Read and write process' memory through /dev/mem, text segment works but data segment can not, why?

问题:

I want to read to and write from process' memory through /dev/mem.

First, I get process' memory map through a linux kernel module coded by myself, output is like this:

start_code_segment      4000000000000000 end_code_segment        4000000000019c38 start_data_segment      6000000000009c38 end_data_segment        600000000000b21d start_brk               6000000000010000 brk                     6000000000034000 start_stack             60000fffffde7b00

Second, I can convert virtual address(VA) to PA thorough the linux kernel module, for example, I can convert VA:0x4000000000000008 to PA:0x100100c49f8008

Third, function read_phy_mem can get memory data in PA:0x100100c49f8008，code at the final.

Problem: My problem is when I read text segment PA memory, everything is OK, but if I read data segment PA memory, *((long *)mapAddr) in line 243 will cause system to go down. Also, I tried

memcpy( &data, (void *)mapAddr, sizeof(long) )

but it still make the system go down.

other info: my computer is IA64, OS is Linux 2.6.18, when system is down, I can get output Info from console like this, then system will restart.

Entered OS MCA handler. PSP=20010000fff21320 cpu=0 monarch=1 cpu 0, MCA occurred in user space, original stack not modified All OS MCA slaves have reached rendezvous MCA: global MCA mlogbuf_finish: printing switched to urgent mode, MCA/INIT might be dodgy or fail. Delaying for 5 seconds...

code of function read_phy_mem

    /*      * pa:   physical address      * data: memory data in pa      *      * return int: success or failed     */ 188 int read_phy_mem(unsigned long pa,long *data) 189 { 190     int memfd; 191     int pageSize; 192     int shift; 193     int do_mlock; 194     void volatile *mapStart; 195     void volatile *mapAddr; 196     unsigned long pa_base; 197     unsigned long pa_offset; 198  199     memfd = open("/dev/mem", O_RDWR | O_SYNC); 200     if(memfd == -1) 201     { 202         perror("Failed to open /dev/mem"); 203         return FAIL; 204     } 205  206     shift = 0; 207     pageSize = PAGE_SIZE; //#define PAGE_SIZE 16384 208     while(pageSize > 0) 209     { 210         pageSize = pageSize >> 1; 211         shift ++; 212     } 213     shift --; 214     pa_base = (pa >> shift) << shift; 215     pa_offset = pa - pa_base; 224     mapStart = (void volatile *)mmap(0, PAGE_SIZE, PROT_READ | PROT_WRITE,MAP_SHARED | MAP_LOCKED, memfd, pa_base); 226     if(mapStart == MAP_FAILED) 227     { 228         perror("Failed to mmap /dev/mem"); 229         close(memfd); 230         return FAIL; 231     } 232     if(mlock((void *)mapStart, PAGE_SIZE) == -1) 233     { 234         perror("Failed to mlock mmaped space"); 235         do_mlock = 0; 236     } 237     do_mlock = 1; 238  239     mapAddr = (void volatile *)((unsigned long)mapStart + pa_offset); 243     printf("mapAddr %p %d\n", mapAddr, *((long *)mapAddr)); 256     if(munmap((void *)mapStart, PAGE_SIZE) != 0) 257     { 258         perror("Failed to munmap /dev/mem"); 259     } 260     close(memfd); 269     return OK; 270 }

Can anyone understand why text segment works well but data segment does not?

回答1:

I guess, its happening because code-section remain in memory while process executes(if not a DLL code), Whereas data section leave in & out continuously.
Try with stack-Segment. And check if its working?
Write your own test program and allocate memory dynamically in KBs and keep that memory in use within a loop. Than try it with your code to read memory segments of test program. I think it will work.
I have done similar work in windows to replace BIOS address from IVT.
Should be root user.

转载请标明出处:Read and write process' memory through /dev/mem, text segment works but data segment can not, why?

文章来源: Read and write process' memory through /dev/mem, text segment works but data segment can not, why?