kernel probing with nlist("/unix")
Conor P. Cahill
cpcahil at virtech.uucp
Mon Jul 16 10:40:12 AEST 1990
In article <1990Jul15.223017.12930 at mintaka.lcs.mit.edu> guest at gnu.ai.mit.edu (Guest Account) writes:
>
>I have a problem with all of the 386/Sys V boxes I have used
>(Interactive, Xenix and MicroPort). On other Sys V implimentations
>(and SunOs for the 386) you can examine the kernel by running nlist()
>on the kernel image (usually /unix or /vmunix) to turn a variable name
>inside the kernel (for example "sysinfo") into an address that can be
>accessed by using lseek on /dev/kmem out the to value of the address.
This works fine for me. Since you didn't post your code I can't tell
you what you are doing wrong. Here is some sample code that works
correctly.
X#include <sys/types.h>
X#include <sys/stat.h>
X#include <sys/var.h>
X#include <nlist.h>
X#include <fcntl.h>
X#include <stdio.h>
X
Xstruct nlist nl[] = { {"v",}, {"",} };
Xstruct var v;
X
X#define UNIX "/unix"
X#define UNIX_MEMFILE "/dev/kmem"
X
Xmain(argc, argv)
X int argc;
X char **argv;
X{
X if (nlist(UNIX, nl) == -1)
X perror("buildall: nlist() retured error code because");
X
X if ( nl[0].n_value == 0L)
X printf("buildall: v not in %s namelist.\n", UNIX);
X else
X {
X int kmem;
X
X if ((kmem = open(UNIX_MEMFILE, O_RDONLY)) < 0)
X perror( "Open of kernel memory file failed");
X else if (lseek(kmem, nl[0].n_value, 0) != nl[0].n_value)
X perror("can't find v structure in kernel");
X else if (read(kmem, &v, sizeof(v)) != sizeof(v))
X perror("can't read v structure from kernel");
X else
X printf(" Max user processes = %d\n", v.v_maxup);
X close(kmem);
X }
X exit(0);
X}
X
--
Conor P. Cahill (703)430-9247 Virtual Technologies, Inc.,
uunet!virtech!cpcahil 46030 Manekin Plaza, Suite 160
Sterling, VA 22170
More information about the Comp.unix.i386
mailing list