Hi,
I have a question about Linux kernel programming and I hope you will answer it:
structure "slab" is defined in kernel code named "slab.c" (it is not defined in any kernel header).
I want to use it in my code. how can I typedef it ?Code:struct slab { struct list_head list; unsigned long colouroff; void *s_mem; /* including colour offset */ unsigned int inuse; /* num of objs active in slab */ unsigned short nodeid; };
This structure is not defined in any header files because it is used in only file: slab.c. Why do you want to *use* this structure? If you just like the layout of it, then put it in your code. This structure is not exported to the kernel from the memory manager, so it will do you little good in keeping this structure exactly the same.
I 'm writing a code to traverse all the allocated slab lists. To do so I have to typedef slab and some other structures.
So you mean if I copy/paste the the exact definition to my code, it will work synchronously with kernel? and I will be able to traverse allocated slabs in the kernel?
Yuck.
HMMMMMMM.
Well, there are so many things that you have not said -- to many variables to be able to answer "yes" to your question. Theoretically, one (with enough knowledge of the slab/slub/slob allocators) could map themselves into the kernel (as a module, or a promoted user) and transverse memory pages, but what good will that do for you? Really that list is an internal allocator list and is not publicized by that driver -- meaning that gaining access to that random snippet of code will require you to export a variable that you add to the allocator and then reference that variable in your code. What you'll then run into is that you'll need (I presume) to lock that variable, but you cannot. I think that the only locks allowed in the allocator are spinlocks, not semaphores/mutexes.
What are you attempting to accomplish? Knowing that would help me to get you the right information.Why? What information do you hope to glean by doing this? It almost sounds like you are attempting to write malicious code -- but I'm giving you the benefit of the doubt.Originally Posted by aliasghar
first of all: thanks for you answers!
I could not reply to you bacause I did'nt have access to internet for some days.
well, I 'm writing an anti-malicious code. A code to find hidden processes. In the book "Designing BSD Rootkits" Joseph Kong offers a way for doing this: traverse all slab lists that have been allocated for processes and find process ids (this will find all processes even hidden ones), then traverse kernel process list and compare them with previous list.It almost sounds like you are attempting to write malicious code
I'm trying to implement this in linux.
this is my BSc project.
I tried your first offer: I defined these structures in my code. now the problem is that how can I synch the defined variables with kernel ones. in other words, how can I import cache_chain (cache list) structure to my code?
