How to Set Kptr_Restrict to 0

Is there a way to set kptr_restrict to 0?

In your example, echo is running as root, but your shell is running as you.

So please try this command:

sudo sh -c " echo 0 > /proc/sys/kernel/kptr_restrict"

perf: Couldn't record kernel reference relocation symbol

What is your kernel? Is it from the linux distributive you use or is it compiled by you (how did you install it)?

First part of warning says about /proc/kallsyms - can you show output of the command (started from the same user you used to run perf)

ls -l  /proc/kallsyms
cat /proc/kallsyms | head

Second part of the perf message says about kptr_restrict sysctl setting. Can you do

cat /proc/sys/kernel/kptr_restrict

to check the setting. Basically, to profile the kernel symbols you should either disable kptr_restrict by setting it to zero (as described in https://lwn.net/Articles/420403/ or https://code.google.com/p/dart/wiki/Profiling):

# Run as root user - e.g. after doing "sudo bash"
echo 0 > /proc/sys/kernel/kptr_restrict

or (https://stackoverflow.com/a/20391360/196561)

sudo sh -c " echo 0 > /proc/sys/kernel/kptr_restrict"

or

echo 0 | sudo tee /proc/sys/kernel/kptr_restrict

or you can always run the perf from root user.

After setting kptr_restrict to zero or when running perf from root you should get no warning about kallsyms and will be able to profile kernel functions.

Update: seems that perf record always want access to kallsyms/restricted kptrs, even with userspace-only event (-e cycles:u)

Perf not working properly in Ubuntu

Try to set kptr_restrict to 0:

sudo sh -c " echo 0 > /proc/sys/kernel/kptr_restrict"

Note that the GTK error has nothing to do with this but indicate that you ar missing a library.

Trying to modify a kernel

The address is not being shown because you are not running the command under the root user.
This issue has been explained in this answer.

In your case, you need to obtain super-admin rights using either the sudo -s or su command. Once admin, your shell prompt should end with a #. On my one plus, the prompt looks like this when I am admin: A0001:/ #

If it does not work, be sure that the file /proc/sys/kernel/kptr_restrict contains a 0. You can do so by executing the command cat /proc/sys/kernel/kptr_restrict.

To set its value to 0, you should execute the command echo 0 > /proc/sys/kernel/kptr_restrict with administrative rights.

Hope it helps!

Linux perf not resolving some symbols with high addresses starting with 0xffffffff

I did not give attention to the warning message of perf report.
It says:

WARNING: Kernel address maps (/proc/{kallsyms,modules}) are restricted,
check /proc/sys/kernel/kptr_restrict and /proc/sys/kernel/perf_event_paranoid.

So it seemed that I should set a proper value in /proc/sys/kernel/kptr_restrict.

sudo echo 0 > /proc/sys/kernel/kptr_restrict

Then the address can be resolved.

asyncprofiler malloc undefined category

Container environment is not related here.

It seems like libc (where malloc implementation resides) on your system is compiled without frame pointers. So the standard stack walking mechanism in the kernel is unable to find a parent of malloc frame.

I've recently implemented an alternative stack walking algorithm that relies on DWARF unwinding information. New version has not been yet released, but you may try to build it from sources. Or, for your convenience, I prepared the new build here: async-profiler-2.6-dwarf-linux-x64.tar.gz

Then add --cstack dwarf option, and all malloc stack traces should be in place.

Unable to access sys_call_table

Ok so the answer is like Crhis said "You cannot modify the kernel from a user mode program!"

I compiled it as a LKM and loaded it using insmod command and it worked

PS: I have also found that only LKM modules can read /proc/kallsyms. User space programs are no longer to do so due to a kernel patch in Android 4.1. /proc/sys/kernel/kptr_restrict is introduced to avoid leaking kernel addresses.

So now in order for userspace programs to see the kallsym address, we can either set kptr_restrict to either 0 or 1.

echo 1 > /proc/sys/kernel/kptr_restrict

Info can be found here:
https://blog.duosecurity.com/2012/07/exploit-mitigations-in-android-jelly-bean-4-1/

And here: http://insitusec.blogspot.sg/2013/01/kallsyms-on-android.html


Related Topics

Print Field 'N' to End of Line

Hosting Two Website Under One Web App - Azure Services

Gcc-Arm-Linux-Gnueabi Command Not Found

How to Fix the Rust Error "Linker 'Cc' Not Found" for Debian on Windows 10

Setting Up a Cronjob on Google Compute Engine

How to Export Symbol from Linux Kernel Module in This Case

How to Assign a Name for a Screen

Linux How to Copy But Not Overwrite

How to Increase the Scrollback Buffer in a Running Screen Session

How to Extract the Contents of an Rpm

What's a .Sh File

Get Specific Line from Text File Using Just Shell Script

Find the Ip Address of the Client in an Ssh Session

Symbolic Link: Find All Files That Link to This File

How to Get Ctrl-Backspace to Delete a Word in Vim Within Gnome-Terminal

Move Files to Directories Based on Extension

Failing to Connect to Remote Mongodb Server

Linux Os: /Proc/[Pid]/Smaps Vs /Proc/[Pid]/Statm


Leave a reply



Submit