GizChina

Huawei proposes to launch a new "sandbox mode" for the Linux kernel to improve memory security

In particular, memory areas used as input and/or output are isolated from the rest of the kernel and surrounded by guard pages. Without arch hooks, this common base provides weak isolation. On ...
EDN

Embedded Operating Systems – Part 5: Linux memory management and kernel memory

Linux processes are made up of text, data, and BSS static segments; in addition, each process has its own stack (which is created with the fork system call). Heap space for Linux tasks are allocated ...
Linux Journal

Kernel Korner - Kernel Mode Linux for AMD64

Kernel Mode Linux (KML) is a technology that enables the execution of user processes in kernel mode. I described the basic concept and the implementation techniques of KML on IA-32 architecture in my ...
Ars Technica

What’s behind the Intel design flaw forcing numerous patches?

Both Windows and Linux are receiving significant security updates that can, in the worst case, cause performance to drop by half, to defend against a problem that as yet hasn’t been fully disclosed.
CSOonline

New Linux kernel cross-cache attack allows arbitrary memory writes

Researchers from the Graz University of Technology have discovered a way to convert a limited heap vulnerability in the Linux kernel into a malicious memory writes capability to demonstrate novel ...
Threat Post

Black Hat 2018: Stealthy Kernel Attack Flies Under Windows Mitigation Radar

Researchers create PoC of a post-exploitation kernel-mode fileless attack technique. There are lots of Holy Grails when it comes to compromising endpoints. One of them has long been an attack that ...
Linux Journal

Zero Copy I: User-Mode Perspective

Looks simple enough; you would think there is not much overhead with only those two system calls. In reality, this couldn't be further from the truth. Behind those two calls, the data has been copied ...