• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Using sysctl inside kernel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Using sysctl inside kernel

  • Subject: Using sysctl inside kernel
  • From: "Matthew Jaffa" <email@hidden>
  • Date: Mon, 03 May 2004 14:36:33 -0600
Hi,

I know no one really encourages using sysctl inside the kernel,
but that is what I am trying,
I have read kern_sysctl.c, and kern_newsysctl.c looking into the
kern_sysctl and kern_procargs methods.

And read kern_execv.c something like that, to know what happens at process creation time.

In my KEXT I have successfully done kern_sysctl with mibs of
mib[0] = KERN_PROCARGS2;
mib[1] = the_process_id;


And the sysctl has returned successfully, but it appears that I get garbage back, I know that is grabbing something new, because I set the char * value : pathss[0] = '4'; pathss[1] = '\0';
And then after the call they change,
Anyone who knows about this stuff, know how to take what I return and give me the correct procargs for that process, kern_procargs I see takes the virtual memory from the pid to find the procargs for that process stored on its user stack. And copies it into kernel space.
So I am using kern_sysctl -> which then calls kern_procargs2 and then calls kern_procargsx which is where all the virtual memory copying from user space to kernel space happens.

I know procargs2 is new to panther and I am using this under Panther only, If there is anyone out there that is willing to help, please let me know. I know I have gotten messages before that you can't be sure of getting the path, but if I read execv correctly from the xnu sources, it is storing the procs arguments on the top, or bottom, of the stack depending on how it is interpreted. I am ok if they move the application around, I still want what is stored on the stack at the time the process was created. I have successfully done this in userspace, using some code I got from Panther's ps command line that lists all the processes, I then took that code and modified it for the kernel, and after much work finally got it to succeed, but lacking correct results.


Maybe what I am getting back from my kern_sysctl call is right but don't know how to format or interpret the resulting data back, it says it succeeded, but I doubt it is not working since I printed out every character from the resulting char * back, and no path like part was ever printed out.

Thanks,
Matt

_________________________________________________________________
MSN Toolbar provides one-click access to Hotmail from any Web page  FREE download! http://toolbar.msn.com/go/onm00200413ave/direct/01/
_______________________________________________
darwin-kernel mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-kernel
Do not post admin requests to the list. They will be ignored.

  • Prev by Date: Re: Darwin 7.1
  • Next by Date: Is there a file system flag for >2GB file support?
  • Previous by thread: Re: Darwin 7.1
  • Next by thread: Is there a file system flag for >2GB file support?
  • Index(es):
    • Date
    • Thread