abcz316 / rwprocmem33 Goto Github PK

View Code? Open in Web Editor NEW

557.0 557.0 256.0 583 KB

Linux ARM64内核硬件进程内存读写驱动、硬件断点调试驱动。硬件级读写Linux进程内存、硬件级下断点。

Makefile 0.80% C 64.35% C++ 34.85%

rwprocmem33's People

Contributors

Stargazers

Watchers

Forkers

kjfsplssss xiao00kang madkarl robinyin996 freemanzyq l0op clickme8 lujiawen zcodeoooo zruibin csky6688 uatcodewarroir pterx 1325867577 han1985 383113122 xuanliyua liner0211 zysyyz liuhe3647 yuaom fengjixuchui wbglil 26597925 crackercat joaus-source wdnmd-rushb tututu-patch xw103 evilbitse rainbowxie 0xc4se bcpx yzx20051 ckandroidproject q275212 d34d633f shuixi2013 dxcyber409 undefinedidentifier bincrack666 stonedio kingking888 llxiaoyuan erich8200 ffff8888303 534119219 xiaotujinbnb arryboom in12hacker fcccode ssageparuders kevinlium junknet littleming111 asmjmp0 codebuildforyou oldyang1983 zbx911 stickycookie calvinxu17 acbocai kinbunluk iam0xcc cashtony abcz1114 gmh5225 pshocker 2won ptr-ptr iamhatling xyxdaily musheng2020 xxoo2995 katana-o 5403293 kiyomijin micblo liccsu cduang snowcore8 lzh110686 ma-12399 0x00ffff fmc999 charlissss espmihacker lukasxcc antizy0 cppjunkie c01ns kernel-hacker phdxmy336 wenyounb weikanzong iiiimmmyyy resery ayinsama xbyl1234 airahc

rwprocmem33's Issues

模块装好了测试失败

Connecting rwDriver:/dev/rwProcMem37
GetProcessPidList count1:876
GetProcessPidList count2:876
调用驱动 GetProcessPidList 返回值:1
GetProcessCmdline ioctl():Illegal seek
Segmentation fault

---Start:0x72d10d8000,Size:229376,Type:r--p,Name:/apex/com.android.runtime/bin/linker64
---Start:0x72d1110000,Size:950272,Type:r-xp,Name:/apex/com.android.runtime/bin/linker64
---Start:0x72d11f8000,Size:32768,Type:r--p,Name:/apex/com.android.runtime/bin/linker64
---Start:0x72d1200000,Size:8192,Type:rw-p,Name:/apex/com.android.runtime/bin/linker64
---Start:0x72d1202000,Size:16384,Type:rw-p,Name:
---Start:0x72d1206000,Size:4096,Type:r--p,Name:
---Start:0x72d1207000,Size:24576,Type:rw-p,Name:
---Start:0x7ff1deb000,Size:4096,Type:---p,Name:
---Start:0x7ff1dec000,Size:8384512,Type:rw-p,Name:[stack]
VirtualQueryExFull count 4897
VirtualQueryExFull res 4897
调用驱动 VirtualQueryExFull(只显示在物理内存中的内存) 返回值:1
VirtualQueryExFull 失败
Segmentation fault

error: incomplete definition of type 'struct module'

../drivers/rwProcMem/sys.c:298:32: error: incomplete definition of type 'struct module'
list_del_init(&__this_module.list);
~~~~~~~~~~~~~^
../include/linux/export.h:34:15: note: forward declaration of 'struct module'
extern struct module __this_module;
^
../drivers/rwProcMem/sys.c:300:28: error: incomplete definition of type 'struct module'
kobject_del(&THIS_MODULE->mkobj.kobj);
~~~~~~~~~~~^
../include/linux/export.h:34:15: note: forward declaration of 'struct module'
extern struct module __this_module;

How to add key to prevent other programs from connecting to use this driver

111111111111111

support Linux version 6.*

support Linux version 6.*
no member named 'mmap' in 'struct mm_struct'

