0

Is it possible to read virtual memory even if /dev/kmem is not available? I know that I can recompile kernel to allow this file, but that's not the solution I'm looking for. Is there some tricky way I can read it sequentially e.g. from LKM? Are there some system calls which will give me direct access to virtual memory?

Improve this question
2
  • Are you after the kernel memory? Or process memory? Or memory allocated to hardware devices? Or the physical RAM? Commented Feb 27, 2012 at 23:05
  • @Gilles Yes, I want to access kernel memory, I need the exact output which gives me /dev/kmem. My goal is to search through memory, find function calls and insert kprobes on their addresses. Commented Feb 28, 2012 at 10:15

1 Answer 1

Reset to default
1

/dev/kmem is removed on most distribution because it is a tremendous security risk without any clearcut benign uses (yes, what you want to do according to the comment is violate the kernel's security). Perhaps some of the tracing packages give you what you need? System tap comes to mind...

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.