I want to make a kernel module that scans a user-run process' memory and changes some values. I'm having some trouble figuring out the proper way to interface with user-memory.
我想创建一个内核模块来扫描用户运行进程的内存并更改一些值。我在找出与用户内存接口的正确方法时遇到了一些麻烦。
I found the copy_to_user
and copy_from_user
functions from the IBM article User space memory access from the Linux kernel. But they take a user-space pointer. Since I'm not sure where the variable is that I want to change, I would like to scan the memory of the user-process but can't seem to find how.
我发现了来自Linux内核的IBM文章用户空间内存访问的copy_to_user和copy_from_user函数。但他们采用了用户空间指针。由于我不确定变量在哪里,我想要更改,我想扫描用户进程的内存,但似乎无法找到如何。
I was thinking of reading /proc/$(pidof process)/maps
for the address since the variable I want to change is in a shared object there. However, I read online that it's not good practice to read files in from a kernel module.
我正在考虑为地址读取/ proc / $(pidof进程)/ maps,因为我想要更改的变量位于那里的共享对象中。但是,我在网上读到,从内核模块读取文件并不是一个好习惯。
I was also thinking perhaps I could rig the copy_from_user function to copy the entire thing but didn't think that was a good idea since it's really big.
我也在想也许我可以通过copy_from_user函数来复制整个事情,但不认为这是一个好主意,因为它真的很大。
Any suggestions would be appreciated. Thanks.
任何建议,将不胜感激。谢谢。
1 个解决方案
#1
-2
What are you scanning the memory for and why can't you just do that from userspace? This is easily doable with accessing the mem file in proc.
你在扫描内存是什么,为什么你不能从用户空间那里做到这一点?访问proc中的mem文件很容易实现。
As for the answer to the question, I'm afraid this is one of the things that if you have a reason to do it, you can easily find out how to do it on your own.
至于问题的答案,我担心如果你有理由这样做,你可以很容易地找到如何自己做的事情。
#1
-2
What are you scanning the memory for and why can't you just do that from userspace? This is easily doable with accessing the mem file in proc.
你在扫描内存是什么,为什么你不能从用户空间那里做到这一点?访问proc中的mem文件很容易实现。
As for the answer to the question, I'm afraid this is one of the things that if you have a reason to do it, you can easily find out how to do it on your own.
至于问题的答案,我担心如果你有理由这样做,你可以很容易地找到如何自己做的事情。