1 // SPDX-License-Identifier: GPL-2.0-only
3 * kallsyms.c: in-kernel printing of symbolic oopses and stack traces.
5 * Rewritten and vastly simplified by Rusty Russell for in-kernel
7 * Copyright 2002 Rusty Russell <rusty@rustcorp.com.au> IBM Corporation
11 * (25/Aug/2004) Paulo Marques <pmarques@grupopie.com>
12 * Changed the compression method from stem compression to "table lookup"
13 * compression (see scripts/kallsyms.c for a more complete description)
15 #include <linux/kallsyms.h>
16 #include <linux/init.h>
17 #include <linux/seq_file.h>
19 #include <linux/kdb.h>
20 #include <linux/err.h>
21 #include <linux/proc_fs.h>
22 #include <linux/sched.h> /* for cond_resched */
23 #include <linux/ctype.h>
24 #include <linux/slab.h>
25 #include <linux/filter.h>
26 #include <linux/ftrace.h>
27 #include <linux/kprobes.h>
28 #include <linux/build_bug.h>
29 #include <linux/compiler.h>
30 #include <linux/module.h>
31 #include <linux/kernel.h>
34 * These will be re-linked against their real values
35 * during the second link stage.
37 extern const unsigned long kallsyms_addresses[] __weak;
38 extern const int kallsyms_offsets[] __weak;
39 extern const u8 kallsyms_names[] __weak;
42 * Tell the compiler that the count isn't in the small data section if the arch
45 extern const unsigned int kallsyms_num_syms
46 __section(".rodata") __attribute__((weak));
48 extern const unsigned long kallsyms_relative_base
49 __section(".rodata") __attribute__((weak));
51 extern const char kallsyms_token_table[] __weak;
52 extern const u16 kallsyms_token_index[] __weak;
54 extern const unsigned int kallsyms_markers[] __weak;
57 * Expand a compressed symbol data into the resulting uncompressed string,
58 * if uncompressed string is too long (>= maxlen), it will be truncated,
59 * given the offset to where the symbol is in the compressed stream.
61 static unsigned int kallsyms_expand_symbol(unsigned int off,
62 char *result, size_t maxlen)
64 int len, skipped_first = 0;
68 /* Get the compressed symbol length from the first symbol byte. */
69 data = &kallsyms_names[off];
74 * Update the offset to return the offset for the next symbol on
75 * the compressed stream.
80 * For every byte on the compressed symbol data, copy the table
81 * entry for that byte.
84 tptr = &kallsyms_token_table[kallsyms_token_index[*data]];
105 /* Return to offset to the next symbol. */
110 * Get symbol type information. This is encoded as a single char at the
111 * beginning of the symbol name.
113 static char kallsyms_get_symbol_type(unsigned int off)
116 * Get just the first code, look it up in the token table,
117 * and return the first char from this token.
119 return kallsyms_token_table[kallsyms_token_index[kallsyms_names[off + 1]]];
124 * Find the offset on the compressed stream given and index in the
127 static unsigned int get_symbol_offset(unsigned long pos)
133 * Use the closest marker we have. We have markers every 256 positions,
134 * so that should be close enough.
136 name = &kallsyms_names[kallsyms_markers[pos >> 8]];
139 * Sequentially scan all the symbols up to the point we're searching
140 * for. Every symbol is stored in a [<len>][<len> bytes of data] format,
141 * so we just need to add the len to the current pointer for every
142 * symbol we wish to skip.
