Remote repository can be found here.
Program is used to scan the memory of a 32-bit process (0x0 to 0xffffffff).
It works by acting on the memory pages and handle the signal responded by the system.
Then, it collectively group adjacent pages with the same access as a region.
There are 3 permission: No access (MEM_NO), read-only (MEM_RO), read+write (MEM_RW).
A successful scan will have the memmory layout before and after compared. The first memregion instance where they differ will be reported, else, no difference will be reported.
Program must be compile as 32-bit. All compilation are prepared in Makefile. Custom page size
can be configured by CFLAG. If no input, page size is defaulted to 4096KB.
To create all executables, use:
make <(optional)|mem_1|mem_2|mem_3> <"CFLAGS=-DUSER_PAGE_SIZE=(optional)">
To clean targets and objects:
make clean
Specific target instruction.
mem_2executable accept a 2nd argument as input. It reads a file and load it to memory viammap(). If no input is entered, it defaults to the provided Tags.json file.
Each executable achieve memory alteration via different methods. In-depth description is provided within the code itself.
mem_1Heap memory allocation. A part of memory once was no-accessible becomes available for read and write af ter allocation (and initialization).mem_2Dynamic loading. This is when a function is loaded "lazily". Until the function is used, it will not load into memory; then will be free immediately after used. This offers high memory efficiency. By capture the memory layout before free-up, we can see how the memory alters.mem_3Memory mapping. By transfer a whole file onto memory, we can take advantage of the DRAM speed. Memory layout will be different before and after the mmaping.
Code uses materials of TAs and courses materials, references from the internet. Citation are inlcuded in the code.
___Danh Nguyen
Winter 2021, University of Alberta
All rights reserved