0

I need to find the address of kernel for a testing, I want to insert some code from the 1394 fireware to the kernel, but I don't know how to find the address belongs to the kernel? Thanks a lot

Charles
  • 50,943
  • 13
  • 104
  • 142
Alex
  • 869
  • 3
  • 13
  • 20
  • This doesn't make sense. – hardmath May 24 '12 at 08:54
  • It's not very clear what you want to do, do you want to inject code in the kernel from your application? (Thanks God) You can't. – Adriano Repetti May 24 '12 at 08:58
  • @Adriano Is that the case even for kernel-mode code? Can kernel modify itself? – zxcdw May 24 '12 at 09:04
  • @zxcdw I was talking about _applications_. Yes, to modify the kernel from the kernel itself is possible (http://kerneltrap.org/node/395) even if I'm not sure if Linux applies the same protection for self-modifying code to kernel code too. The (subtle?) question was "do you want inject code in the kernel from firewire?", don't break security in that way... – Adriano Repetti May 24 '12 at 09:40
  • 2
    @Adriano OHCI 1394 adapters will, as far as I know, let other 1394 devices write to arbitrary *physical* memory locations, unless the system is using an IOMMU. The *virtual* memory protections therefore have no effect on such DMA. So hot-patching code that way is almost certainly feasible, though doing so safely will require some cooperation from the kernel. – pmdj May 24 '12 at 12:51
  • @pmjordan you're right, I assumed memory protection for code was available for all processors but it's absolutely not true! – Adriano Repetti May 24 '12 at 13:21

1 Answers1

4

I'd start by looking at Documentation/debugging-via-ohci1394.txt. It's possible to debug the kernel via Firewire, so presumably it's also possible to inject code that way.

Would you care to explain what you're trying to accomplish? Just about the only things I can think of are Evil.

Kristof Provost
  • 26,018
  • 2
  • 26
  • 28