raspi2 中的安全功能 kernel
[英]Security feature in raspi2 kernel
问题描述
I want to demontsrate kernel exploitation on raspberry pi, by using qemu for emulation.
我想通过使用 qemu 进行仿真来 demontsrate kernel 在树莓派上的利用。 When I use vexpress-v2p-ca9.dtb it work, kernel want to execute the userspace code, but when I try to use another dtb for raspi machine which is bcm2709-rpi-2-b.dtb it won't work and there is no error message from the kernel, it just hanging on before it jump to userspace address.当我使用vexpress-v2p-ca9.dtb它工作时,kernel 想要执行用户空间代码,但是当我尝试为 raspi 机器使用另一个 dtb 时,它是bcm2709-rpi-2-b.dtb它不会工作并且那里没有来自 kernel 的错误消息,它只是在跳转到用户空间地址之前挂起。
I have unable PAN in kernel config.我无法在 kernel 配置中进行 PAN。
I want kernel in raspi dtb able to execute userpace code.我希望 raspi dtb 中的 kernel 能够执行用户空间代码。
1 个解决方案
解决方案1
0 2023-01-03 13:43:39
You cannot simply pass a different DTB file to QEMU to cause it to emulate a different machine type.您不能简单地将不同的 DTB 文件传递给 QEMU 以使其模拟不同的机器类型。 What controls the kind of machine that QEMU emulates is the '-machine' option.控制 QEMU 模拟的机器类型的是“-machine”选项。 The DTB is just a file passed to the guest kernel to tell the guest kernel what it is running on. DTB只是传递给guest kernel的一个文件,告诉guest kernel它运行在什么上面。 If this doesn't match what it's actually running on, then the kernel will crash in early bootup, usually without being able to print a message.如果这与它实际运行的不匹配,那么 kernel 将在早期启动时崩溃,通常无法打印消息。 All of these things need to match up:所有这些都需要匹配:
- the QEMU -machine command line option QEMU -machine 命令行选项
- the guest kernel (ie it needs to be built with support for the machine and its devices)来宾 kernel(即它需要在支持机器及其设备的情况下构建)
- the guest DTB客人DTB
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.