关于硬件断点多线程的问题

首先感谢大佬开源的优质代码，小弟拜读之后有些小疑惑。
在对多线程打硬件断点的时候

task = get_pid_task(proc_pid_struct, PIDTYPE_PID);
register_user_hw_breakpoint(&attr, sample_hbp_handler, NULL, task);

这应该只是获取到进程中的主线程 task，所以这个断点应该只是对多线程中的主线程有效是吗

CESERVER对应的CE的版本是多少

我编译好ceserver_test后，连接到7.5.1的CE，显示
“服务器版本无效 CHEATENGIN Network 2.0”

HW breakpoint (execute type) continually triggers handler callback

Just like the title said, I have already resolved the watchpoint part, but when it comes to the execute type, i have no idea how to solve this puzzle, it has already confused me for 2 weeks. If you have any idea but doesn't have time to solve it, please leave me a clue. Best regards.

没有内核源码但弄好了skroot 怎么使用这个驱动

没有内核源码但弄好了skroot 怎么使用这个驱动
我看Makefile 好像是需要内核源码

mm_struct问题

错误：“结构mm_struct”中没有名为“mmap_sem”的成员

硬件断点不工作 Hardware breakpoint not working

大佬，有空可以帮我看一下吗？谢谢。
Boss, can you help me take a look when you have time? Thank you.

1 该驱动是否不支持编译到内核工作

我用-y的方式把驱动编译到内核里了，dev/里存在rwProcMem37驱动，lsmod里没有
我尝试了OpenProcess发现能正常与驱动通信，但是read和write会失败，我查看了一下源码实现，代码中在读写时并没有用到控制码，而是用的
ssize_t realRead = read(nDriverLink, buf, nSize);
我查看了一下驱动中读写时用到了这个结构体
MY_STATIC const struct my_file_operations rwProcMem_fops =
{
.owner = THIS_MODULE,
.llseek = rwProcMem_llseek,

.read = rwProcMem_read,
.write = rwProcMem_write,

}
貌似驱动读写时需要 THIS_MODULE
是否用这种方式读写只能以-m的方式编译驱动？

老哥您好，我使用您的驱动失败了

老哥您好，我使用的是一款自己编译的米8内核且刷入magisk的内核，使用该内核将您的驱动编译出来。
使用insmod非常轻松的就将ko模块刷入到了内核中，且使用lsmod可以确定已经加载了。
但当我使用ndk将您写的testKo.out编译出来后，以root权限运行，发现他读不了任何内存。

然后我自己又写了两个终端程序，一个不断打印变量，一个是使用您的驱动来读写前面程序的变量，发现同样读写不了。

HW-breakpoint callback printk pc address always 0

环境，pixel2，linux 4.4.177

hwBreakpointProc/sys.c断点回调sample_hbp_handler里面，在kernel里printk打印的pc一直是0，但实际传回user态这边的pc又是有值的。

[ 1025.666519] hw_breakpoint HIT!!!!! 0000000000000000 2067
[ 1025.666521] hw_breakpoint HIT!!!!! 0000000000000000 2067
[ 1025.666523] hw_breakpoint HIT!!!!! 0000000000000000 2067
[ 1025.666525] hw_breakpoint HIT!!!!! 0000000000000000 2067
[ 1025.667663] hw_breakpoint HIT!!!!! 0000000000000000 2067

读取硬件断点命中信息
hit=7465be484c, hit_count=1069915, LR=62848 SP=74362e0dc0 PC=6284c

想请教一下是为什么？会不会影响sample_hbp_handler里面exist_hit的判断，从而只记录第一次触发的内容？

关于构建流程

你好，请问一下，具体的构建和部署流程文档有吗？我没有我的设备的内核源代码，要如何编译？是否可以使用Linux的内核？或是Google开源的Android原生内核源代码？谢谢。

6系列

兄弟什么时候支持6系列内核?

