accessing/copying/modifying the data segment of a target process from kernel module.
 

Hello All,

Given a process task struct, I would like to be able to access the data segment of a that process. This is to be done from a kernel module if possible.

What I tried and did not work:

I know that task->mm->start_data should give the address of the data segment. But I am not sure if that address is relative (may be to RIP) or direct.

Also, if I iterate over all the vm_area_struct(s) in task->mm->mmap and check their vm_start(s) against task->mm->start_data. I found start_data is an order of magnitude larger than vm_start. That is obviously under many assumptions including that the beginning of the data segment start is aligned with the beginning of a page.

I am using Linux kernel 3.2.0 for amd64 arch.

Thank you!

start_data & friends are in the process virtual memory space. So if you access them in the module from this process context, the access is quite easy. From another process you need some more effort.

Thanks Mara for the reply.

So, does it contain the actual address of the data segment? if yes, can I use that address to and treat the data segment as a buffer? also if both yes, then how can I read/modify it? I tried using copy_to_user() but did not work. Can you please tell me what functions I need to use in order to access it?

btw, I am not going to attempt to modify the target process's data segment from another process ... I want to do that from within the kernel either by an kernel-space function, additional system call or from a kernel module.

Thanks.