Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Linux Kernel Programming

You're reading from   Linux Kernel Programming A comprehensive and practical guide to kernel internals, writing modules, and kernel synchronization

Arrow left icon
Product type Paperback
Published in Feb 2024
Publisher Packt
ISBN-13 9781803232225
Length 826 pages
Edition 2nd Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Kaiwan N. Billimoria Kaiwan N. Billimoria
Author Profile Icon Kaiwan N. Billimoria
Kaiwan N. Billimoria
Arrow right icon
View More author details
Toc

Table of Contents (16) Chapters Close

Preface 1. Linux Kernel Programming – A Quick Introduction 2. Building the 6.x Linux Kernel from Source – Part 1 FREE CHAPTER 3. Building the 6.x Linux Kernel from Source – Part 2 4. Writing Your First Kernel Module – Part 1 5. Writing Your First Kernel Module – Part 2 6. Kernel Internals Essentials – Processes and Threads 7. Memory Management Internals – Essentials 8. Kernel Memory Allocation for Module Authors – Part 1 9. Kernel Memory Allocation for Module Authors – Part 2 10. The CPU Scheduler – Part 1 11. The CPU Scheduler – Part 2 12. Kernel Synchronization – Part 1 13. Kernel Synchronization – Part 2 14. Other Books You May Enjoy
15. Index

Kernel modules and security – an overview

An ironic reality is that enormous efforts spent on improving user-space security considerations have resulted in a large payoff over recent years. A malicious user performing a Buffer Overflow (BoF) attack was relatively straightforward a couple of decades back, but today it is really hard to pull off well. Why? Because there are many layers of beefed-up security mechanisms to prevent many of these attack classes.

To quickly name a few countermeasures: compiler protections (-fstack-protector[...], -Wformat-security, -D_FORTIFY_SOURCE=3), partial/full RELRO, better sanity and security checker tools (checksec.sh, address sanitizers, PaxTest, static analysis tools, and so on), secure libraries, hardware-level protection mechanisms (NX, SMEP, SMAP, and so on), [K]ASLR, better testing (fuzzing), and so on. Whew.

The irony is that kernel-space attacks have become increasingly common over the last several years! It has...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image