Just under two weeks ago I gave a talk at LinuxCon 2012 in San Diego. It was a great experience, and I hope to do it again in the future. Too bad I could only stay for one day, as I could only break away from work for a short amount of time. Here is a link to my time slot.
The title of the presentation was “Distribution Kernel Hardening”. It talked about kprobes, ksplice, and my tpe-lkm kernel module.
I have uploaded my presentation slides and my speaker notes if you would like to have a look, since my session wasn’t recorded. Enjoy!
It’s about time I post a detailed explanation about how my tpe-lkm module is able to enforce its security policy. This post is very technical, readers beware. Note that this writeup is based on the code as it was the latest commit, which was of this writing, was the one on Dec 10th, 2011. I’ll keep all the links relative to that date.
Continue reading How to hook into (hijack) linux kernel functions via LKM
Bottom line up front; the GPL license is viral.
I have had a lot of discussions with people about software licensing, and it amazes me how few of them really understand them, especially the GPL. I’ll do a quick comparison of licenses:
EULA: sharing is evil
BSD: sharing is not evil
GPL: not sharing is evil
Continue reading What some (many?) people don’t understand about the GPL
Disclaimer: I have no affiliation with ksplice, I’m just a guy who knows something about hot-patching the linux kernel and figured out how this ksplice thing works. I strongly agree with the sentiment that the ksplice raw utilities is not for general use. In fact, Ksplice says in the distribution of these tools:
Without the appropriate expertise and safety infrastructure, the raw utilities can create subtly incorrect rebootless updates, which can have serious consequences.
Continue reading How to use the Ksplice raw utilities