[PATCH v4][makedumpfile 2/7] Implement kernel kallsyms resolving
Tao Liu
ltao at redhat.com
Tue Mar 17 08:07:38 PDT 2026
This patch will parse kernel's kallsyms data. During the parsing
process, the .init_ksyms sections of makedumpfile and the
extensions will be iterated, so the kallsyms symbols which belongs
to vmlinux can be resolved at this moment.
Suggested-by: Stephen Brennan <stephen.s.brennan at oracle.com>
Signed-off-by: Tao Liu <ltao at redhat.com>
---
Makefile | 2 +-
kallsyms.c | 350 +++++++++++++++++++++++++++++++++++++++++++++++++
kallsyms.h | 91 +++++++++++++
makedumpfile.c | 3 +
makedumpfile.h | 11 ++
5 files changed, 456 insertions(+), 1 deletion(-)
create mode 100644 kallsyms.c
create mode 100644 kallsyms.h
diff --git a/Makefile b/Makefile
index 15a4ba0..a57185e 100644
--- a/Makefile
+++ b/Makefile
@@ -45,7 +45,7 @@ CFLAGS_ARCH += -m32
endif
SRC_BASE = makedumpfile.c makedumpfile.h diskdump_mod.h sadump_mod.h sadump_info.h
-SRC_PART = print_info.c dwarf_info.c elf_info.c erase_info.c sadump_info.c cache.c tools.c printk.c detect_cycle.c
+SRC_PART = print_info.c dwarf_info.c elf_info.c erase_info.c sadump_info.c cache.c tools.c printk.c detect_cycle.c kallsyms.c
OBJ_PART=$(patsubst %.c,%.o,$(SRC_PART))
SRC_ARCH = arch/arm.c arch/arm64.c arch/x86.c arch/x86_64.c arch/ia64.c arch/ppc64.c arch/s390x.c arch/ppc.c arch/sparc64.c arch/mips64.c arch/loongarch64.c arch/riscv64.c
OBJ_ARCH=$(patsubst %.c,%.o,$(SRC_ARCH))
diff --git a/kallsyms.c b/kallsyms.c
new file mode 100644
index 0000000..f7737cb
--- /dev/null
+++ b/kallsyms.c
@@ -0,0 +1,350 @@
+#include <stdint.h>
+#include <stdbool.h>
+#include <string.h>
+#include "makedumpfile.h"
+#include "kallsyms.h"
+
+static uint32_t *kallsyms_offsets = NULL;
+static uint16_t *kallsyms_token_index = NULL;
+static uint8_t *kallsyms_token_table = NULL;
+static uint8_t *kallsyms_names = NULL;
+static unsigned long kallsyms_relative_base = 0;
+static unsigned int kallsyms_num_syms = 0;
+
+/* makedumpfile & extensions' .init_ksyms section range array */
+static struct section_range **sr = NULL;
+static int sr_len = 0;
+static int sr_cap = 0;
+
+/* Which mod's kallsyms should be inited? */
+static char **mods = NULL;
+static int mods_len = 0;
+static int mods_cap = 0;
+
+INIT_KERN_SYM(_stext);
+
+/*
+ * Utility: add elem to arr, which can auto extend its capacity.
+ * (*arr) is a pointer array, holding pointers of elem
+*/
+bool add_to_arr(void ***arr, int *arr_len, int *arr_cap, void *elem)
+{
+ void *tmp;
+ int new_cap = 0;
+
+ if (*arr == NULL) {
+ *arr_len = 0;
+ new_cap = 4;
+ } else if (*arr_len >= *arr_cap) {
+ new_cap = (*arr_cap) + ((*arr_cap) >> 1);
+ }
+
+ if (new_cap) {
+ tmp = reallocarray(*arr, new_cap, sizeof(void *));
+ if (!tmp)
+ goto no_mem;
+ *arr = tmp;
+ *arr_cap = new_cap;
+ }
+
+ (*arr)[(*arr_len)++] = elem;
+ return true;
+
+no_mem:
+ fprintf(stderr, "%s: Not enough memory!\n", __func__);
+ return false;
+}
+
+/*
+ * Utility: add uniq string to arr, which can auto extend its capacity.
