[英]write hard-codded to RAM at specific physical-address
I want write something in userspace program, for example: write the value 3
in the physical address 0xF7F4900(260MB)
from the start address 0x0
, while all kernel sits in the range 0-240MB.我想在用户空间程序中写一些东西,例如:将值
3
从起始地址0x0
写入物理地址0xF7F4900(260MB)
,而所有 kernel 都位于 0-240MB 范围内。 How can I do it?我该怎么做? any idea please?
有什么想法吗?
Best regards.此致。
I thought to use mmap but I think it gets me the virtual address.我想使用 mmap 但我认为它可以让我获得虚拟地址。
memfd = open("/dev/mem", O_RDWR);
map = mmap(0xF7F4900, sizeof(int), PROT_WRITE, MAP_SHARED, memfd, 0);
*map = 3;
Treat /dev/mem
as a file and write to offset 0xF7F4900
in that file:将
/dev/mem
视为文件并写入该文件中的偏移量0xF7F4900
:
char value = 3;
int fd = open("/dev/mem", O_RDWR);
lseek(fd, 0xF7F4900, SEEK_SET);
write(fd, &value, 1);
close(fd);
If you want to mmap
, the same thing applies.如果你想
mmap
,同样的事情也适用。 You should not try to map it to 0xF7F4900
in your process, you should instead map it to an arbitrary location and write to map[0xF7F4900]
if you map from offset 0 or map[0x900]
if you map from the page boundary 0xF7F4000
. You should not try to map it to
0xF7F4900
in your process, you should instead map it to an arbitrary location and write to map[0xF7F4900]
if you map from offset 0 or map[0x900]
if you map from the page boundary 0xF7F4000
.
Note that arbitrary access to /dev/mem
may require special kernel configuration, and is disabled entirely with UEFI Secure boot.请注意,对
/dev/mem
的任意访问可能需要特殊的 kernel 配置,并且通过 UEFI 安全启动完全禁用。
That's not possible in most operating systems as you could gain control over the system.这在大多数操作系统中是不可能的,因为您可以控制系统。 Only one of the thousands vulnerabilitys
数千个漏洞中的一个
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.