Slide 26
Slide 26 text
Hint : kmalloc and pipe_set_size
We set sizes for kmalloc trough
pipe_set_size
pipe_set_size (->buffers) is limited
to some sizes
1, 2, 4, 8, 0x10, 0x20,
0x40, 0x80, 0x100
That’s all!
We are not interested in content of
pipe, just about pipe->buffers,
because …
kmalloc take those sizes and
multiply by siozeof(iovec) !
On kmalloc goes only sizes :
0x20, 0x40, 0x80, 0x100
Results in following kmallocs :
0x80, 0x100, 0x200, 0x400
Here is necessary some techs!
For TTY was used tty_buffer,
size in 0x400 SLAB, cool!
But magic there, and we scatter it
because of pattern
{ KERNEL PTR, 0x1000 }
Some other candidates ?