Python/Pahole utility to help with Linux kernel debug symbols(offsets)
271 views
Skip to first unread message
D'Mita Levy
Mar 10, 2016, 1:57:55 PM3/10/16
to vmitools
Here's a free utility to help get kernel offsets for use with libvmi assuming you have pahole installed. It also assumes your debug kernel is located at # /usr/lib/debug/boot/<image name> and you can add/remove from the _module_list list. Pahole can be used as outlined here:
#!/usr/bin/python
import sys
import subprocess as subp
import getopt
DEFAULT_DEBUG_IMAGE_LOCATION = "/usr/lib/debug/boot/"
_default_loc = DEFAULT_DEBUG_IMAGE_LOCATION #convenience
#The list of modules to output for each kernel image
_module_list = [
"cred",
"dentry",
"dentry_operations",
"fdtable",
"file",
"fs_struct",
"files_struct",
"lock_class",
"lockdep_subclass_key",
"lock_class_key",
"lockdep_map",
"kernel_cap_struct",
"mm_struct",
"path",
"qstr",
"raw_spinlock",
"spinlock",
"task_io_accounting",
"task_struct",
"task_rss_stat",
"timekeeper",
"timespec",
"vm_area_struct",
]
#reads a debug kernel image and outputs the required structs
def output_module(mod_name,kernel_name):
p = subp.Popen(["pahole", "-C",mod_name,_default_loc+kernel_name], stdout=subp.PIPE)
(output, err) = p.communicate()
return output
def usage():
print "usage: debug [-i kernel_image]"
sys.exit(-1)
def main(argv):
kernel_image =""
#command line parsing
try:
opts, args = getopt.getopt(argv, "i:", ["image"])
except getopt.GetoptError:
usage()
for opt, arg in opts:
if opt == "-i":
kernel_image = arg
else:
usage()
print "Reading kernel image: ", kernel_image
#module search and output
for kernel_module in _module_list:
result = output_module(kernel_module,kernel_image)
print "Writing results for....", kernel_module
with open(kernel_module+".txt","w") as out_file:
out_file.write(result)
if __name__ =='__main__':
argc = len(sys.argv)
main(sys.argv[1:])
Pahole
======
Reference:
https://groups.google.com/forum/#!searchin/vmitools/pahole/vmitools/vZh5spoVN9g/byVCCvuLBwAJ
Do “Where to get Debug Symbols for X” at this address: https://wiki.ubuntu.com/Kernel/Systemtap
Install pahole sudo apt-get install dwarves
cd /usr/lib/debug/boot
Run pahole -C <name of offset> <name of kernel>
- example: pahole -C task-struct vmlinux-3.13.0-79-generic
#!/usr/bin/python
import sys
import subprocess as subp
import getopt
DEFAULT_DEBUG_IMAGE_LOCATION = "/usr/lib/debug/boot/"
_default_loc = DEFAULT_DEBUG_IMAGE_LOCATION #convenience
#The list of modules to output for each kernel image
_module_list = [
"cred",
"dentry",
"dentry_operations",
"fdtable",
"file",
"fs_struct",
"files_struct",
"lock_class",
"lockdep_subclass_key",
"lock_class_key",
"lockdep_map",
"kernel_cap_struct",
"mm_struct",
"path",
"qstr",
"raw_spinlock",
"spinlock",
"task_io_accounting",
"task_struct",
"task_rss_stat",
"timekeeper",
"timespec",
"vm_area_struct",
]
#reads a debug kernel image and outputs the required structs
def output_module(mod_name,kernel_name):
p = subp.Popen(["pahole", "-C",mod_name,_default_loc+kernel_name], stdout=subp.PIPE)
(output, err) = p.communicate()
return output
def usage():
print "usage: debug [-i kernel_image]"
sys.exit(-1)
def main(argv):
kernel_image =""
#command line parsing
try:
opts, args = getopt.getopt(argv, "i:", ["image"])
except getopt.GetoptError:
usage()
for opt, arg in opts:
if opt == "-i":
kernel_image = arg
else:
usage()
print "Reading kernel image: ", kernel_image
#module search and output
for kernel_module in _module_list:
result = output_module(kernel_module,kernel_image)
print "Writing results for....", kernel_module
with open(kernel_module+".txt","w") as out_file:
out_file.write(result)
if __name__ =='__main__':
argc = len(sys.argv)
main(sys.argv[1:])
Reply all
Reply to author
Forward
0 new messages