Reading kallsyms in user-mode

Question

i\'m writing the code about low-level stuff. i need to know kernel symbol addresses to write reliable code. So im trying to read the kallsyms when im in user-mode in Ubuntu

Answer 1

It is intentional that /proc/kallsyms shows zeros instead of the real addresses for a non-root user. This lowers the security risk a bit.

The details are available in this upstream commit. See also how %pK print specifier is used in s_show() function in kallsyms.c, s_show being responsible for providing a record in /proc/kallsyms.

I doubt it is still possible to get symbol addresses somehow without being a root user. One can not access System.map without root privileges either. Same for writing to /proc/sys/kernel/kptr_restrict.