aboutsummaryrefslogtreecommitdiff
path: root/CamilStaps-s4498062-Assignment-2/ex2/ex2.txt
diff options
context:
space:
mode:
Diffstat (limited to 'CamilStaps-s4498062-Assignment-2/ex2/ex2.txt')
-rw-r--r--CamilStaps-s4498062-Assignment-2/ex2/ex2.txt20
1 files changed, 20 insertions, 0 deletions
diff --git a/CamilStaps-s4498062-Assignment-2/ex2/ex2.txt b/CamilStaps-s4498062-Assignment-2/ex2/ex2.txt
new file mode 100644
index 0000000..35afd58
--- /dev/null
+++ b/CamilStaps-s4498062-Assignment-2/ex2/ex2.txt
@@ -0,0 +1,20 @@
+a
+ According to https://en.wikipedia.org/wiki/Control_register#CR4, the SMAP and SMEP bits are used to protect ring 0.
+ If writing to CR4 would be allowed, we could disable this protection, and access kernel space data (e.g.)
+
+b
+ 0x40050e <main+8> mov %cr4,%rax
+
+ This attempts to move the RAX register to the CR4 register, i.e. to write to CR4.
+
+c
+ Done. I suppose it isn't necessary to give you the code or results, as all was needed was copying from the given website.
+
+d
+ See hello-cr4.c and Makefile.
+
+ # make
+ [..]
+ # insmod hello-cr4.ko
+ [15892.352286] Hello world! CR4 = 7f0
+
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-01 16:50:35 +0000