该工具是ubunut系统上提取出来的。apt source devmem2
该工具通过drivers/char/mem.c 这个驱动来读取内存。
/*
* devmem2.c: Simple program to read/write from/to any location in memory.
*
* Copyright (C) 2000, Jan-Derk Bakker (jdb@lartmaker.nl)
*
*
* This software has been developed for the LART computing board
* (http://www.lart.tudelft.nl/). The development has been sponsored by
* the Mobile MultiMedia Communications (http://www.mmc.tudelft.nl/)
* and Ubiquitous Communications (http://www.ubicom.tudelft.nl/)
* projects.
*
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <signal.h>
#include <fcntl.h>
#include <ctype.h>
#include <termios.h>
#include <sys/types.h>
#include <sys/mman.h>
#define FATAL do { fprintf(stderr, "Error at line %d, file %s (%d) [%s]\n", \
__LINE__, __FILE__, errno, strerror(errno)); exit(1); } while(0)
//MAP_SIZE是页表的大小。应该是有getpagesize()获取,因为在arm64下面是64K。65536.这个需要调整
#define MAP_SIZE 4096UL
#define MAP_MASK (MAP_SIZE - 1)
int main(int argc, char **argv) {
int fd;
void *map_base, *virt_addr;
unsigned long read_result, writeval;
off_t target;
int access_type = 'w';
if(argc < 2) {
fprintf(stderr, "\nUsage:\t%s { address } [ type [ data ] ]\n"
"\taddress : memory address to act upon\n"
"\ttype : access operation type : [b]yte, [h]alfword, [w]ord\n"
"\tdata : data to be written\n\n",
argv[0]);
exit(1);
}
target = strtoul(argv[1], 0, 0);
if(argc > 2)
access_type = tolower(argv[2][0]);
if((fd = open("/dev/mem", O_RDWR | O_SYNC)) == -1) FATAL;
printf("/dev/mem opened.\n");
fflush(stdout);
/* Map one page */
//mmap最后的参数必须要页大小的整数倍,因此在这里将偏移量进行截取,向上取整。映射出来的虚拟地址也是向上取整的,因此后面需要将虚拟地址加上被截取的值。
map_base = mmap(0, MAP_SIZE, PROT_READ | PROT_WRITE, MAP_SHARED, fd, target & ~MAP_MASK);
if(map_base == (void *) -1) FATAL;
printf("Memory mapped at address %p.\n", map_base);
fflush(stdout);
virt_addr = map_base + (target & MAP_MASK); //加上被截取的值,这个才是需要访问的地址。
switch(access_type) {
case 'b':
read_result = *((unsigned char *) virt_addr);
break;
case 'h':
read_result = *((unsigned short *) virt_addr);
break;
case 'w':
read_result = *((unsigned long *) virt_addr);
break;
default:
fprintf(stderr, "Illegal data type '%c'.\n", access_type);
exit(2);
}
printf("Value at address 0x%X (%p): 0x%X\n", target, virt_addr, read_result);
fflush(stdout);
if(argc > 3) {
writeval = strtoul(argv[3], 0, 0);
switch(access_type) {
case 'b':
*((unsigned char *) virt_addr) = writeval;
read_result = *((unsigned char *) virt_addr);
break;
case 'h':
*((unsigned short *) virt_addr) = writeval;
read_result = *((unsigned short *) virt_addr);
break;
case 'w':
*((unsigned long *) virt_addr) = writeval;
read_result = *((unsigned long *) virt_addr);
break;
}
printf("Written 0x%X; readback 0x%X\n", writeval, read_result);
fflush(stdout);
}
if(munmap(map_base, MAP_SIZE) == -1) FATAL;
close(fd);
return 0;
}
这里的核心知识是mmap系统调用,关于这个知识,在内核中如何映射物理内存到vma虚拟内存:
深入理解mmap--内核代码分析及驱动demo示例
devmem: mmap: Operation not permitted报错解决方法之一
该方法适用场景:当我们适用devmem工具的时候,有的寄存器可以配置,有的却报了Operation not permitted这个错误。
分析:这是一项安全技能,可防止用户空间访问(可能敏感的)1MB以上的物理内存(IIRC)
根因:权限不够。.config文件中设置了CONFIG_STRICT_DEVMEM=n才能获得对整个memory的访问权限,在默认情况下,CONFIG_STRICT_DEVMEM=y,这也就是为什么有的寄存器可以配置,有的却配置不了的原因。可通过下面的命令在操作系统上确实该配置项的值:zcat /proc/config.gz | CONFIG_STRICT_DEVMEM
解决方法:
1、在/kernel/arch/arm64/configs/目录下,找到CONFIG_STRICT_DEVMEM该配置项所在的文件并且把值修改成n,再编译一个内核替换掉环境上的内核,即可正常使用devmem工具。
2、使用sysctl dev.mem.restricted 禁用它,或者在grub文件添加selinux=0或者iomem=relaxed,添加完需要重启系统才会生效。
/boot/grub/grub.cfg
linux /boot/vmlinuz-linuxiomem=relaxed