openbsd shen wrote: > struct descriptor_idt { > unsigned short offset_low, seg_selector; > unsigned char reserved, flag; > unsigned short offset_high; > }; > > ....... > > struct descriptor_idt *descriptor; > ....... > > fd_kmem = open("/dev/kmem", O_RDWR); > ptr_idt = get_addr_idt(); > descriptor = (struct descriptor_idt *) malloc(sizeof(struct descriptor_idt)); > ...... > readkmem(descriptor, ptr_idt + 8 * x, sizeof(struct descriptor_idt)); > > ...... > > void readkmem(void *m, unsigned off, int size) > { > int i; > if (lseek(fd_kmem, off, SEEK_SET) != off) { > fprintf(stderr, "Error lseek. Are you root? \n"); > exit(-1); > } > if ((i = read(fd_kmem, m, size)) != size) { > fprintf(stderr, "Error read kmem, only read %d bytes\n",i); > perror("read"); > exit(-1); > } > } > > unsigned long get_addr_idt(void) > { > unsigned char idtr[6]; > unsigned long idt; > __asm__ volatile ("sidt %0":"=m" (idtr)); > idt = *((unsigned long *) &idtr[2]); > return (idt); > } > ---------------------------------------------------------------------- > When run it, the output is: > > Error read kmem, only read 0 bytes > read: Success > > > I don't know why read error? A return value of 0 from read indicates that you are trying to read beyond the end of the file. In this case, it's because you are interpreting the IDT address in the wrong address space. ptr_idt will be in the process' virtual address space; on x86, it will be above the 3Gb mark, and your /dev/kmem probably isn't that large (even if it was, you would be reading the wrong data). If you can translate it to a physical address, you can use that as an offset into /dev/mem, but I have no idea how to perform that translation from user-space. -- Glynn Clements <glynn@xxxxxxxxxxxxxxxxxx> - : send the line "unsubscribe linux-c-programming" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html