I have a character driver called drv1, and a user application uses ioctl to communicate with it, which will transmit the parameter struct file *filp. Now I want to find out the address of the code segment of drv1, but I came across some problems.

At first, I guess struct file *filp might be useful so I looked at the definition in source code, and find a pointer struct inode *f_inode; /* cached value */. Then I roughly searched the definition of struct inode (I'm not sure whether it is right as I'm not familiar when tmpfs); a pointer named struct address_space *i_mapping seems to be what I need. But I don't know how to dig deeper and get stuck; there are some complicated data structures in the struct address_space, such as:

struct radix_tree_root  page_tree; /* radix tree of all pages */

and

struct rb_root  i_mmap;            /* tree of private and shared mappings */

Does it mean that the data of the driver drv1 is organized as the form of radix_tree_root? Or does it mean that I've missed something else?

It seems that for modules that are built as LKM, the memory is dynamically allocated between MODULES_VADDR and MODULES_END (see module.c in arch/($YOUR_ARCH)/kernel/module.c). I can get the start address of its function adress by using a shell command cat /proc/kallsyms, but no good method to do it in my code yet.

As for module that are built into the kernel image, the System.map file will give the information. Either way, I don't know how to get the address dynamically in the code.