往任意USER PROCESS的内存读写
kernel/ptrace.c :
/*
* Access another process' address space.
* Source/target buffer must be kernel space,
* Do not walk the page table directly, use get_user_pages
*/
int access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, int len, int write)
/
/
get_user_pages
/
/
copy_to_user_page
copy_from_user_page
mm/memory.c :
int get_user_pages(struct task_struct *tsk, struct mm_struct *mm,
unsigned long start, int len, int write, int force,
struct page **pages, struct vm_area_struct **vmas)
根据start(即指定的开始地址)找到vma,并把地址和page关联
例子 :
static int proc_pid_environ(struct task_struct *task, char * buffer)
{
int res = 0;
struct mm_struct *mm = get_task_mm(task);
if (mm) {
unsigned int len = mm->env_end - mm->env_start;
if (len > PAGE_SIZE)
len = PAGE_SIZE;
res = access_process_vm(task, mm->env_start, buffer, len, 0);
//mm->env_start 是int 为env开始地址, 把指定process的env内容读到buffer里
kernel/ptrace.c :
/*
* Access another process' address space.
* Source/target buffer must be kernel space,
* Do not walk the page table directly, use get_user_pages
*/
int access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, int len, int write)
/
/
get_user_pages
/
/
copy_to_user_page
copy_from_user_page
mm/memory.c :
int get_user_pages(struct task_struct *tsk, struct mm_struct *mm,
unsigned long start, int len, int write, int force,
struct page **pages, struct vm_area_struct **vmas)
根据start(即指定的开始地址)找到vma,并把地址和page关联
例子 :
static int proc_pid_environ(struct task_struct *task, char * buffer)
{
int res = 0;
struct mm_struct *mm = get_task_mm(task);
if (mm) {
unsigned int len = mm->env_end - mm->env_start;
if (len > PAGE_SIZE)
len = PAGE_SIZE;
res = access_process_vm(task, mm->env_start, buffer, len, 0);
//mm->env_start 是int 为env开始地址, 把指定process的env内容读到buffer里
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
