I'm dealing with an anti-debug application which disables EXCEPTION_DEBUG_EVENT from being passed to my debugger, instead it executes its SEH and UnhandledExceptionFilters. I tried it with 3 different debuggers (even selfmade one) My debugger receives other debug events like LOAD_DLL, CREATE_THREAD etc Exceptions are not passed when fi...
I'm trying to build a rootfs for an x86 target, which is all simple enough. However I can't figure out how I configure the kernel that buildroot produces. The first run through came up with menuconfig, but it's cached the .config since then and I can't see where to change it. ~650MB of kernel modules don't do good things to an embedde...
Hello, I am trying to link to the Kernel framework as a 3rd party library is using functions from the I/O Kit library (http://developer.apple.com/mac/library/documentation/Darwin/Reference/KernelIOKitFramework/index.html). I am new to development on MacX, I am on Snow Leopard and I compile with the -m32 flag. g++-4.2 -headerpad_max_in...
I want to move very quickly a rectangle over a framebuffer in an embedded linux application. I have found that the function cfb_copyarea may be useful. But I cannot find any ioctl over the /dev/fb device to call the function. Or can this function be called directly? ...
I would like to develop a command line program that worked like so: myprogram /c [some_executable_here] Which launched the command specified by the user and "watched" the process (and any sub-processes) for read I/O and when that program exits, print a listing of files that were "read" (ultimately resulted in a read() system call). My...
hi, I am in a kernel module and I want to have the whole process name from a given pid. exactly: I want the line which is hold in /proc/PID/cmdline. The problem is that task_struct->comm[] is only 15 bytes long and doesn't handle if a program changes his argv[] manually or via setproctitle(3)... any ideas? :) ...
It's been a while since I worked on a Linux kernel module, and I seem to remember that there was a place to stash context in your open() open implementation that would be available in your other file_operations... For example, if I want to maintain some state associated with everyone that opens my device node, if either the inode structu...
In Linux, what happens to the state of a process when it needs to read blocks from a disk? Is it blocked? If so, how is another process chosen to execute? ...
I have a multi-threaded .NET application that occasionally terminates without any message. When I check the log there is an entry for an "Application Error in KERNEL32.dll". What could be causing this? Here is some basic code: foreach (int id in ids) { ThreadPool.QueueUserWorkItem(new WaitCallback(ProcessData), id); } The ProcessDa...
I writing a linux kernel module that does some work with /proc... I'm trying to use the new seq methods for returning the data for /proc... Anyhow, after I call proc_create_data() I have a proc_dir_entry (whose ->data member is pointing at my supplied context)... Anyhow, the file_operations structure is also passed and I really need to k...
After searching around a bit and consulting the Dinosaur Book, I've come to SO seeking wisdom. Note that this is somewhat homework-related, but actually isn't a homework problem. Also, this is using the C programming language. I'm working with a kernel that currently allocates memory in 4K chunks. In an attempt to cut down on wasted mem...
Under Linux you can use Kdump to reliably capture the state of the system at the time of an OOPS ( kernel crash ) . Does Kdump work the same when the kernel is running under VMWare? I'm using VmWare Server 2.0. ...
Hello, This question relates to IO Kit programming on Mac OS X. I have an IO Service Port reference (io_service_t). Is there an API I can use to make whatever is on the end of that IOService port reference power off? I have tried with all my googling might, but have not found a solution. Any help would be appreciated. Cheers Jan ...
I am not a master of the kernel code, but have some basic idea of its code structure. In this post we can discuss what are the good and bad things in the design of the kernel. Update: No, this is not for homework. I would have mentioned that if that was the case. See this: http://stackoverflow.com/questions/1548442/i-know-how-to-progra...
How much of a security risk are linux kernel modules? I remember reading that it was possible if someone got access, that all they had to do was load a rootkit module. Is this correct? Is there any way to protect against this? What parts of the kernel are actually exposed through the module interface, and what functions do programmers h...
Hey, In earlier versions of "vmstat", the device minor version was used to determine whether it was a partition or a disk (0 => disk and >0 => partition)). Am I not correct? Then, from kernel version 2.6.x some metrics were measured only at the disk-level, and hence the parsing algorithm was based on the number of metrics associated wi...
Hello For those familiar with Linux, it is possible to create a module and register it as a block device. This allows the user to mount it as a regular disk (while all the block I/O is handled by the module, e.g. usb-massstorage). Is there a way to do this in Windows ? (Need to create a volume mountable by windows. The raw data will co...
What are typical durations of an operating system process/thread scheduling quantum? I realize that this can vary with the scheduling algorithm, priorities, workloads, hardware, etc., so I'm expecting answers to come with conditions/assumptions, or to be ballpark. I can find examples that seem to suggest something on the order of 16 mil...
Does iPhone OS use the Mach kernel? Which one exactly? Are there somewhere interesting informations about the deep internals of iPhone OS? Where should I start? I want to understand the internals of iPhone OS as deep as possible before I start thinking about how to get my app work the right way. Performance sucks so much, and I want to ...
I compiled ( no warnings ) the hello-5.c example from "The Linux Kernel Module Programming Guide" and when I tried to insmod it, I received the following error: insmod: error inserting 'hello-5.ko': -1 Unknown symbol in module I thought I would try splint to see if it came up with any obvious errors, but when I ran it I got a slew of ...