Hello everyone
I have meeted a problem with linux kernel 2.6.X.X that
my user app wants to get thread kernel stack frame ponter(FP) from user
space by system call or /proc system or any other ways except driver.
I do not want to write a driver,) to finish it. I have endured this
problem for a long time.
would anyone please to give me a hint to solve the problem.
thanks a lot.
Bob wang
On Wed, 17 Jul 2013 14:09:20 +0800 [email protected] wrote:
> I have meeted a problem with linux kernel 2.6.X.X that my user app
> wants to get thread kernel stack frame ponter(FP) from user space by
> system call or /proc system or any other ways except driver. I do not
> want to write a driver,) to finish it. I have endured this problem
> for a long time.
>
> would anyone please to give me a hint to solve the problem.
>
(I'm ignoring the questionable practicality of this)
People have gone to great lengths not to reveal sensitive addresses
from ring 0, %rsp/%rbp being subject to this restriction. If you
configure your kernel to expose full /dev/mem (CONFIG_STRICT_DEVMEM=n),
then using the image for your running kernel and with a bit of DWARF
knowledge, I _think_ it's possible to list the current running threads
and their contexts (ie. CPU registers). Otherwise, I don't believe
there's any way you can achieve this, other than exploiting a bug. :-)
--
Mihai Donțu