Author Archives: daveti

About daveti

Interested in kernel hacking, compilers, machine learning and guitars.

Some notes on the Monotonic Counter in Intel SGX and ME

SGX sealing is vulnerable to rollback attacks as the enclave is not able to tell if the sealed data is the latest or a old copy. To mitigate this attack, monotonic counter (MC) has been introduced in Intel SGX SDK … Continue reading

Posted in Security | Tagged , , , | Leave a comment

Why list and charlist are confusing in Elixir

This post talks about list and charlist in Elixir, and discusses one specific issue in Elixir. Let’s look at the confusing thing in Elixir: iex(2)> a = [7] ‘\a’ iex(3)> b = ‘\a’ ‘\a’ iex(4)> a == b true iex(5)> … Continue reading

Posted in Programming | Tagged , , , , | Leave a comment

A PoC of DoS attack in Elixir Actor Model

The naive way of using the Actor model in Elixir is using “receive” in a loop, which is then “spawn”d as a Erlang process. Unfortunately, a potential DoS attack could happen if the pattern matching is not coded carefully with … Continue reading

Posted in Programming, Security, Static Code Analysis | Tagged , , , , | Leave a comment

A pitfall of GenServer programming in Elixir

OTP as a programming platform/framework, empowers not only Erlang, but also Elixir. This post looks into a pitfall when programming GenServer in Elixir, and provides a potential solution. All callbacks in the GenServer behavior have a limited and pre-defined possible … Continue reading

Posted in Programming, Static Code Analysis | Tagged , , , , | Leave a comment

Pitfalls in negative indexing in C

Negative indexing in C, such as a[-1], is legit, although rarely used. There are reasons (pitfalls) why negative indexing is not recommended. This post discusses these pitfalls when using negative indexing (for fun). 1. Negative indexing within the bound In … Continue reading

Posted in Programming | Tagged , | Leave a comment

USB gadget functionalities in Android

I started working on Android stuffs this summer. While I mainly work on the USB layer within the Linux kernel, I do sometimes need to look into the Android framework, to see if I could achieve my goal from the … Continue reading

Posted in OS | Tagged , , | Leave a comment

Understanding kcov – play with -fsanitize-coverage=trace-pc from the user space

kcov is a kernel feature used to support syzkaller[1]. To provide the code coverage information from the kernel itself, the GCC compiler was patched to instrument the kernel image[2]. The kernel itself was also patched to enable this feature where … Continue reading

Posted in OS, Security, Stuff about Compiler | Tagged , , | Leave a comment