144 for (i = 0; i < (pos & 0xFF); i++)
145 name = name + (*name) + 1;
147 return name - kallsyms_names;
150 static unsigned long kallsyms_sym_address(int idx)
152 if (!IS_ENABLED(CONFIG_KALLSYMS_BASE_RELATIVE))
153 return kallsyms_addresses[idx];
155 /* values are unsigned offsets if --absolute-percpu is not in effect */
156 if (!IS_ENABLED(CONFIG_KALLSYMS_ABSOLUTE_PERCPU))
157 return kallsyms_relative_base + (u32)kallsyms_offsets[idx];
159 /* ...otherwise, positive offsets are absolute values */
160 if (kallsyms_offsets[idx] >= 0)
161 return kallsyms_offsets[idx];
163 /* ...and negative offsets are relative to kallsyms_relative_base - 1 */
164 return kallsyms_relative_base - 1 - kallsyms_offsets[idx];
167 static bool cleanup_symbol_name(char *s)
171 if (!IS_ENABLED(CONFIG_LTO_CLANG))
175 * LLVM appends various suffixes for local functions and variables that
176 * must be promoted to global scope as part of LTO. This can break
177 * hooking of static functions with kprobes. '.' is not a valid
178 * character in an identifier in C. Suffixes observed:
179 * - foo.llvm.[0-9a-f]+
181 * - foo.[0-9a-f]+.cfi_jt
183 res = strchr(s, '.');
189 if (!IS_ENABLED(CONFIG_CFI_CLANG) ||
190 !IS_ENABLED(CONFIG_LTO_CLANG_THIN) ||
191 CONFIG_CLANG_VERSION >= 130000)
195 * Prior to LLVM 13, the following suffixes were observed when thinLTO
196 * and CFI are both enabled:
199 res = strrchr(s, '$');
208 /* Lookup the address for this symbol. Returns 0 if not found. */
209 unsigned long kallsyms_lookup_name(const char *name)
211 char namebuf[KSYM_NAME_LEN];
215 /* Skip the search for empty string. */
219 for (i = 0, off = 0; i < kallsyms_num_syms; i++) {
220 off = kallsyms_expand_symbol(off, namebuf, ARRAY_SIZE(namebuf));
222 if (strcmp(namebuf, name) == 0)
223 return kallsyms_sym_address(i);
225 if (cleanup_symbol_name(namebuf) && strcmp(namebuf, name) == 0)
226 return kallsyms_sym_address(i);
228 return module_kallsyms_lookup_name(name);
232 * Iterate over all symbols in vmlinux. For symbols from modules use
233 * module_kallsyms_on_each_symbol instead.
235 int kallsyms_on_each_symbol(int (*fn)(void *, const char *, struct module *,
239 char namebuf[KSYM_NAME_LEN];
244 for (i = 0, off = 0; i < kallsyms_num_syms; i++) {
245 off = kallsyms_expand_symbol(off, namebuf, ARRAY_SIZE(namebuf));
246 ret = fn(data, namebuf, NULL, kallsyms_sym_address(i));
254 static unsigned long get_symbol_pos(unsigned long addr,
255 unsigned long *symbolsize,
256 unsigned long *offset)
258 unsigned long symbol_start = 0, symbol_end = 0;
259 unsigned long i, low, high, mid;
261 /* This kernel should never had been booted. */
262 if (!IS_ENABLED(CONFIG_KALLSYMS_BASE_RELATIVE))
263 BUG_ON(!kallsyms_addresses);
265 BUG_ON(!kallsyms_offsets);
267 /* Do a binary search on the sorted kallsyms_addresses array. */
269 high = kallsyms_num_syms;
271 while (high - low > 1) {
272 mid = low + (high - low) / 2;
273 if (kallsyms_sym_address(mid) <= addr)
280 * Search for the first aliased symbol. Aliased
281 * symbols are symbols with the same address.
283 while (low && kallsyms_sym_address(low-1) == kallsyms_sym_address(low))
286 symbol_start = kallsyms_sym_address(low);
288 /* Search for next non-aliased symbol. */
289 for (i = low + 1; i < kallsyms_num_syms; i++) {
290 if (kallsyms_sym_address(i) > symbol_start) {
291 symbol_end = kallsyms_sym_address(i);
296 /* If we found no next symbol, we use the end of the section. */
298 if (is_kernel_inittext(addr))
299 symbol_end = (unsigned long)_einittext;
300 else if (IS_ENABLED(CONFIG_KALLSYMS_ALL))
301 symbol_end = (unsigned long)_end;
303 symbol_end = (unsigned long)_etext;
307 *symbolsize = symbol_end - symbol_start;
309 *offset = addr - symbol_start;
315 * Lookup an address but don't bother to find any names.
