9,376 questions
Score of 0
2 answers
133 views
Is it safe to assume pointers will only have information in their bottom 48 bits?
Pointers to userspace on x86_64 must start with 0b0000000, covering 7 of the 64 bits and leaving 57 for the actual pointer. Will a userspace program ever get a kernelspace pointer, or is it safe to ...
Score of -2
0 answers
49 views
x86 Kernel triple faults after PIC remapping and interrupt configuration [closed]
Repository
Above is my repository for my project since i thought that sending my kernel.c here would be too large.
My kernel keeps encountering a triple fault immediately after configuring the 8259 ...
Best practices
0
votes
1
replies
49
views
Manual Tranformation of non linear data through mod function
I have a query about this question. If it's a 2.5 and 1.25 difference, then as per my checking, mod2 will not separate it manually; if it's with a step size of 1, then it can be solved by mod2.
so how ...
Best practices
0
votes
0
replies
46
views
Algorithms behind OpenCL's WorkGroupFunctions
From what it seems the usage of workGroupFunctions in OpenCL kernels, e.g. work_group_scan_exclusive_add pushes the implementation of the underlying algorithm to the device (if it does indeed support ...
Score of 0
0 answers
53 views
Get Handle for Binder_node through in Android
I'm trying to learn exploitdev for fun. While researching cve-2023-20938 (android binder uaf), I encountered a barrier. I need to create binder_node in my process and get handle for that binder_node ...
Score of 0
1 answer
79 views
Can Linux UML kernels be configured to support BPF tracepoints?
When loading using libbpf a BTF object that defines a probe on SEC("tracepoint/syscalls/sys_enter_execve") on an UML kernel (tested with 6.18.26), EINVAL is returned from __sys_bpf -> ...
Score of 0
0 answers
51 views
How to get handle for Binder in Android from userspace
Maybe this seems stupid for somebody but, I need to register service in android to create binder_proc and binder_node in kernel side and I need to get handle for that binder_node in order to send ...
Score of 0
0 answers
173 views
Why does my program run perfectly fine in QEMU, but crashes in bare metal?
What I have
I have the beginning of a kernel that runs fine in QEMU from an ISO file that I custom made, but when booting that same ISO file in bare metal from Ventoy, the program crashes at mov cr0, ...
Score of 0
0 answers
39 views
How to debug Android Binder to track struct binder_node reference count changes?
I’m researching Android Binder vulnerabilities and need to observe how the reference counter of struct binder_node changes at runtime.
Specifically, I want to verify whether the reference count is ...
Score of 0
0 answers
69 views
Find structure offsets from Android Linux Kernel
I’m not an expert in this area, I might be misunderstanding some fundamentals.
I’m using Genymotion to emulate Android , while researching some Android kernel CVEs, I need to analyze kernel ...
Score of 0
1 answer
115 views
BIOS Bootloader: `int 10h` works once but not on the second call
I am writing my own i386 bootloader in Real Mode (org 0x7C00) that is supposed to switch to Protected Mode.
I am currently trying to output two characters with int 0x10 to debug, but only the first ...
Best practices
2
votes
0
replies
120
views
How do you fully automate a Kaggle notebook that requires a kernel restart mid-run after installing a library?
looking for advice on a workflow problem rather than a specific library issue.
The situation
I have a notebook that:
Installs packages via pip in Cell 1
# REVISED CELL 1
import subprocess, sys
# ...
Score of 3
1 answer
67 views
Why I cannot reach wake_up_interruptible() function from netlink_setsockopt
I am trying to reach the wake_up_interruptible() call within netlink_setsockopt() in Linux kernel 3.16. However, I’ve noticed that the code path is only reached depending on the optlen I provide.
When ...
Advice
0
votes
2
replies
211
views
How to become a great (excellent) kernel engineer?
I am a beginner kernel engineer and I have tried creating an x86-64 Unix-like kernel from scratch using C and assembly for my real machine. I am also trying contributing to the Linux kernel. I am ...
Score of 1
1 answer
95 views
Discrepancy in netlink_sock offsets between pahole and Kernel Module (offsetof)
While researching for different kernel exploits I need offset to particular value in struct, e.g:
portid offset to netlink_sock.
I found a tool called pahole to do exactly that job.
pahole -E ...