IDA remote debug Linux Kernel

#1 03-29-2012, 20:46

Hello,

I am using arm-gdb to debug kernel and user level code running under QEMU. QEMU has built in gdbserver that stops VM on power-up and waits for debugger connection. Is it possible to do the same with IDA? All I can find is debugging user processes with IDA, not kernel...

Thanks!

mcp · #2 03-29-2012, 20:57

You can at least debug the windows kernel using IDA+GDB (if you enable the GDB debugging interface in VMWare, for instance). I haven't tried the same for Linux or QEMU, but I think it should work. You can even set the resp. options to debug real mode code in the debugger specific settings of the GDB module.
This might help:

http://www.hex-rays.com/products/ida/support/tutorials/debugging_gdb_windows_vmware.pdf

#3 04-03-2012, 02:59

I was able to connect to gdbserver running in QEMU. Is there a way to load source files for known kernel modules? i.e. I can debug everything fine, but only with disassembly. Not sure if IDA can load source files from GNU debug symbols

mcp · #4 04-03-2012, 04:12

Nope, source level debugging is not possible, yet. However, IDA 6.3 will have source level debugging, so you just have to wait a few weeks

The beta should start in a couple of days.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
kernel-based keylogger for Linux	nimaarek	Source Code	7	10-30-2017 14:51
Whether IDA can set memory breakpoint when use Remote Linux debugger?	bridgeic	General Discussion	7	09-10-2014 18:07
ida remote debug feature	SkyOcean	General Discussion	2	01-03-2005 07:00
How to debug kernel Drivers??	loman	General Discussion	14	06-18-2004 21:31

The Following 2 Users Gave Reputation+1 to mcp For This Useful Post:
chessgod101 (03-29-2012)

The Following User Says Thank You to mcp For This Useful Post:
nimaarek (06-05-2018)

The Following User Gave Reputation+1 to mcp For This Useful Post:
\|roe (04-03-2012)