0

As there was a lot of confusion before, so I am rephrasing question here removing old one.

I want to print all the symbolic info from vmlinux binary on power-pc architecture - static, dynamic(.so) as well as run time including kallsyms (module symbols) and any other if I dont know about.

I am not interested (actually I can not and its difficult to explain here why) in using GDB, readelf, /proc/kallsyms or system.map or getting the core file.

I am more intereted in knowing how GDB, readelf, objdump, kallsyms or systme.map are generated . Which kernel data structures they use ? Which library they prefer to use - libelf or libdwarf

As far my understanding says:

  1. use libelf/libdwarf for all static information.
  2. rld_map section need to be parsed for the dynamic .so files.
  3. For kallsyms, I am not sure how to handle symbolic info for the LKMs that would be added dynamically.

Considering above situation, please suggest me is it wise decision to write the tool from scratch. I was able to get a list of all function names and their address using libdwarf for now.

Can someone direct me towards some source code that is best possible to use in above situation or that can be modified somewhat for the above scenarion rather than going to write something from beginning or it is not practically possible. (May be some snippet of readelf/objdump/GDB)

Please ask for clarification and update if needed.

Thanks !!

Udit Gupta
  • 3,162
  • 11
  • 43
  • 71
  • I would suggest you to take a look at elf spec and how linkers and loaders works. It is very very bad idea to write it from scratch unless you want to do it for fun or to learn. – Sasi V Jul 16 '14 at 07:20

1 Answers1

0

If you have built the kernel yourself, by default this should create a System.map file. Also from the kernel source code you can check the script /usr/src/linux/scripts/mksysmap which can be used to create a system.map scritp

Alternatively, use the nm -A vmlinux command:

vmlinux:ffffffff81c8d960 d aa_fs_entry_features vmlinux:ffffffff81c8dbc0 d aa_fs_entry_file vmlinux:ffffffff81c8da80 d aa_fs_entry_policy vmlinux:ffffffff81c8e300 D aa_fs_entry_rlimit vmlinux:ffffffff813179a0 T __aa_fs_namespace_mkdir

the output in the thrid column gives details where the symbol resides when the program is loaded into the memory. "B" or "b" The symbol is in the uninitialized data section (known as BSS). "T" or "t" The symbol is in the text (code) section. "U" The symbol is undefined.

askb
  • 6,501
  • 30
  • 43
  • Best if you can provide more details on what you are trying to achieve overall. If question are be more related to compilation and linking, this is possible related to gcc. However, if the kernel has crashed, have you considered configuring kdump and obtaining a vmcore file for analysis. – askb Jul 15 '14 at 08:02
  • believe me its difficult to tell the complete scenarion here ... but for you question, I would say there is no way to get the core file but assume that you have some mechanism that if you provide some memory address then you can get raw data from that location which can be parsed afterwards. As I said, I want to know how GDB, readelf or /proc/kallsyms or system.map get that info. Which data structures they use or which library they use to get symbolic info ? – Udit Gupta Jul 15 '14 at 18:47
  • I have re-phrased the question .. please have a look if you understand . – Udit Gupta Jul 15 '14 at 19:09