Collaborate Disseminate
I am looking into how DMA works at the device driver and kernel level in the Linux kernel.
I observed that access control to DMA buffers from IO devices is performed by the IOMMU and IOMMU driver in the kernel.
I will provide an example to… Continue reading How does IOMMU and/or Linux kernel handle DMA that span a page boundary?
How safe are installed & genuine-vendor signed old drivers, specifically when attackers are spoofing Microsoft and other vendor certificates?
On older PCs and laptops where some components are no longer recognized by Windows Device Ma… Continue reading Is having no driver installed better than having old driver?
What to learn the internals of the Linux kernel? Version 6.5-rc5 has about 36 million lines of code in it, so good luck! [Seiya] has a different approach. Go back …read more Continue reading Linux Kernel from First Principles
I want to make it so that syscalls from a particular process are controlled by another process (admin or same user, doesn’t really matter to me.) I realize this gives some rootkit trojan vibes, but I’m not actually making malware; I just n… Continue reading Hooking system calls for a specific process on Linux
A new Linux kernel vulnerability tracked as StackRot and CVE-2023-3269 shows the exploitability of use-after-free-by-RCU (UAFBR) bugs.
The post StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs appeared first on SecurityWeek.
Continue reading StackRot Linux Kernel Vulnerability Shows Exploitability of UAFBR Bugs
I understand the point of IAT/IDT/ INT and dynamically loaded DLLs at runtime. The OriginalFirstThunk in the Import Directory table refers to the function names stored (in the case of an ordinal) in the Import Lookup/Name table and in the … Continue reading OriginalFirstThunk in memory
I’m connected to an open router and I keep seeing this localhost thing in my Android kernel I have never seen it before. Can someone tell me what it is?
I want to monitor systemcalls with bpftrace (https://github.com/iovisor/bpftrace/). For most systemcalls, this works without problems, but I have problems to monitor applications, where the suid bit is set.
Folowing syscalls are monitored … Continue reading Linux BPFtrace – user switch from suid bit applications not detected
user namespaces in Linux are presented as a security feature, which should increase security. But is this really true?
Is it possible that while user namespaces fix one kind of problem, they introduce another, unexpected, problem with pote… Continue reading user namespaces: do they increase security, or introduce new attack surface?
My current understanding is that the user does not have any way of knowing the kernel address space layout due to the protection mechanisms such as Kernel Address Space Layout Randomization (KASLR).
However, I see that if I use cat /proc/i… Continue reading Can I know kernel address layout and memory mapped IO layout from the user privilege in linux kernel?