在特定物理地址处硬编码写入 RAM
[英]write hard-codded to RAM at specific physical-address
问题描述
I want write something in userspace program, for example: write the value 3 in the physical address 0xF7F4900(260MB) from the start address 0x0 , while all kernel sits in the range 0-240MB.
我想在用户空间程序中写一些东西,例如:将值3从起始地址0x0写入物理地址0xF7F4900(260MB) ,而所有 kernel 都位于 0-240MB 范围内。 How can I do it?我该怎么做? any idea please?有什么想法吗?
Best regards.此致。
I thought to use mmap but I think it gets me the virtual address.我想使用 mmap 但我认为它可以让我获得虚拟地址。
memfd = open("/dev/mem", O_RDWR);
map = mmap(0xF7F4900, sizeof(int), PROT_WRITE, MAP_SHARED, memfd, 0);
*map = 3;
2 个解决方案
解决方案1
0 2019-10-06 22:50:40
Treat /dev/mem as a file and write to offset 0xF7F4900 in that file:将/dev/mem视为文件并写入该文件中的偏移量0xF7F4900 :
char value = 3;
int fd = open("/dev/mem", O_RDWR);
lseek(fd, 0xF7F4900, SEEK_SET);
write(fd, &value, 1);
close(fd);
If you want to mmap , the same thing applies.如果你想mmap ,同样的事情也适用。 You should not try to map it to 0xF7F4900 in your process, you should instead map it to an arbitrary location and write to map[0xF7F4900] if you map from offset 0 or map[0x900] if you map from the page boundary 0xF7F4000 . You should not try to map it to 0xF7F4900 in your process, you should instead map it to an arbitrary location and write to map[0xF7F4900] if you map from offset 0 or map[0x900] if you map from the page boundary 0xF7F4000 .
Note that arbitrary access to /dev/mem may require special kernel configuration, and is disabled entirely with UEFI Secure boot.请注意,对/dev/mem的任意访问可能需要特殊的 kernel 配置,并且通过 UEFI 安全启动完全禁用。
解决方案2
-4 2019-10-06 14:01:14
That's not possible in most operating systems as you could gain control over the system.这在大多数操作系统中是不可能的,因为您可以控制系统。 Only one of the thousands vulnerabilitys数千个漏洞中的一个
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.