Kernel Exploitation Sidenotes
Because I already knew a bit of hardware-related operation and you often find code statements like the following:
#define EFER_FFXSR (1<<_EFER_FFXSR)
I like to add some notes about working with a physical address in a computer system. When you reading code that relates to the hardware you’ve seen an operation like this:
0x2000 << 4
What’s the meaning of this? What’s happening is a binary operation moving the value one to the right. Causing a multiplication or division of the underlying value. Depending on the direction of the moving operation. For instance:
0x200 hex(0x200 << 1) '0x400'
When we want to multiple a value by 16 for instance we move it 4 times to the right. Why? Cause \(2^4 = 16\), This operation is very effective unlike a real multiplication within a computer.