317 int kallsyms_lookup_size_offset(unsigned long addr, unsigned long *symbolsize,
318 unsigned long *offset)
320 char namebuf[KSYM_NAME_LEN];
322 if (is_ksym_addr(addr)) {
323 get_symbol_pos(addr, symbolsize, offset);
326 return !!module_address_lookup(addr, symbolsize, offset, NULL, NULL, namebuf) ||
327 !!__bpf_address_lookup(addr, symbolsize, offset, namebuf);
330 static const char *kallsyms_lookup_buildid(unsigned long addr,
331 unsigned long *symbolsize,
332 unsigned long *offset, char **modname,
333 const unsigned char **modbuildid, char *namebuf)
337 namebuf[KSYM_NAME_LEN - 1] = 0;
340 if (is_ksym_addr(addr)) {
343 pos = get_symbol_pos(addr, symbolsize, offset);
345 kallsyms_expand_symbol(get_symbol_offset(pos),
346 namebuf, KSYM_NAME_LEN);
356 /* See if it's in a module or a BPF JITed image. */
357 ret = module_address_lookup(addr, symbolsize, offset,
358 modname, modbuildid, namebuf);
360 ret = bpf_address_lookup(addr, symbolsize,
361 offset, modname, namebuf);
364 ret = ftrace_mod_address_lookup(addr, symbolsize,
365 offset, modname, namebuf);
368 cleanup_symbol_name(namebuf);
374 * - modname is set to NULL if it's in the kernel.
375 * - We guarantee that the returned name is valid until we reschedule even if.
376 * It resides in a module.
377 * - We also guarantee that modname will be valid until rescheduled.
379 const char *kallsyms_lookup(unsigned long addr,
380 unsigned long *symbolsize,
381 unsigned long *offset,
382 char **modname, char *namebuf)
384 return kallsyms_lookup_buildid(addr, symbolsize, offset, modname,
388 int lookup_symbol_name(unsigned long addr, char *symname)
393 symname[KSYM_NAME_LEN - 1] = '\0';
395 if (is_ksym_addr(addr)) {
398 pos = get_symbol_pos(addr, NULL, NULL);
400 kallsyms_expand_symbol(get_symbol_offset(pos),
401 symname, KSYM_NAME_LEN);
404 /* See if it's in a module. */
405 res = lookup_module_symbol_name(addr, symname);
410 cleanup_symbol_name(symname);
414 int lookup_symbol_attrs(unsigned long addr, unsigned long *size,
415 unsigned long *offset, char *modname, char *name)
420 name[KSYM_NAME_LEN - 1] = '\0';
422 if (is_ksym_addr(addr)) {
425 pos = get_symbol_pos(addr, size, offset);
427 kallsyms_expand_symbol(get_symbol_offset(pos),
428 name, KSYM_NAME_LEN);
432 /* See if it's in a module. */
433 res = lookup_module_symbol_attrs(addr, size, offset, modname, name);
438 cleanup_symbol_name(name);
442 /* Look up a kernel symbol and return it in a text buffer. */
443 static int __sprint_symbol(char *buffer, unsigned long address,
444 int symbol_offset, int add_offset, int add_buildid)
447 const unsigned char *buildid;
449 unsigned long offset, size;
452 address += symbol_offset;
453 name = kallsyms_lookup_buildid(address, &size, &offset, &modname, &buildid,
456 return sprintf(buffer, "0x%lx", address - symbol_offset);
459 strcpy(buffer, name);
460 len = strlen(buffer);
461 offset -= symbol_offset;
464 len += sprintf(buffer + len, "+%#lx/%#lx", offset, size);
467 len += sprintf(buffer + len, " [%s", modname);
468 #if IS_ENABLED(CONFIG_STACKTRACE_BUILD_ID)
469 if (add_buildid && buildid) {
470 /* build ID should match length of sprintf */
471 #if IS_ENABLED(CONFIG_MODULES)
472 static_assert(sizeof(typeof_member(struct module, build_id)) == 20);
474 len += sprintf(buffer + len, " %20phN", buildid);
477 len += sprintf(buffer + len, "]");
484 * sprint_symbol - Look up a kernel symbol and return it in a text buffer
485 * @buffer: buffer to be stored
486 * @address: address to lookup
488 * This function looks up a kernel symbol with @address and stores its name,
489 * offset, size and module name to @buffer if possible. If no symbol was found,
490 * just saves its @address as is.
