KALLSYMS_ALL=y in Ubuntu

Ben Collins ben.collins at canonical.com
Wed Nov 19 17:21:02 GMT 2008


On Wed, 2008-11-19 at 08:28 -0700, Tim Gardner wrote:
> Giannis Kozyrakis wrote:
> > Hello,
> > 
> > I don't know if it's the right place to ask here on this list, but it
> > seems most appropriate.
> > 
> > I am researching about exported symbols in major distribution,
> > security-wise, and I've noticed something strange along my research.
> > 
> > Ubuntu is the only major distribution that the KALLSYMS_ALL option is
> > set in the kernel configuration. (At least the Desktop version that I've
> > tested)
> > 
> > In Redhat, CentOS, Fedora, and even Debian, this is not set.
> > In vanilla kernels, it is in no way a default option.
> > 
> > I was looking into the sys_call_table symbol when I noticed it.
> > 
> > In Ubuntu you can acquire it's address doing a
> > 'cat /proc/kallsyms | grep sys_call_table'.
> > In all other distros this returns nothing, in ubuntu it returns the sumbol.
> > 
> > My question is this:
> > 
> > Does this config option really needs to be enabled by default?
> > Is it used somewhere? Is there a reason for this?
> > 
> > 
> > Regards,
> > 
> > Giannis K.
> 
> You have not presented a case for why it _should_ be disabled. Perhaps
> Kees has an opinion? This seems like a debug v.s. security issue.

It's neither. You can get the same thing from System.map, which I'm
quite sure is available on every distribution.




More information about the kernel-team mailing list