@@ -1264,34 +1264,43 @@ def search(self, needle, writable = False, executable = False):
12641264 elif executable :
12651265 ko_check_segments = [".text" ]
12661266 else :
1267- # There may be other sections before .rodata, such as .note.gnu.build-id or .note.Linux
1268- ko_check_segments = [".text" ,".data" ]
1267+ ko_check_segments = [".text" ,".note" ,".rodata" ,".data" ]
12691268 for section in super ().iter_sections ():
1270- if section .name in ko_check_segments :
1271- filesz = section ['sh_size' ]
1272- offset = section ['sh_offset' ]
1273- data = self .mmap [offset :offset + filesz ]
1274- data += b'\x00 '
1275- offset = 0
1276- while True :
1277- offset = data .find (needle , offset )
1278- if offset == - 1 :
1279- break
1280- if section .name == ".data" :
1281- text_filesz = 0
1282- rodata_filesz = 0
1283- for section in super ().iter_sections ():
1284- if section .name == ".text" :
1285- text_filesz = section ['sh_size' ]
1286- elif len (section .name )>= len (".rodata" ) and section .name [:len (".rodata" )]== ".rodata" :
1287- rodata_filesz += section ['sh_size' ]
1288- addr = (text_filesz // PAGESIZE + 1 + rodata_filesz // PAGESIZE + 1 )* PAGESIZE
1289- elif section .name == ".text" :
1290- addr = 0
1291-
1292- yield (addr + offset + load_address_fixup )
1293- offset += 1
1294-
1269+ if section .name not in ko_check_segments and \
1270+ not any (section .name .startswith (ko_check_segment ) for ko_check_segment in ko_check_segments ):
1271+ continue
1272+ filesz = section ['sh_size' ]
1273+ offset = section ['sh_offset' ]
1274+ data = self .mmap [offset :offset + filesz ]
1275+ data += b'\x00 '
1276+ offset = 0
1277+ while True :
1278+ offset = data .find (needle , offset )
1279+ if offset == - 1 :
1280+ break
1281+ # ko_file: header->.note->.text->.rodata->.data
1282+ # after insmod: text page(executable page), note and rodate page(read only page), data page(writable page)
1283+ if section .name == ".text" :
1284+ addr = 0
1285+ elif section .name .startswith (".note" ) :
1286+ text_filesz = self .get_section_by_name (".text" )['sh_size' ]
1287+ addr = (text_filesz // PAGESIZE + 1 )* PAGESIZE + section ['sh_offset' ] - self .header ['e_ehsize' ]
1288+ elif section .name .startswith (".rodata" ):
1289+ text_filesz = self .get_section_by_name (".text" )['sh_size' ]
1290+ text_offset = self .get_section_by_name (".text" )['sh_offset' ]
1291+ addr = (text_filesz // PAGESIZE + 1 )* PAGESIZE + text_offset - self .header ['e_ehsize' ]
1292+ elif section .name == ".data" :
1293+ text_filesz = self .get_section_by_name (".text" )['sh_size' ]
1294+ rodata_filesz = 0
1295+ note_filez = 0
1296+ for section in super ().iter_sections ():
1297+ if section .name .startswith (".rodata" ):
1298+ rodata_filesz += section ['sh_size' ]
1299+ elif section .name .startswith (".node" ):
1300+ note_filesz += section ['sh_size' ]
1301+ addr = (text_filesz // PAGESIZE + 1 + (note_filez + rodata_filesz )// PAGESIZE + 1 )* PAGESIZE
1302+ yield (addr + offset + load_address_fixup )
1303+ offset += 1
12951304 def offset_to_vaddr (self , offset ):
12961305 """offset_to_vaddr(offset) -> int
12971306
0 commit comments