Tag Archives: kernel

Linux kernel hacking – one relay file for all CPUs

I wrote a post about kernel relay 2 years go (https://davejingtian.org/2013/06/29/relay-linux-kernel-relay-filesystem/). However, I have realized that I did not understand relay until recently when I was debugging a relay-related bug. Though I was working on RHEL 2.6.32 kernel, this post … Continue reading

Posted in Linux Distro, OS | Tagged , , , | Leave a comment

Linux kernel hacking – support SO_PEERCRED for local TCP socket connections

In my old post (https://davejingtian.org/2015/02/17/retrieve-pid-from-the-packet-in-unix-domain-socket-a-complete-use-case-for-recvmsgsendmsg/), we talked about how to retrieve the peer PID from Unix domain socket using struct ucred. A more smart way to do this is using getsockopt() syscall with option SO_PEERCRED directly. As you expected (or … Continue reading

Posted in Linux Distro, Network, OS | Tagged , , , , , , , , , , , , , , , , , | 6 Comments

How Linux kernel works – in 4 sentences

I found this in “Understanding the Linux Kernel” (ULK). I believe I have seen a lot of analogies in computer science. But this one is “Simply the Best”. I am not going to put anything here except the original analogy … Continue reading

Posted in OS | Tagged , , | Leave a comment

Linux kernel I/O Stack Diagram 2

https://www.thomas-krenn.com/en/wiki/Linux_Storage_Stack_Diagram

Posted in OS | Tagged , , , , | Leave a comment

Linux Kernel DSA and Provenance Release

Linux Provenance kernel (2.6.32) and tools for CentOS and RedHat Enterprise Linux https://github.com/daveti/prov-kernel https://github.com/daveti/prov-tools Linux kernel crypto – DSA https://github.com/daveti/kdsa During the development on kernel 2.6.32, we found a bug in mpi-pow.c which failed DSA.  The patch file has been included … Continue reading

Posted in Linux Distro, OS, Security | Tagged , , , , , , , , | Leave a comment

Linux kernel I/O Stack Diagram

Found this figure online. The title of this diagram may be biased as it is not the complete I/O stack but a concentration on block devices with a focus on SCSI layer. Some important missing stuffs, in my opinion, include … Continue reading

Posted in OS, Programming | Tagged , , | Leave a comment

Trustworthy Whole-System Provenance for the Linux Kernel

Our paper “Trustworthy Whole-System Provenance for the Linux Kernel” has been accepted by USENIX Security 2015. While details could be found in the paper (link below), I would like to talk about some background about LPM (a.k.a., Linux Provenance Module, … Continue reading

Posted in OS, Security | Tagged , , , , , , , , | Leave a comment

Kernel Hacking – use crypto API in the IRQ context

After my first post about Linux kernel crypto API, I keep playing with kernel crypto API for DSA and RSA implementations (will talk about these in my future posts). The truth is crypto API is NOT designed for IRQ context. … Continue reading

Posted in OS, Security | Tagged , , , , | 1 Comment

byte order – Linux kernel byte order APIs

Most of the time, user-space applications do not care about the endian of the running machine, like we call send() and recv() directly expecting the right order of the data and they work! However, things could be changed if you … Continue reading

Posted in OS, Programming | Tagged , , | 2 Comments

ksig – sending signals from the kernel space to the user space

While syscall kill() gives users the ability to send certain signal to certain process in the user space of Linux, the story is totally different if we want to send signals from the kernel space to the user space. After … Continue reading

Posted in Dave's Tools, OS, Programming | Tagged , , , | Leave a comment