Extract vmlinux from vmlinuz or bzImage
To extract the uncompressed kernel from the kernel image, you can use the extract-vmlinux
script from the scripts
directory in the kernel tree (available at least in kernel version 3.5) (if you get an error like
mktemp: Cannot create temp file /tmp/vmlinux-XXX: Invalid argument
you need to replace $(mktemp /tmp/vmlinux-XXX)
by $(mktemp /tmp/vmlinux-XXXXXX)
in the script). The command is /path/to/kernel/tree/scripts/extract-vmlinux <kernel image> >vmlinux
.
If the extracted kernel binary contains symbol information, you should¹ be able to create the System.map
file using the mksysmap
script from the same subdirectory. The command here is NM=nm /path/to/kernel/tree/scripts/mksysmap vmlinux System.map
.
¹ The kernel images shipped with my distribution seem to be stripped, so the script was not able to get the symbols.
As Abrixas2 wrote, you will need a kernel image with symbol information in order to create System.map files and a packed vmlinuz image is not likely to have symbols in it. I can, however, verify that the script in your original post works with '-e' replaced with '-P' and '$' dropped, i.e.,
$ dd if=vmlinuz-3.8.0-19-generic skip=`grep -a -b -o -m 1 -P '\x1f\x8b\x08\x00' vmlinuz-3.8.0-19-generic | cut -d: -f 1` bs=1 | zcat > /tmp/vmlinux gzip: stdin: decompression OK, trailing garbage ignored