Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to access(if possible) kernel space from user space?

Tags:

How exactly is user memory and kernels memory differentiated inside the Linux kernel(in terms of giving security to kernel space)?

What are the different ways I can write in kernel address space from user space?

One way I know is through a system call. There are multiple system calls we can use, but at the end they are all system calls. Even in system calls, we send a data to kernel space, where it(driver or respective module) calls functions like copy_from_user() to copy data from user space to kernel space. Here we exactly are not writing into address space. we are just passing a user pointer which contains the data that needs to be copied into the kernel buffers.

My question is there any way we can access a physical address that is present in the kernel space and perform operations on it?

Second, Apart from system calls are there any other ways I can write into kernel space from an user application?

I referred to this link from stackoverflow. But I think my question is not answered there and is from different perspective. Hence I thought of asking a different question.

Please share your knowledge... Thanks.

like image 748
Sandeep Avatar asked Mar 12 '12 05:03

Sandeep


People also ask

How do I access kernel module from user space?

The canonical way to invoke kernel functions from a user application is to use syscalls(2). You could make some kernel module -providing some device- which, thru the interface of the device (i.e. read , write , ioctl on that device) is calling your kernel functions.

Can we link user space applications to kernel space directly?

The correct answer is: There is no such thing as kernel space and user space. The processor instruction set has special permissions to set destructive things like the root of the page table map, or access hardware device memory, etc.

Where is kernel space located?

The code for managing all this hardware – all the shared resources, as well as process scheduling and memory management – is located in main memory and belongs to the oper- ating system. This part of the main memory is what is commonly referred to as kernel space.

Which function is used to copy data from kernel space to user space?

The copy_to_user function copies a block of data from the kernel into user space.


1 Answers

What are the different ways I can write in kernel address space from user space?

I'm not sure if there're other methods, but you can access physical memory using /dev/mem & system call mmap().

/dev/mem is a character device file that is an image of the main memory of the computer. It may be used, for example, to examine (and even patch) the system. Byte addresses in mem are interpreted as physical memory addresses.

more on /dev/mem: http://linux.about.com/library/cmd/blcmdl4_mem.htm

more on mmap(): http://linux.die.net/man/2/mmap

You can use the mmap() to map a section of /dev/mem and use in your user program. A brief example code:

#define MAPPED_SIZE //place the size here #define DDR_RAM_PHYS  //place the physical address here  int _fdmem; int *map = NULL; const char memDevice[] = "/dev/mem";  /* open /dev/mem and error checking */ _fdmem = open( memDevice, O_RDWR | O_SYNC );  if (_fdmem < 0){ printf("Failed to open the /dev/mem !\n"); return 0; } else{ printf("open /dev/mem successfully !\n"); }  /* mmap() the opened /dev/mem */ map= (int *)(mmap(0,MAPPED_SIZE,PROT_READ|PROT_WRITE,MAP_SHARED,_fdmem,DDR_RAM_PHYS));  /* use 'map' pointer to access the mapped area! */ for (i=0,i<100;i++) printf("content: 0x%x\n",*(map+i));  /* unmap the area & error checking */ if (munmap(map,MAPPED_SIZE)==-1){ perror("Error un-mmapping the file"); }  /* close the character device */ close(_fdmem); 

However, please make sure the area you are mapping is not used, for example by the kernel, or it will make your system crash/hang, and you will be forced to reboot using hardware power button.

Hope it helps.

like image 190
I'm a frog dragon Avatar answered Sep 20 '22 16:09

I'm a frog dragon