Is there a better way than parsing /proc/self/maps to figure out memory protection?

折月煮酒 提交于 2019-11-27 07:52:06

I do not know an equivalent of VirtualQuery on Linux. But some other ways to do it which may or may not work are:

  • you setup a signal handler trapping SIGBUS/SIGSEGV and go ahead with your read or write. If the memory is protected, your signal trapping code will be called. If not your signal trapping code is not called. Either way you win.

  • you could track each time you call mprotect and build a corresponding data structure which helps you in knowing if a region is read or write protected. This is good if you have access to all the code which uses mprotect.

  • you can monitor all the mprotect calls in your process by linking your code with a library redefining the function mprotect. You can then build the necessary data structure for knowing if a region is read or write protected and then call the system mprotect for really setting the protection.

  • you may try to use /dev/inotify and monitor the file /proc/self/maps for any change. I guess this one does not work, but should be worth the try.

There sorta is/was /proc/[pid|self]/pagemap, documentation in the kernel, caveats here: https://lkml.org/lkml/2015/7/14/477 So it isn't completely harmless...

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!