Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!husc6!hao!ames!ucbcad!ucbvax!sdcsvax!ucsdhub!jack!man!crash!kenobi!ford From: ford@kenobi.UUCP (Mike Ditto) Newsgroups: comp.sys.att Subject: Bug in /dev/mem driver on Unix PC, patch provided Message-ID: <18@kenobi.UUCP> Date: Fri, 23-Oct-87 02:28:15 EST Article-I.D.: kenobi.18 Posted: Fri Oct 23 02:28:15 1987 Date-Received: Sun, 25-Oct-87 15:28:24 EST Organization: Omnicron Data Systems Lines: 56 Keywords: write, /dev/mem, physical memory, fix, kernel Summary: can't write to physical memory via /dev/mem Posting-Front-End: GNU Emacs 18.41.10 of Fri Oct 2 1987 on kenobi (usg-unix-v) Unrelated-Comment: my 'renice' command is coming soon to a news site near you I have discovered a bug in the device driver for /dev/mem on the Unix PC. The bug prevents writing to /dev/mem. /dev/kmem works fine, as does reading from /dev/mem. In case anyone has a need to write to /dev/mem, I am enclosing a patch to the kernel which I wrote to fix the problem. The script patches /unix as well as the copy in memory, so no reboot is required. Warning: It is up to you to back up your /unix if you want to. Technical description of the bug and the fix: The /dev/mem driver creates a pte (page table entry) for an unused vertual address in the kernel, describing the physical page to be accessed. It manipulates the actual hardware page table (at address 0x400000) to do this. Because these are hardware registers rather than real memory locations, some restrictions apply to their use. One restriction is that they must only be written to with WORD-long instructions. Unfortunately, the C compiler used to compile the kernel doesn't know this, and it over-optimized the code into some faster BYTE-long instructions, which do not work on these registers. My patch replaces the bad instructions with good ones, obviously 8-). Fortunately, the code that was bad was also rather sloppy, so the fix is smaller than the code it replaces. In fact, the fix is two instructions plus seven no-ops. Here is the shell script, which must be run as root. # ------------------------ cut here ------------------------ : kernel patch to allow writing to /dev/mem if [ ! -w /unix ] then echo "$0: no permission for /unix" 1>&2 exit 1 fi for MAP in '?' '/' do adb -w /unix /dev/kmem << Zippy_The_Pinhead mmwrite+0c2${MAP}w 0041 mmwrite+0c4${MAP}w 0a000 mmwrite+0c6${MAP}w 3081 mmwrite+0c8${MAP}w 4e71 mmwrite+0ca${MAP}w 4e71 mmwrite+0cc${MAP}w 4e71 mmwrite+0ce${MAP}w 4e71 mmwrite+0d0${MAP}w 4e71 mmwrite+0d2${MAP}w 4e71 mmwrite+0d4${MAP}w 4e71 Zippy_The_Pinhead done exit # ------------------------ cut here ------------------------