|
Home > Archive > Unix Programming > October 2006 > remove memory protection
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
remove memory protection
|
|
|
| Hi all:
I'm trying to implement something like the gdb. In this paroject,
I have to replace the instruction in the memory during run time. And I
meet a problem! How do I remove the memory protection under the linux??
Any idea?
Thank for your reading.
Dave.
| |
| Nils O. Selåsdal 2006-10-16, 1:36 am |
| s88 wrote:
> Hi all:
>
> I'm trying to implement something like the gdb. In this paroject,
> I have to replace the instruction in the memory during run time. And I
> meet a problem! How do I remove the memory protection under the linux??
> Any idea?
You can change the protection with mprotect()
| |
|
| On Oct 16, 2:17 pm, "Nils O. Sel=E5sdal" <N...@Utel.no> wrote:[vbcol=seagreen]
> s88 wrote:
>
You can change the protection with mprotect()
well...I found the man page of the mprotect and write a simple program
with mprotect.
but, the result looks weird...
I can compile this code with no errors and warnings. But the result in
my PC looks like follow...
The page size is 4096
..page =3D 8048000
&hook =3D 80484be
&head =3D 804848f
&tail =3D 80484a0
&tail - &head =3D 17 Bytes
I expect the function "service_routine" should be called and execute
the for loop...
but the program like still waters.
Any idea?
#include <stdio.h>
#include <string.h>
#include <sys/mman.h>
unsigned PAGESIZE;
extern char head, tail, hook;
void
service_routine (int i)
{
int j =3D 0;
for (; i < 100; i++)
{
printf ("i =3D %d\n", i);
j =3D j + i;
printf ("j =3D %d\n", j);
}
}
void
my_test_function ()
{
void (*_service_routine) (int);
asm volatile ("head:");
(*(_service_routine =3D &service_routine)) (5);
asm volatile ("tail:");
}
int
main ()
{
asm volatile ("hook:");
char c;
PAGESIZE =3D getpagesize ();
printf ("The page size is %d\n", PAGESIZE);
unsigned page =3D (unsigned) (((int) &hook) & ~(PAGESIZE - 1));
printf (".page =3D %x \n", page);
/* chmod u=3Drwx page */
if (mprotect ((char *) page, PAGESIZE, PROT_READ | PROT_WRITE |
PROT_EXEC))
{
perror ("mprotect failed");
}
memcpy (&hook, &head, (int) &tail - (int) &head);
printf ("&hook =3D %x\n", &hook);
printf ("&head =3D %x\n", &head);
printf ("&tail =3D %x\n", &tail);
printf ("&tail - &head =3D %d Bytes\n", &tail - &head);
return 0;
}
| |
|
| On Oct 16, 9:33 pm, "s88" <dave...@gmail.com> wrote:
> On Oct 16, 2:17 pm, "Nils O. Sel=E5sdal" <N...@Utel.no> wrote:
>
>
??[vbcol=seagreen]
>
> well...I found the man page of the mprotect and write a simple program
> with mprotect.
> but, the result looks weird...
>
> I can compile this code with no errors and warnings. But the result in
> my PC looks like follow...
> The page size is 4096
> .page =3D 8048000
> &hook =3D 80484be
> &head =3D 804848f
> &tail =3D 80484a0
> &tail - &head =3D 17 Bytes
>
> I expect the function "service_routine" should be called and execute
> the for loop...
> but the program like still waters.
>
> Any idea?
>
> #include <stdio.h>
> #include <string.h>
> #include <sys/mman.h>
>
> unsigned PAGESIZE;
>
> extern char head, tail, hook;
>
> void
> service_routine (int i)
> {
> int j =3D 0;
> for (; i < 100; i++)
> {
> printf ("i =3D %d\n", i);
> j =3D j + i;
> printf ("j =3D %d\n", j);
> }
>
> }void
> my_test_function ()
> {
> void (*_service_routine) (int);
> asm volatile ("head:");
> (*(_service_routine =3D &service_routine)) (5);
> asm volatile ("tail:");
>
> }int
> main ()
> {
>
> asm volatile ("hook:");
> char c;
> PAGESIZE =3D getpagesize ();
> printf ("The page size is %d\n", PAGESIZE);
>
> unsigned page =3D (unsigned) (((int) &hook) & ~(PAGESIZE - 1));
> printf (".page =3D %x \n", page);
> /* chmod u=3Drwx page */
>
> if (mprotect ((char *) page, PAGESIZE, PROT_READ | PROT_WRITE |
> PROT_EXEC))
> {
> perror ("mprotect failed");
> }
>
> memcpy (&hook, &head, (int) &tail - (int) &head);
>
> printf ("&hook =3D %x\n", &hook);
> printf ("&head =3D %x\n", &head);
> printf ("&tail =3D %x\n", &tail);
> printf ("&tail - &head =3D %d Bytes\n", &tail - &head);
> return 0;
>
> }
what a fool I am?!
I let the hook label in the front of the code...
I should let the hook label behind the memcpy.
Dave.
|
|
|
|
|