+*/
+bool push_uniq_str(void ***arr, int *arr_len, int *arr_cap, char *str)
+{
+ for (int i = 0; i < (*arr_len); i++) {
+ if (!strcmp((*arr)[i], str))
+ /* String already exists, skip it */
+ return true;
+ }
+ return add_to_arr(arr, arr_len, arr_cap, str);
+}
+
+static bool add_ksym_modname(char *modname)
+{
+ return push_uniq_str((void ***)&mods, &mods_len, &mods_cap, modname);
+}
+
+bool check_ksyms_require_modname(char *modname, int *total)
+{
+ if (total)
+ *total = mods_len;
+ for (int i = 0; i < mods_len; i++) {
+ if (!strcmp(modname, mods[i]))
+ return true;
+ }
+ return false;
+}
+
+static void cleanup_ksyms_modname(void)
+{
+ if (mods) {
+ free(mods);
+ mods = NULL;
+ }
+ mods_len = 0;
+ mods_cap = 0;
+}
+
+/*
+ * Used by makedumpfile and extensions, to register their .init_ksyms section.
+ * so kallsyms can know which module/sym should be inited.
+*/
+REGISTER_SECTION(ksym)
+
+static void cleanup_ksyms_section_range(void)
+{
+ for (int i = 0; i < sr_len; i++) {
+ free(sr[i]);
+ }
+ if (sr) {
+ free(sr);
+ sr = NULL;
+ }
+ sr_len = 0;
+ sr_cap = 0;
+}
+
+static uint64_t absolute_percpu(uint64_t base, int32_t val)
+{
+ if (val >= 0)
+ return (uint64_t)val;
+ else
+ return base - 1 - val;
+}
+
+static uint64_t calc_addr_absolute_percpu(struct ksym_info *p)
+{
+ return absolute_percpu(kallsyms_relative_base, p->value);
+}
+
+static uint64_t calc_addr_relative_base(struct ksym_info *p)
+{
+ return p->value + kallsyms_relative_base;
+}
+
+static uint64_t calc_addr_place_relative(struct ksym_info *p)
+{
+ return SYMBOL(kallsyms_offsets) + p->index * sizeof(uint32_t) +
+ (int32_t)kallsyms_offsets[p->index];
+}
+
+#define BUFLEN 1024
+static bool parse_kernel_kallsyms(void)
+{
+ char buf[BUFLEN];
+ int index = 0, i, j;
+ uint8_t *compressd_data;
+ uint8_t *uncompressd_data;
+ uint8_t len, len_old;
+ struct ksym_info **p;
+ uint64_t (*calc_addr)(struct ksym_info *);
+ struct ksym_info *stext_p;
+
+ for (i = 0; i < kallsyms_num_syms; i++) {
+ memset(buf, 0, BUFLEN);
+ len = kallsyms_names[index];
+ if (len & 0x80) {
+ index++;
+ len_old = len;
+ len = kallsyms_names[index];
+ if (len & 0x80) {
+ fprintf(stderr, "%s: BUG! Unexpected 3-byte length,"
+ " should be detected in init_kernel_kallsyms()\n",
+ __func__);
+ goto out;
+ }
+ len = (len_old & 0x7F) | (len << 7);
+ }
+ index++;
+
+ compressd_data = &kallsyms_names[index];
+ index += len;
+ while (len--) {
+ uncompressd_data = &kallsyms_token_table[kallsyms_token_index[*compressd_data]];
+ if (strlen(buf) + strlen((char *)uncompressd_data) >= BUFLEN) {
+ goto next_symbol;
+ }
+ strcat(buf, (char *)uncompressd_data);
+ compressd_data++;
+ }
+
+ /* Now check if the symbol is we wanted */
+ for (j = 0; j < sr_len; j++) {
+ for (p = (struct ksym_info **)(sr[j]->start);
+ p < (struct ksym_info **)(sr[j]->stop);
+ p++) {
+ if (!strcmp((*p)->modname, "vmlinux") &&
+ !strcmp((*p)->symname, &buf[1])) {
+ (*p)->value = kallsyms_offsets[i];
+ (*p)->index = i;
+ }
+ }
+ }
+next_symbol:
+ }
+
+ /* Check the approach for calc absolute kallsyms address
+ *
+ * A complete comment of each approaches please refer to:
+ * https://github.com/osandov/drgn/commit/744f36ec3c3f64d7e1323a0037898158698585c4
+ */
+ if (!KERN_SYM_EXIST(_stext)) {
