Last active
April 12, 2016 11:13
-
-
Save ISTweak/8166f00927fa3494e4abf2c88f2e2b3c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| static int __init enforcing_setup(char *str) | |
| { | |
| unsigned long enforcing; | |
| if (!strict_strtoul(str, 0, &enforcing)) | |
| selinux_enforcing = enforcing ? 1 : 0; | |
| return 1; | |
| } | |
| シンプルなenforcing_setupを追いかけます。 | |
| kallsymsprintdumpからc0d2008c enforcing_setupが見つかります。 | |
| c0d2008cから0x200ぐらいまでダンプします。 | |
| objdump -b binary -m arm --adjust-vma=0xc0008000 --start-address=0xc0d2008c --stop-address=0xc0d2028c -D kernelbin > out.txt | |
| c0d2008c: e92d4007 push {r0, r1, r2, lr} | |
| c0d20090: e3a01000 mov r1, #0 | |
| c0d20094: e28d2004 add r2, sp, #4 | |
| c0d20098: ebd8bb9f bl 0xc034ef1c | |
| c0d2009c: e3500000 cmp r0, #0 | |
| c0d200a0: 1a000004 bne 0xc0d200b8 | |
| c0d200a4: e59d2004 ldr r2, [sp, #4] | |
| c0d200a8: e59f3014 ldr r3, [pc, #20] ; 0xc0d200c4 | |
| c0d200ac: e2922000 adds r2, r2, #0 | |
| c0d200b0: 13a02001 movne r2, #1 | |
| c0d200b4: e5832004 str r2, [r3, #4] | |
| c0d200b8: e3a00001 mov r0, #1 | |
| c0d200bc: e28dd00c add sp, sp, #12 | |
| c0d200c0: e49df004 pop {pc} ; (ldr pc, [sp], #4) | |
| c0d200c4: c10582e0 smlattgt r5, r0, r2, r8 | |
| ~~~~~~略~~~~~~~~~ | |
| r2が探してるselinux_enforcingになります。 | |
| str r2, [r3, #4] | |
| r3に0x4足したアドレスがr2になります。 | |
| ldr r3, [pc, #20] ; 0xc0d200c4 | |
| c0d200c4を見てみます。 | |
| c0d200c4: c10582e0 smlattgt r5, r0, r2, r8 | |
| c10582e0このアドレスに0x4足したアドレスが目的のアドレスになるのでc10582e4が答えになります。 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment