HardenedBSD/lib/libkvm/kvm.3
Leandro Lupori 38cf2a4334 Implement kvm_kerndisp
This change adds a new libkvm function, kvm_kerndisp(), that can be used to
retrieve the kernel displacement, that is the difference between the kernel's
base virtual address at run time and the kernel base virtual address specified
in the kernel image file.

This will be used by kgdb, to properly relocate kernel symbols, when needed.

Reviewed by:	jhb
Differential Revision:	https://reviews.freebsd.org/D23285
2020-02-06 13:21:59 +00:00

164 lines
4.9 KiB
Groff

.\" Copyright (c) 1992, 1993
.\" The Regents of the University of California. All rights reserved.
.\"
.\" This code is derived from software developed by the Computer Systems
.\" Engineering group at Lawrence Berkeley Laboratory under DARPA contract
.\" BG 91-66 and contributed to Berkeley.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\" may be used to endorse or promote products derived from this software
.\" without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" @(#)kvm.3 8.1 (Berkeley) 6/4/93
.\" $FreeBSD$
.\"
.Dd February 5, 2020
.Dt KVM 3
.Os
.Sh NAME
.Nm kvm
.Nd kernel memory interface
.Sh LIBRARY
.Lb libkvm
.Sh DESCRIPTION
The
.Nm
library provides a uniform interface for accessing kernel virtual memory
images, including live systems and crash dumps.
Access to live systems is via
.Xr sysctl 3
for some functions, and
.Xr mem 4
and
.Xr kmem 4
for other functions,
while crash dumps can be examined via the core file generated by
.Xr savecore 8 .
The interface behaves similarly in both cases.
Memory can be read and written, kernel symbol addresses can be
looked up efficiently, and information about user processes can
be gathered.
.Pp
The
.Fn kvm_open
function is first called to obtain a descriptor for all subsequent calls.
.Sh COMPATIBILITY
The kvm interface was first introduced in SunOS.
A considerable
number of programs have been developed that use this interface,
making backward compatibility highly desirable.
In most respects, the Sun kvm interface is consistent and clean.
Accordingly, the generic portion of the interface (i.e.,
.Fn kvm_open ,
.Fn kvm_close ,
.Fn kvm_read ,
.Fn kvm_write ,
and
.Fn kvm_nlist )
has been incorporated into the
.Bx
interface.
Indeed, many kvm
applications (i.e., debuggers and statistical monitors) use only
this subset of the interface.
.Pp
The process interface was not kept.
This is not a portability
issue since any code that manipulates processes is inherently
machine dependent.
.Pp
Finally, the Sun kvm error reporting semantics are poorly defined.
The library can be configured either to print errors to
.Dv stderr
automatically,
or to print no error messages at all.
In the latter case, the nature of the error cannot be determined.
To overcome this, the
.Bx
interface includes a
routine,
.Xr kvm_geterr 3 ,
to return (not print out) the error message
corresponding to the most recent error condition on the
given descriptor.
.Sh CROSS DEBUGGING
The
.Nm
library supports inspection of crash dumps from non-native kernels.
Only a limited subset of the kvm interface is supported for these dumps.
To inspect a crash dump of a non-native kernel,
the caller must provide a
.Fa resolver
function when opening a descriptor via
.Fn kvm_open2 .
In addition,
the kvm interface defines an integer type
.Pq Vt kvaddr_t
that is large enough to hold all valid addresses of all supported
architectures.
The interface also defines a new namelist structure type
.Pq Vt "struct kvm_nlist"
for use with
.Fn kvm_nlist2 .
To avoid address truncation issues,
the caller should use
.Fn kvm_nlist2
and
.Fn kvm_read2
in place of
.Fn kvm_nlist
and
.Fn kvm_read ,
respectively.
Finally, only a limited subset of operations are supported for non-native
crash dumps:
.Fn kvm_close ,
.Fn kvm_geterr ,
.Fn kvm_kerndisp ,
.Fn kvm_open2 ,
.Fn kvm_native ,
.Fn kvm_nlist2 ,
and
.Fn kvm_read2 .
.Sh SEE ALSO
.Xr kvm_close 3 ,
.Xr kvm_getargv 3 ,
.Xr kvm_getenvv 3 ,
.Xr kvm_geterr 3 ,
.Xr kvm_getloadavg 3 ,
.Xr kvm_getprocs 3 ,
.Xr kvm_getswapinfo 3 ,
.Xr kvm_kerndisp 3 ,
.Xr kvm_native 3 ,
.Xr kvm_nlist 3 ,
.Xr kvm_nlist2 3 ,
.Xr kvm_open 3 ,
.Xr kvm_open2 3 ,
.Xr kvm_openfiles 3 ,
.Xr kvm_read 3 ,
.Xr kvm_read2 3 ,
.Xr kvm_write 3 ,
.Xr sysctl 3 ,
.Xr kmem 4 ,
.Xr mem 4