mmap(2) fingerprinting on amd64
Boris Samorodov
bsam at ipt.ru
Sun Sep 24 03:46:59 PDT 2006
On Tue, 19 Sep 2006 02:09:09 +0200 Marcin Cieslak wrote:
> Attached please find a very simple brute-force mmap(2) testing program.
> 1. It would be nice if somebody could run this on real amd64 linux machine.
> and under FreeBSD linuxolator on amd64 machine. Please mail results to me.
Here is the result on a real linux machine (not mine, got the result
via russian fido):
-----
Linux amd64 2.6.17-2-amd64 #1 SMP Wed Sep 13 17:49:33 CEST 2006 x86_64 GNU/Linux
0001: mmap(0, 1024, PROT_NONE, MAP_SHARED, ...)
for filemode O_RDONLY: mmap OK read: sigsegv write: sigsegv
0002: mmap(0, 1024, PROT_READ, MAP_SHARED, ...)
for filemode O_RDONLY: mmap OK read: 0x41 write: sigsegv
0003: mmap(0, 1024, PROT_WRITE, MAP_SHARED, ...)
for filemode O_RDONLY: mmap error (13)
0004: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_SHARED, ...)
for filemode O_RDONLY: mmap error (13)
0005: mmap(0, 1024, PROT_NONE, MAP_PRIVATE, ...)
for filemode O_RDONLY: mmap OK read: sigsegv write: sigsegv
0006: mmap(0, 1024, PROT_READ, MAP_PRIVATE, ...)
for filemode O_RDONLY: mmap OK read: 0x41 write: sigsegv
0007: mmap(0, 1024, PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_RDONLY: mmap OK read: sigsegv write: OK
0008: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_RDONLY: mmap OK read: 0x41 write: OK
0009: mmap(0, 1024, PROT_NONE, MAP_SHARED, ...)
for filemode O_WRONLY: mmap error (13)
0010: mmap(0, 1024, PROT_READ, MAP_SHARED, ...)
for filemode O_WRONLY: mmap error (13)
0011: mmap(0, 1024, PROT_WRITE, MAP_SHARED, ...)
for filemode O_WRONLY: mmap error (13)
0012: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_SHARED, ...)
for filemode O_WRONLY: mmap error (13)
0013: mmap(0, 1024, PROT_NONE, MAP_PRIVATE, ...)
for filemode O_WRONLY: mmap error (13)
0014: mmap(0, 1024, PROT_READ, MAP_PRIVATE, ...)
for filemode O_WRONLY: mmap error (13)
0015: mmap(0, 1024, PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_WRONLY: mmap error (13)
0016: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_WRONLY: mmap error (13)
0017: mmap(0, 1024, PROT_NONE, MAP_SHARED, ...)
for filemode O_RDWR: mmap OK read: sigsegv write: sigsegv
0018: mmap(0, 1024, PROT_READ, MAP_SHARED, ...)
for filemode O_RDWR: mmap OK read: 0x41 write: sigsegv
0019: mmap(0, 1024, PROT_WRITE, MAP_SHARED, ...)
for filemode O_RDWR: mmap OK read: sigsegv write: OK
0020: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_SHARED, ...)
for filemode O_RDWR: mmap OK read: 0x42 write: OK
0021: mmap(0, 1024, PROT_NONE, MAP_PRIVATE, ...)
for filemode O_RDWR: mmap OK read: sigsegv write: sigsegv
0022: mmap(0, 1024, PROT_READ, MAP_PRIVATE, ...)
for filemode O_RDWR: mmap OK read: 0x42 write: sigsegv
0023: mmap(0, 1024, PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_RDWR: mmap OK read: sigsegv write: OK
0024: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_RDWR: mmap OK read: 0x42 write: OK
0025: mmap(0, 1024, PROT_NONE, MAP_ANON|MAP_SHARED, ...)
for filemode anonymous: mmap OK read: sigsegv write: sigsegv
0026: mmap(0, 1024, PROT_READ, MAP_ANON|MAP_SHARED, ...)
for filemode anonymous: mmap OK read: 0x00 write: sigsegv
0027: mmap(0, 1024, PROT_WRITE, MAP_ANON|MAP_SHARED, ...)
for filemode anonymous: mmap OK read: sigsegv write: OK
0028: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_ANON|MAP_SHARED, ...)
for filemode anonymous: mmap OK read: 0x00 write: OK
0029: mmap(0, 1024, PROT_NONE, MAP_ANON|MAP_PRIVATE, ...)
for filemode anonymous: mmap OK read: sigsegv write: sigsegv
0030: mmap(0, 1024, PROT_READ, MAP_ANON|MAP_PRIVATE, ...)
for filemode anonymous: mmap OK read: 0x00 write: sigsegv
0031: mmap(0, 1024, PROT_WRITE, MAP_ANON|MAP_PRIVATE, ...)
for filemode anonymous: mmap OK read: sigsegv write: OK
0032: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, ...)