读取不了可写内存段

老哥你好,经过测试我只能读取可读的内存地址的值是正确的
读取其他地址发现读取出来的值不正确,然后执行testKo.out发现读取的内容也不对
并且CONFIG_USE_PAGEMAP_FILE已经开启了

老哥可以留个邮箱吗

求一份详细的编译教程

Linux初学者，编译了很久，没有编译出来这个项目，求一份较为详细的编译教程

硬件断点模块是否还不支持5.15版本的内核

如题
insmod加载时报错 Unknown symbol register_user_hw_breakpoint (err -2)
编译内核时已经开启了硬件断点支持 CONFIG_HAVE_HW_BREAKPOINT=y

暗区突围检测到了

怎么编译和刷入驱动

好兄弟留个联系方式

insmod时遇到No such file or directory错误

使用了绝对路径，可以保证目录下一定存在文件。编写了一个Helloworld的示例模块发现可以成功加载，不知道是否为模块本身问题。

6.1的内核已经没有 mmap 了

https://github.com/abcz316/rwProcMem33/blob/master/proc_maps.h#L3156

有人知道怎么定位到 syscall_table 的pte 页表吗

有支持linux client吗？

把模块集成到内核，编译好server之后发现client只支持windows去编译，是否可以支持linux客户端或者已经实现我就不用重复造轮子了

编译4.9.186内核遇到问题

环境：
ubt，官方内核正常编译成功。
加入模块后，版本控制切换到
#define MY_LINUX_VERSION_CODE KERNEL_VERSION(4,9,186)
编译遇到以下问题：

  CC      drivers/platform/msm/ipa/ipa_v3/ipa_mhi.o
  LD      drivers/media/platform/msm/camera/cam_sensor_module/cam_sensor_io/built-in.o
  LD      drivers/media/platform/msm/camera/cam_sensor_module/built-in.o
  CC      drivers/power/supply/qcom/battery.o
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/rwProcMem.c:1:
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/sys.h:21:
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:40:10: fatal error: 
      'linux/sched/task.h' file not found
#include <linux/sched/task.h>
         ^~~~~~~~~~~~~~~~~~~~
  CC      drivers/media/platform/msm/camera/cam_utils/cam_soc_util.o
1 error generated.
/home/aosp/aosp/raw_kernel/k/private/msm-google/scripts/Makefile.build:345: recipe for target 'drivers/rwProcMem/rwProcMem.o' failed
make[4]: *** [drivers/rwProcMem/rwProcMem.o] Error 1
/home/aosp/aosp/raw_kernel/k/private/msm-google/scripts/Makefile.build:653: recipe for target 'drivers/rwProcMem' failed
make[3]: *** [drivers/rwProcMem] Error 2
make[3]: *** Waiting for unfinished jobs....
  CC      drivers/media/platform/msm/camera/cam_utils/cam_io_util.o
  CC      drivers/regulator/fixed-helper.o