492 * This function returns the number of bytes stored in @buffer.
494 int sprint_symbol(char *buffer, unsigned long address)
496 return __sprint_symbol(buffer, address, 0, 1, 0);
498 EXPORT_SYMBOL_GPL(sprint_symbol);
501 * sprint_symbol_build_id - Look up a kernel symbol and return it in a text buffer
502 * @buffer: buffer to be stored
503 * @address: address to lookup
505 * This function looks up a kernel symbol with @address and stores its name,
506 * offset, size, module name and module build ID to @buffer if possible. If no
507 * symbol was found, just saves its @address as is.
509 * This function returns the number of bytes stored in @buffer.
511 int sprint_symbol_build_id(char *buffer, unsigned long address)
513 return __sprint_symbol(buffer, address, 0, 1, 1);
515 EXPORT_SYMBOL_GPL(sprint_symbol_build_id);
518 * sprint_symbol_no_offset - Look up a kernel symbol and return it in a text buffer
519 * @buffer: buffer to be stored
520 * @address: address to lookup
522 * This function looks up a kernel symbol with @address and stores its name
523 * and module name to @buffer if possible. If no symbol was found, just saves
524 * its @address as is.
526 * This function returns the number of bytes stored in @buffer.
528 int sprint_symbol_no_offset(char *buffer, unsigned long address)
530 return __sprint_symbol(buffer, address, 0, 0, 0);
532 EXPORT_SYMBOL_GPL(sprint_symbol_no_offset);
535 * sprint_backtrace - Look up a backtrace symbol and return it in a text buffer
536 * @buffer: buffer to be stored
537 * @address: address to lookup
539 * This function is for stack backtrace and does the same thing as
540 * sprint_symbol() but with modified/decreased @address. If there is a
541 * tail-call to the function marked "noreturn", gcc optimized out code after
542 * the call so that the stack-saved return address could point outside of the
543 * caller. This function ensures that kallsyms will find the original caller
544 * by decreasing @address.
546 * This function returns the number of bytes stored in @buffer.
548 int sprint_backtrace(char *buffer, unsigned long address)
550 return __sprint_symbol(buffer, address, -1, 1, 0);
554 * sprint_backtrace_build_id - Look up a backtrace symbol and return it in a text buffer
555 * @buffer: buffer to be stored
556 * @address: address to lookup
558 * This function is for stack backtrace and does the same thing as
559 * sprint_symbol() but with modified/decreased @address. If there is a
560 * tail-call to the function marked "noreturn", gcc optimized out code after
561 * the call so that the stack-saved return address could point outside of the
562 * caller. This function ensures that kallsyms will find the original caller
563 * by decreasing @address. This function also appends the module build ID to
564 * the @buffer if @address is within a kernel module.
566 * This function returns the number of bytes stored in @buffer.
