Re: Cannot read from /dev/kmem

On Wed, 4 May 2005 17:20:36 +0200 (CEST)
Leszek Koltunski <[email protected]> wrote:

> 
> Kernel 2.6.11 , I cannot seem to be able to read from /dev/kmem... The 
> following little proggie
> 
> #include <stdio.h>
> #include <fcntl.h>
> #include <errno.h>
> 
> struct {
>          unsigned short limit;
>          unsigned int base;
> } __attribute__ ((packed)) idtr;
> 
> struct {
>          unsigned short off1;
>          unsigned short sel;
>          unsigned char none,flags;
>          unsigned short off2;
> } __attribute__ ((packed)) idt;
> 
> int main()
> {
>          int result, kmem = open ("/dev/kmem",O_RDONLY);
> 
>          asm ("sidt %0" : "=m" (idtr));
>          printf("idtr base at 0x%X\n",(int)idtr.base);
> 
>          if (kmem<0) return 1;
> 
>          if (lseek(kmem,  idtr.base + 8*0x80,SEEK_SET) != idtr.base + 
> 8*0x80 )
>          {
>                  perror("kmem lseek"); exit(1);
>          }
> 
>          result = read(kmem, &idt , sizeof(idt) );
> 
>          if( result != sizeof(idt) )
>          {
>                  printf("result: %d, sizeof(idt)= %d errno=%d\n", result, 
> sizeof(idt), errno);
>          }
> 
>          close(kmem);
> 
>          return 0;
> }
> 
> returns
> 
> utumno:/home/leszek/progs/module/hijack# ./test
> idtr base at 0xC0423000
> result: -1, sizeof(idt)= 8 errno=22
> 
> ??? EINVAL
> 
> I remember this working on a 2.4.x kernel....

Hm, let me see if I can explain what I see here...

vfs_llseek() sets f_pos (file position) to 0xffffffff.c04230000 (due
to sign extension).  In read(), rw_verify_area() sees that pos
as < 0 and balks on it.

I futzed around with lseek() and read(), to no avail.
However, I did get your test program to work by using lseek64()
instead of lseek().  It prints (after I added code) a selector
value of 0x60, which makes sense.

Maybe you have to use llseek() or lseek64() with large 32-bit
file offsets (that look like 32-bit negative numbers)...
I dunno.

HTH.
---
~Randy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • Cannot read from /dev/kmem
    • From: Leszek Koltunski <[email protected]>

• Prev by Date: Re: repeatable mm/rmap.c crash in 2.6.11.*
• Next by Date: Re: Help with the high res timers
• Previous by thread: Cannot read from /dev/kmem
• Next by thread: Re: Cannot read from /dev/kmem
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]