kernel probing with nlist("/unix")
Guest Account
guest at gnu.ai.mit.edu
Mon Jul 16 08:30:17 AEST 1990
I have a problem with all of the 386/Sys V boxes I have used
(Interactive, Xenix and MicroPort). On other Sys V implimentations
(and SunOs for the 386) you can examine the kernel by running nlist()
on the kernel image (usually /unix or /vmunix) to turn a variable name
inside the kernel (for example "sysinfo") into an address that can be
accessed by using lseek on /dev/kmem out the to value of the address.
The problem is that on 386 Sys V the kernel address are all huge
(above 3 billion) and /dev/kmem returns EOF at about 16 K. Don't tell
me that it can't be done because /bin/ps and /usr/lib/sa/sadc both do
it correctly. What is the secret that all the manuals manage to hide
or dismiss?
More information about the Comp.unix.i386
mailing list