568 int sprint_backtrace_build_id(char *buffer, unsigned long address)
570 return __sprint_symbol(buffer, address, -1, 1, 1);
573 /* To avoid using get_symbol_offset for every symbol, we carry prefix along. */
574 struct kallsym_iter {
578 loff_t pos_ftrace_mod_end;
581 unsigned int nameoff; /* If iterating in core kernel symbols. */
583 char name[KSYM_NAME_LEN];
584 char module_name[MODULE_NAME_LEN];
589 int __weak arch_get_kallsym(unsigned int symnum, unsigned long *value,
590 char *type, char *name)
595 static int get_ksymbol_arch(struct kallsym_iter *iter)
597 int ret = arch_get_kallsym(iter->pos - kallsyms_num_syms,
598 &iter->value, &iter->type,
602 iter->pos_arch_end = iter->pos;
609 static int get_ksymbol_mod(struct kallsym_iter *iter)
611 int ret = module_get_kallsym(iter->pos - iter->pos_arch_end,
612 &iter->value, &iter->type,
613 iter->name, iter->module_name,
616 iter->pos_mod_end = iter->pos;
624 * ftrace_mod_get_kallsym() may also get symbols for pages allocated for ftrace
625 * purposes. In that case "__builtin__ftrace" is used as a module name, even
626 * though "__builtin__ftrace" is not a module.
628 static int get_ksymbol_ftrace_mod(struct kallsym_iter *iter)
630 int ret = ftrace_mod_get_kallsym(iter->pos - iter->pos_mod_end,
631 &iter->value, &iter->type,
632 iter->name, iter->module_name,
635 iter->pos_ftrace_mod_end = iter->pos;
642 static int get_ksymbol_bpf(struct kallsym_iter *iter)
646 strlcpy(iter->module_name, "bpf", MODULE_NAME_LEN);
648 ret = bpf_get_kallsym(iter->pos - iter->pos_ftrace_mod_end,
649 &iter->value, &iter->type,
652 iter->pos_bpf_end = iter->pos;
660 * This uses "__builtin__kprobes" as a module name for symbols for pages
661 * allocated for kprobes' purposes, even though "__builtin__kprobes" is not a
664 static int get_ksymbol_kprobe(struct kallsym_iter *iter)
666 strlcpy(iter->module_name, "__builtin__kprobes", MODULE_NAME_LEN);
668 return kprobe_get_kallsym(iter->pos - iter->pos_bpf_end,
669 &iter->value, &iter->type,
670 iter->name) < 0 ? 0 : 1;
673 /* Returns space to next name. */
674 static unsigned long get_ksymbol_core(struct kallsym_iter *iter)
676 unsigned off = iter->nameoff;
678 iter->module_name[0] = '\0';
679 iter->value = kallsyms_sym_address(iter->pos);
681 iter->type = kallsyms_get_symbol_type(off);
683 off = kallsyms_expand_symbol(off, iter->name, ARRAY_SIZE(iter->name));
685 return off - iter->nameoff;
688 static void reset_iter(struct kallsym_iter *iter, loff_t new_pos)
690 iter->name[0] = '\0';
691 iter->nameoff = get_symbol_offset(new_pos);
694 iter->pos_arch_end = 0;
695 iter->pos_mod_end = 0;
696 iter->pos_ftrace_mod_end = 0;
697 iter->pos_bpf_end = 0;
702 * The end position (last + 1) of each additional kallsyms section is recorded
703 * in iter->pos_..._end as each section is added, and so can be used to
704 * determine which get_ksymbol_...() function to call next.
