Writing a NetBSD kernel module.
In this post, we’ll look at implementing a simple character device driver as a kernel module in NetBSD. Once it is loaded, userspace processes will be able to write an arbitrary byte string to the device, and on every successive read expect a cryptographically-secure pseudorandom permutation of the original byte string...
https://saurvs.github.io/post/writing-netbsd-kern-mod/
#kernel #module
In this post, we’ll look at implementing a simple character device driver as a kernel module in NetBSD. Once it is loaded, userspace processes will be able to write an arbitrary byte string to the device, and on every successive read expect a cryptographically-secure pseudorandom permutation of the original byte string...
https://saurvs.github.io/post/writing-netbsd-kern-mod/
#kernel #module
👍5
Compiling the NetBSD kernel as a benchmark.
For a while, I've been compiling my own NetBSD kernel. Just for a few options, mainly CARP, at first for my Raspberry Pis, and at the moment for paravirtualized Xen domUs. Compiling a custom NetBSD kernel is a very easy task, it's just a matter of 3 main steps...
https://blog.anotherhomepage.org/post/2022/05/25/Compiling-the-NetBSD-kernel-as-a-benchmark/
#kernel #system
For a while, I've been compiling my own NetBSD kernel. Just for a few options, mainly CARP, at first for my Raspberry Pis, and at the moment for paravirtualized Xen domUs. Compiling a custom NetBSD kernel is a very easy task, it's just a matter of 3 main steps...
https://blog.anotherhomepage.org/post/2022/05/25/Compiling-the-NetBSD-kernel-as-a-benchmark/
#kernel #system
Crash Override: NetBSD 5.0-9.3 Coredump Kernel Refcount LPE.
NetBSD 5.0 (released 2009) introduced a change to the in-kernel coredump handler that accidentally introduced a reference count bug on the crashing process' credential. Triggering the vulnerability leads to a use-after-free that can be trivially (though slowly) exploited to achieve local privilege escalation, gaining root from an unprivileged starting point...
https://accessvector.net/2022/netbsd-coredump-lpe
#kernel #system
NetBSD 5.0 (released 2009) introduced a change to the in-kernel coredump handler that accidentally introduced a reference count bug on the crashing process' credential. Triggering the vulnerability leads to a use-after-free that can be trivially (though slowly) exploited to achieve local privilege escalation, gaining root from an unprivileged starting point...
https://accessvector.net/2022/netbsd-coredump-lpe
#kernel #system
🔥2
Hunting kernel lock and interrupt latency.
Too much of the kernel still runs with the kernel lock, which is bad for performance -- and especially for interactive system responsiveness, since most of wscons including keyboard and mouse input still use the kernel lock. On single-CPU systems, the same problem arises with interrupt latency on its own...
https://mail-index.netbsd.org/tech-kern/2022/10/30/msg028499.html
#kernel #troubleshooting #system
Too much of the kernel still runs with the kernel lock, which is bad for performance -- and especially for interactive system responsiveness, since most of wscons including keyboard and mouse input still use the kernel lock. On single-CPU systems, the same problem arises with interrupt latency on its own...
https://mail-index.netbsd.org/tech-kern/2022/10/30/msg028499.html
#kernel #troubleshooting #system
👍1
Finding NetBSD Kernel Bugs through LockDoc.
This post will be my attempt to package up my master’s thesis in a format that can be read comfortably. I’ve spent the last 15 months mostly on this topic, and if you’ve noticed that some of my past posts mostly revolved around NetBSD, this is why. I hope this also gives me the opportunity to shine a light on some implementation details, since the thesis itself had to be mostly focused on the academic stuff...
https://scholz.ruhr/blog/finding-netbsd-locking-bugs/
#kernel #system
This post will be my attempt to package up my master’s thesis in a format that can be read comfortably. I’ve spent the last 15 months mostly on this topic, and if you’ve noticed that some of my past posts mostly revolved around NetBSD, this is why. I hope this also gives me the opportunity to shine a light on some implementation details, since the thesis itself had to be mostly focused on the academic stuff...
https://scholz.ruhr/blog/finding-netbsd-locking-bugs/
#kernel #system