{"id":627,"date":"2022-09-19T12:53:16","date_gmt":"2022-09-19T19:53:16","guid":{"rendered":"https:\/\/sysprogs.com\/tutorials\/?p=627"},"modified":"2022-09-19T12:53:16","modified_gmt":"2022-09-19T19:53:16","slug":"using-code-explorer-to-navigate-the-linux-kernel","status":"publish","type":"post","link":"https:\/\/sysprogs.com\/VisualKernel\/tutorials\/codeexplorer\/","title":{"rendered":"Using Code Explorer to Navigate the Linux Kernel"},"content":{"rendered":"

This tutorial shows how to use Code Explorer to conveniently navigate the Linux kernel source using VisualKernel.<\/p>\n

We will create a basic kernel module that creates a file in \/proc <\/strong>and implements the callback functions required by the proc_create()<\/strong> API. We will then use the Code Explorer to quickly find other implementations of similar callbacks, and also understand the context where they are used.<\/p>\n

Before you begin, install Visual Studio and VisualKernel 4.0 or later.<\/p>\n

    \n
  1. Start Visual Studio and locate the VisualKernel Linux Kernel Module Project Wizard:\"\"<\/a><\/li>\n
  2. Enter the name and location for your project: \"\"<\/a><\/li>\n
  3. In this tutorial we will use the project template for the \/proc<\/strong> file, however any other template will work as well:\"\"<\/a><\/li>\n
  4. Pick the target system where you would like to run the module. In this tutorial we will use a pre-built Ubuntu 22.04 VM<\/a>, however you can configure VisualKernel to target any other supported VM<\/a> or a physical machine: \"\"<\/a><\/li>\n
  5. VisualKernel will suggest storing the source files for the module on the Windows machine and uploading them during build. Proceed with the suggested settings:\"\"<\/a><\/li>\n
  6. Select the debug settings that match your target and click “Finish” to generate a project: \"\"<\/a><\/li>\n
  7. Once the project is created, you can build it using the Build->Build Solution<\/strong> command.\u00a0 Depending on the kernel version you are using, you may need to replace the proc_ops<\/strong> structure with file_operations<\/strong>:\"\"<\/a><\/li>\n
  8. Set a breakpoint in the init() function and press F5 to begin debugging. The breakpoint will trigger, allowing you to step through the code:\"\"<\/a><\/li>\n
  9. Press F5 to continue debugging. We will now test the created proc file by opening an SSH window connecting to the target: \"\"<\/a><\/li>\n
  10. Run the “sudo cat \/proc\/<Project Name>” command and make sure that the output shows the current time: \"\"<\/a><\/li>\n
  11. While the debugger could be useful in understanding how this particular example works, it requires physically stepping through every relevant scenario, which could be slow. Static analysis tools like Code Explorer, on the other hand, allow quickly navigating the kernel code without having to step through it. Before we demonstrate it, make sure that the kernel sources are shown in the Solution Explorer:\"\"<\/a>If not, locate the kernel reference under the “Referenced Kernel” node inside the project, and double-click on it to load the sources.<\/li>\n
  12. Go to the initialization of the proc_lseek<\/strong> field in the main file and click the “Go to Code Explorer” button in the top right corner of the text editor:\"\"<\/a><\/li>\n
  13. Click the Show Details<\/strong> button in the Code Explorer window to show the details<\/strong> view at the bottom:\"\"<\/a>Note how the Code Explorer Details<\/strong> view shows:\n