706 static int update_iter_mod(struct kallsym_iter *iter, loff_t pos)
710 if ((!iter->pos_arch_end || iter->pos_arch_end > pos) &&
711 get_ksymbol_arch(iter))
714 if ((!iter->pos_mod_end || iter->pos_mod_end > pos) &&
715 get_ksymbol_mod(iter))
718 if ((!iter->pos_ftrace_mod_end || iter->pos_ftrace_mod_end > pos) &&
719 get_ksymbol_ftrace_mod(iter))
722 if ((!iter->pos_bpf_end || iter->pos_bpf_end > pos) &&
723 get_ksymbol_bpf(iter))
726 return get_ksymbol_kprobe(iter);
729 /* Returns false if pos at or past end of file. */
730 static int update_iter(struct kallsym_iter *iter, loff_t pos)
732 /* Module symbols can be accessed randomly. */
733 if (pos >= kallsyms_num_syms)
734 return update_iter_mod(iter, pos);
736 /* If we're not on the desired position, reset to new position. */
737 if (pos != iter->pos)
738 reset_iter(iter, pos);
740 iter->nameoff += get_ksymbol_core(iter);
746 static void *s_next(struct seq_file *m, void *p, loff_t *pos)
750 if (!update_iter(m->private, *pos))
755 static void *s_start(struct seq_file *m, loff_t *pos)
757 if (!update_iter(m->private, *pos))
762 static void s_stop(struct seq_file *m, void *p)
766 static int s_show(struct seq_file *m, void *p)
769 struct kallsym_iter *iter = m->private;
771 /* Some debugging symbols have no name. Ignore them. */
775 value = iter->show_value ? (void *)iter->value : NULL;
777 if (iter->module_name[0]) {
781 * Label it "global" if it is exported,
782 * "local" if not exported.
784 type = iter->exported ? toupper(iter->type) :
786 seq_printf(m, "%px %c %s\t[%s]\n", value,
787 type, iter->name, iter->module_name);
789 seq_printf(m, "%px %c %s\n", value,
790 iter->type, iter->name);
794 static const struct seq_operations kallsyms_op = {
801 static inline int kallsyms_for_perf(void)
803 #ifdef CONFIG_PERF_EVENTS
804 extern int sysctl_perf_event_paranoid;
805 if (sysctl_perf_event_paranoid <= 1)
812 * We show kallsyms information even to normal users if we've enabled
813 * kernel profiling and are explicitly not paranoid (so kptr_restrict
814 * is clear, and sysctl_perf_event_paranoid isn't set).
816 * Otherwise, require CAP_SYSLOG (assuming kptr_restrict isn't set to
819 bool kallsyms_show_value(const struct cred *cred)
821 switch (kptr_restrict) {
823 if (kallsyms_for_perf())
827 if (security_capable(cred, &init_user_ns, CAP_SYSLOG,
828 CAP_OPT_NOAUDIT) == 0)
836 static int kallsyms_open(struct inode *inode, struct file *file)
839 * We keep iterator in m->private, since normal case is to
840 * s_start from where we left off, so we avoid doing
841 * using get_symbol_offset for every symbol.
843 struct kallsym_iter *iter;
844 iter = __seq_open_private(file, &kallsyms_op, sizeof(*iter));
850 * Instead of checking this on every s_show() call, cache
851 * the result here at open time.
853 iter->show_value = kallsyms_show_value(file->f_cred);
857 #ifdef CONFIG_KGDB_KDB
858 const char *kdb_walk_kallsyms(loff_t *pos)
860 static struct kallsym_iter kdb_walk_kallsyms_iter;
862 memset(&kdb_walk_kallsyms_iter, 0,
863 sizeof(kdb_walk_kallsyms_iter));
864 reset_iter(&kdb_walk_kallsyms_iter, 0);
867 if (!update_iter(&kdb_walk_kallsyms_iter, *pos))
870 /* Some debugging symbols have no name. Ignore them. */
871 if (kdb_walk_kallsyms_iter.name[0])
872 return kdb_walk_kallsyms_iter.name;
875 #endif /* CONFIG_KGDB_KDB */
877 static const struct proc_ops kallsyms_proc_ops = {
878 .proc_open = kallsyms_open,
879 .proc_read = seq_read,
880 .proc_lseek = seq_lseek,
881 .proc_release = seq_release_private,
884 static int __init kallsyms_init(void)
886 proc_create("kallsyms", 0444, NULL, &kallsyms_proc_ops);
889 device_initcall(kallsyms_init);