Read Data from Proc/Sys/Kernel/

Read data from proc/sys/kernel/

mov ecx, 2

A flags value of 2 for open() is O_RDWR. You're attempting to open the file read-write, which as a normal user you cannot do because it's writable only by root (mode 0644 on my system). Unix permission checks are done when you open the file, not on each individual read and write, so this fails even though you do not intend to actually write to the file.

So the open call returns a negative error code (which you don't check for), you pass this as the fd to read which thus also fails with a negative error code (which you also don't check for) and thus your buffer still contains a bunch of zeros. You pass this negative error code as the length to write(), which interprets it as a huge positive number and writes out not only the zero bytes from buf, but also whatever garbage follows it in memory, until it runs off the end of your address space.

This does work for me as root. I don't quite understand your last paragraph and can't tell whether it does or doesn't work for you in that case. If it doesn't, you may have securelevels or some other mechanism that prevents writing the file even as root. Note that some other files in /proc/sys/kernel are not writable even by root, e.g. /proc/sys/kernel/version which is 0444, so for those files your program will fail as above even if you are root.

But since you don't care about writing the file, just use flags O_RDONLY which has the value 0. So xor ecx, ecx instead. With this change the program works for me as a normal user.

Error checking throughout would be a good idea.

How does the command 'echo 6 /proc/sys/kernel/printk' work?

Filesystem entries under /proc behave somewhat like function calls. "Writing" a string to the file is like calling a function with the string as an argument. "Reading" from the file is like calling a function with no argument and getting back the return value. The behavior of each "function" is defined by the kernel (or at least, by the proc file system exposed by the filesystem entries).

See https://www.kernel.org/doc/html/latest/core-api/printk-basics.html for the details on how printk in particular works. In short, writing a number to the file changes the current logging level, while reading shows the current (if changed), default, minimum, and boot-time default logging levels.

How to read/write from/to a linux /proc file from kernel space?

That's not how it works. When a userspace program opens the files, they are generated on the fly on a case-by-case basis. Most of them are readonly and generated by a common mechanism:

  • Register an entry with create_proc_read_entry
  • Supply a callback function (called read_proc by convention) which is called when the file is read
  • This callback function should populate a supplied buffer and (typically) call proc_calc_metrics to update the file pointer etc supplied to userspace.

You (from the kernel) do not "write" to procfs files, you supply the results dynamically when userspace requests them.

Access data from proc file within kernel module

Procfs is an in-memory file system. It is an interface for the userspace to fetch info and put (config) info into the kernel data structures. In other words, procfs enables userspace to interact and look into the kernel data structures the way they exist during runtime.

Hence, any file inside /proc is not meant to be read from inside a kernel or a kernel module. And why would one want to do that? In a monolithic kernel like Linux, you can access the data structures of one subsystem in the kernel through another directly or through a pre-defined function.

The following function call might help:

struct timespec uptime;

do_posix_clock_monotonic_gettime(&uptime);

You can refer to the /proc/uptime implementation at the link below, it is essentially a seq_file.

http://lxr.free-electrons.com/source/fs/proc/uptime.c

How to parse large amount of data passed to kernel module through /proc file?

I finally decided to write something proper to solve this problem.

kio

kio in short, will be a port of C's standard stdio.h for kernel modules. It will support either of /proc, /sys and /dev file systems in both read and write modes, whether text or binary. kio follows the standard closely, but has its minor tweaks to ensure safety in kernel space.

Current status:

  • /proc files can be created
  • Read functions are implemented
  • Write functions are implemented
  • The files can be only opened by users once at a time

What is the best way to read from Linux /proc interfaces using C user space code?

I think for a perl or shell script it's perfectly fine to read and parse the /proc/ data. In a C program, if robustness is required, I would use a kernel (probably a sysctl) interface.

Turns out that the procps-bundled pmap implementation parses /proc/PID/maps files line-by-line as follows (see one_proc() function):

sscanf(mapbuf,"%"KLF"x-%"KLF"x %31s %Lx %x:%x %Lu", &start, &end, flags, &file_offset, &dev_major, &dev_minor, &inode);

EDIT: Original version of my answer showed a way to parse data on shared memory segments only, not all mapped memory segments as the OP desired.

I believe ipcs -m will give you the same data for multiple processes. So the answer to your second question is that you should read the ipcs code: (e.g BSD version, Linux version):

What is the recommended way to update a proc entry from Python

There are a couple of problems with your code.

Firstly, you want to write to the file, but you're opening it in read mode.

Secondly, .write expects string data, not an integer.

We can get rid of the if test by exploiting the fact that False and True have integer values of 0 & 1, respectively. The code below uses the print function rather than .write because print can convert the integer returned by int(enable) to a string. Also, print appends a newline (unless you tell it not to via the end argument), so this way the Python code performs the same action as your Bash command lines.

def set_mode(enable=True):
    with open('/proc/sys/fs/offs/ts/enable', 'w') as p:
        print(int(enable), file=p)

If you want to do it with .write, change the print line to:

p.write(str(int(enable)) + '\n')

There's a way to do that conversion from boolean to string in one step: use the boolean to index into a string literal:

'01'[enable]

It's short & fast, but some would argue that it's a little cryptic to use booleans as indices.


Related Topics

Stop on Newline When Using Read(...)

Problems with Accessing Command Line Arguments in Linux from X86 Asm

Assembly Call Subprograms Based on User Input

No Console Output Available on Linux When Executing Grails/Groovy

Write Failing Without Error on Qspi (Spansion S25Hs512T) - U-Boot

How to Determinate Destination MAC Address

Needs to Execute One SQL Query Against Two Oracle Dbs in Shell Script at a Time and Export the Data to Separate CSV Files

(Linux) How to Run a Program of Gtk Without Display Environment? Gtk-Warning **: Cannot Open Display:

Need to Debug Mmap So Where Is the Object File for Mmap or Module Containing Mmap() -- How to Find in Linux

Determine Os from a Single Command Line Operation

Bash - How to Match Files Names to Use in Loop

How to Get Docker Commands to Run in the Background with Nohup

How to Read from User in Rpm Install Script

Linux Ipc: Shared Memory Recovery

How to Create Shell Variable with Dashes

Bash Script to Get Specific User(S) Id and Processes Count

Phusion Passenger Nginx Module Installer V3.0.17 Issue on Debian 6.0.5 Amd64 Due to Broken Package

Linux C Socket: Blocked on Recv Call


Leave a reply



Submit