for filemode anonymous: mmap OK read: 0x00 write: OK
-----
Next is the result at my amd64 machine, binary built with
gentoo-stage-3:
-----
# uname -a
FreeBSD bsam.ru 7.0-CURRENT FreeBSD 7.0-CURRENT #16: Wed Sep 20 00:51:44 MSD 2006 bsam at bsam.ru:/usr/obj/usr/src/sys/GENERIC amd64
# ./a.out
0001: mmap(0, 1024, PROT_NONE, MAP_SHARED, ...)
for filemode O_RDONLY: mmap OK read: 0x41 write: sigsegv
0002: mmap(0, 1024, PROT_READ, MAP_SHARED, ...)
for filemode O_RDONLY: mmap OK read: 0x41 write: sigsegv
0003: mmap(0, 1024, PROT_WRITE, MAP_SHARED, ...)
for filemode O_RDONLY: mmap error (13)
0004: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_SHARED, ...)
for filemode O_RDONLY: mmap error (13)
0005: mmap(0, 1024, PROT_NONE, MAP_PRIVATE, ...)
for filemode O_RDONLY: mmap OK read: 0x41 write: sigsegv
0006: mmap(0, 1024, PROT_READ, MAP_PRIVATE, ...)
for filemode O_RDONLY: mmap OK read: 0x41 write: sigsegv
0007: mmap(0, 1024, PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_RDONLY: mmap OK read: 0x41 write: OK
0008: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_RDONLY: mmap OK read: 0x41 write: OK
0009: mmap(0, 1024, PROT_NONE, MAP_SHARED, ...)
for filemode O_WRONLY: mmap error (13)
0010: mmap(0, 1024, PROT_READ, MAP_SHARED, ...)
for filemode O_WRONLY: mmap error (13)
0011: mmap(0, 1024, PROT_WRITE, MAP_SHARED, ...)
for filemode O_WRONLY: mmap error (13)
0012: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_SHARED, ...)
for filemode O_WRONLY: mmap error (13)
0013: mmap(0, 1024, PROT_NONE, MAP_PRIVATE, ...)
for filemode O_WRONLY: mmap error (13)
0014: mmap(0, 1024, PROT_READ, MAP_PRIVATE, ...)
for filemode O_WRONLY: mmap error (13)
0015: mmap(0, 1024, PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_WRONLY: mmap error (13)
0016: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_WRONLY: mmap error (13)
0017: mmap(0, 1024, PROT_NONE, MAP_SHARED, ...)
for filemode O_RDWR: mmap OK read: 0x41 write: sigsegv
0018: mmap(0, 1024, PROT_READ, MAP_SHARED, ...)
for filemode O_RDWR: mmap OK read: 0x41 write: sigsegv
0019: mmap(0, 1024, PROT_WRITE, MAP_SHARED, ...)
for filemode O_RDWR: mmap OK read: 0x41 write: OK
0020: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_SHARED, ...)
for filemode O_RDWR: mmap OK read: 0x42 write: OK
0021: mmap(0, 1024, PROT_NONE, MAP_PRIVATE, ...)
for filemode O_RDWR: mmap OK read: 0x42 write: sigsegv
0022: mmap(0, 1024, PROT_READ, MAP_PRIVATE, ...)
for filemode O_RDWR: mmap OK read: 0x42 write: sigsegv
0023: mmap(0, 1024, PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_RDWR: mmap OK read: 0x42 write: OK
0024: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_PRIVATE, ...)
for filemode O_RDWR: mmap OK read: 0x42 write: OK
0025: mmap(0, 1024, PROT_NONE, MAP_ANON|MAP_SHARED, ...)
for filemode anonymous: mmap OK read: 0x00 write: sigsegv
0026: mmap(0, 1024, PROT_READ, MAP_ANON|MAP_SHARED, ...)
for filemode anonymous: mmap OK read: 0x00 write: sigsegv
0027: mmap(0, 1024, PROT_WRITE, MAP_ANON|MAP_SHARED, ...)
for filemode anonymous: mmap OK read: 0x00 write: OK
0028: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_ANON|MAP_SHARED, ...)
for filemode anonymous: mmap OK read: 0x00 write: OK
0029: mmap(0, 1024, PROT_NONE, MAP_ANON|MAP_PRIVATE, ...)
for filemode anonymous: mmap OK read: 0x00 write: sigsegv
0030: mmap(0, 1024, PROT_READ, MAP_ANON|MAP_PRIVATE, ...)
for filemode anonymous: mmap OK read: 0x00 write: sigsegv
0031: mmap(0, 1024, PROT_WRITE, MAP_ANON|MAP_PRIVATE, ...)
for filemode anonymous: mmap OK read: 0x00 write: OK
0032: mmap(0, 1024, PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, ...)
for filemode anonymous: mmap OK read: 0x00 write: OK
-----
WBR
--
Boris Samorodov (bsam)
Research Engineer, http://www.ipt.ru Telephone & Internet SP
FreeBSD committer, http://www.FreeBSD.org The Power To Serve
More information about the freebsd-emulation
mailing list