  CC [M]  drivers/rwProcMem/rwProcMem.o
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/rwProcMem.c:1:
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/sys.h:21:
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:151:2: error: use of undeclared identifier 'p4d_t'
        p4d_t *p4d;
        ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:151:9: error: use of undeclared identifier 'p4d'; did
      you mean 'pgd'?
        p4d_t *p4d;
               ^~~
               pgd
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:150:9: note: 'pgd' declared here
        pgd_t *pgd;
               ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:175:104: error: member reference type 'pgd_t *' is a
      pointer; did you mean to use '->'?
        printk_debug("pgd_val = 0x%lx pgd addr:0x%lx\n", (unsigned long int)pgd_val(*pgd), (unsigned long int)pgd_val(pgd));
                                                                                                              ^~~~~~~~~~~~
/home/aosp/aosp/raw_kernel/k/private/msm-google/arch/arm64/include/asm/pgtable-types.h:50:24: note: expanded from macro 'pgd_val'
#define pgd_val(x)      ((x).pgd)
                         ~~~^
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/rwProcMem.c:1:
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/sys.h:21:
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:176:93: error: member reference type 'pgd_t *' is a
      pointer; did you mean to use '->'?
        printk_debug("init_mm pgd val:0x%lx,pgd addr:0x%lx\n", (unsigned long)pgd_val(*(mm->pgd)), pgd_val((mm->pgd)));
                                                                                                   ^~~~~~~~~~~~~~~~~~
/home/aosp/aosp/raw_kernel/k/private/msm-google/arch/arm64/include/asm/pgtable-types.h:50:24: note: expanded from macro 'pgd_val'
#define pgd_val(x)      ((x).pgd)
                         ~~~^
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/rwProcMem.c:1:
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/sys.h:21:
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:188:8: error: implicit declaration of function
      'p4d_offset' [-Werror,-Wimplicit-function-declaration]
        p4d = p4d_offset(pgd, virt_addr);
              ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:188:8: note: did you mean 'pud_offset'?
/home/aosp/aosp/raw_kernel/k/private/msm-google/include/asm-generic/pgtable-nopud.h:38:23: note: 'pud_offset' declared here
static inline pud_t * pud_offset(pgd_t * pgd, unsigned long address)
                      ^
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/rwProcMem.c:1:
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/sys.h:21:
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:188:8: error: this function declaration is not a
      prototype [-Werror,-Wstrict-prototypes]
        p4d = p4d_offset(pgd, virt_addr);
              ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:188:2: error: use of undeclared identifier 'p4d'
        p4d = p4d_offset(pgd, virt_addr);
        ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:190:36: error: implicit declaration of function
      'p4d_val' [-Werror,-Wimplicit-function-declaration]
        printk_debug("p4d_val = 0x%lx\n", p4d_val(*p4d));
                                          ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:190:36: error: this function declaration is not a
      prototype [-Werror,-Wstrict-prototypes]
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:190:45: error: use of undeclared identifier 'p4d'
        printk_debug("p4d_val = 0x%lx\n", p4d_val(*p4d));
                                                   ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:191:6: error: implicit declaration of function
      'p4d_none' [-Werror,-Wimplicit-function-declaration]
        if (p4d_none(*p4d))
            ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:191:6: note: did you mean 'pgd_none'?
/home/aosp/aosp/raw_kernel/k/private/msm-google/include/asm-generic/pgtable-nopud.h:25:19: note: 'pgd_none' declared here
static inline int pgd_none(pgd_t pgd)           { return 0; }
                  ^
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/rwProcMem.c:1:
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/sys.h:21:
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:191:6: error: this function declaration is not a
      prototype [-Werror,-Wstrict-prototypes]
        if (p4d_none(*p4d))
            ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:191:16: error: use of undeclared identifier 'p4d'
        if (p4d_none(*p4d))
                      ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:197:19: error: use of undeclared identifier 'p4d'
        pud = pud_offset(p4d, virt_addr);
                         ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:350:11: error: implicit declaration of function
      'x_probe_kernel_read' [-Werror,-Wimplicit-function-declaration]
                probe = x_probe_kernel_read(bounce, ptr, sz);
                        ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:350:11: note: did you mean '__probe_kernel_read'?
/home/aosp/aosp/raw_kernel/k/private/msm-google/include/linux/uaccess.h:95:13: note: '__probe_kernel_read' declared here
extern long __probe_kernel_read(void *dst, const void *src, size_t size);
            ^
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/rwProcMem.c:1:
In file included from /home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/sys.h:21:
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/phy_mem.h:350:11: error: this function declaration is not a
      prototype [-Werror,-Wstrict-prototypes]
                probe = x_probe_kernel_read(bounce, ptr, sz);
                        ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/rwProcMem.c:91:11: error: ISO C90 forbids mixing declarations
      and code [-Werror,-Wdeclaration-after-statement]
                        pte_t *pte;
                               ^
/home/aosp/aosp/raw_kernel/k/private/msm-google/drivers/rwProcMem/rwProcMem.c:171:11: error: ISO C90 forbids mixing declarations
      and code [-Werror,-Wdeclaration-after-statement]
                        pte_t *pte;
                               ^
18 errors generated.
/home/aosp/aosp/raw_kernel/k/private/msm-google/scripts/Makefile.build:345: recipe for target 'drivers/rwProcMem/rwProcMem.o' failed
make[4]: *** [drivers/rwProcMem/rwProcMem.o] Error 1
/home/aosp/aosp/raw_kernel/k/private/msm-google/scripts/Makefile.build:653: recipe for target 'drivers/rwProcMem' failed
make[3]: *** [drivers/rwProcMem] Error 2
make[3]: *** Waiting for unfinished jobs....
  LD      drivers/reset/hisilicon/built-in.o
  CC      drivers/platform/msm/sps/sps_dma.o
  LD      drivers/reset/built-in.o
  CC

