scope.html">ptrace_scope</a></li> +</ul> +<h1><a class="header" href="#systemd" id="systemd">systemd</a></h1> +<h2><a class="header" href="#systemctl" id="systemctl">systemctl</a></h2> +<p>Inspect units:</p> +<pre><code class="language-text">systemctl [opts] [cmd] +[opts] + --user + +[cmd] + list-units <pattern> List units in memory + + status <unit> Show runtime status of unit + + start <unit> Start a unit + stop <unit> Stop a unit + restart <unit> Restart a unit + reload <unit> Reload a unit + + enable <unit> Enable a unit (persistent) + disable <unit> Disable a unit + + cat <unit> Print unit file + show <unit> Show properties of unit +</code></pre> +<h3><a class="header" href="#example-trivial-user-unit" id="example-trivial-user-unit">Example: Trivial user unit</a></h3> +<pre><code class="language-bash"># Generate unit +mkdir -p ~/.config/systemd/user +echo '[Unit] +Description=Test logger + +[Service] +Type=oneshot +ExecStart=logger "Hello from test unit"' > ~/.config/systemd/user/test.service + +# Run unit +systemctl --user start test + +# See log message +journalctl --user -u test -n 5 +</code></pre> +<h2><a class="header" href="#journalctl" id="journalctl">journalctl</a></h2> +<p>Inspect journal logs:</p> +<pre><code class="language-text">journalctl [opts] [matches] + --user Current user journal (system by default) + -u <unit> Show logs for specified <unit> + -n <lines> Show only last <lines> + -f Follow journal + -g <pattern> Grep for <pattern> +</code></pre> +<p>Cleanup:</p> +<pre><code class="language-text">journalctl [opts] + --disk-usage Show current disk usage + --vacuum-size=<size> Reduce journal log to <size> (K/M/G) +</code></pre> +<h2><a class="header" href="#references-2" id="references-2">References</a></h2> +<ul> +<li><a href="https://www.man7.org/linux/man-pages/man5/systemd.unit.5.html">man systemd.unit(5)</a></li> +<li><a href="https://www.man7.org/linux/man-pages/man5/systemd.service.5.html">man systemd.service(5)</a></li> +</ul> +<h1><a class="header" href="#core5" id="core5">core(5)</a></h1> +<p>There are multiple requirements that must be satisfied that <code>coredumps</code> are +being generated, a full list can be found in <a href="https://man7.org/linux/man-pages/man5/core.5.html">core(5)</a>.</p> +<p>An important one is to configure the soft resource limit <code>RLMIT_CORE</code> +(typically as unlimited during debugging). +In a typical bash/zsh this can be done as</p> +<pre><code class="language-bash">ulimit -Sc unlimited +</code></pre> +<h2><a class="header" href="#naming-of-coredump-files" id="naming-of-coredump-files">Naming of coredump files</a></h2> +<p>There are two important kernel configs to control the naming:</p> +<pre><code class="language-config">/proc/sys/kernel/core_pattern + <pattern> => Specifies a name pattern for the coredump file. This can + include certain FORMAT specifier. + |<cmdline> => Coredump is pipe through stdin to the user space process + specified by the cmdline, this can also contain FORMAT specifier. + + FORMAT specifier (full list, see core(5)): + %E Pathname of the executable ('/' replaced by '!'). + %p PID of the dumping process in its pid namespace. + %P PID of the dumping process in the initial pid namespace. + %u Real UID of dumping process. + %s Signal number causing the dump. + + +/proc/sys/kernel/core_uses_pid + 1 => Append ".<pid>" suffic to the coredump file name + (pid of the dumping process). + 0 => Do not append the suffix. +</code></pre> +<h2><a class="header" href="#control-which-segments-are-dumped" id="control-which-segments-are-dumped">Control which segments are dumped</a></h2> +<p>Each process has a coredump filter defined in <code>/proc/<pid>/coredump_filter</code> +which specifies which memory segments are being dumped. +Filters are preseved across <code>fork/exec</code> calls and hence child processes inherit +the parents filters.</p> +<p>The filter is a bitmask where <code>1</code> indicates to dump the given type.