v25.8.1 is here!
Armbian v25.8.1 delivers Kernel 6.16, new board support, and official Debian Trixie compatibility.| Armbian blog
This blog post is the third installment in our eBPF blog post series, following our posts about eBPF selftests and eBPF trampolines. In the previous blog post, we discussed how eBPF trampolines are dynamically generated to allow hooking tracing programs to functions’ entry and/or exit. Each trampoline is tailored specifically for the target function on … Continue reading "The Dwarves Beneath the Kernel: Forging BTF for eBPF"| Bootlin
Linux 6.17 was released a bit over a week ago, and as usual LWN.net gave the best summary of the new features and important changes in this release: part 1, part 2. As usual, Bootlin contributed to this kernel, with a total of 98 patches authored by Bootlin engineers, but also another 94 patches that … Continue reading "Linux 6.17 released, Bootlin contributions inside"| Bootlin
다중 접속 서버를 구현하기 위한 여정을 떠나봅니다. 소켓, 멀티 스레드, 멀티 플렉싱, 이벤트 루프에 대해 알아봅니다.| HARIL Blog
Igalia has been contributing to the Linux kernel for many years at this point, helping our clients upstream changes, fixing bugs or adding new features, and the latest release is no different. Linux 6.16 brings a lot of enhancements made by the general community, including: Support for Intel Trusted Domain Extensions: this CPU feature encrypts the memory of the guest VM, for confidential computing use cases in a cloud environment. Support for USB audio offload: this huge patchset allows audio...| Igalia
Good shit! Why I did not tried it earlier?| Marcin Juszkiewicz
This is a complex tale I will attempt to make simple(ish). I’ve (re)learned more than I cared to about the details of pipes, signals, and certain system calls – and the solution is still elusive. For some time now, I have been using NNCP to back up my files. These backups are sent to my … Continue reading Pipes, deadlocks, and strace annoyingly fixing them→| The Changelog
Test different Armbian kernels safely by using multiple SD cards. Just swap and reboot without risking your stable system.| Armbian blog
Essential troubleshooting guide for Armbian SBCs covering power supply issues, storage failures, network problems, and serial console debugging to quickly restore system functionality.| Armbian blog
Armbian v25.8.1 delivers Kernel 6.16, new board support, and official Debian Trixie compatibility.| Armbian blog
Seit einiger Zeit gibt es Zoff zwischen Linus Torvalds und dem Entwickler von Bcachefs, Kent Overstreet. Jetzt hat Torvalds Bcachefs auf „externally maintained“ gestellt.| Linux-Magazin
Writing a bootkit to manipulate VBS enclave's memory| Samuel Tulach
Exploring the possible use of VBS enclaves for anti-cheat purposes| Samuel Tulach
Scanning system memory to detect manually mapped kernel mode drivers on Windows| Samuel Tulach
Patching kernel code at runtime is bad idea... or is it?| Samuel Tulach
Playing with UniqueProcessId to hide or protect a process| Evil UniqueProcessId | Samuel Tulach
Introduction Congatec’s x86 System-on-Modules (SoM) include a Board Controller component connected to the processor via an eSPI bus, and providing various features such as I²C buses, GPIOs, a watchdog timer, and various sensors for monitoring voltage, fan speed, and more. For their x86 System-on-Modules (SoMs), Congatec provides a Yocto meta-layer: meta-congatec-x86. This meta-layer includes, among … Continue reading "Congatec Board Controller support into the upstream Linux Kernel"| Bootlin
Since GNOME 48, users can now preserve their battery health directly from GNOME Settings. Currently, this feature only works on laptops that support both start and end charge thresholds, such as ThinkPads. Ideally, we’d like to support every laptop with any form of charge threshold control but that isn't …| Jelly's blog
I just updated Fedora 24 from update-testing repository and that pulled Linux kernel 4.6. Well, as usual, VMWare Workstation needed some patching in order to work. Luckily, I quickly found a fix on VMWare forums. Note that at the end of the thread there is a script you can use to automatically patch necessary files. But, be careful, I didn't try it! Anyway, after patching, run: vmware-modconfig| Everything about nothing
Igalia is an open source consultancy specialised in the development of innovative projects and solutions. Our engineers have expertise in a wide range of technological areas, including browsers and client-side web technologies, graphics pipeline, compilers and virtual machines. We have the most WPE, WebKit, Chromium/Blink and Firefox expertise found in the consulting business, including many reviewers and committers. Igalia designs, develops, customises and optimises GNU/Linux-based solutions...| Igalia
