Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!elroy.jpl.nasa.gov!usc!apple!snorkelwacker.mit.edu!paperboy!meissner From: meissner@osf.org (Michael Meissner) Newsgroups: comp.unix.internals Subject: Re: Interfaces for accessing kernel memory Message-ID: Date: 3 Dec 90 19:56:12 GMT References: <109449@convex.convex.com> <1410@mtxinu.COM> Sender: news@OSF.ORG Organization: Open Software Foundation Lines: 51 In-reply-to: shore@mtxinu.COM's message of 1 Dec 90 23:33:31 GMT In article <1410@mtxinu.COM> shore@mtxinu.COM (Melinda Shore) writes: | In article <109449@convex.convex.com> tchrist@convex.com (Tom Christiansen) writes: | >I've heard that some vendors have a system (or is it library) call for | >returning you chunks out of the kernel. Can anyone tell me how they | >seem to work? Data General's unix (DG/UX) had such calls, though since I've not worked for them for a year, my mind is growing blank on the details. If somebody has an AViiON, do a man on dg_sys_info (and any other /usr/include/sys/dg_* include files). Here are the fragments of emacs' etc/loadst that gets the load average: #include /* DG/UX rev 4.00 system information */ struct dg_sys_info_load_info load_info; /* ... */ if (dg_sys_info( &load_info, DG_SYS_INFO_LOAD_INFO_TYPE, DG_SYS_INFO_LOAD_VERSION_0 ) == 0){ printf("%.2f", load_info.one_minute); } | Both Unicos and Mach have system calls to return the current contents | of selected kernel data structures. In both cases you pass in which | structures you want (header files include constants such as TBL_PROCINFO), | starting address and number of elements (for arrays), and a pointer to | where you want the data stuffed. How do they seem to work? They seem | to work great. The only limitation I've run into with either of them | is that they don't necessarily provide access to all of the structures | in which you might be interested. On the other hand, Mach's table() | call with give you the u. area for any process, and that's such a win | that it overrides any regrets I might have about missing structures like | the file table (which are still available through the standard nlist/ | lseek/read mechanism). | | There's certainly no reason that it has to be implemented as a system | call. It depends on whether normal users are allowed to get information from the kernel. You generally have a security loophole if you get random bytes from the kernel (either through a system call or by reading /dev/kmem). -- Michael Meissner email: meissner@osf.org phone: 617-621-8861 Open Software Foundation, 11 Cambridge Center, Cambridge, MA, 02142 Considering the flames and intolerance, shouldn't USENET be spelled ABUSENET?