Clarify kernel symbols message (#3480)

* clarify kernel symbols

* also add note to klookup

* i forgor about docs

docs/commands/kernel/klookup.md

@@ -22,5 +22,9 @@ Lookup kernel symbols
 |-h|--help|show this help message and exit|
 |-a|--apply|applies all the symbols that satisfy the filter|
 
+### Notes
+Using `--apply` makes sense for kernel modules. If you want to symbolize the whole kernel,
+use vmlinux-to-elf (https://github.com/marin-m/vmlinux-to-elf) or compile it yourself.
+
 <!-- END OF AUTOGENERATED PART. Do not modify this line or the line below, they mark the end of the auto-generated part of the file. If you want to extend the documentation in a way which cannot easily be done by adding to the command help description, write below the following line. -->
 <!-- ------------\>8---- ----\>8---- ----\>8------------ -->

docs/contributing/adding-a-command.md

@@ -175,7 +175,7 @@ OnlyWithFile
 OnlyWhenQemuKernel
 OnlyWhenUserspace
 OnlyWithKernelDebugInfo
-OnlyWithKernelDebugSymbols
+OnlyWithKernelSymbols
 OnlyWhenPagingEnabled
 OnlyWithTcache
 OnlyWhenHeapIsInitialized

pwndbg/commands/__init__.py

@@ -655,18 +655,21 @@ def OnlyWithKernelDebugInfo(function: Callable[P, T]) -> Callable[P, Optional[T]
     return _OnlyWithKernelDebugInfo
 
 
-def OnlyWithKernelDebugSymbols(function: Callable[P, T]) -> Callable[P, Optional[T]]:
+def OnlyWithKernelSymbols(function: Callable[P, T]) -> Callable[P, Optional[T]]:
     @functools.wraps(function)
-    def _OnlyWithKernelDebugSymbols(*a: P.args, **kw: P.kwargs) -> Optional[T]:
+    def _OnlyWithKernelSymbols(*a: P.args, **kw: P.kwargs) -> Optional[T]:
         if pwndbg.aglib.kernel.has_debug_symbols():
             return function(*a, **kw)
         else:
             log.error(
-                f"{func_name(function)}: This command may only be run when debugging a Linux kernel with debug symbols."
+                f"{func_name(function)}: This command may only be run when debugging a Linux kernel with symbols.\n"
+                + message.hint(
+                    "Check out vmlinux-to-elf to get them easily (https://github.com/marin-m/vmlinux-to-elf) or compile the kernel yourself."
+                )
             )
             return None
 
-    return _OnlyWithKernelDebugSymbols
+    return _OnlyWithKernelSymbols
 
 
 def OnlyWhenPagingEnabled(function: Callable[P, T]) -> Callable[P, Optional[T]]:

pwndbg/commands/buddydump.py

@@ -332,7 +332,7 @@ v
 
 @pwndbg.commands.Command(parser, category=CommandCategory.KERNEL)
 @pwndbg.commands.OnlyWhenQemuKernel
-@pwndbg.commands.OnlyWithKernelDebugSymbols
+@pwndbg.commands.OnlyWithKernelSymbols
 @pwndbg.commands.OnlyWhenPagingEnabled
 def buddydump(
     zone: str, pcp_only: bool, order: int, mtype: str, cpu: int, node: int, find: int

pwndbg/commands/kbpf.py

@@ -226,7 +226,7 @@ def print_bpf_maps(verbose):
 
 @pwndbg.commands.Command(parser, category=CommandCategory.KERNEL)
 @pwndbg.commands.OnlyWhenQemuKernel
-@pwndbg.commands.OnlyWithKernelDebugSymbols
+@pwndbg.commands.OnlyWithKernelSymbols
 @pwndbg.commands.OnlyWhenPagingEnabled
 def kbpf(verbose: int, print_progs: bool, print_maps: bool):
     if not pwndbg.aglib.kernel.has_debug_info():

pwndbg/commands/kdmabuf.py

@@ -5,6 +5,7 @@ import argparse
 import pwndbg.aglib.kernel
 import pwndbg.aglib.kernel.dmabuf
 import pwndbg.color.message as M
+import pwndbg.commands
 from pwndbg.aglib.kernel.macros import for_each_entry
 from pwndbg.commands import CommandCategory
 from pwndbg.lib.exception import IndentContextManager
@@ -60,7 +61,7 @@ def print_sgl(sgl, indent):
 # adapted from https://github.com/bata24/gef/tree/dev
 @pwndbg.commands.Command(parser, category=CommandCategory.KERNEL)
 @pwndbg.commands.OnlyWhenQemuKernel
-@pwndbg.commands.OnlyWithKernelDebugSymbols
+@pwndbg.commands.OnlyWithKernelSymbols
 @pwndbg.commands.OnlyWhenPagingEnabled
 def kdmabuf():
     db_name = "db_list"

pwndbg/commands/klookup.py

@@ -15,7 +15,15 @@ parser.add_argument(
 )
 