Linux kernel 6.16 is out with USB audio offload, Intel APX and TDX support, zero-copy TCP from DMABUF, and big Ext4 and XFS updates.| Linuxiac
(I worked on this feature last year, before being moved off desktop related projects, but I never saw it documented anywhere other than in the original commit messages, so here's the opportunity to shine a little light on a feature that could probably see more use)| /bɑs ˈtjɛ̃ no ˈse ʁɑ/ (hadess) | News
A few months have passed since New Responsibilities was posted, so I thought I would provide an update.| /bɑs ˈtjɛ̃ no ˈse ʁɑ/ (hadess) | News
As part of the same process outlined in Matthias Clasen's "LibreOffice packages" email, my management chain has made the decision to stop all | /bɑs ˈtjɛ̃ no ˈse ʁɑ/ (hadess) | News
When I create kernel contributions, I usually rely on a specific hardware, which makes using a system on which I need to deploy kernels too complicated or time-consuming to be worth it. Yes, I'm an idiot that hacks the kernel directly on their main machine, though in my defense, I usually just need to compile drivers rather than full kernels.| /bɑs ˈtjɛ̃ no ˈse ʁɑ/ (hadess) | News
TL;DR| /bɑs ˈtjɛ̃ no ˈse ʁɑ/ (hadess) | News
I'll soon be flying to Greece for GUADEC but wanted to mention one of the things I worked on the past couple of weeks: the low-memory-monitor project is off the ground, though not production-ready.| /bɑs ˈtjɛ̃ no ˈse ʁɑ/ (hadess) | News
Benchmarking complex systems can be difficult. Here's a problem I'm currently investigating, possibly related to process scheduling.| Tomas Vondra
The Linux Kernel 6.15 was released few days ago on May 25. Here's how to try it out in current Debian 12 Bookworm.| FOSTips
Introducing systing| Josef Bacik’s Blog
One thing that has become clearer and clearer to me through these conversations is that many engineers -- and even senior SREs -- have a number of common misconceptions about Linux memory management, and this may be causing the services and systems they support to not be able to run as reliably or efficiently as they could be.| chrisdown.name
A safer approach to using signals in production systems, avoiding service outages when signal handlers are removed.| chrisdown.name
Last week I shared an interview question I've used successfully at Network Next. In this article I share the solution.| Más Bandwidth
Linux kernel 6.14 is now available for download with new features, enhanced hardware support through new and updated drivers, and much more.| 9to5Linux
execveのその先| ママント・ヒヒ
FreeBSD Hiding Process| ママント・ヒヒ
Linuxにおけるshutdownに潜りたかった| ママント・ヒヒ
Introduction In this post, we explore a vulnerability in the Windows IOMap64.sys driver (CVE-2024-41498) RevEng.AI researchers discovered with the help of our AI Binary Analysis Platform. We perform a technical analysis of the IOMap64.sys driver, cover the software fault leading to the vulnerability which under the hood| RevEng.AI Blog
Linuxにおける環境変数の扱い| ママント・ヒヒ
This post is about writing a simple, round-robin task scheduler for my Rust kernel. It builds on some concepts I wrote about in my previous post: To userspace and back!| nikofil’s blog
This post documents my attempts to manage to jump (or return?) from kernel-space to usermode in my Rust kernel so that it can do what a kernel is supposed to actually do: give the CPU to user programs. That’s pretty exciting! In the next part, we’ll even take control back from the programs so that we can implement a scheduler.| nikofil’s blog
Previous post: Part 2: Buddy allocator| nikofil’s blog
Previous post: Part 1: Creating a simple allocator.| nikofil’s blog
This relates to my very-much-in-development kernel in Rust: https://github.com/nikofil/rust-os| nikofil’s blog
Introduction Until recently, I had been using a very old Dell laptop for my personal needs. However, when the motherboard started failing I decided it was time to look into options for replacing the laptop. I looked through many, many options from the "mainstream" manufacturers (e.g. Dell, Lenovo, Acer) and some of the lesser-known manufacturers ...| The Z-Issue
A new technique is introduced that can do Catmull-Rom interpolation in 2D using only four bilinear samples instead of 16 fetches. This is made possible by preprocessing the input data using a specific sign-flipping scheme, and modifying the interpolation weights and locations accordingly.| Giliam de Carpentier
