----- Original Message ----- > From: Serapheim Dimitropoulos <serapheim@xxxxxxxxxxx> > > Enable writing to kernel memory thorugh the "/dev/crash" > driver. Queued for crash-7.2.5: https://github.com/crash-utility/crash/commit/dfea9e3bd3796147f2938359ec28959f68e15d58 Thanks, Dave > > Signed-off-by: Serapheim Dimitropoulos <serapheim@xxxxxxxxxxx> > --- > memory_driver/crash.c | 41 ++++++++++++++++++++++++++++++++++++++++- > 1 file changed, 40 insertions(+), 1 deletion(-) > > diff --git a/memory_driver/crash.c b/memory_driver/crash.c > index 2b1ea3d..b57b211 100644 > --- a/memory_driver/crash.c > +++ b/memory_driver/crash.c > @@ -3,6 +3,7 @@ > * > * Copyright (C) 2004, 2011, 2016 Dave Anderson <anderson@xxxxxxxxxx> > * Copyright (C) 2004, 2011, 2016 Red Hat, Inc. > + * Copyright (C) 2019 Serapheim Dimitropoulos <serapheim@xxxxxxxxxxx> > */ > > /****************************************************************************** > @@ -137,7 +138,7 @@ static inline void unmap_virtual(struct page *page) > #endif > > > -#define CRASH_VERSION "1.3" > +#define CRASH_VERSION "1.4" > > /* > * These are the file operation functions that allow crash utility > @@ -159,6 +160,43 @@ crash_llseek(struct file * file, loff_t offset, int > orig) > } > } > > +static ssize_t > +crash_write(struct file *file, const char *buf, size_t count, loff_t *poff) > +{ > + void *vaddr; > + struct page *page; > + u64 offset; > + ssize_t written; > + char *buffer = file->private_data; > + > + offset = *poff; > + if (offset >> PAGE_SHIFT != (offset+count-1) >> PAGE_SHIFT) > + return -EINVAL; > + > + vaddr = map_virtual(offset, &page); > + if (!vaddr) > + return -EFAULT; > + > + /* > + * Use bounce buffer to bypass the CONFIG_HARDENED_USERCOPY > + * kernel text restriction. > + */ > + if (copy_from_user(buffer, buf, count)) { > + unmap_virtual(page); > + return -EFAULT; > + } > + > + if (probe_kernel_write(vaddr, buffer, count)) { > + unmap_virtual(page); > + return -EFAULT; > + } > + unmap_virtual(page); > + > + written = count; > + *poff += written; > + return written; > +} > + > /* > * Determine the page address for an address offset value, > * get a virtual address for it, and copy it out. > @@ -256,6 +294,7 @@ static struct file_operations crash_fops = { > .owner = THIS_MODULE, > .llseek = crash_llseek, > .read = crash_read, > + .write = crash_write, > .unlocked_ioctl = crash_ioctl, > .open = crash_open, > .release = crash_release, > -- > 2.19.0 > > -- > Crash-utility mailing list > Crash-utility@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/crash-utility > -- Crash-utility mailing list Crash-utility@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/crash-utility
