Kernel start routine

I start reading the kernel from routine 'start_kernel' at 'init/main.c'. The routine will initialize kernel and finally start the first process.

Starting VNC server

Use following command to start VNC server. The option "localhost no" tells vncserver to allow remote connection.

vncserver -localhost no

Notice the output of the command, it will be something like below. The display number is 1.

New 'myserver:1 (minz)' desktop at :1 on machine myserver

Connect to VNC server

In VNC viewer, the address of the VNC server is "IP Address:5901". The port number is 5900 + 'display number'. In the previous section, the display number is 1, so the port number is 5901.

Start QEMU

Open a new terminal to start QEMU with following command:

cd /path/to/linux-source-5.0.0
qemu-system-x86_64 -kernel arch/x86_64/boot/bzImage -initrd /boot/initrd.img-5.0.0-21-generic -S -s -append nokaslr -m 1024 -vnc :2

Here is the explanation to the option:

kernel: the bzImage file
initrd: the init ramdisk file
S: suspend gdbserver, let gdb connect it remotely
s: use default port number 1234 for the gdb server
append: append the string to kernel command line (nokaslr means 'no kernel address space layout randomization') 
m: memory size
vnc: the diaplay number

Connect to guest OS with vnc viewer

In VNC viewer, the address of the guest OS is "IP address:5902". The "IP address" is the address of the ubuntu server. The port number is 5900 + 'display number'. In the previous section, the display number is 2, so the port number is 5902.

Debug kernel with gdb

Open a new terminal, use following command to debug kernel:

cd /path/to/linux-source-5.0.0
gdb vmlinux

Run following commands in the gdb shell:

target remote :1234
break start_kernel
c

Now the guset OS stops at the break point 'start_kernel', we can start kernel hacking now.