Tag Archives: Linux

gcc, llvm, and Linux kernel

Posted on March 12, 2016 by daveti

This post talks about what happened recently in the Linux kernel mailing list discussion. While this post does not dig into compiler internals or the whole picture between the Linux kernel and compilers, we discuss 2 specific issues from gcc … Continue reading →

Posted in OS, Stuff about Compiler | Tagged gcc, kernel, Linux, llvm, x86 | Leave a comment

Defending Against Malicious USB Firmware with GoodUSB

Posted on December 3, 2015 by daveti

Finally, 4 months after our paper was accepted by ACSAC’15, I could now write a blog talking about our work – GoodUSB, and release the code, due to some software patent bul*sh*t. (I sincerely think software patent should be abolished … Continue reading →

Posted in OS, Security | Tagged acsac, BadUSB, firmware, GoodUSB, kernel, Linux, security, USB | 2 Comments

Linux kernel hacking – one relay file for all CPUs

Posted on November 16, 2015 by daveti

I wrote a post about kernel relay 2 years go (https://davejingtian.org/2013/06/29/relay-linux-kernel-relay-filesystem/). However, I have realized that I did not understand relay until recently when I was debugging a relay-related bug. Though I was working on RHEL 2.6.32 kernel, this post … Continue reading →

Posted in Linux Distro, OS | Tagged CentOS, kernel, Linux, relay | Leave a comment

Linux kernel hacking – support SO_PEERCRED for local TCP socket connections

Posted on October 6, 2015 by daveti

In my old post (https://davejingtian.org/2015/02/17/retrieve-pid-from-the-packet-in-unix-domain-socket-a-complete-use-case-for-recvmsgsendmsg/), we talked about how to retrieve the peer PID from Unix domain socket using struct ucred. A more smart way to do this is using getsockopt() syscall with option SO_PEERCRED directly. As you expected (or … Continue reading →

Posted in Linux Distro, Network, OS | Tagged CentOS, getsockopt, iproute, iproute2, kernel, Linux, loopback, netstat, pid, selinux, skb, sock, socket, SO_PEERCRED, ss, TCP, tcp_diag, ucred | 6 Comments

How Linux kernel works – in 4 sentences

Posted on September 4, 2015 by daveti

I found this in “Understanding the Linux Kernel” (ULK). I believe I have seen a lot of analogies in computer science. But this one is “Simply the Best”. I am not going to put anything here except the original analogy … Continue reading →

Posted in OS | Tagged kernel, Linux, ULK | Leave a comment

Linux kernel I/O Stack Diagram 2

Posted on August 21, 2015 by daveti

https://www.thomas-krenn.com/en/wiki/Linux_Storage_Stack_Diagram

Posted in OS | Tagged block, kernel, Linux, SCSI, storage | Leave a comment

Linux Kernel DSA and Provenance Release

Posted on August 21, 2015 by daveti

Linux Provenance kernel (2.6.32) and tools for CentOS and RedHat Enterprise Linux https://github.com/daveti/prov-kernel https://github.com/daveti/prov-tools Linux kernel crypto – DSA https://github.com/daveti/kdsa During the development on kernel 2.6.32, we found a bug in mpi-pow.c which failed DSA. The patch file has been included … Continue reading →

Posted in Linux Distro, OS, Security | Tagged CentOS, crypto, DSA, kernel, Linux, lpm, MPI, provenance, RedHat | Leave a comment

Linux kernel I/O Stack Diagram

Posted on August 5, 2015 by daveti

Found this figure online. The title of this diagram may be biased as it is not the complete I/O stack but a concentration on block devices with a focus on SCSI layer. Some important missing stuffs, in my opinion, include … Continue reading →

Posted in OS, Programming | Tagged kernel, Linux, SCSI | Leave a comment

Trustworthy Whole-System Provenance for the Linux Kernel

Posted on July 19, 2015 by daveti

Our paper “Trustworthy Whole-System Provenance for the Linux Kernel” has been accepted by USENIX Security 2015. While details could be found in the paper (link below), I would like to talk about some background about LPM (a.k.a., Linux Provenance Module, … Continue reading →

Posted in OS, Security | Tagged kernel, Linux, lpm, lsm, paper, provenance, provmon, security, usenix | Leave a comment

Human Learning – some thoughts about Machine Learning and its applications

Posted on March 10, 2015 by daveti

I have attended a security conference recently. To my surprise, a great portion of accepted papers use some kind of Machine Learning techniques to achieve certain security targets. While I am NOT going to criticize any of the papers, this … Continue reading →

Posted in AI/ML | Tagged Linux, Machine Learning | Leave a comment