Hello,
For research purpose, I added some custom VDSO in my 2.6 kernel following this tutorial
https://www.linuxjournal.com/content/creating-vdso-colonels-other-chicken. I'm trying to pass data from the userland to the kernel. (Yes, in this direction. I know this is extremely bad from a security perspective but that's intentional. I'm literally trying to break the vdso’s security).
So I'm trying to do one of the following:
1) Disable the read-only protection of the userland variable to be able to modify this (as the kernel variable points on the same location than the user one, I will just have to check for modification in the kernel).
=> To make this work I added the
VM_WRITE flag to
install_special_mapping in
arch_setup_additional_pages(…) from
vma.c but this is not enough. I still get an unpleasant
segfault when i try to increment my variable in my vdso.
2) Be notified in the kernel when the vdso have been called (maybe using an hardware breakpoint or something like that) so I can execute some code only in this case
=> I’m not sure that it is possible to create in kernelmode a breakpoint running a specific callback when ANY process executes the vdso function.
3) Maybe there is a simpler way?
I would gladly appreciate any thoughts on this problem
Thanks for your help.