As illustration of ideas from my previous blogpost I made PoC for logging all libcuda.so calls - as the cuda-gdb debugger sees them
It just installs own debug handler and receives all messages. Note:
- only x86_64 linux supported, but logic can be easily extended for x86 32bit and highly likely for arm64 too
- events generating before each call, so you can't get result of those calls
Current handler is very simple - it just writes to file, but nothing prevents to add storing to DB, ElasticSearch or gRPC/Apache thrift to send them to some remote storage (or even to WireShark in real time)
Format of messages
Currently almost unknown - for public API events have type 6 and function name at offset 0x30 - and this is all for now. Sure subject for further RE
Dependencies
How to build
Patch ELFIO_PATH & UDIS_PATH in Makefile and just run make
Both gcc (12+) and clang 21 are supported
How connect logger to your own application
You just call single function set_logger. Arguments:
- full path to libcuda.so. Note that most structures from it gathered with static code analysis and so require some disasm
- FILE *fp - where to write log
- mask - pointer to array with masks for each event type. Non-zero value means intercept events with this type, 2 - do hexdump of packets
- mask_size - size of mask array. libcuda.so from CUDA 13.1 has 31 event types
+ add libdis.so to linker
Also it's not difficult to make classical injection with ancient LD_PRELOAD trick or even inject this logger into already running processes
Комментариев нет:
Отправить комментарий