[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Page Physical Address and pte

To: kernelnewbies@xxxxxxxxxxxx
Subject: Re: Page Physical Address and pte
From: Eric <eric_begot@xxxxxxxx>
Date: Mon, 05 Apr 2004 11:32:08 +0200
In-reply-to: <4070CD83.10309@users.sourceforge.net>
List-archive: <http://mail.nl.linux.org/kernelnewbies/>
List-help: <mailto:ecartis@nl.linux.org?Subject=help>
List-id: <kernelnewbies.nl.linux.org>
List-owner: <mailto:riel@nl.linux.org>
List-post: <mailto:kernelnewbies@nl.linux.org>
List-software: Ecartis version 1.0.0
List-subscribe: <mailto:kernelnewbies-request@nl.linux.org?Subject=subscribe>
List-unsubscribe: <mailto:kernelnewbies-request@nl.linux.org?Subject=unsubscribe>
References: <4070CD83.10309@users.sourceforge.net>
Sender: kernelnewbies-bounce@xxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.5 (X11/20040306)

Kuas (gmane) wrote:

Hello,

Hi,

This might be very trivial question for people in this mailing list. I need to know if my understanding is correct.

We are doing some experiment about security with Linux memory management, particularly with paging system. I am trying to track and possibly scan (for now) all the new fresh pages that's just brought into the memory. I am doing this in i386 arch and Linux kernel 2.4.22.

I think it would be good to do it in: mm/memory.c in do_no_page(). At the end of the function, I have references to pte_t and page struct of the new page that's just brought in from disk (not from swap).
This is diagram the diagram I'm going to refer:
http://www.skynet.ie/~mel/projects/vm/guide/html/understand/node24.html
From my understanding from the diagram of Linear Address to Page conversion (please let me know if I'm correct or misunderstood). The struct "pte_t->pte_low" an entry if PTE table, is the base 'physical' address of the page. In this case I can just use it to reference the page. I can't find any other conversion method to get another address.

Assuming I have that address, can I just direct reference that address (assuming the address is physical and from kernel mode) or do I have to use some methods to access the page content?

If you want to access the page content of a page, do it with the virtual adress. Th adress will be automaticely translated in a physical adress. This job is done by the MMU.

How do I know the size of the page that's filled though? I can't see that information from the page struct.

A page on Linux i386 is always 4ko long.

Thanks in Advance for any comments and information.

Kuas


--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive:       http://mail.nl.linux.org/kernelnewbies/
FAQ:           http://kernelnewbies.org/faq/

--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive:       http://mail.nl.linux.org/kernelnewbies/
FAQ:           http://kernelnewbies.org/faq/

Follow-Ups:
- Re: Page Physical Address and pte
  - From: Kuas (gmane)

References:
- Page Physical Address and pte
  - From: Kuas (gmane)

Prev by Date: Page Physical Address and pte
Next by Date: Exchange Date Userspace<->Kernel
Previous by thread: Page Physical Address and pte
Next by thread: Re: Page Physical Address and pte
Index(es):
- Date
- Thread