[Crash-utility] [PATCH] Enable writing to kernel memory through "/dev/crash"
Dave Anderson
anderson at redhat.com
Mon Jan 7 15:16:53 UTC 2019
----- Original Message -----
> From: Serapheim Dimitropoulos <serapheim at delphix.com>
>
> Enable writing to kernel memory thorugh the "/dev/crash"
> driver.
Queued for crash-7.2.5:
https://github.com/crash-utility/crash/commit/dfea9e3bd3796147f2938359ec28959f68e15d58
Thanks,
Dave
>
> Signed-off-by: Serapheim Dimitropoulos <serapheim at delphix.com>
> ---
> memory_driver/crash.c | 41 ++++++++++++++++++++++++++++++++++++++++-
> 1 file changed, 40 insertions(+), 1 deletion(-)
>
> diff --git a/memory_driver/crash.c b/memory_driver/crash.c
> index 2b1ea3d..b57b211 100644
> --- a/memory_driver/crash.c
> +++ b/memory_driver/crash.c
> @@ -3,6 +3,7 @@
> *
> * Copyright (C) 2004, 2011, 2016 Dave Anderson <anderson at redhat.com>
> * Copyright (C) 2004, 2011, 2016 Red Hat, Inc.
> + * Copyright (C) 2019 Serapheim Dimitropoulos <serapheim at delphix.com>
> */
>
> /******************************************************************************
> @@ -137,7 +138,7 @@ static inline void unmap_virtual(struct page *page)
> #endif
>
>
> -#define CRASH_VERSION "1.3"
> +#define CRASH_VERSION "1.4"
>
> /*
> * These are the file operation functions that allow crash utility
> @@ -159,6 +160,43 @@ crash_llseek(struct file * file, loff_t offset, int
> orig)
> }
> }
>
> +static ssize_t
> +crash_write(struct file *file, const char *buf, size_t count, loff_t *poff)
> +{
> + void *vaddr;
> + struct page *page;
> + u64 offset;
> + ssize_t written;
> + char *buffer = file->private_data;
> +
> + offset = *poff;
> + if (offset >> PAGE_SHIFT != (offset+count-1) >> PAGE_SHIFT)
> + return -EINVAL;
> +
> + vaddr = map_virtual(offset, &page);
> + if (!vaddr)
> + return -EFAULT;
> +
> + /*
> + * Use bounce buffer to bypass the CONFIG_HARDENED_USERCOPY
> + * kernel text restriction.
> + */
> + if (copy_from_user(buffer, buf, count)) {
> + unmap_virtual(page);
> + return -EFAULT;
> + }
> +
> + if (probe_kernel_write(vaddr, buffer, count)) {
> + unmap_virtual(page);
> + return -EFAULT;
> + }
> + unmap_virtual(page);
> +
> + written = count;
> + *poff += written;
> + return written;
> +}
> +
> /*
> * Determine the page address for an address offset value,
> * get a virtual address for it, and copy it out.
> @@ -256,6 +294,7 @@ static struct file_operations crash_fops = {
> .owner = THIS_MODULE,
> .llseek = crash_llseek,
> .read = crash_read,
> + .write = crash_write,
> .unlocked_ioctl = crash_ioctl,
> .open = crash_open,
> .release = crash_release,
> --
> 2.19.0
>
> --
> Crash-utility mailing list
> Crash-utility at redhat.com
> https://www.redhat.com/mailman/listinfo/crash-utility
>
More information about the Crash-utility
mailing list