Hi,
I've hacked up a small module for coreinfo which should be able to dump arbitrary RAM contents (in hexdump format).
I'm using this to demonstrate the "cold boot" RAM attacks published at http://citp.princeton.edu/memory/, which works pretty nicely.
Please review, it's possible that the code has some bugs, I'm short on time and didn't program very carefully.
Uwe.
On Mon, Jul 07, 2008 at 07:24:26PM +0200, Uwe Hermann wrote:
Please review, it's possible that the code has some bugs, I'm short on time and didn't program very carefully.
Looks good enough.
Add a coreinfo module which can hexdump arbitrary RAM regions and allows you to scroll through the RAM contents.
Signed-off-by: Uwe Hermann uwe@hermann-uwe.de
Acked-by: Peter Stuge peter@stuge.se
Index: Kconfig
--- Kconfig (Revision 3418) +++ Kconfig (Arbeitskopie) @@ -68,6 +68,10 @@ bool "Enable the coreboot bootlog module" default y
+config MODULE_RAMDUMP
- bool "Enable the RAM dump module"
- default y
config MODULE_LAR bool "Enable the coreboot LAR module" default y Index: coreinfo.c =================================================================== --- coreinfo.c (Revision 3418) +++ coreinfo.c (Arbeitskopie) @@ -29,6 +29,7 @@ extern struct coreinfo_module coreboot_module; extern struct coreinfo_module nvram_module; extern struct coreinfo_module bootlog_module; +extern struct coreinfo_module ramdump_module; extern struct coreinfo_module lar_module;
struct coreinfo_module *system_modules[] = { @@ -41,6 +42,9 @@ #ifdef CONFIG_MODULE_NVRAM &nvram_module, #endif +#ifdef CONFIG_MODULE_RAMDUMP
- &ramdump_module,
+#endif };
struct coreinfo_module *coreboot_modules[] = { Index: ramdump_module.c =================================================================== --- ramdump_module.c (Revision 0) +++ ramdump_module.c (Revision 0) @@ -0,0 +1,112 @@ +/*
- This file is part of the coreinfo project.
- Copyright (C) 2008 Uwe Hermann uwe@hermann-uwe.de
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- */
+#include "coreinfo.h"
+#ifdef CONFIG_MODULE_RAMDUMP
+static s64 cursor = 0; +static s64 cursor_max = (1 * 1024 * 1024 * 1024); /* Max. 1 GB RAM for now. */
+static int ramdump_module_init(void) +{
- return 0;
+}
+static void dump_ram(WINDOW *win, uint32_t addr, int row, int col) +{
- int i, x = 0, y = 0, count = 0;
- volatile uint8_t *ptr = (void *)(addr);
- mvwprintw(win, 0, col + 54, "RAM address: %10d", addr);
- /* Dump 256 bytes of RAM. */
- for (i = 1; i < 257; i++) {
if (x == 0) {mvwprintw(win, row + y, col - 1, "%08x", addr + 16 * y);mvwaddch(win, row + y, col + 59, (const chtype)"|");mvwaddch(win, row + y, col + 76, (const chtype)"|");}mvwprintw(win, row + y, col + x + 9, "%02x", ptr[i - 1]);mvwprintw(win, row + y, 62 + count++, "%c", ptr[i - 1]);x += 3;if (x == 24) /* One more space after column/byte 8. */x++;if (i % 16 == 0) {y++; /* Start a newline after 16 bytes. */x = count = 0;}- }
+}
+static int ramdump_module_redraw(WINDOW *win) +{
- print_module_title(win, "RAM Dump");
- dump_ram(win, cursor * 256, 2, 2);
- return 0;
+}
+static int ramdump_module_handle(int key) +{
- switch (key) {
- case KEY_DOWN:
if (cursor == cursor_max)return 0;cursor++;break;- case KEY_UP:
if (cursor == 0)return 0;cursor--;break;- case KEY_NPAGE:
if (cursor == cursor_max)return 0;cursor += 4096; /* Jump in 1MB steps. */break;- case KEY_PPAGE:
if (cursor == 0)return 0;cursor -= 4096; /* Jump in 1MB steps. */break;- }
- if (cursor > cursor_max)
cursor = cursor_max;- if (cursor < 0)
cursor = 0;- return 1;
+}
+struct coreinfo_module ramdump_module = {
- .name = "RAM Dump",
- .init = ramdump_module_init,
- .redraw = ramdump_module_redraw,
- .handle = ramdump_module_handle,
+};
+#else
+struct coreinfo_module ramdump_module = { +};
+#endif Index: Makefile =================================================================== --- Makefile (Revision 3418) +++ Makefile (Arbeitskopie) @@ -51,7 +51,8 @@ INCLUDES = -Ibuild CFLAGS := -Wall -Werror -Os $(INCLUDES) OBJECTS = cpuinfo_module.o cpuid.S.o pci_module.o coreboot_module.o \
nvram_module.o bootlog_module.o lar_module.o coreinfo.o
nvram_module.o bootlog_module.o ramdump_module.o lar_module.o \coreinfo.oOBJS = $(patsubst %,$(obj)/%,$(OBJECTS)) TARGET = $(obj)/coreinfo.elf
On 07/07/08 19:29 +0200, Peter Stuge wrote:
On Mon, Jul 07, 2008 at 07:24:26PM +0200, Uwe Hermann wrote:
Please review, it's possible that the code has some bugs, I'm short on time and didn't program very carefully.
Looks good enough.
If it compiles and works for you, thats the most important thing.
Add a coreinfo module which can hexdump arbitrary RAM regions and allows you to scroll through the RAM contents.
Signed-off-by: Uwe Hermann uwe@hermann-uwe.de
Acked-by: Peter Stuge peter@stuge.se
Ack the ack.
