This might be very trivial question for people in this mailing list. I need to know if my understanding is correct.
We are doing some experiment about security with Linux memory management, particularly with paging system. I am trying to track and possibly scan (for now) all the new fresh pages that's just brought into the memory. I am doing this in i386 arch and Linux kernel 2.4.22.
I think it would be good to do it in: mm/memory.c in do_no_page(). At the end of the function, I have references to pte_t and page struct of the new page that's just brought in from disk (not from swap).
This is diagram the diagram I'm going to refer: http://www.skynet.ie/~mel/projects/vm/guide/html/understand/node24.html
From my understanding from the diagram of Linear Address to Page conversion (please let me know if I'm correct or misunderstood). The struct "pte_t->pte_low" an entry if PTE table, is the base 'physical' address of the page. In this case I can just use it to reference the page. I can't find any other conversion method to get another address.
Assuming I have that address, can I just direct reference that address (assuming the address is physical and from kernel mode) or do I have to use some methods to access the page content?
How do I know the size of the page that's filled though? I can't see that information from the page struct.
Thanks in Advance for any comments and information.
Kuas
-- Kernelnewbies: Help each other learn about the Linux kernel. Archive: http://mail.nl.linux.org/kernelnewbies/ FAQ: http://kernelnewbies.org/faq/