| Tweets |
| Andrey Konovalov retweeted | ||
|
Grant Hernandez
@Digital_Cold
|
Nov 6 |
|
How complicated is cellular baseband firmware?
At least this complicated: over 150K debugging messages across 932 directories and 2,775 files!
Rebuilding the source code skeleton from Samsung S10's Shannon S5000 baseband debugging messages.
github.com/grant-h/shanno…
|
||
|
|
||
|
Andrey Konovalov
@andreyknvl
|
Jan 28 |
|
On top of:
twitter.com/andreyknvl/sta…
|
||
|
|
||
|
Andrey Konovalov
@andreyknvl
|
Jan 28 |
|
Implemented a PoC for disabling kernel lockdown on Ubuntu via a keyboard emulated through USB/IP, CC @mjg59
github.com/xairy/unlockdo…
|
||
|
|
||
| Andrey Konovalov retweeted | ||
|
Matthew Garrett
@mjg59
|
Jan 28 |
|
My patch to disable PCI device DMA in early boot to avoid gaps in IOMMU coverage just got merged to mainline, so here's a writeup of it: mjg59.dreamwidth.org/54433.html
|
||
|
|
||
|
Andrey Konovalov
@andreyknvl
|
Jan 27 |
|
Linux kernel 5.5 includes kcov extension that allows to collect code coverage from background kernel threads: git.kernel.org/pub/scm/linux/…
|
||
|
|
||
| Andrey Konovalov retweeted | ||
|
Dmitry Vyukov
@dvyukov
|
Jan 27 |
|
What I'm thinking reading this sad story of crit remote vuln introduced into all #linux LTS kernels and still unfixed (now in your kernel)- this "forgot to release lock" is mostly solved problem today with static analysis. Kernel absolutely needs it as part of the dev process 1/n twitter.com/grsecurity/sta…
|
||
|
|
||
|
Andrey Konovalov
@andreyknvl
|
Jan 25 |
|
Ported my old interactive USB keyboard script to the new FaceDancer, sent a PR: github.com/usb-tools/Face… CC @ktemkin
|
||
|
|
||
|
Andrey Konovalov
@andreyknvl
|
Jan 23 |
|
There are more, see other pages. Not many more though, Gerrit isn't really accepted in the kernel community yet
|
||
|
|
||
| Andrey Konovalov retweeted | ||
|
Dmitry Vyukov
@dvyukov
|
Jan 23 |
|
Welcome #Gerrit changes for #linux kernel:
linux-review.googlesource.com/c/virt/kvm/kvm…
and the mailing list version for contrast:
lore.kernel.org/lkml/202001231…
Gerrit has side-by-side diffs, full expandable context, non-lossy comments attached to lines.
Here are docs:
linux.googlesource.com/Documentation/…
|
||
|
|
||
| Andrey Konovalov retweeted | ||
|
Saar Amar
@AmarSaar
|
Jan 22 |
|
Wow, crazy issue bypasses PAN: Part of the uaccess routines (__arch_clear_user() and __arch_copy_{in,from,to}_user()) fail to re-enable PAN if they encounter an unhandled fault while accessing userspace. Check out the patch: lore.kernel.org/patchwork/patc… @Liran_Alon
|
||
|
|
||
| Andrey Konovalov retweeted | ||
|
Dmitry Vyukov
@dvyukov
|
Jan 21 |
|
I have so many questions right now.
You know #Linux, right, the thing that runs the universe today?
This FOU_ATTR_LOCAL_V6 wanted to say .len instead of .type:
elixir.bootlin.com/linux/v5.4/sou…
This means this thing never-ever worked in any way. Any attempt to pass these args would...
|
||
|
|
||
| Andrey Konovalov retweeted | ||
|
Alexander Popov
@a13xp0p0v
|
Jan 23 |
|
=========================
The Life and Incredible Adventures
of One QEMU Bug
(Which I Finally Fixed)
=========================
A thread [1/n]
|
||
|
|
||
| Andrey Konovalov retweeted | ||
|
Dmitry Vyukov
@dvyukov
|
Jan 21 |
|
Week has passed...
If you said 20+ you were right. 30 on dashboard (open+pending)
syzkaller.appspot.com/upstream#open
My local instance has 70(!):
gist.githubusercontent.com/dvyukov/80548b…
All reachable by unpriv users
That's not all. To find more we need to fix these first, otherwise it just keep crashing twitter.com/dvyukov/status…
|
||
|
|
||
| Andrey Konovalov retweeted | ||
|
Arnaldo Carvalho de Melo
@acmel
|
Jan 16 |
|
Got an OOPS? Figured out the type in the variable causing the oops? Got the offset? Deep in a sub struct? Got you covered with a new EXAMPLE:
git.kernel.org/pub/scm/devel/…
#pahole #linux #bpf #btf
|
||
|
|
||
|
Andrey Konovalov
@andreyknvl
|
Jan 16 |
|
Nice talk about CFI in the Linux kernel by @kees_cook
Slides: outflux.net/slides/2020/lc…
Video: youtube.com/watch?v=0Bj6W7…
|
||
|
|
||
|
Andrey Konovalov
@andreyknvl
|
Jan 16 |
|
While I can't recommend a particular chip, mainline kernel driver support would be a huge benefit. Coming from experience of completely failing to build qcacld-3.0 in anything but the default configuration for the last couple of days =/
|
||
|
|
||
| Andrey Konovalov retweeted | ||
|
Vitaly Nikolenko
@vnik5287
|
Jan 16 |
|
I'll make my tech report and poc public soon. It was a fun bug affecting most major distributions. one exploit to rule them all w/ all kernel expl mitigation bypasses - no rop chains / hardcoded crap duasynt.com/blog/ubuntu-ce…
|
||
|
|
||
| Andrey Konovalov retweeted | ||
|
Dmitry Vyukov
@dvyukov
|
Jan 15 |
|
Brace yourselves, more netfilter bugs are coming!
github.com/google/syzkall…
Bets on number of bugs in the first week
|
||
|
|
||
| Andrey Konovalov retweeted | ||
|
MicrosVuln
@microsvuln
|
Jan 10 |
|
Nightmare is an intro to binary exploitation / reverse engineering course based around ctf challenges (binaries + writeups by hacking topics) github.com/guyinatuxedo/n…
#reverse #exploitation
|
||
|
|
||
|
Andrey Konovalov
@andreyknvl
|
Jan 8 |
|
Linux Kernel Runtime Guard (LKRG) bypass collection by Ilya Matveychikov, CC @Adam_pi3
github.com/milabs/lkrg-by…
|
||
|
|
||