strangerRidingCaml

12. Segregation of Kernel Memory from Userspace Memory 본문

Linux kernel exploit

12. Segregation of Kernel Memory from Userspace Memory

woddlwoddl 2024. 5. 13. 18:47
728x90
Segregation of Kernel Memory from Userspace Memory

Segregation of Kernel Memory from Userspace Memory

Segregation of kernel memory from userspace memory is a security feature implemented in modern operating systems, including x86's Supervisor Mode Execution Protection (SMEP), Supervisor Mode Access Prevention (SMAP), and ARM's Privileged eXecute Never (PXN) and Privileged Access Never (PAN). These features prevent the execution of code from userspace memory in the kernel and restrict access to kernel memory from userspace.

Lab Activity: Demonstrating Segregation of Kernel Memory from Userspace Memory

In this lab activity, we'll demonstrate the implementation of SMAP (Supervisor Mode Access Prevention) in an x86-based system.

With SMAP Enabled


#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

void kernel_function() {
    printf("Kernel function called!\n");
}

int main() {
    void (*func_ptr)() = kernel_function;

    asm volatile (
        "movq %0, %%rax\n\t"
        "call *%%rax"
        : 
        : "r" (func_ptr)
        : "rax"
    );

    return 0;
}

In this code snippet, we attempt to call a kernel function directly from userspace memory. However, with SMAP enabled, such attempts would result in a segmentation fault or a similar access violation error.

'Linux kernel exploit' 카테고리의 다른 글

13. Bypassing Kernel Self-Protection Mechanisms  (0) 2024.05.13
11. Kernel Address Space Layout Randomization (KASLR)  (0) 2024.05.13
10. Return-to-Direct-Mapped Memory (ret2dir) Attacks  (0) 2024.05.12
9. Use-After-Free (UAF) Vulnerabilities (feat. struct cred, tty_struct)  (0) 2024.05.12
8. Null Pointer Dereference Exploits  (0) 2024.05.12
'Linux kernel exploit' Related Articles more