Tag Archives: kernel

Linux kernel hacking – one relay file for all CPUs

I wrote a post about kernel relay 2 years go (https://davejingtian.org/2013/06/29/relay-linux-kernel-relay-filesystem/). However, I have realized that I did not understand relay until recently when I was debugging a relay-related bug. Though I was working on RHEL 2.6.32 kernel, this post … Continue reading

Posted in Linux Distro, OS | Tagged , , , | Leave a comment

Linux kernel hacking – support SO_PEERCRED for local TCP socket connections

In my old post (https://davejingtian.org/2015/02/17/retrieve-pid-from-the-packet-in-unix-domain-socket-a-complete-use-case-for-recvmsgsendmsg/), we talked about how to retrieve the peer PID from Unix domain socket using struct ucred. A more smart way to do this is using getsockopt() syscall with option SO_PEERCRED directly. As you expected (or … Continue reading

Posted in Linux Distro, Network, OS | Tagged , , , , , , , , , , , , , , , , , | 6 Comments

How Linux kernel works – in 4 sentences

I found this in “Understanding the Linux Kernel” (ULK). I believe I have seen a lot of analogies in computer science. But this one is “Simply the Best”. I am not going to put anything here except the original analogy … Continue reading

Posted in OS | Tagged , , | Leave a comment

Linux kernel I/O Stack Diagram 2

https://www.thomas-krenn.com/en/wiki/Linux_Storage_Stack_Diagram

Posted in OS | Tagged , , , , | Leave a comment

Linux Kernel DSA and Provenance Release

Linux Provenance kernel (2.6.32) and tools for CentOS and RedHat Enterprise Linux https://github.com/daveti/prov-kernel https://github.com/daveti/prov-tools Linux kernel crypto – DSA https://github.com/daveti/kdsa During the development on kernel 2.6.32, we found a bug in mpi-pow.c which failed DSA.  The patch file has been included … Continue reading

Posted in Linux Distro, OS, Security | Tagged , , , , , , , , | Leave a comment

Linux kernel I/O Stack Diagram

Found this figure online. The title of this diagram may be biased as it is not the complete I/O stack but a concentration on block devices with a focus on SCSI layer. Some important missing stuffs, in my opinion, include … Continue reading

Posted in OS, Programming | Tagged , , | Leave a comment

Trustworthy Whole-System Provenance for the Linux Kernel

Our paper “Trustworthy Whole-System Provenance for the Linux Kernel” has been accepted by USENIX Security 2015. While details could be found in the paper (link below), I would like to talk about some background about LPM (a.k.a., Linux Provenance Module, … Continue reading

Posted in OS, Security | Tagged , , , , , , , , | Leave a comment