-
Notifications
You must be signed in to change notification settings - Fork 846
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Linux kernel: kallsyms command? #1836
Labels
Comments
Btw if we do this by looking for some strings in memory, in order to be efficient, we may need to e.g. search only for read-only mappings or read-write or something like that -- depending on where the searched string is to be expected in. |
This may be useful here as well: https://github.com/marin-m/vmlinux-to-elf |
Yes, we should use symbol addition API it when it lands in a GDB release
but even when it does, we will still want to support older GDB versions.
(Thx @mbrla0 for working on this API :))
…On Mon, 25 Mar 2024 at 11:38, charif ***@***.***> wrote:
may be useful:
https://sourceware.org/pipermail/gdb-patches/2023-January/195589.html
—
Reply to this email directly, view it on GitHub
<#1836 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACMLWCVGYROOKFLD3HWTZXTYZ75DLAVCNFSM6AAAAAA2XT3F6SVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDAMJXGY4TMMJUGA>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
I'll take a look at this |
Merged
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am not sure if this is doable, but if someone debugs a kernel with KASLR it would be nice to be able to find and parse kallsyms from within Pwndbg and then either set symbols or at least be able to print/fetch them via some Pwndbg API.
Here is a project that shows how one could deal with this: https://github.com/pagabuc/kallsyms-extractor/ although I am not sure if this works with latest kernels.
The text was updated successfully, but these errors were encountered: