Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Linux Kernel Programming

You're reading from   Linux Kernel Programming A comprehensive guide to kernel internals, writing kernel modules, and kernel synchronization

Arrow left icon
Product type Paperback
Published in Mar 2021
Publisher Packt
ISBN-13 9781789953435
Length 754 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Kaiwan N. Billimoria Kaiwan N. Billimoria
Author Profile Icon Kaiwan N. Billimoria
Kaiwan N. Billimoria
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Section 1: The Basics
2. Kernel Workspace Setup FREE CHAPTER 3. Building the 5.x Linux Kernel from Source - Part 1 4. Building the 5.x Linux Kernel from Source - Part 2 5. Writing Your First Kernel Module - LKMs Part 1 6. Writing Your First Kernel Module - LKMs Part 2 7. Section 2: Understanding and Working with the Kernel
8. Kernel Internals Essentials - Processes and Threads 9. Memory Management Internals - Essentials 10. Kernel Memory Allocation for Module Authors - Part 1 11. Kernel Memory Allocation for Module Authors - Part 2 12. The CPU Scheduler - Part 1 13. The CPU Scheduler - Part 2 14. Section 3: Delving Deeper
15. Kernel Synchronization - Part 1 16. Kernel Synchronization - Part 2 17. About Packt 18. Other Books You May Enjoy

Kernel modules and security – an overview

An ironic reality is that enormous efforts spent on improving user space security considerations have resulted in a pretty large payoff over recent years. A malicious user performing a viable Buffer Overflow (BoF) attack was well within the realms of possibility a couple of decades back, but today is really hard to do. Why? Because there are many layers of beefed-up security mechanisms to prevent many of these attack classes.

To quickly name a few countermeasures: compiler protections (-fstack-protector[...],
-Wformat-security, -D_FORTIFY_SOURCE=2
, partial/full RELRO, better sanity and security checker tools (checksec.sh, the address sanitizers, paxtest, static analysis tools, and so on), secure libraries, hardware-level protection mechanisms (NX, SMEP, SMAP, and so on), [K]ASLR, better testing (fuzzing), and so on.

The irony is that kernel-space attacks have become increasingly common over the last few years! It has...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image