You’ll notice that there are no symbol names, so you can’t easily find the starting point for functions you want to examine. So, you’ve extracted the kernel and are now looking at the disassembled kernel.
Using the same directory structure as before: $ cd /tmp/kernel-extract/ There’s quite a bit of code, so piping the output to less is probably a good idea. Now that you have decompressed and extracted the kernel image, you can use objdump to disassemble it. $ sudo /usr/src/kernels/$(uname -r)/scripts/extract-vmlinux vmlinuz-$(uname -r) > vmlinux $ sudo /usr/src/linux-headers-$(uname -r)/scripts/extract-vmlinux vmlinuz-$(uname -r) > vmlinux Now, run the extract-vmlinux script to extract the image. $ sudo cp /boot/vmlinuz-$(uname -r) /tmp/kernel-extract/ You can now use extract-vmlinux to decompress and extract the kernel image.Ī good first step is to create a temporary directory and copy the kernel image to it: $ mkdir /tmp/kernel-extract You will be able to find the extract-linux script at /usr/src/kernels/$(uname -r)/scripts/extract-vmlinux.
#Unable to untar in linux install#
On CentOS, install kernel-devel: $ sudo yum install kernel-devel You will be able to find the extract-linux script at /usr/src/linux-headers-$(uname -r)/scripts/extract-vmlinux. On Ubuntu, install linux-headers-$(uname -r): $ sudo apt-get install linux-headers-$(uname -r) If you are extracting a kernel installed from your operating system, you can install the extract-linux script with your package manager. It’s unlikely that the script will change, but to be safe you should use the extract-vmlinux script that is from the same source tree as your kernel. You can download the latest version from GitHub: $ wget -O extract-vmlinux
#Unable to untar in linux how to#
It will cover the extract-vmlinux script, how to use objdump, and how to use /boot/System.map to locate functions and other symbols.Įxtracting the Linux kernel image (vmlinuz)įirst, you’ll need to get the extract-vmlinux script so that you can decompress and extract the Linux kernel image. This blog post explains how to extract and disassemble a Linux kernel image.
0 kommentar(er)
