请问模拟器如何 Enable BTF BPF Type Format (BTF) (Optional, 2022-04-17)
ljz2009y opened this issue · 7 comments
m1 mac 电脑。 模拟器
请问如何开启 Enable BTF BPF Type Format 求指教,感谢。
➜ ecapture git:(master) make nocore
if [ $? -ne 0 ]; then
/bin/bash: -c: line 1: syntax error: unexpected end of file
make: *** [.check_clang] Error 2
执行 make nocore 命令,遇到这个错误,不知道如何解决。
使用 ecapture-android-aarch64_nocore-v0.7.0 会报错:
tls_2023/12/06 15:51:27 ECAPTURE :: ecapture Version : androidgki_aarch64:0.7.0-20231203-2fbdf3f:5.4.0-155-generic
tls_2023/12/06 15:51:27 ECAPTURE :: Pid Info : 16075
tls_2023/12/06 15:51:27 ECAPTURE :: Kernel Info : 5.10.110
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL module initialization
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL master key keylogger:
tls_2023/12/06 15:51:27 ECAPTURE :: Module.Run()
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL Text MODEL
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL OpenSSL/BoringSSL version not found, used default version :android_default
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL HOOK type:2, binrayPath:/apex/com.android.conscrypt/lib64/libssl.so
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL Hook masterKey function:SSL_in_init
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL libPthread:/apex/com.android.runtime/lib64/bionic/libc.so
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL target all process.
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL target all users.
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL BPF bytecode filename:user/bytecode/boringssl_a_13_kern.o
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL perfEventReader created. mapSize:20 MB
tls_2023/12/06 15:51:27 EBPFProbeOPENSSL perfEventReader created. mapSize:20 MB
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x28 pc=0x2b4d80]
goroutine 1 [running]:
github.com/cilium/ebpf/perf.NewReaderWithOptions(0x40000b4500, 0x1400000, {0x118fb00?, 0xd8?})
/home/ubuntu/go/pkg/mod/github.com/cilium/ebpf@v0.12.3/perf/reader.go:234 +0x270
github.com/cilium/ebpf/perf.NewReader(...)
/home/ubuntu/go/pkg/mod/github.com/cilium/ebpf@v0.12.3/perf/reader.go:187
ecapture/user/module.(*Module).perfEventReader(0x400013a580, 0x400041a000, 0x40000b4500)
/home/ubuntu/project/ecapture/user/module/imodule.go:193 +0x140
ecapture/user/module.(*Module).readEvents(0x400013a580)
/home/ubuntu/project/ecapture/user/module/imodule.go:181 +0xfc
ecapture/user/module.(*Module).Run(0x400013a580)
/home/ubuntu/project/ecapture/user/module/imodule.go:140 +0x100
ecapture/cli/cmd.openSSLCommandFunc(0x4000170a00?, {0x52d3c8?, 0x4?, 0x52d324?})
/home/ubuntu/project/ecapture/cli/cmd/tls.go:131 +0x680
github.com/spf13/cobra.(*Command).execute(0xc1d4c0, {0x118e2c0, 0x0, 0x0})
/home/ubuntu/go/pkg/mod/github.com/spf13/cobra@v1.4.0/command.go:860 +0x53c
github.com/spf13/cobra.(*Command).ExecuteC(0xc1d240)
/home/ubuntu/go/pkg/mod/github.com/spf13/cobra@v1.4.0/command.go:974 +0x318
github.com/spf13/cobra.(*Command).Execute(...)
/home/ubuntu/go/pkg/mod/github.com/spf13/cobra@v1.4.0/command.go:902
ecapture/cli/cmd.Execute()
/home/ubuntu/project/ecapture/cli/cmd/root.go:75 +0x108
ecapture/cli.Start(...)
