how to determine whether the source code is same between two kernels

Aruna Hewapathirane aruna.hewapathirane at gmail.com
Fri May 10 22:11:31 EDT 2019 

On Wed, May 8, 2019 at 4:53 AM wuzhouhui <wuzhouhui14 at mails.ucas.ac.cn>
wrote:
> Hi,

> Suppose I have two kernels, one is A.B.C build by people Tom. And
> the other is A.B.C build by Jerry. The source code have been deleted
> after kernel is build and installed. Now I want to know whether the
> source code of these two kernel is the same (even if they have the same
> name). All I have is binaries (e.g. vmlinux, config, *.ko, System.map).

> Is it possible?
Within sane defaults yes it is possible. Think of it this way, if the
source code is
the 'same'  we can safely assume that the kernel built by Tom will function
and behave
'exactly' the same as the kernel built by Jerry. Behavior can be traced and
analyzed.

diff, dmesg, lsmod, tree and objdump are your friends :-)

Run diff vmlinuz-Tom vmlinuz-Jerry and see if they differ. Then just  to
make
sure follow below steps:

1 - Boot kernel-Tom and  redirect dmesg output to file(s)
2 - dmesg -k > kernel-Tom.txt
3 - dmesg -u > userspace-Tom.txt
4 - lsmod > modules-Tom.txt
5 - tree / > fs-Tom.txt

Now we have what the kernel prints while booting in kernel-Tom.txt and what
userspace prints
in userspace-Tom.txt and loaded modules in modules-Tom.txt and the folder
structure under root
in fs-Tom.txt.

Now repeat the same process with kernel-Jerry

1 - Boot kernel-Jerry
2 - dmesg -k > kernel-Jerry.txt
3 - dmesg -u > userspace-Jerry.txt
4 - lsmod > modules-Jerry.txt
5 - tree / > fs-Jerry.txt

Then run diff on those files..

1 - diff kernel-Tom.txt kernel-Jerry.txt
2 - diff userspace-Tom userspace-Jerry
3 - diff modules-Tom modules-Jerry
4 - diff fs-Tom fs-Jerry

if you want to dig deeper use objdump -d vmlinuz-Tom then objdump -d
vmlinuz-Jerry
which is really overkill unless there is output from diff that says the
file(s) differ.

If you really really need the source there are decompilers :
IDA <https://www.hex-rays.com/products/ida/>
ghidra <https://ghidra-sre.org/>
snowman <https://derevenets.com/>
hopper <https://www.hopperapp.com/>

Keep in mind what Valdis pointed out that though the source may be exactly
the same,
depending on what compiler flags were used the binaries may differ.

You had asked..
> Is it possible?
Simple answer: In the Linux world the impossible becomes very possible :)

Good luck - Aruna
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kernelnewbies.org/pipermail/kernelnewbies/attachments/20190510/1f973030/attachment.html>

More information about the Kernelnewbies mailing list