+ fprintf(stderr, "%s: symbol _stext not found!\n", __func__);
+ goto out;
+ }
+
+ stext_p = GET_KERN_SYM_PTR(_stext);
+
+ if (SYMBOL(_stext) == calc_addr_absolute_percpu(stext_p)) {
+ calc_addr = calc_addr_absolute_percpu;
+ } else if (SYMBOL(_stext) == calc_addr_relative_base(stext_p)) {
+ calc_addr = calc_addr_relative_base;
+ } else if (SYMBOL(_stext) == calc_addr_place_relative(stext_p)) {
+ calc_addr = calc_addr_place_relative;
+ } else {
+ fprintf(stderr, "%s: Wrong calculate kallsyms symbol value!\n", __func__);
+ goto out;
+ }
+
+ /* Now do the calc */
+ for (j = 0; j < sr_len; j++) {
+ for (p = (struct ksym_info **)(sr[j]->start);
+ p < (struct ksym_info **)(sr[j]->stop);
+ p++) {
+ if (!strcmp((*p)->modname, "vmlinux") &&
+ SYM_EXIST(*p)) {
+ (*p)->value = calc_addr(*p);
+ }
+ }
+ }
+
+ return true;
+out:
+ return false;
+}
+
+static bool vmcore_info_ready = false;
+
+bool read_vmcoreinfo_kallsyms(void)
+{
+ READ_SYMBOL("kallsyms_names", kallsyms_names);
+ READ_SYMBOL("kallsyms_num_syms", kallsyms_num_syms);
+ READ_SYMBOL("kallsyms_token_table", kallsyms_token_table);
+ READ_SYMBOL("kallsyms_token_index", kallsyms_token_index);
+ READ_SYMBOL("kallsyms_offsets", kallsyms_offsets);
+ READ_SYMBOL("kallsyms_relative_base", kallsyms_relative_base);
+ vmcore_info_ready = true;
+ return true;
+}
+
+/*
+ * Makedumpfile's .init_ksyms section
+*/
+extern struct ksym_info *__start_init_ksyms[];
+extern struct ksym_info *__stop_init_ksyms[];
+
+bool init_kernel_kallsyms(void)
+{
+ const int token_index_size = (UINT8_MAX + 1) * sizeof(uint16_t);
+ uint64_t last_token, len;
+ unsigned char data, data_old;
+ int i;
+ bool ret = false;
+
+ if (vmcore_info_ready == false) {
+ fprintf(stderr, "%s: vmcoreinfo not ready for kallsyms!\n",
+ __func__);
+ return ret;
+ }
+
+ if (!register_ksym_section((char *)__start_init_ksyms,
+ (char *)__stop_init_ksyms))
+ return ret;
+
+ readmem(VADDR, SYMBOL(kallsyms_num_syms), &kallsyms_num_syms,
+ sizeof(kallsyms_num_syms));
+ if (SYMBOL(kallsyms_relative_base) != NOT_FOUND_SYMBOL)
+ readmem(VADDR, SYMBOL(kallsyms_relative_base),
+ &kallsyms_relative_base, sizeof(kallsyms_relative_base));
+
+ kallsyms_offsets = malloc(sizeof(uint32_t) * kallsyms_num_syms);
+ if (!kallsyms_offsets)
+ goto no_mem;
+ readmem(VADDR, SYMBOL(kallsyms_offsets), kallsyms_offsets,
+ kallsyms_num_syms * sizeof(uint32_t));
+
+ kallsyms_token_index = malloc(token_index_size);
+ if (!kallsyms_token_index)
+ goto no_mem;
+ readmem(VADDR, SYMBOL(kallsyms_token_index), kallsyms_token_index,
+ token_index_size);
+
+ last_token = SYMBOL(kallsyms_token_table) + kallsyms_token_index[UINT8_MAX];
+ do {
+ readmem(VADDR, last_token++, &data, 1);
+ } while(data);
+ len = last_token - SYMBOL(kallsyms_token_table);
+ kallsyms_token_table = malloc(len);
+ if (!kallsyms_token_table)
+ goto no_mem;
+ readmem(VADDR, SYMBOL(kallsyms_token_table), kallsyms_token_table, len);
+
+ for (len = 0, i = 0; i < kallsyms_num_syms; i++) {
+ readmem(VADDR, SYMBOL(kallsyms_names) + len, &data, 1);
+ /*
+ * The 2-byte representation was added in commit 73bbb94466fd3
+ * ("kallsyms: support "big" kernel symbols") in v6.1, thus for
+ * v6.1+, they indicate a long symbol, but for kernel versions
+ * prior to v6.1, they might be ambiguous.