DirectComposition introduction Microsoft DirectComposition is a Windows component that enables high-performance bitmap composition with transforms, effects, and animations. Application developers can use the DirectComposition API to create visually engaging user interfaces that feature rich and fluid animated transitions from one visual to another.[1]| iamelli0t’s blog
CVE-2021-1732 is a 0-Day vulnerability exploited by the BITTER APT organization in one operation which was disclosed in February this year[1][2][3]. This vulnerability exploits a user mode callback opportunity in win32kfull module to break the normal execution flow and set the error flag of window object (tagWND) extra data, which results in kernel-space out-of-bounds memory access violation.| iamelli0t’s blog
Abuse the HalPrivateDispatchTable to hook SYSCALL system-wide while maintain compliance with PatchGuard on Windows 10 and 11.| Reverse Engineering
Is it even possible? Turns out it's a lot closer than you may think.| Más Bandwidth
Learn how you can use XDP/eBPF to get maximum bandwidth for your applications.| Más Bandwidth
How to read a SHTC1 or SHTC3 temperature/humidity sensor from Linux.| blog.dbrgn.ch
How to read a SHT21 temperature/humidity sensor from Linux.| blog.dbrgn.ch
Hi folks, in this post I'm going to walk through how to setup the linux kernel for debugging. I will also demonstrate that the setup works by setting a break-point to a test driver I wrote myself. All the code will be available from my gitlab, all the links to my gitlab will be re-posted at the end. | k3170
Daunting baptism of fire & Meeting the S in RSA| Sagi Kedmi
Recently, on my other blog accidentallyquadratic, I documented a case of accidentally quadratic behavior in /proc/$pid/maps on a wide range of recent Linux kernels. While this bug is amusing, it might initially not seem that important; /proc/$pid/maps is primarily a debugging or inspection tool, and while 30s access times aren’t pleasant, they probably aren’t breaking anything too critical. Today I want to explore, by way of some microbenchmarks, the more pernicious impact of that bug. I ...| nelhage debugs shit
This one is a little boring in that it’s not a new bug, but tracking it down was still real exciting. A while back, Stripe started experiencing some serious intermittent sadness with our internal DNS servers. DNS queries would time out or fail to return, and our DNS servers would periodically OOM kill, despite no application appearing to use much memory. This incident was during the era of our consul battles, so we suspected consul, but were unable to prove its complicity in any way. Finall...| nelhage debugs shit
We use Vagrant for development at Stripe, using NFS mounts to share code from the host into the Vagrant dev box. We use bundler to manage Ruby dependencies, and configure it to install gems directly into the project directory, inside the vendor/ subdirectory. Installing gems there, instead of globally, ensures isolation, and preserves gems across re-creation of the Vagrant VM, which means you don’t need to wait for a bunch of gems to download if you blow away your VM. Recently we upgraded o...| nelhage debugs shit
As someone who has to use a laptop for work, I keep my laptop plugged in 8 hours or more a day, 7 days a week. The laptop's battery during these days would discharge and charge, slowly degrading the battery because only the last ~ 20% would be charged and discharged …| Jelly's blog
The /proc/ filesystem, if you’re not familiar with it, is a magical place full of all kinds of useful debugging tools for introspecting (and modifying) the state of a Linux machine – especially for inspecting other processes. /proc/<pid>/maps shows, for any process on the system, a list of all of the memory mappings in its address space. For a simple cat execution on my machine, it looks like: [nelhage@nelhage:~]$ cat /proc/self/maps 00400000-0040b000 r-xp 00000000 09:01 254164 /bin/cat 0...| Accidentally Quadratic
This blog post talks about how to generate performant code for convolution ops using MLIR’s multiple levels of abstractions and transformations. I initially created it for targeting ARM Mali GPUs in IREE. But given it is just direct tiling and vectorization, it should be widely applicable. I will walk through the lowering steps, so if you are interested to know how to organize MLIR’s various dialects/patterns together to achieve similar tasks, this blog post might also be useful.| Lei.Chat()