Index: Kconfig
--- Kconfig (Revision 3418) +++ Kconfig (Arbeitskopie) @@ -68,6 +68,10 @@ bool "Enable the coreboot bootlog module" default y
+config MODULE_RAMDUMP
- bool "Enable the RAM dump module"
- default y
config MODULE_LAR bool "Enable the coreboot LAR module" default y Index: coreinfo.c =================================================================== --- coreinfo.c (Revision 3418) +++ coreinfo.c (Arbeitskopie) @@ -29,6 +29,7 @@ extern struct coreinfo_module coreboot_module; extern struct coreinfo_module nvram_module; extern struct coreinfo_module bootlog_module; +extern struct coreinfo_module ramdump_module; extern struct coreinfo_module lar_module;
struct coreinfo_module *system_modules[] = { @@ -41,6 +42,9 @@ #ifdef CONFIG_MODULE_NVRAM &nvram_module, #endif +#ifdef CONFIG_MODULE_RAMDUMP
- &ramdump_module,
+#endif };
struct coreinfo_module *coreboot_modules[] = { Index: ramdump_module.c =================================================================== --- ramdump_module.c (Revision 0) +++ ramdump_module.c (Revision 0) @@ -0,0 +1,112 @@ +/*
- This file is part of the coreinfo project.
- Copyright (C) 2008 Uwe Hermann uwe@hermann-uwe.de
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- */
+#include "coreinfo.h"
+#ifdef CONFIG_MODULE_RAMDUMP
+static s64 cursor = 0; +static s64 cursor_max = (1 * 1024 * 1024 * 1024); /* Max. 1 GB RAM for now. */
+static int ramdump_module_init(void) +{
- return 0;
+}
+static void dump_ram(WINDOW *win, uint32_t addr, int row, int col) +{
- int i, x = 0, y = 0, count = 0;
- volatile uint8_t *ptr = (void *)(addr);
- mvwprintw(win, 0, col + 54, "RAM address: %10d", addr);
- /* Dump 256 bytes of RAM. */
- for (i = 1; i < 257; i++) {
if (x == 0) {mvwprintw(win, row + y, col - 1, "%08x", addr + 16 * y);mvwaddch(win, row + y, col + 59, (const chtype)"|");mvwaddch(win, row + y, col + 76, (const chtype)"|");}mvwprintw(win, row + y, col + x + 9, "%02x", ptr[i - 1]);mvwprintw(win, row + y, 62 + count++, "%c", ptr[i - 1]);x += 3;if (x == 24) /* One more space after column/byte 8. */x++;if (i % 16 == 0) {y++; /* Start a newline after 16 bytes. */x = count = 0;}- }
+}
+static int ramdump_module_redraw(WINDOW *win) +{
- print_module_title(win, "RAM Dump");
- dump_ram(win, cursor * 256, 2, 2);
- return 0;
+}
+static int ramdump_module_handle(int key) +{
- switch (key) {
- case KEY_DOWN:
if (cursor == cursor_max)return 0;cursor++;break;- case KEY_UP:
if (cursor == 0)return 0;cursor--;break;- case KEY_NPAGE:
if (cursor == cursor_max)return 0;cursor += 4096; /* Jump in 1MB steps. */break;- case KEY_PPAGE:
if (cursor == 0)return 0;cursor -= 4096; /* Jump in 1MB steps. */break;- }
- if (cursor > cursor_max)
cursor = cursor_max;- if (cursor < 0)
cursor = 0;- return 1;
+}
+struct coreinfo_module ramdump_module = {
- .name = "RAM Dump",
- .init = ramdump_module_init,
- .redraw = ramdump_module_redraw,
- .handle = ramdump_module_handle,
+};
+#else
+struct coreinfo_module ramdump_module = { +};
+#endif Index: Makefile =================================================================== --- Makefile (Revision 3418) +++ Makefile (Arbeitskopie) @@ -51,7 +51,8 @@ INCLUDES = -Ibuild CFLAGS := -Wall -Werror -Os $(INCLUDES) OBJECTS = cpuinfo_module.o cpuid.S.o pci_module.o coreboot_module.o \
nvram_module.o bootlog_module.o lar_module.o coreinfo.o
nvram_module.o bootlog_module.o ramdump_module.o lar_module.o \coreinfo.oOBJS = $(patsubst %,$(obj)/%,$(OBJECTS)) TARGET = $(obj)/coreinfo.elf
-- coreboot mailing list coreboot@coreboot.org http://www.coreboot.org/mailman/listinfo/coreboot
On Mon, Jul 07, 2008 at 07:29:51PM +0200, Peter Stuge wrote:
Add a coreinfo module which can hexdump arbitrary RAM regions and allows you to scroll through the RAM contents.
Signed-off-by: Uwe Hermann uwe@hermann-uwe.de
Acked-by: Peter Stuge peter@stuge.se
Thanks, r3419.
For reference, here's a screenshot from QEMU: http://www.coreboot.org/Image:Coreinfo_ramdump.jpg
Uwe.
On 08/07/08 18:22 +0200, Uwe Hermann wrote:
On Mon, Jul 07, 2008 at 07:29:51PM +0200, Peter Stuge wrote:
Add a coreinfo module which can hexdump arbitrary RAM regions and allows you to scroll through the RAM contents.
Signed-off-by: Uwe Hermann uwe@hermann-uwe.de
Acked-by: Peter Stuge peter@stuge.se
Thanks, r3419.
For reference, here's a screenshot from QEMU: http://www.coreboot.org/Image:Coreinfo_ramdump.jpg
Wow, that is incredibly cool. Thanks.
Jordan
-
Jordan Crouse -
Peter Stuge -
Uwe Hermann