+ */
+ if (data & 0x80) {
+ len += 1;
+ data_old = data;
+ readmem(VADDR, SYMBOL(kallsyms_names) + len, &data, 1);
+ if (data & 0x80) {
+ fprintf(stderr, "%s: BUG! Unexpected 3-byte length"
+ " encoding in kallsyms names\n", __func__);
+ goto out;
+ }
+ data = (data_old & 0x7F) | (data << 7);
+ }
+ len += data + 1;
+ }
+ kallsyms_names = malloc(len);
+ if (!kallsyms_names)
+ goto no_mem;
+ readmem(VADDR, SYMBOL(kallsyms_names), kallsyms_names, len);
+
+ ret = parse_kernel_kallsyms();
+ goto out;
+
+no_mem:
+ fprintf(stderr, "%s: Not enough memory!\n", __func__);
+out:
+ if (kallsyms_offsets) {
+ free(kallsyms_offsets);
+ kallsyms_offsets = NULL;
+ }
+ if (kallsyms_token_index) {
+ free(kallsyms_token_index);
+ kallsyms_token_index = NULL;
+ }
+ if (kallsyms_token_table) {
+ free(kallsyms_token_table);
+ kallsyms_token_table = NULL;
+ }
+ if (kallsyms_names) {
+ free(kallsyms_names);
+ kallsyms_names = NULL;
+ }
+ return ret;
+}
\ No newline at end of file
diff --git a/kallsyms.h b/kallsyms.h
new file mode 100644
index 0000000..3791284
--- /dev/null
+++ b/kallsyms.h
@@ -0,0 +1,91 @@
+#ifndef _KALLSYMS_H
+#define _KALLSYMS_H
+
+#include <stdint.h>
+#include <stdbool.h>
+
+struct ksym_info {
+ /********in******/
+ char *modname;
+ char *symname;
+ bool sym_required;
+ /********out*****/
+ uint64_t value;
+ int index; // -1 if sym not found
+};
+
+#define QUATE(x) #x
+#define INIT_MOD_SYM_RQD(MOD, SYM, R) \
+ struct ksym_info _##MOD##_##SYM = { \
+ QUATE(MOD), QUATE(SYM), R, 0, -1 \
+ }; \
+ __attribute__((section(".init_ksyms"), used)) \
+ struct ksym_info * _ptr_##MOD##_##SYM = &_##MOD##_##SYM
+
+#define GET_MOD_SYM(MOD, SYM) (_##MOD##_##SYM.value)
+#define GET_MOD_SYM_PTR(MOD, SYM) (&_##MOD##_##SYM)
+#define MOD_SYM_EXIST(MOD, SYM) (_##MOD##_##SYM.index >= 0)
+#define SYM_EXIST(p) ((p)->index >= 0)
+
+#define GET_KERN_SYM(SYM) GET_MOD_SYM(vmlinux, SYM)
+#define GET_KERN_SYM_PTR(SYM) GET_MOD_SYM_PTR(vmlinux, SYM)
+#define KERN_SYM_EXIST(SYM) MOD_SYM_EXIST(vmlinux, SYM)
+
+/*
+ * Required syms will be checked automatically before extension running.
