Chinaunix首页 | 论坛 | 博客
  • 博客访问: 752225
  • 博文数量: 79
  • 博客积分: 2671
  • 博客等级: 少校
  • 技术积分: 1247
  • 用 户 组: 普通用户
  • 注册时间: 2010-04-02 15:26
个人简介

宅男

文章分类

全部博文(79)

文章存档

2017年(11)

2016年(12)

2015年(6)

2012年(10)

2011年(33)

2010年(7)

分类: LINUX

2016-03-18 11:31:19

今天一个同事问我cat /proc/kallsyms显示value全部为0.我在手机端试了一下,果然如此。

切换到root用户运行,依然是0. 感到十分奇怪,因为内核发生crash或者打开trace的时候,都是调用的sprint_ symbol来打印的.为啥内核可以,用户态cat就不行呢?

最终从一篇博客http://www.cnblogs.com/richardustc/archive/2013/04/25/3043674.html中看到了关于内核控制变量/porc/sys/kernel/kptr_restrict。
从内核文档Documentation/sysctl/kernel.txt中可以看到kptr_restrict用于控制内核的一些输出打印。

Documentation/printk-formats.txt有更加详细的描述,除了我们平时遇到的一些打印格式之外,还有一些比较特殊的格式(我以前没注意到)。


  1. 375==============================================================
  2. 376
  3. 377kptr_restrict:
  4. 378
  5. 379This toggle indicates whether restrictions are placed on
  6. 380exposing kernel addresses via /proc and other interfaces.
  7. 381
  8. 382When kptr_restrict is set to (0), the default, there are no restrictions.
  9. 383
  10. 384When kptr_restrict is set to (1), kernel pointers printed using the %pK
  11. 385format specifier will be replaced with 0's unless the user has CAP_SYSLOG
  12. 386and effective user and group ids are equal to the real ids. This is
  13. 387because %pK checks are done at read() time rather than open() time, so
  14. 388if permissions are elevated between the open() and the read() (e.g via
  15. 389a setuid binary) then %pK will not leak kernel pointers to unprivileged
  16. 390users. Note, this is a temporary solution only. The correct long-term
  17. 391solution is to do the permission checks at open() time. Consider removing
  18. 392world read permissions from files that use %pK, and using dmesg_restrict
  19. 393to protect against uses of %pK in dmesg(8) if leaking kernel pointer
  20. 394values to unprivileged users is a concern.
  21. 395
  22. 396When kptr_restrict is set to (2), kernel pointers printed using
  23. 397%pK will be replaced with 0's regardless of privileges.
/proc/sys/kernel # cat kptr_restrict
2
/proc/sys/kernel # su
su
/proc/sys/kernel # echo 0 > kptr_restrict
/proc/sys/kernel # cat kptr_restrict
cat kptr_restrict
0
/proc/sys/kernel # cat /proc/kallsyms | grep wake_up_process
cat /proc/kallsyms | grep wake_up_process
ffffffc0002500f4 T wake_up_process

这下好了~~



阅读(5813) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~