Hi all,
I am trying to create a kernel panic with a memory access volition,
the memory I am allocating is physically contiguous and is 2 pages in size,
I then try to use vm_map_protect to set the access flags of the 2nd
page to disables writes,
vm_map_protect returns successful but when I write to the page no
access volition occurs, what am I missing?
My attempt in source code to create the volition is below.
Also a question about the FreeBSD memory manager,
I am a bit confused, I read the source code of the vm_map_protect
function and I see it sets the protection on a vm_map_entry_t,
my expectation was protection would be set on vm_page_t, my
understanding was this:-
each vm_map_t contains 1 or more vm_map_entry_t
each vm_map_entry_t contains 1 vm_object_t
each vm_object_t contains 1 or more vm_page_t
so does this mean that because protection is getting set at vm_map_entry,
am I actually protecting more than one page of memory?
Thanks
Ray Kinsella
--------------------------------------------- cut here
---------------------------------------------
#include <sys/param.h>
#include <sys/module.h>
#include <sys/kernel.h>
#include <sys/systm.h>
#include <sys/types.h>
#include <sys/malloc.h>
#include <sys/pcpu.h>
#include <sys/proc.h>
#include <vm/vm.h>
#include <vm/vm_page.h>
#include <vm/vm_map.h>
#include <vm/vm_kern.h>
vm_offset_t palloc_wr;
vm_offset_t palloc_r;
void _alloc(void);
void _free(void);
void _alloc(void)
{
uint32_t retval = 0;
palloc_wr = (vm_offset_t) contigmalloc(2 * PAGE_SIZE,
M_DEVBUF, 0, 0, (1L << 31),
4096, 1024 * 1024);
printf("contigmalloc : 0x%.08x\n", palloc_wr);
palloc_r = palloc_wr + PAGE_SIZE;
//kernel_map
retval = vm_map_protect(&curthread->td_proc->p_vmspace->vm_map
, palloc_r, palloc_r + PAGE_SIZE,
VM_PROT_ALL, 0);
printf("vm_map_protect : %d\n", retval);
memset((void *)palloc_r,0xFF, PAGE_SIZE);
}
void _free(void)
{
contigfree((void *) palloc_wr, 2 * PAGE_SIZE, M_DEVBUF);
}
/* The function called at load/unload. */
static int event_handler(struct module *module, int event, void *arg) {
int e = 0; /* Error, 0 for normal return status */
switch (event) {
case MOD_LOAD:
_alloc();
break;
case MOD_UNLOAD:
_free();
break;
default:
e = EOPNOTSUPP; /* Error, Operation Not Supported */
break;
}
return(e);
}
/* The second argument of DECLARE_MODULE. */
static moduledata_t mod_conf = {
"mod", /* module name */
event_handler, /* event handler */
NULL /* extra data */
};
DECLARE_MODULE(mod, mod_conf, SI_SUB_DRIVERS, SI_ORDER_MIDDLE);
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