这个应该怎么处理呢

11

111

testSearchMemory中连接驱动的时候没传machineId 大坑

执行后内核crash!

通过调用执行IOCTL_GET_PROCESS_MAPS_LIST，内核调用 get_proc_maps_list发生了crash！

1111111111111

11111

编译报错 Compilation error

In file included from /home/round/stic_kernel_xiaomi_sdm845/out/drivers/rwProcMem33/sys.h:21:0,
from /home/round/stic_kernel_xiaomi_sdm845/out/drivers/rwProcMem33/sys.c:1:
/home/round/stic_kernel_xiaomi_sdm845/out/drivers/rwProcMem33/phy_mem.h: In function 'get_task_proc_phy_addr':
/home/round/stic_kernel_xiaomi_sdm845/out/drivers/rwProcMem33/phy_mem.h:151:2: error: unknown type name 'p4d_t'
p4d_t *p4d;
^
In file included from ../arch/arm64/include/asm/page.h:37:0,
from ../arch/arm64/include/asm/memory.h:28,
from ../arch/arm64/include/asm/thread_info.h:32,
from ../include/linux/thread_info.h:25,
from ../include/asm-generic/preempt.h:4,
from ./arch/arm64/include/generated/asm/preempt.h:1,
from ../include/linux/preempt.h:59,
from ../include/linux/spinlock.h:50,
from ../include/linux/seqlock.h:35,
from ../include/linux/time.h:5,
from ../include/uapi/linux/timex.h:56,
from ../include/linux/timex.h:56,
from ../include/linux/sched.h:19,
from ../arch/arm64/include/asm/compat.h:25,
from ../arch/arm64/include/asm/stat.h:23,
from ../include/linux/stat.h:5,
from ../include/linux/module.h:10,
from /home/round/stic_kernel_xiaomi_sdm845/out/drivers/rwProcMem33/sys.h:3,
from /home/round/stic_kernel_xiaomi_sdm845/out/drivers/rwProcMem33/sys.c:1:
../arch/arm64/include/asm/pgtable-types.h:50:24: error: request for member 'pgd' in something not a structure or union
#define pgd_val(x) ((x).pgd)
^
/home/round/stic_kernel_xiaomi_sdm845/out/drivers/rwProcMem33/phy_mem.h:175:104: note: in expansion of macro 'pgd_val'
printk_debug("pgd_val = 0x%lx pgd addr:0x%lx\n", (unsigned long int)pgd_val(pgd), (unsigned long int)pgd_val(pgd));
^
../arch/arm64/include/asm/pgtable-types.h:50:24: error: request for member 'pgd' in something not a structure or union
#define pgd_val(x) ((x).pgd)
^
/home/round/stic_kernel_xiaomi_sdm845/out/drivers/rwProcMem33/phy_mem.h:176:93: note: in expansion of macro 'pgd_val'
printk_debug("init_mm pgd val:0x%lx,pgd addr:0x%lx\n", (unsigned long)pgd_val((mm->pgd)), pgd_val((mm->pgd)));
^
In file included from /home/round/stic_kernel_xiaomi_sdm845/out/drivers/rwProcMem33/sys.h:21:0,
from /home/round/stic_kernel_xiaomi_sdm845/out/drivers/rwProcMem33/sys.c:1:
/home/round/stic_kernel_xiaomi_sdm845/out/drivers/rwProcMem33/phy_mem.h:188:2: error: implicit declaration of function 'p4d_offset' [-Werror=implicit-function-declaration]