Tag Archives: Linux

Linux kernel I/O Stack Diagram 2


Posted in OS | Tagged , , , , | Leave a comment

Linux Kernel DSA and Provenance Release

Linux Provenance kernel (2.6.32) and tools for CentOS and RedHat Enterprise Linux https://github.com/daveti/prov-kernel https://github.com/daveti/prov-tools Linux kernel crypto – DSA https://github.com/daveti/kdsa During the development on kernel 2.6.32, we found a bug in mpi-pow.c which failed DSA.  The patch file has been included … Continue reading

Posted in Linux Distro, OS, Security | Tagged , , , , , , , , | Leave a comment

Linux kernel I/O Stack Diagram

Found this figure online. The title of this diagram may be biased as it is not the complete I/O stack but a concentration on block devices with a focus on SCSI layer. Some important missing stuffs, in my opinion, include … Continue reading

Posted in OS, Programming | Tagged , , | Leave a comment

Trustworthy Whole-System Provenance for the Linux Kernel

Our paper “Trustworthy Whole-System Provenance for the Linux Kernel” has been accepted by USENIX Security 2015. While details could be found in the paper (link below), I would like to talk about some background about LPM (a.k.a., Linux Provenance Module, … Continue reading

Posted in OS, Security | Tagged , , , , , , , , | Leave a comment

Human Learning – some thoughts about Machine Learning and its applications

I have attended a security conference recently. To my surprise, a great portion of accepted papers use some kind of Machine Learning techniques to achieve certain security targets. While I am NOT going to criticize any of the papers, this … Continue reading

Posted in AI/ML | Tagged , | Leave a comment

arpsec – Securing ARP from the Ground Up

Our paper “Securing ARP from the Ground Up” has been accepted as a short paper by CODASPY15, which will be in San Antonio, TX from March 2nd to 4th. In this post, we will talk about our solution to ARP … Continue reading

Posted in Network, OS, Security | Tagged , , , , , , , , , , , , , | 2 Comments

Retrieve PID from the packet in Unix domain socket – a complete use case for recvmsg()/sendmsg()

The original question was how to retrieve the PID of the packet (sender) in the Unix domain socket. As titled, the answer is recvmsg()/sendmsg(). However, the most useful information I could find online is Michael’s man7.org. People keep talking about … Continue reading

Posted in OS, Programming | Tagged , , , , , , | 1 Comment