最近调试内核,cat /proc/kallsyms 后发现符号表值都为0。
检查内核配置项,该配的都已经配置。
查找很多网上资料,说是内核为了防止漏洞出现,特意不让非root用户查看符号表。
但是我将shell切换为root,还是只能查看到0.
因此只能修改内核代码。kernel/kernel/kallsyms.c
static int s_show(struct seq_file *m, void *p)
{
struct kallsym_iter *iter = m->private;
/* Some debugging symbols have no name. Ignore them. */
if (!iter->name[0])
return 0;
if (iter->module_name[0]) {
char type;
/*
* Label it "global" if it is exported,
* "local" if not exported.
*/
type = iter->exported ? toupper(iter->type) :
tolower(iter->type);
seq_printf(m, "%pK %c %s\t[%s]\n", (void *)iter->value,
type, iter->name, iter->module_name);
} else
seq_printf(m, "%pK %c %s\n", (void *)iter->value,
iter->type, iter->name);
return 0;
}
需要将seq_printf(m, "%pK %c %s\t[%s]\n", (void *)iter->value,
type, iter->name, iter->module_name); 中的K去掉,重新编译烧写内核即可。
seq_printf(m, "%p %c %s\t[%s]\n", (void *)iter->value,
type, iter->name, iter->module_name);