Page MenuHomeFreeBSD

vmmdev: return EFAULT when trying to read beyond VM system memory max address
ClosedPublic

Authored by antoine on Apr 22 2018, 7:30 AM.
Tags
None
Referenced Files
F132378263: D15156.id41720.diff
Thu, Oct 16, 9:19 AM
Unknown Object (File)
Mon, Oct 13, 4:51 AM
Unknown Object (File)
Sun, Oct 12, 8:42 AM
Unknown Object (File)
Sat, Sep 27, 12:20 AM
Unknown Object (File)
Fri, Sep 26, 1:26 PM
Unknown Object (File)
Wed, Sep 24, 11:05 AM
Unknown Object (File)
Sun, Sep 21, 5:57 PM
Unknown Object (File)
Sun, Sep 21, 10:44 AM
Subscribers

Details

Summary

Currently, when using dd(1) to take a VM memory image, the capture never ends,
reading zeroes when it's beyond VM system memory max address.
Return EFAULT when trying to read beyond VM system memory max address.
With the patch, I'm able to take a memory image from a windows guest with dd(1)
and analyse it with tools like volatility or rekall.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

This revision is now accepted and ready to land.Apr 22 2018, 3:16 PM
This revision now requires review to proceed.Apr 22 2018, 9:32 PM

Good to go with the name change.

sys/amd64/include/vmm.h
215 ↗(On Diff #41720)

Can the name for this be changed to vmm_sysmem_maxaddr ?

This revision is now accepted and ready to land.May 14 2018, 7:13 AM
This revision was automatically updated to reflect the committed changes.