As mentioned in my previous blog post , I have written a new patch series for 6.2 to try to avoid having multiple entries in /sys/class/backlight for a single panel again. This new series might cause regressions on a different set of even older laptop models then the one affected by the 6.1…| hansdegoede.livejournal.com
I have received quite a few test reports in response to my previous blog post. Many thanks to everyone who has run the tests and send me their results! These tests show that as a result of the current 6.1 changes quite a few laptop models will end up with an empty /sys/class/backlight,…| hansdegoede.livejournal.com
I have landed a large(ish) refactor of the ACPI/x86 backlight detection code in the kernel for 6.1. I have been very careful to try and not break things but there is a special group of laptops where the ability to control the backlight brightness may disappear because of this. The most likely…| hansdegoede.livejournal.com
Starting with kernel 5.17 the kernel supports the builtin privacy screens built into the LCD panel of some new laptop models. This means that the drm drivers will now return -EPROBE_DEFER from their probe() method on models with a builtin privacy screen when the privacy screen provider driver has…| hansdegoede.livejournal.com
Recently I acquired an Acer Aspire Switch 10 E SW3-016, this device was the main reason for writing my blog post about the shim boot loop . The EFI firmware of this is bad in a number of ways: It considers its eMMC unbootable unless its ESP contains an EFI/Microsoft/Boot/bootmgfw.efi file. But it…| hansdegoede.livejournal.com
A while ago as a spin-off of my project to improve support for Logitech wireless keyboards and mice I have also done some work on improving support for (Gaming) keyboards with a builtin LCD panel. Specifically if you have a Logitech MX5000, G15, G15 v2 or G510 and you want the LCD panel to show…| hansdegoede.livejournal.com
I got contacted by a user with a HP X2 10 p018wm 2-in-1 about the device waking up 10-60 seconds after suspend. I have access to a HP X2 10 p002nd myself which in essence is the same HW and I managed to reproduce the problem there. This is when the fun started: 1. There were a whole bunch of ACPI…| hansdegoede.livejournal.com
Full chain| Blog
Pwnable01| Blog
pwning your kernelz| Blog
kpets| Blog
Kernel Debugging Instruction| Blog
KSMASH - Kernel Stack Smashing| Blog
As part of the continuing work to replace 1-element arrays in the Linux kernel, it’s very handy to show that a source change has had no executable code difference. For example, if you started with this:| codeblog
Previously: v5.9| codeblog
Previously: v5.8| codeblog
Previously: v5.7| codeblog
Previously: v5.6| codeblog
Previously: v5.5.| codeblog
Previously: v5.4.| codeblog
Previously: v5.3.| codeblog
While much of the work on kernel Control Flow Integrity (CFI) is focused on arm64 (since kernel CFI is available on Android), a significant portion is in the core kernel itself (and especially the build system). Recently I got a sane build and boot on x86 with everything enabled, and I’ve been picking through some of the remaining pieces. I figured now would be a good time to document everything I do to get a build working in case other people want to play with it and find stuff that needs ...| codeblog
Previously: v5.2.| codeblog
Previously: v5.1.| codeblog
Previously: v5.0.| codeblog
Previously: v4.20.| codeblog
Previously: v4.19.| codeblog
Previously: v4.18.| codeblog
Previously: v4.17.| codeblog
Previously: v4.16.| codeblog
I spent some time yesterday building out a UEFI server that didn’t have on-board hardware RAID for its system drives. In these situations, I always use Linux’s md RAID1 for the root filesystem (and/or /boot). This worked well for BIOS booting since BIOS just transfers control blindly to the MBR of whatever disk it sees (modulo finding a “bootable partition” flag, etc, etc). This means that BIOS doesn’t really care what’s on the drive, it’ll hand over control to the GRUB code in ...| codeblog
Previously: v4.15.| codeblog
Previously: v4.14.| codeblog
An nice additional benefit of the recent Kernel Page Table Isolation (CONFIG_PAGE_TABLE_ISOLATION) patches (to defend against CVE-2017-5754, the speculative execution “rogue data cache load” or “Meltdown” flaw) is that the userspace page tables visible while running in kernel mode lack the executable bit. As a result, systems without the SMEP CPU feature (before Ivy-Bridge) get it emulated for “free”.| codeblog
Previously: v4.13.| codeblog
