i'm writing the code about low-level stuff. i need to know kernel symbol addresses to write reliable code. So im trying to read the kallsyms when im in user-mode in Ubuntu kernel-3.0.19. and that's kallsyms output in user-mode.
…
00000000 r __ksymtab_prepare_kernel_cred
00000000 r __kcrctab_prepare_kernel_cred
00000000 r __kstrtab_prepare_kernel_cred
…
how can i solve this problem in user-mode. when im root and everyting's ok but that's not what i need.
thanks.
Best Answer
It is intentional that
/proc/kallsyms
shows zeros instead of the real addresses for a non-root user. This lowers the security risk a bit.The details are available in this upstream commit. See also how
%pK
print specifier is used in s_show() function in kallsyms.c,s_show
being responsible for providing a record in/proc/kallsyms
.I doubt it is still possible to get symbol addresses somehow without being a root user. One can not access
System.map
without root privileges either. Same for writing to/proc/sys/kernel/kptr_restrict
.