Can we access any physical memory via some kernel code.? Because, i wrote a device driver which only had init_module and exit_module.. the code is following.
我们可以通过一些内核代码访问任何物理内存吗?因为,我写了一个只有init_module和exit_module的设备驱动程序..代码如下。
int init_module(void) {
unsigned char *p = (unsigned char*)(0x10);
printk( KERN_INFO "I got %u \n", *p);
return 0;
}
and a dummy exit_module.. the problem is the computer gets hung when i do lsmod.. What happens? Should i get some kinda permission to access the mem location?
和一个虚拟的exit_module ..问题是当我做lsmod时计算机挂起..会发生什么?我应该获得访问mem位置的某种许可吗?
kindly explain.. I'm a beginner!
请解释..我是初学者!
3 个解决方案
#1
11
To access real physical memory you should use phys_to_virt function. In case it is io memory (e.g. PCI memory) you should have a closer look at ioremap.
要访问真实的物理内存,您应该使用phys_to_virt函数。如果它是io内存(例如PCI内存),你应该仔细看看ioremap。
This whole topic is very complex, if you are a beginner I would suggest some kernel/driver development books/doc.
整个主题非常复杂,如果您是初学者,我会建议一些内核/驱动程序开发书籍/ doc。
#2
6
I suggest reading the chapter about memory in this book:
我建议在本书中阅读关于记忆的章节:
http://lwn.net/Kernel/LDD3/
It's available online for free. Good stuff!
它可以在线免费获得。好东西!
#3
4
Inside the kernel, memory is still mapped virtually, just not the same way as in userspace.
在内核中,内存仍然是虚拟映射的,与用户空间的方式不同。
The chances are that 0x10 is in a guard page or something, to catch null pointers, so it generates an unhandled page fault in the kernel when you touch it.
可能是0x10在保护页面或其他东西中,以捕获空指针,因此当您触摸它时,它会在内核中生成未处理的页面错误。
Normally this causes an OOPS not a hang (but it can be configured to cause a panic). OOPS is an unexpected kernel condition which can be recovered from in some cases, and does not necessarily bring down the whole system. Normally it kills the task (in this case, insmod)
通常这会导致OOPS不挂起(但可以配置为导致恐慌)。 OOPS是一种意想不到的内核条件,在某些情况下可以恢复,并不一定会导致整个系统崩溃。通常它会杀死任务(在本例中为insmod)
Did you do this on a desktop Linux system with a GUI loaded? I recommend that you set up a Linux VM (Vmware, virtualbox etc) with a simple (i.e. quick to reboot) text-based distribution if you want to hack around with the kernel. You're going to crash it a bit and you want it to reboot as quickly as possible. Also by using a text-based distribution, it is easier to see kernel crash messages (Oops or panic)
您是否在装有GUI的桌面Linux系统上执行此操作?如果您想破解内核,我建议您使用简单(即快速重启)基于文本的分发来设置Linux VM(Vmware,virtualbox等)。你会崩溃一点,你希望它尽快重启。此外,通过使用基于文本的分发,更容易看到内核崩溃消息(糟糕或恐慌)
#1
11
To access real physical memory you should use phys_to_virt function. In case it is io memory (e.g. PCI memory) you should have a closer look at ioremap.
要访问真实的物理内存,您应该使用phys_to_virt函数。如果它是io内存(例如PCI内存),你应该仔细看看ioremap。
This whole topic is very complex, if you are a beginner I would suggest some kernel/driver development books/doc.
整个主题非常复杂,如果您是初学者,我会建议一些内核/驱动程序开发书籍/ doc。
#2
6
I suggest reading the chapter about memory in this book:
我建议在本书中阅读关于记忆的章节:
http://lwn.net/Kernel/LDD3/
It's available online for free. Good stuff!
它可以在线免费获得。好东西!
#3
4
Inside the kernel, memory is still mapped virtually, just not the same way as in userspace.
在内核中,内存仍然是虚拟映射的,与用户空间的方式不同。
The chances are that 0x10 is in a guard page or something, to catch null pointers, so it generates an unhandled page fault in the kernel when you touch it.
可能是0x10在保护页面或其他东西中,以捕获空指针,因此当您触摸它时,它会在内核中生成未处理的页面错误。
Normally this causes an OOPS not a hang (but it can be configured to cause a panic). OOPS is an unexpected kernel condition which can be recovered from in some cases, and does not necessarily bring down the whole system. Normally it kills the task (in this case, insmod)
通常这会导致OOPS不挂起(但可以配置为导致恐慌)。 OOPS是一种意想不到的内核条件,在某些情况下可以恢复,并不一定会导致整个系统崩溃。通常它会杀死任务(在本例中为insmod)
Did you do this on a desktop Linux system with a GUI loaded? I recommend that you set up a Linux VM (Vmware, virtualbox etc) with a simple (i.e. quick to reboot) text-based distribution if you want to hack around with the kernel. You're going to crash it a bit and you want it to reboot as quickly as possible. Also by using a text-based distribution, it is easier to see kernel crash messages (Oops or panic)
您是否在装有GUI的桌面Linux系统上执行此操作?如果您想破解内核,我建议您使用简单(即快速重启)基于文本的分发来设置Linux VM(Vmware,virtualbox等)。你会崩溃一点,你希望它尽快重启。此外,通过使用基于文本的分发,更容易看到内核崩溃消息(糟糕或恐慌)