/home/ubuntu/project/ecapture/cli/main.go:22
main.main()
/home/ubuntu/project/ecapture/main.go:73 +0x1c0
看上去是bug,晚点我测试看看。
➜ ecapture git:(master) make nocore
if [ $? -ne 0 ]; then /bin/bash: -c: line 1: syntax error: unexpected end of file make: *** [.check_clang] Error 2
执行 make nocore 命令,遇到这个错误,不知道如何解决。
看上去是你bash或者make的问题,参考 builder/init_env.sh配置一下环境吧。最好是ubuntu 22.04
使用 ecapture-android-aarch64_nocore-v0.7.0 会报错:
tls_2023/12/06 15:51:27 ECAPTURE :: ecapture Version : androidgki_aarch64:0.7.0-20231203-2fbdf3f:5.4.0-155-generic tls_2023/12/06 15:51:27 ECAPTURE :: Pid Info : 16075 tls_2023/12/06 15:51:27 ECAPTURE :: Kernel Info : 5.10.110 tls_2023/12/06 15:51:27 EBPFProbeOPENSSL module initialization tls_2023/12/06 15:51:27 EBPFProbeOPENSSL master key keylogger: tls_2023/12/06 15:51:27 ECAPTURE :: Module.Run() tls_2023/12/06 15:51:27 EBPFProbeOPENSSL Text MODEL tls_2023/12/06 15:51:27 EBPFProbeOPENSSL OpenSSL/BoringSSL version not found, used default version :android_default tls_2023/12/06 15:51:27 EBPFProbeOPENSSL HOOK type:2, binrayPath:/apex/com.android.conscrypt/lib64/libssl.so tls_2023/12/06 15:51:27 EBPFProbeOPENSSL Hook masterKey function:SSL_in_init tls_2023/12/06 15:51:27 EBPFProbeOPENSSL libPthread:/apex/com.android.runtime/lib64/bionic/libc.so tls_2023/12/06 15:51:27 EBPFProbeOPENSSL target all process. tls_2023/12/06 15:51:27 EBPFProbeOPENSSL target all users. tls_2023/12/06 15:51:27 EBPFProbeOPENSSL BPF bytecode filename:user/bytecode/boringssl_a_13_kern.o tls_2023/12/06 15:51:27 EBPFProbeOPENSSL perfEventReader created. mapSize:20 MB tls_2023/12/06 15:51:27 EBPFProbeOPENSSL perfEventReader created. mapSize:20 MB panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x28 pc=0x2b4d80]
goroutine 1 [running]: github.com/cilium/ebpf/perf.NewReaderWithOptions(0x40000b4500, 0x1400000, {0x118fb00?, 0xd8?}) /home/ubuntu/go/pkg/mod/github.com/cilium/ebpf@v0.12.3/perf/reader.go:234 +0x270 github.com/cilium/ebpf/perf.NewReader(...) /home/ubuntu/go/pkg/mod/github.com/cilium/ebpf@v0.12.3/perf/reader.go:187 ecapture/user/module.(*Module).perfEventReader(0x400013a580, 0x400041a000, 0x40000b4500) /home/ubuntu/project/ecapture/user/module/imodule.go:193 +0x140 ecapture/user/module.(*Module).readEvents(0x400013a580) /home/ubuntu/project/ecapture/user/module/imodule.go:181 +0xfc ecapture/user/module.(*Module).Run(0x400013a580) /home/ubuntu/project/ecapture/user/module/imodule.go:140 +0x100 ecapture/cli/cmd.openSSLCommandFunc(0x4000170a00?, {0x52d3c8?, 0x4?, 0x52d324?}) /home/ubuntu/project/ecapture/cli/cmd/tls.go:131 +0x680 github.com/spf13/cobra.(*Command).execute(0xc1d4c0, {0x118e2c0, 0x0, 0x0}) /home/ubuntu/go/pkg/mod/github.com/spf13/cobra@v1.4.0/command.go:860 +0x53c github.com/spf13/cobra.(*Command).ExecuteC(0xc1d240) /home/ubuntu/go/pkg/mod/github.com/spf13/cobra@v1.4.0/command.go:974 +0x318 github.com/spf13/cobra.(*Command).Execute(...) /home/ubuntu/go/pkg/mod/github.com/spf13/cobra@v1.4.0/command.go:902 ecapture/cli/cmd.Execute() /home/ubuntu/project/ecapture/cli/cmd/root.go:75 +0x108 ecapture/cli.Start(...) /home/ubuntu/project/ecapture/cli/main.go:22 main.main() /home/ubuntu/project/ecapture/main.go:73 +0x1c0
这个是你自己修改代码编译的吗? 我这里运行正常。。
或者你指定一下mapsize参数试试。
./ecapture tls --mapsize 256我用的是Android Studio自带的模拟器,里面的镜像也都是非CO-RE的,也就是说不支持BTF。你最好更换不同的eCapture版本,而不是想办法让android开启BTF。
没问题的话,关了哦。