+ * Optinal syms should be checked manually at extension runtime.
+ */
+#define INIT_MOD_SYM(MOD, SYM) INIT_MOD_SYM_RQD(MOD, SYM, 1)
+#define INIT_OPT_MOD_SYM(MOD, SYM) INIT_MOD_SYM_RQD(MOD, SYM, 0)
+
+#define INIT_KERN_SYM(SYM) INIT_MOD_SYM(vmlinux, SYM)
+#define INIT_OPT_KERN_SYM(SYM) INIT_OPT_MOD_SYM(vmlinux, SYM)
+
+struct section_range {
+ char *start;
+ char *stop;
+};
+
+#define REGISTER_SECTION(T) \
+bool register_##T##_section(char *start, char *stop) \
+{ \
+ struct section_range *new_sr; \
+ struct T##_info **p; \
+ bool ret = false; \
+ \
+ if (!start || !stop) { \
+ fprintf(stderr, "%s: Invalid section start/stop\n", \
+ __func__); \
+ goto out; \
+ } \
+ \
+ for (p = (struct T##_info **)start; \
+ p < (struct T##_info **)stop; \
+ p++) { \
+ if (!add_##T##_modname((*p)->modname)) \
+ goto out; \
+ } \
+ \
+ new_sr = malloc(sizeof(struct section_range)); \
+ if (!new_sr) { \
+ fprintf(stderr, "%s: Not enough memory!\n", __func__); \
+ goto out; \
+ } \
+ new_sr->start = start; \
+ new_sr->stop = stop; \
+ if (!add_to_arr((void ***)&sr, &sr_len, &sr_cap, new_sr)) { \
+ free(new_sr); \
+ goto out; \
+ } \
+ ret = true; \
+out: \
+ return ret; \
+}
+
+bool add_to_arr(void ***arr, int *arr_len, int *arr_cap, void *elem);
+bool push_uniq_str(void ***arr, int *arr_len, int *arr_cap, char *str);
+bool check_ksyms_require_modname(char *modname, int *total);
+bool register_ksym_section(char *start, char *stop);
+bool read_vmcoreinfo_kallsyms(void);
+bool init_kernel_kallsyms(void);
+#endif /* _KALLSYMS_H */
\ No newline at end of file
diff --git a/makedumpfile.c b/makedumpfile.c
index 12fb0d8..dba3628 100644
--- a/makedumpfile.c
+++ b/makedumpfile.c
@@ -27,6 +27,7 @@
#include <limits.h>
#include <assert.h>
#include <zlib.h>
+#include "kallsyms.h"
struct symbol_table symbol_table;
struct size_table size_table;
@@ -3105,6 +3106,8 @@ read_vmcoreinfo_from_vmcore(off_t offset, unsigned long size, int flag_xen_hv)
if (!read_vmcoreinfo())
goto out;
}
+ read_vmcoreinfo_kallsyms();
+
close_vmcoreinfo();
ret = TRUE;
diff --git a/makedumpfile.h b/makedumpfile.h
index 134eb7a..0f13743 100644
--- a/makedumpfile.h
+++ b/makedumpfile.h
@@ -259,6 +259,7 @@ static inline int string_exists(char *s) { return (s ? TRUE : FALSE); }
#define UINT(ADDR) *((unsigned int *)(ADDR))
#define ULONG(ADDR) *((unsigned long *)(ADDR))
#define ULONGLONG(ADDR) *((unsigned long long *)(ADDR))
+#define VOID_PTR(ADDR) *((void **)(ADDR))
/*
@@ -1919,6 +1920,16 @@ struct symbol_table {
* symbols on sparc64 arch
*/
unsigned long long vmemmap_table;
+
+ /*
+ * kallsyms related
+ */
+ unsigned long long kallsyms_names;
+ unsigned long long kallsyms_num_syms;
+ unsigned long long kallsyms_token_table;
+ unsigned long long kallsyms_token_index;
+ unsigned long long kallsyms_offsets;
+ unsigned long long kallsyms_relative_base;
};
struct size_table {
--
2.47.0
More information about the kexec
mailing list