Linux kernel: kallsyms command? #1836
Labels
Comments
|
Btw if we do this by looking for some strings in memory, in order to be efficient, we may need to e.g. search only for read-only mappings or read-write or something like that -- depending on where the searched string is to be expected in. |
|
This may be useful here as well: https://github.com/marin-m/vmlinux-to-elf |
|
Yes, we should use symbol addition API it when it lands in a GDB release
but even when it does, we will still want to support older GDB versions.
(Thx @mbrla0 for working on this API :))
…On Mon, 25 Mar 2024 at 11:38, charif ***@***.***> wrote:
may be useful:
https://sourceware.org/pipermail/gdb-patches/2023-January/195589.html
—
Reply to this email directly, view it on GitHub
<#1836 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACMLWCVGYROOKFLD3HWTZXTYZ75DLAVCNFSM6AAAAAA2XT3F6SVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAMJXGY4TMMJUGA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
I'll take a look at this |
Merged
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am not sure if this is doable, but if someone debugs a kernel with KASLR it would be nice to be able to find and parse kallsyms from within Pwndbg and then either set symbols or at least be able to print/fetch them via some Pwndbg API.
Here is a project that shows how one could deal with this: https://github.com/pagabuc/kallsyms-extractor/ although I am not sure if this works with latest kernels.
The text was updated successfully, but these errors were encountered: