KVM_OPEN(3) | Library Functions Manual | KVM_OPEN(3) |
kvm_open
, kvm_openfiles
,
kvm_close
—
#include <fcntl.h>
#include <kvm.h>
kvm_t *
kvm_open
(const
char *execfile, const
char *corefile, char
*swapfile, int
flags, const char
*errstr);
kvm_t *
kvm_openfiles
(const
char *execfile, const
char *corefile, char
*swapfile, int
flags, char
*errbuf);
int
kvm_close
(kvm_t
*kd);
kvm_open
() and
kvm_openfiles
() return a descriptor used to access
kernel virtual memory via the
kvm(3) library routines. Both
active kernels and crash dumps are accessible through this interface.
execfile is the executable image of the
kernel being examined. This file must contain a symbol table. If this
argument is NULL
, the currently running system is
assumed; in this case, the functions will attempt to use the
ksyms(4) device indicated by
_PATH_KSYMS
in
<paths.h>
; if that fails,
then they will use the file indicated by the
sysctl(3) variable
machdep.booted_kernel, or (if the sysctl information
is not available) the default kernel path indicated by
_PATH_UNIX
in
<paths.h>
.
corefile is the kernel memory device file.
It can be either /dev/mem or a crash dump core
generated by savecore(8). If
corefile is NULL
, the default
indicated by _PATH_MEM
from
<paths.h>
is used.
swapfile should indicate the swap device. If
NULL
, _PATH_DRUM
from
<paths.h>
is used.
The flags argument indicates read/write
access as in open(2) and applies
only to the core file. The only permitted flags from
open(2) are
O_RDONLY
, O_WRONLY
, and
O_RDWR
.
As a special case, a flags argument of
KVM_NO_FILES
will initialize the
kvm(3) library for use on active
kernels only using sysctl(3)
for retrieving kernel data and ignores the execfile,
corefile and swapfile arguments.
Only a small subset of the kvm(3)
library functions are available using this method. These are currently
kvm_getproc2(3),
kvm_getargv2(3) and
kvm_getenvv2(3).
There are two open routines which differ only with respect to the error mechanism. One provides backward compatibility with the SunOS kvm library, while the other provides an improved error reporting framework.
The kvm_open
() function is the Sun kvm
compatible open call. Here, the errstr argument
indicates how errors should be handled. If it is
NULL
, no errors are reported and the application
cannot know the specific nature of the failed kvm call. If it is not
NULL
, errors are printed to stderr with
errstr prepended to the message, as in
perror(3). Normally, the name
of the program is used here. The string is assumed to persist at least until
the corresponding kvm_close
() call.
The kvm_openfiles
() function provides
BSD style error reporting. Here, error messages are
not printed out by the library. Instead, the application obtains the error
message corresponding to the most recent kvm library call using
kvm_geterr
() (see
kvm_geterr(3)). The
results are undefined if the most recent kvm call did not produce an error.
Since kvm_geterr
() requires a kvm descriptor, but
the open routines return NULL
on failure,
kvm_geterr
() cannot be used to get the error message
if open fails. Thus, kvm_openfiles
() will place any
error message in the errbuf argument. This buffer
should be _POSIX2_LINE_MAX characters large (from
<limits.h>
).
kvm_open
() and
kvm_openfiles
() functions both return a descriptor to
be used in all subsequent kvm library calls. The library is fully re-entrant.
On failure, NULL
is returned, in which case
kvm_openfiles
() writes the error message into
errbuf.
The kvm_close
() function returns 0 on
success and -1 on failure.
September 14, 2011 | NetBSD 9.0 |