| KVM_OPEN(3) | Library Functions Manual | KVM_OPEN(3) | 
kvm_open, kvm_openfiles,
  kvm_close —
#include <fcntl.h>
#include <kvm.h>
kvm_t *
  
  kvm_open(const
    char *execfile, const
    char *corefile, char
    *swapfile, int
    flags, const char
    *errstr);
kvm_t *
  
  kvm_openfiles(const
    char *execfile, const
    char *corefile, char
    *swapfile, int
    flags, char
    *errbuf);
int
  
  kvm_close(kvm_t
    *kd);
kvm_open() and
  kvm_openfiles() return a descriptor used to access
  kernel virtual memory via the
  kvm(3) library routines. Both
  active kernels and crash dumps are accessible through this interface.
execfile is the executable image of the
    kernel being examined. This file must contain a symbol table. If this
    argument is NULL, the currently running system is
    assumed; in this case, the functions will attempt to use the
    ksyms(4) device indicated by
    _PATH_KSYMS in
    <paths.h>; if that fails,
    then they will use the file indicated by the
    sysctl(3) variable
    machdep.booted_kernel, or (if the sysctl information
    is not available) the default kernel path indicated by
    _PATH_UNIX in
    <paths.h>.
corefile is the kernel memory device file.
    It can be either /dev/mem or a crash dump core
    generated by savecore(8). If
    corefile is NULL, the default
    indicated by _PATH_MEM from
    <paths.h> is used.
swapfile should indicate the swap device. If
    NULL, _PATH_DRUM from
    <paths.h> is used.
The flags argument indicates read/write
    access as in open(2) and applies
    only to the core file. The only permitted flags from
    open(2) are
    O_RDONLY, O_WRONLY, and
    O_RDWR.
As a special case, a flags argument of
    KVM_NO_FILES will initialize the
    kvm(3) library for use on active
    kernels only using sysctl(3)
    for retrieving kernel data and ignores the execfile,
    corefile and swapfile arguments.
    Only a small subset of the kvm(3)
    library functions are available using this method. These are currently
    kvm_getproc2(3),
    kvm_getargv2(3) and
    kvm_getenvv2(3).
There are two open routines which differ only with respect to the error mechanism. One provides backward compatibility with the SunOS kvm library, while the other provides an improved error reporting framework.
The kvm_open() function is the Sun kvm
    compatible open call. Here, the errstr argument
    indicates how errors should be handled. If it is
    NULL, no errors are reported and the application
    cannot know the specific nature of the failed kvm call. If it is not
    NULL, errors are printed to stderr with
    errstr prepended to the message, as in
    perror(3). Normally, the name
    of the program is used here. The string is assumed to persist at least until
    the corresponding kvm_close() call.
The kvm_openfiles() function provides
    BSD style error reporting. Here, error messages are
    not printed out by the library. Instead, the application obtains the error
    message corresponding to the most recent kvm library call using
    kvm_geterr() (see
    kvm_geterr(3)). The
    results are undefined if the most recent kvm call did not produce an error.
    Since kvm_geterr() requires a kvm descriptor, but
    the open routines return NULL on failure,
    kvm_geterr() cannot be used to get the error message
    if open fails. Thus, kvm_openfiles() will place any
    error message in the errbuf argument. This buffer
    should be _POSIX2_LINE_MAX characters large (from
    <limits.h>).
kvm_open() and
  kvm_openfiles() functions both return a descriptor to
  be used in all subsequent kvm library calls. The library is fully re-entrant.
  On failure, NULL is returned, in which case
  kvm_openfiles() writes the error message into
  errbuf.
The kvm_close() function returns 0 on
    success and -1 on failure.
| September 14, 2011 | NetBSD 9.4 |