add kernel debug env instructions to README

cisco-open · May 3, 2024 · 956a815 · 956a815
1 parent 8093d65
commit 956a815
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -132,6 +132,8 @@ Between two applications - both of them intercepted by this module - the traffic
 
 ## Debugging
 
+### Logging
+
 Most of the logs of this module are on debug level and can be shown using [dynamic debug](https://www.kernel.org/doc/html/latest/admin-guide/dynamic-debug-howto.html) feature of the Linux kernel.
 
 Use the following command to turn on debug level logging for the module:
@@ -140,6 +142,26 @@ Use the following command to turn on debug level logging for the module:
 echo -n '-p; module camblet file opa.c  +pftl' | sudo tee /proc/dynamic_debug/control > /dev/null
 ```
 
+### Kernel debugging environment
+
+The kernel module can be traced for memory leaks and other issues with the help of fine tools, like [KASAN](https://www.kernel.org/doc/html/latest/dev-tools/kasan.html) and [Kmemleak](https://www.kernel.org/doc/html/latest/dev-tools/kmemleak.html).
+
+To create a kernel debugging environment on Fedora, follow these steps:
+
+```bash
+sudo dnf update
+sudo dnf install kernel-debug-devel
+
+# Check the current debug kernel version, and set it as default (ls /boot/)
+CURRENT_DEBUG_KERNEL=vmlinuz-6.8.7-200.fc39.aarch64+debug
+
+sudo grubby --set-default /boot/${CURRENT_DEBUG_KERNEL}
+sudo grubby --update-kernel=/boot/${CURRENT_DEBUG_KERNEL} --args kmemleak=on
+grubby --update-kernel=ALL --args="kasan=on"
+
+sudo reboot
+```
+
 ### Test mTLS
 
 The kernel module offers TLS termination on certain ports selected by an [OPA](https://www.openpolicyagent.org) rule-set: