kernel probing with nlist("/unix")

Conor P. Cahill cpcahil at virtech.uucp
Mon Jul 16 10:40:12 AEST 1990


In article <1990Jul15.223017.12930 at mintaka.lcs.mit.edu> guest at gnu.ai.mit.edu (Guest Account) writes:
>
>I have a problem with all of the 386/Sys V boxes I have used
>(Interactive, Xenix and MicroPort).  On other Sys V implimentations
>(and SunOs for the 386) you can examine the kernel by running nlist()
>on the kernel image (usually /unix or /vmunix) to turn a variable name
>inside the kernel (for example "sysinfo") into an address that can be
>accessed by using lseek on /dev/kmem out the to value of the address.

This works fine for me.  Since you didn't post your code I can't tell
you what you are doing wrong.  Here is some sample code that works 
correctly.


X#include <sys/types.h>
X#include <sys/stat.h>
X#include <sys/var.h>
X#include <nlist.h>
X#include <fcntl.h>
X#include <stdio.h>
X
Xstruct nlist      nl[] = { {"v",}, {"",} };
Xstruct var	  v;
X
X#define UNIX "/unix"
X#define UNIX_MEMFILE "/dev/kmem"
X
Xmain(argc, argv)
X	int               argc;
X	char            **argv;
X{
X	if (nlist(UNIX, nl) == -1)
X		perror("buildall: nlist() retured error code because");
X
X	if ( nl[0].n_value == 0L)
X		printf("buildall: v not in %s namelist.\n", UNIX);
X	else
X	{
X		int               kmem;
X
X		if ((kmem = open(UNIX_MEMFILE, O_RDONLY)) < 0)
X			perror( "Open of kernel memory file failed");
X		else if (lseek(kmem, nl[0].n_value, 0) != nl[0].n_value)
X			perror("can't find v structure in kernel");
X		else if (read(kmem, &v, sizeof(v)) != sizeof(v))
X			perror("can't read v structure from kernel");
X		else
X		        printf(" Max user processes = %d\n", v.v_maxup);
X		close(kmem);
X	}
X	exit(0);
X}
X
-- 
Conor P. Cahill            (703)430-9247        Virtual Technologies, Inc.,
uunet!virtech!cpcahil                           46030 Manekin Plaza, Suite 160
                                                Sterling, VA 22170 



More information about the Comp.unix.i386 mailing list