The world of system-on-chip computing has changed drastically over the past years with the current state being much more diverse as the industry keeps moving to 64-bit processors, to little-endian addressing, to larger memory capacities, and to a small number of instruction set architectures.
In this presentation, I discuss how and why these changes happen, and how we can find a balance...
As outlined in https://lore.kernel.org/lkml/202005181120.971232B7B@keescook/ the topics include:
- fd passing
- deep argument inspection
- changing structure sizes
- syscall bitmasks
Specifically, seccomp needs to grow the ability to inspect Extensible Argument syscalls, which requires that it inspect userspace memory without Time-of-Check/Time-of-Use races and without...
In an ideal world, memory management provides the optimal placement of data objects under accurate predictions of future data access. Current practical implementations, however, rely on coarse information and heuristics to keep the instrumentation overhead minimal. A number of memory management optimization works were therefore proposed, based on the finer-grained...
Most Linux syscall design conventions have been established through trial and
error. One well-known example is the missing flag argument in a range of
syscalls that triggered the addition of a revised version of theses syscalls.
Nowadays, adding a flag argument to keep syscalls extensible is an accepted
convention recorded in our kernel docs.
In this session we'd like to propose and...
The long process of converting the kernel's documentation into RST is
finally coming to an end...what has that bought us? We have gone from a
chaotic pile of incomplete, crufty, and un-integrated docs to a slightly
better organized pile of incomplete, crufty, slightly better integrated
docs. Plus we have the infrastructure to make something better from here.
What are the next steps...
This proposal is recycled from the one I've suggested to LSF/MM/BPF .
Unfortunately, LSF/MM/BPF was cancelled, but I think it is still
Restricted mappings in the kernel mode may improve mitigation of hardware
speculation vulnerabilities and minimize the damage exploitable kernel bugs
There are several ongoing efforts to use restricted address spaces in
I gave a talk about file based encryption and the proposed inner workings
of inline encryption at last year's LPC. Since then, the patchset has gone
through almost 10 revisions, and the block layer patches have been merged
a little while ago into Linux v5.8 (and the remaining patches are being
targeted for the v5.9 release). There have been many changes in the design