Kuas (gmane) wrote:
Hello,
Hi,
This might be very trivial question for people in this mailing list. I
need to know if my understanding is correct.
We are doing some experiment about security with Linux memory
management, particularly with paging system. I am trying to track and
possibly scan (for now) all the new fresh pages that's just brought into
the memory. I am doing this in i386 arch and Linux kernel 2.4.22.
I think it would be good to do it in: mm/memory.c in do_no_page(). At
the end of the function, I have references to pte_t and page struct of
the new page that's just brought in from disk (not from swap).
This is diagram the diagram I'm going to refer:
http://www.skynet.ie/~mel/projects/vm/guide/html/understand/node24.html
From my understanding from the diagram of Linear Address to Page
conversion (please let me know if I'm correct or misunderstood). The
struct "pte_t->pte_low" an entry if PTE table, is the base 'physical'
address of the page. In this case I can just use it to reference the
page. I can't find any other conversion method to get another address.
Assuming I have that address, can I just direct reference that address
(assuming the address is physical and from kernel mode) or do I have to
use some methods to access the page content?
If you want to access the page content of a page, do it with the virtual
adress. Th adress will be automaticely translated in a physical adress.
This job is done by the MMU.
How do I know the size of the page that's filled though? I can't see
that information from the page struct.
A page on Linux i386 is always 4ko long.
Thanks in Advance for any comments and information.
Kuas
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
