Read data from proc/sys/kernel/
mov ecx, 2
A flags
value of 2 for open()
is O_RDWR
. You're attempting to open the file read-write, which as a normal user you cannot do because it's writable only by root
(mode 0644
on my system). Unix permission checks are done when you open the file, not on each individual read and write, so this fails even though you do not intend to actually write to the file.
So the open
call returns a negative error code (which you don't check for), you pass this as the fd to read which thus also fails with a negative error code (which you also don't check for) and thus your buffer still contains a bunch of zeros. You pass this negative error code as the length to write()
, which interprets it as a huge positive number and writes out not only the zero bytes from buf
, but also whatever garbage follows it in memory, until it runs off the end of your address space.
This does work for me as root. I don't quite understand your last paragraph and can't tell whether it does or doesn't work for you in that case. If it doesn't, you may have securelevels or some other mechanism that prevents writing the file even as root. Note that some other files in /proc/sys/kernel
are not writable even by root
, e.g. /proc/sys/kernel/version
which is 0444
, so for those files your program will fail as above even if you are root
.
But since you don't care about writing the file, just use flags O_RDONLY
which has the value 0. So xor ecx, ecx
instead. With this change the program works for me as a normal user.
Error checking throughout would be a good idea.
How does the command 'echo 6 /proc/sys/kernel/printk' work?
Filesystem entries under /proc
behave somewhat like function calls. "Writing" a string to the file is like calling a function with the string as an argument. "Reading" from the file is like calling a function with no argument and getting back the return value. The behavior of each "function" is defined by the kernel (or at least, by the proc
file system exposed by the filesystem entries).
See https://www.kernel.org/doc/html/latest/core-api/printk-basics.html for the details on how printk
in particular works. In short, writing a number to the file changes the current logging level, while reading shows the current (if changed), default, minimum, and boot-time default logging levels.
How to read/write from/to a linux /proc file from kernel space?
That's not how it works. When a userspace program opens the files, they are generated on the fly on a case-by-case basis. Most of them are readonly and generated by a common mechanism:
- Register an entry with create_proc_read_entry
- Supply a callback function (called read_proc by convention) which is called when the file is read
- This callback function should populate a supplied buffer and (typically) call proc_calc_metrics to update the file pointer etc supplied to userspace.
You (from the kernel) do not "write" to procfs files, you supply the results dynamically when userspace requests them.
Access data from proc file within kernel module
Procfs is an in-memory file system. It is an interface for the userspace to fetch info and put (config) info into the kernel data structures. In other words, procfs enables userspace to interact and look into the kernel data structures the way they exist during runtime.
Hence, any file inside /proc is not meant to be read from inside a kernel or a kernel module. And why would one want to do that? In a monolithic kernel like Linux, you can access the data structures of one subsystem in the kernel through another directly or through a pre-defined function.
The following function call might help:
struct timespec uptime;
do_posix_clock_monotonic_gettime(&uptime);
You can refer to the /proc/uptime implementation at the link below, it is essentially a seq_file
.
http://lxr.free-electrons.com/source/fs/proc/uptime.c
How to parse large amount of data passed to kernel module through /proc file?
I finally decided to write something proper to solve this problem.
kio
kio
in short, will be a port of C's standard stdio.h
for kernel modules. It will support either of /proc
, /sys
and /dev
file systems in both read and write modes, whether text or binary. kio
follows the standard closely, but has its minor tweaks to ensure safety in kernel space.
Current status:
/proc
files can be created- Read functions are implemented
- Write functions are implemented
- The files can be only opened by users once at a time
What is the best way to read from Linux /proc interfaces using C user space code?
I think for a perl or shell script it's perfectly fine to read and parse the /proc/ data. In a C program, if robustness is required, I would use a kernel (probably a sysctl
) interface.
Turns out that the procps-bundled pmap implementation parses /proc/PID/maps
files line-by-line as follows (see one_proc()
function):
sscanf(mapbuf,"%"KLF"x-%"KLF"x %31s %Lx %x:%x %Lu", &start, &end, flags, &file_offset, &dev_major, &dev_minor, &inode);
EDIT: Original version of my answer showed a way to parse data on shared memory segments only, not all mapped memory segments as the OP desired.
I believe ipcs -m
will give you the same data for multiple processes. So the answer to your second question is that you should read the ipcs
code: (e.g BSD version, Linux version):
What is the recommended way to update a proc entry from Python
There are a couple of problems with your code.
Firstly, you want to write to the file, but you're opening it in read mode.
Secondly, .write
expects string data, not an integer.
We can get rid of the if
test by exploiting the fact that False
and True
have integer values of 0 & 1, respectively. The code below uses the print
function rather than .write
because print
can convert the integer returned by int(enable)
to a string. Also, print
appends a newline (unless you tell it not to via the end
argument), so this way the Python code performs the same action as your Bash command lines.
def set_mode(enable=True):
with open('/proc/sys/fs/offs/ts/enable', 'w') as p:
print(int(enable), file=p)
If you want to do it with .write
, change the print
line to:
p.write(str(int(enable)) + '\n')
There's a way to do that conversion from boolean to string in one step: use the boolean to index into a string literal:
'01'[enable]
It's short & fast, but some would argue that it's a little cryptic to use booleans as indices.
Related Topics
Stop on Newline When Using Read(...)
Problems with Accessing Command Line Arguments in Linux from X86 Asm
Assembly Call Subprograms Based on User Input
No Console Output Available on Linux When Executing Grails/Groovy
Write Failing Without Error on Qspi (Spansion S25Hs512T) - U-Boot
How to Determinate Destination MAC Address
Determine Os from a Single Command Line Operation
Bash - How to Match Files Names to Use in Loop
How to Get Docker Commands to Run in the Background with Nohup
How to Read from User in Rpm Install Script
Linux Ipc: Shared Memory Recovery
How to Create Shell Variable with Dashes
Bash Script to Get Specific User(S) Id and Processes Count
Phusion Passenger Nginx Module Installer V3.0.17 Issue on Debian 6.0.5 Amd64 Due to Broken Package