kmem(7)


kmem -- perform I/O on kernel memory based on symbol name

Synopsis

   #include <sys/ksym.h>
   

int ioctl(int kmemfd, MIOC_READKSYM, struct mioc_rksym *rks); int ioctl(int kmemfd, MIOC_IREADKSYM, struct mioc_rksym *rks); int ioctl(int kmemfd, MIOC_WRITEKSYM, struct mioc_rksym *rks); int ioctl(int kmemfd, MIOC_IWRITEKSYM, struct mioc_rksym *rks);

Description

When used with a valid file descriptor for /dev/kmem (kmemfd), these ioctl commands (see ioctl(2)) can be used to read or write kernel memory based on information provided in the mioc_rksym structure, which includes the following members:
   	char *mirk_symname;	/* symbol at whose address read will start */
   	void *mirk_buf;	/* buffer into which data will be written */
   	size_t mirk_buflen;	/* length (in bytes) of read buffer */

The second argument to ioctl determines which I/O operation is being performed:


MIOC_READKSYM
Read mirk_buflen bytes of kernel memory starting at the address for mirk_symname into mirk_buf.

MIOC_IREADKSYM
Read sizeof(void *) bytes of kernel memory starting at the address for mirk_symname and use that as the address from which to read mirk_buflen bytes of kernel memory into mirk_buf.

MIOC_WRITEKSYM
Write mirk_buflen bytes into kernel memory starting at the address for mirk_symname from mirk_buf.

MIOC_IWRITEKSYM
Read sizeof(void *) bytes of kernel memory starting at the address for mirk_symname and use that as the address from which to write mirk_buflen bytes of kernel memory into mirk_buf.

Return values

In addition to the error conditions listed on ioctl(2), these ioctl commands can fail for the following reasons:

EBADF
kmemfd open for reading and this is MIOC_WRITEKSYM or kmemfd open for writing and this is MIOC_READKSYM

EFAULT
Value of mirk_buflen results in attempt to read outside kernel virtual address space, or the third argument to ioctl is an invalid pointer, or an invalid pointer is given for the symbol name or buffer in the mioc_rksym structure

EINVAL
Second argument to ioctl is invalid

ENAMETOOLONG
Symbol name is longer than MAXSYMNMLEN characters

ENOMATCH
Symbol names not found in the running kernel (including loaded modules)

ENXIO
kmemfd open on wrong minor device (that is, not /dev/kmem)

References

getksym(2), ioctl(2), nlist(3elf)
© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 25 April 2004