</p> +<pre><code>From core(5): + bit 0 Dump anonymous private mappings. + bit 1 Dump anonymous shared mappings. + bit 2 Dump file-backed private mappings. + bit 3 Dump file-backed shared mappings. + bit 4 Dump ELF headers. + bit 5 Dump private huge pages. + bit 6 Dump shared huge pages. + bit 7 Dump private DAX pages. + bit 8 Dump shared DAX pages. + +Default filter 0x33. +</code></pre> +<h1><a class="header" href="#some-examples-out-there" id="some-examples-out-there">Some examples out there</a></h1> +<h2><a class="header" href="#coredumpctl-systemd" id="coredumpctl-systemd">coredumpctl (systemd)</a></h2> +<pre><code class="language-bash"># List available coredumps. +coredumpctl list + TIME PID UID GID SIG COREFILE EXE SIZE + ... + Fri 2022-03-11 12:10:48 CET 6363 1000 1000 SIGSEGV present /usr/bin/sleep 18.1K + +# Get detailed info on specific coredump. +coredumpctl info 6363 + +# Debug specific coredump. +coredumpctl debug 6363 + +# Dump specific coredump to file. +coredumpctl dump 6363 -o <file> +</code></pre> +<h2><a class="header" href="#apport-ubuntu" id="apport-ubuntu">apport (ubuntu)</a></h2> +<p>Known crash report locations:</p> +<ul> +<li><code>/var/crash</code></li> +</ul> +<p>To get to the raw coredump, crash reports can be unpacked as:</p> +<pre><code class="language-bash">apport-unpack <crash_repot> <dest_dir> +</code></pre> +<p>The coredump resides under <code><dest_dir>/CoreDump</code>.</p> +<h1><a class="header" href="#ptrace_scope" id="ptrace_scope">ptrace_scope</a></h1> +<p>In case the kernel was compiled with the <code>yama</code> security module +(<code>CONFIG_SECURITY_YAMA</code>), tracing processes with <code>ptrace(2)</code> can be restricted.</p> +<pre><code class="language-config">/proc/sys/kernel/yama/ptrace_scope + 0 => No restrictions. + 1 => Restricted attach, only the following can attach + - A process in the parent hierarchy. + - A process with CAP_SYS_PTRACE. + - A process with the PID that the tracee allowed by via + PR_SET_PTRACER. + 2 => Only processes with CAP_SYS_PTRACE in the user namespace of the tracee + can attach. + 3 => No tracing allowed. +</code></pre> +<p>Further details in <a href="https://man7.org/linux/man-pages/man2/ptrace.2.html"><code>ptrace(2)</code></a>.</p> +<h1><a class="header" href="#network-1" id="network-1">Network</a></h1> +<ul> +<li><a href="network/./tcpdump.html">tcpdump</a></li> +</ul> +<h1><a class="header" href="#tcpdump1" id="tcpdump1">tcpdump(1)</a></h1> +<h1><a class="header" href="#cli-3" id="cli-3">CLI</a></h1> +<pre><code class="language-markdown">tcpdump [opts] -i <if> [<filter>] + -n Don't covert host/port names. + -w <file|-> Write pcap trace to file or stdout (-). + -r <file> Read & parse pcap file. +</code></pre> +<p>Some useful filters.</p> +<pre><code class="language-markdown">src <ip> Filter for source IP. +dst <ip> Filter for destination IP. +host <ip> Filter for IP (src + dst). +net <ip>/<range> Filter traffic on subnet. +[src/dst] port <port> Filter for port (optionally src/dst). +tcp/udp/icmp Filter for protocol. +</code></pre> +<blockquote> +<p>Use <code>and/or/not</code> and <code>()</code> to build filter expressions.</p> +</blockquote> +<h1><a class="header" href="#examples-5" id="examples-5">Examples</a></h1> +<h2><a class="header" href="#capture-packets-from-remote-host" id="capture-packets-from-remote-host">Capture packets from remote host</a></h2> +<pre><code class="language-makrdown"># -k: Start capturing immediately. +ssh <host> tcpdump -i <IF> -w - | sudo wireshark -k -i - +</code></pre> <h1><a class="header" href="#arch" id="arch">Arch</a></h1> <ul> <li><a href="arch/./x86_64.html">x86_64</a></li> @@ -3190,7 +3371,7 @@ greeting_len: <pre><code class="language-bash">> gcc -o greet greet.s -nostartfiles -nostdlib && ./greet Hi ASM-World! </code></pre> -<h2><a class="header" href="#references-2" id="references-2">References</a></h2> +<h2><a class="header" href="#references-3" id="references-3">References</a></h2> <ul> <li><a href="https://www.uclibc.org/docs/psABI-x86_64.pdf">SystemV AMD64 ABI</a></li> <li><a href="https://www.amd.com/system/files/TechDocs/24592.pdf">AMD64 Vol1: Application Programming</a></li> @@ -3419,7 +3600,7 @@ Hi ASM-World! distributions. Explicitly specifying the dynamic linker should not be required when compiling natively on arm64.</p> </blockquote> -<h2><a class="header" href="#references-3" id="references-3">References</a></h2> +<h2><a class="header" href="#references-4" id="references-4">References</a></h2> <ul> <li><a href="https://github.com/ARM-software/abi-aa/blob/master/aapcs64/aapcs64.rst">Procedure Call Standard ARM64</a></li> <li><a href="https://developer.arm.com/documentation/den0024/latest">ARMv8-A Programmer's Guide</a></li> @@ -3663,7 +3844,7 @@ Hi ASM-World! distributions. Explicitly specifying the dynamic linker should not be required when compiling natively on arm.</p> </blockquote> -<h2><a class="header" href="#references-4" id="references-4">References</a></h2> +<h2><a class="header" href="#references-5" id="references-5">References</a></h2> <ul> <li><a href="https://github.com/ARM-software/abi-aa/blob/master/aapcs32/aapcs32.rst">Procedure Call Standard ARM</a></li> <li><a href="https://developer.arm.com/documentation/den0013/latest">ARMv7-A Programmer's Guide</a></li> |