问题
i'm writing the code about low-level stuff. i need to know kernel symbol addresses to write reliable code. So im trying to read the kallsyms when im in user-mode in Ubuntu kernel-3.0.19. and that's kallsyms output in user-mode.
... 00000000 r __ksymtab_prepare_kernel_cred 00000000 r __kcrctab_prepare_kernel_cred 00000000 r __kstrtab_prepare_kernel_cred ...
how can i solve this problem in user-mode. when im root and everyting's ok but that's not what i need.
thanks.
回答1:
It is intentional that /proc/kallsyms shows zeros instead of the real addresses for a non-root user. This lowers the security risk a bit.
The details are available in this upstream commit. See also how %pK print specifier is used in s_show() function in kallsyms.c, s_show being responsible for providing a record in /proc/kallsyms.
I doubt it is still possible to get symbol addresses somehow without being a root user. One can not access System.map without root privileges either. Same for writing to /proc/sys/kernel/kptr_restrict.
来源:https://stackoverflow.com/questions/10447491/reading-kallsyms-in-user-mode