smap ×

smap

new top best new & best

quality: all 6+ 8+

Linux Internals: How /proc/self/mem writes to unwritable memory (2021)

This article explores how the /proc/self/mem pseudofile can write to memory marked as unwritable by bypassing MMU protections through kernel virtual memory subsystem manipulation, specifically via the FOLL_FORCE flag in get_user_pages() that skips write permission checks. The technique allows patching read-only memory including libc code pages, with implications for understanding kernel-hardware memory protection constraints.

linux-internals memory-protection proc-filesystem virtual-memory page-tables kernel-exploitation mmu write-protect cr0-wp smap privilege-escalation memory-corruption

offlinemark.com · medbar· 24 days ago · 14 min · research · details · hn 129