 
-@pwndbg.commands.Command(parser, aliases=["kallsyms", "ks"], category=CommandCategory.KERNEL)
+@pwndbg.commands.Command(
+    parser,
+    aliases=["kallsyms", "ks"],
+    category=CommandCategory.KERNEL,
+    notes="""
+Using `--apply` makes sense for kernel modules. If you want to symbolize the whole kernel,
+use vmlinux-to-elf (https://github.com/marin-m/vmlinux-to-elf) or compile it yourself.
+""",
+)
 @pwndbg.commands.OnlyWhenQemuKernel
 @pwndbg.commands.OnlyWhenPagingEnabled
 def klookup(symbol: str, apply: bool) -> None:

pwndbg/commands/kmem_trace.py

@@ -276,7 +276,7 @@ steps out of the current function. You may also find `-c finish` and `-c continu
     only_debuggers={DebuggerType.GDB, DebuggerType.LLDB},
 )
 @pwndbg.commands.OnlyWhenQemuKernel
-@pwndbg.commands.OnlyWithKernelDebugSymbols
+@pwndbg.commands.OnlyWithKernelSymbols
 @pwndbg.commands.OnlyWhenPagingEnabled
 def kmem_trace(trace_slab: bool, trace_buddy: bool, verbose: bool, command: str, all: bool) -> None:
     if pwndbg.aglib.regs.retval is None:

pwndbg/commands/kmod.py

@@ -24,7 +24,7 @@ parser.add_argument("-l", "--load", dest="path", type=str, help="the path of the
 @pwndbg.commands.Command(parser, category=pwndbg.commands.CommandCategory.KERNEL)
 @pwndbg.commands.OnlyWhenQemuKernel
 @pwndbg.commands.OnlyWhenPagingEnabled
-@pwndbg.commands.OnlyWithKernelDebugSymbols
+@pwndbg.commands.OnlyWithKernelSymbols
 def kmod(module_name=None, path=None) -> None:
     # Look up the address of the `modules` symbol, containing the head of the linked list of kernel modules
     modules_head = pwndbg.aglib.kernel.modules()

pwndbg/commands/ksyscalls.py

@@ -19,7 +19,7 @@ parser.add_argument("syscall_name", nargs="?", type=str, help="A syscall name to
 @pwndbg.commands.Command(parser, category=pwndbg.commands.CommandCategory.KERNEL)
 @pwndbg.commands.OnlyWhenQemuKernel
 @pwndbg.commands.OnlyWhenPagingEnabled
-@pwndbg.commands.OnlyWithKernelDebugSymbols
+@pwndbg.commands.OnlyWithKernelSymbols
 def ksyscalls(syscall_name=None) -> None:
     # Look up the address of the sys_call_table symbol.
     table_addr = pwndbg.aglib.symbol.lookup_symbol_addr("sys_call_table")

pwndbg/commands/paging.py

@@ -5,9 +5,12 @@ import math
 
 import pwndbg.aglib.kernel
 import pwndbg.aglib.kernel.paging
+import pwndbg.aglib.memory
 import pwndbg.aglib.regs
+import pwndbg.chain
 import pwndbg.color as C
 import pwndbg.color.message as M
+import pwndbg.commands
 from pwndbg.aglib.kernel.paging import PageTableLevel
 from pwndbg.commands import CommandCategory
 
@@ -125,7 +128,7 @@ p2v_parser.add_argument("paddr", type=str, help="")
 
 @pwndbg.commands.Command(p2v_parser, category=CommandCategory.KERNEL)
 @pwndbg.commands.OnlyWhenQemuKernel
-@pwndbg.commands.OnlyWithKernelDebugSymbols
+@pwndbg.commands.OnlyWithKernelSymbols
 @pwndbg.commands.OnlyWhenPagingEnabled
 @pwndbg.aglib.proc.OnlyWithArch(["x86-64", "aarch64"])
 def p2v(paddr):
@@ -147,7 +150,7 @@ v2p_parser.add_argument("vaddr", type=str, help="")
 
 @pwndbg.commands.Command(v2p_parser, category=CommandCategory.KERNEL)
 @pwndbg.commands.OnlyWhenQemuKernel
-@pwndbg.commands.OnlyWithKernelDebugSymbols
+@pwndbg.commands.OnlyWithKernelSymbols
 @pwndbg.commands.OnlyWhenPagingEnabled
 @pwndbg.aglib.proc.OnlyWithArch(["x86-64", "aarch64"])
 def v2p(vaddr):
@@ -171,7 +174,7 @@ page_parser.add_argument("page", type=str, help="")
 
 @pwndbg.commands.Command(page_parser, category=CommandCategory.KERNEL)
 @pwndbg.commands.OnlyWhenQemuKernel
-@pwndbg.commands.OnlyWithKernelDebugSymbols
+@pwndbg.commands.OnlyWithKernelSymbols
 @pwndbg.commands.OnlyWhenPagingEnabled
 @pwndbg.aglib.proc.OnlyWithArch(["x86-64", "aarch64"])
 def pageinfo(page):

pwndbg/commands/slab.py

@@ -65,7 +65,7 @@ parser_contains.add_argument("addresses", metavar="addr", type=str, nargs="+", h
 
 @pwndbg.commands.Command(parser, category=CommandCategory.KERNEL)
 @pwndbg.commands.OnlyWhenQemuKernel
-@pwndbg.commands.OnlyWithKernelDebugSymbols
+@pwndbg.commands.OnlyWithKernelSymbols
 @pwndbg.commands.OnlyWhenPagingEnabled
 def slab(
     command,