On Tue, Jan 27, 2015 at 6:21 AM, Yue Chen ycyc...@gmail.com wrote:
My purpose is to modify kernel function instructions directly through
memory at runtime.
First I use objdump -S kernel to see the function names and their
addresses. And then I use pointers to peek into the content at certain
function address area (.text segment). However, their content is different
from the result from objdump -S kernel. I use a FreeBSD 10.1 kernel,
which has no ASLR supported as I know.
Is it because that the kernel function addresses are relocated? Or some
kernel functions are not loaded into memory? Or is it not suitable to peek
kernel .text content from a kernel module?
I only objdump -S the built kernel with debug symbols, not .ko files.
Take a look at this branch:
https://github.com/HardenedBSD/hardenedBSD/tree/hardened/current/intel-smap
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
___
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to freebsd-current-unsubscr...@freebsd.org
